ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere DataPower » Questions related to secure-backups

Post new topic  Reply to topic
 Questions related to secure-backups « View previous topic :: View next topic » 
Author Message
PeterPotkay
PostPosted: Thu Jan 23, 2014 4:00 am    Post subject: Questions related to secure-backups Reply with quote

Poobah

Joined: 15 May 2001
Posts: 7717

I am scripting a backup solution that will connect via ssh from a Linux server to an appliance to perform a secure-backup and move the backup files to the central Linux server. I have this working against an appliance running at version Firmware 6.0.1 and have the following questions.

A. The following link describes the files in a secure backup
http://pic.dhe.ibm.com/infocenter/wsdatap/v6r0m0/topic/com.ibm.dp.xi.doc/disasterrecovery_securebackup_contents.html

Where can I find a description of what each of these files represents? I was not able to find anything in the InfoCenter or Developerworks that details what these files are, when we should see them, how big they might be, etc.


B. I am using this command to perform the secure backup:
secure-backup DP_Secure_Backups_CC temporary:/// off off

"DP_Secure_Backups_CC" is the name of the Crypto Certificate object that represents the public half of the certificate pair that is being used. The private key resides on the Linux server only. The publick certifcate, represented by the Crypto Certificate object called "DP_Secure_Backups_CC" will be present on each appliance.

My secure backup only produces the following 5 files.
backupmanifest.xml
cert.tgz
config.tgz
local.tgz
root.tgz

I can understand why no raid-volume.tgz and no iscsi-value.tgz given that I specified "off" for the last two parms of the secure-backup command, but why aren't the other files produced? I need to understand which files are or are not produced and under what conditions because my script then copies the files via sftp from the appliance to the Linux server, and then deletes the files from that backup. So I need to know ahead of time what my script needs to copy and then delete.


C. The secure-backup command apparently doesn't allow sftp as an destination, only regular ftp. Really? Hopefully there is some option I'm missing to allow the secure-backup command to sftp any and all files that result from that secure-backup. This would allow me to simplify my script by avoiding the seperate copy and seperate delete commands after the secure backup to temporary:/// completes. Its seems odd that a *secure* backup only offers "unsecure" regular ftp and not sftp as an option. I can open a Request For Enhanacement if the consensus is there is no way to specify sftp as the destination for secure-backup in Firmware 6.0.1.
_________________
Peter Potkay
Keep Calm and MQ On
Back to top
View user's profile Send private message
PeterPotkay
PostPosted: Fri Jan 24, 2014 8:36 am    Post subject: Reply with quote

Poobah

Joined: 15 May 2001
Posts: 7717

I opened a PMR on this. Questions A and B are being researched still, but they did confirm for C that sftp is not an option.


Here is a link to the RFE to add sftp as an option for secure backups. Please vote for it if you think its a good idea.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=44070


I will update this post with the answers to A and B when I get them from the PMR.

-Peter
_________________
Peter Potkay
Keep Calm and MQ On
Back to top
View user's profile Send private message
PeterPotkay
PostPosted: Tue Feb 04, 2014 8:55 am    Post subject: Reply with quote

Poobah

Joined: 15 May 2001
Posts: 7717

Hope this helps the next person dealing with this


Description of files created by a secure backup
When a secure backup is executed, several files are created that together constitute the secure backup. The IBM InfoCenter does not describe these files in detail. The only information was a list of the files that might be produced, at the following link: http://pic.dhe.ibm.com/infocenter/wsdatap/v6r0m1/topic/com.ibm.dp.xi.doc/disasterrecovery_securebackup_contents.html
What these individual files represent and why we don’t see each file for each secure backup was not explained. PMR 30110,L6Q,000 was opened to clarify this and the following information was gathered. The suggestion was made to IBM that the InfoCenter should be updated with this information, and/or a Tech Note should be produced. They agreed and when that happens this appendix will be updated to refer to the official online documentation.

The secure backup of a DataPower appliance is created in a directory indicated by the user. The secure backup itself is made up of a series of encrypted files and a backupmanifest.xml file that file outlines what is included in the backup. Each tarball within the backup contains encrypted data from the file system in DataPower. For example the store.tgz file would contain data from the store: directory, the local.tgz file would contain data from the local: directory, etc. You do not get to pick and choose which files are backed up and included in the resulting .tgz. The secure backup process does perform file compression when it builds the tarballs, but the actual size of each file will depend on the amount of data being backed up.

There are two instances of directories that are not visible from the WebGUI. The dpcert: directory is only accessible from the Command Line Interface (CLI). The root: directory is not visible to the customer at all. Both of these directories contain files that may be used to encrypt the backup and validate the files when the secure restore is performed. There is no way to decrypt the secure backup files outside of the secure restore process.

There are certain directories, dpcert: and store: for example, that may or may not be included in the backup. The user does not have access to /root/secure/dpcert, but does have access to /drouter/dpcert. At initialization time, the two directories are identical. If a backup is done and the directory contents are still identical, the dpcert: directory will not be backed up. If files are added by you to /drouter/dpcert, then the two directories are no longer identical and the dpcert.tgz would be included in the secure backup. The same idea is used for store:. Since a secure backup and secure restore have to occur on the same exact firmware level, we know what should be in the store: directory. If store: on the appliance matches the store: from a fresh install, then the store: directory will not be included in the secure backup. If the customer has added/deleted/ updated files in store: from the original Firmware install, then the store.tgz file will be part of the secure backup.
List of potential files in a secure backup, what they represent and when they will be included
• backupmanifest.xml = This file is always created during a secure-backup. The backupmanifest.xml file outlines what is included in the backup.

• root.tgz = This file is always created during a secure-backup. It is a back up of the root directory which is not visible to the customer at all. It contains files that may be used to encrypt the backup and validate the files when the secure restore is performed.

• config.tgz = This file is always created during a secure-backup. It contains data from the config: directory.

• local.tgz = This file is always created during a secure-backup. It contains data from the local: directory.

• store.tgz = This file contains data from the store: directory. If the store: directory on the appliance matches the store: directory from a fresh install, then the store: directory will not be included in the secure backup. If the customer has added/deleted/ updated files in store: from the original firmware install, then the store.tgz file will be part of the secure backup.

• cert.tgz = This file is always created during a secure-backup. It contains data from the cert: directory.

• dpcert.tgz = this dir is only accessible from the Command Line Interface (CLI). It contains files that may be used to encrypt the backup and validate the files when the secure restore is performed. The user does not have access to /root/secure/dpcert, but does have access to /drouter/dpcert. At initialization time, the two directories are identical. If a backup is done and the directory contents are still identical, the dpcert: directory will not be backed up.

• sharedcert.tgz = This file contains data from the sharedcert: directory. This file will only be produced by the secure-backup command up if the sharedcert: directory contains data.

• chkpoints.tgz = This file contains data from the chkpoints: directory. This file will only be produced by the secure-backup command up if the chkpoints: directory contains data.

• raid-volume.tgz = This file will only be created during a secure backup if the include-raid flag is set to ‘on’ during a secure-backup. If possible, use methods other than backup-restore to back up RAID data. Backing up this data can require a significant amount of time. The resulting file can be quite large.

• compact-flash.tgz - This only affects the 9004 appliances (XI50 & XS40). Some models came with an additional compact flash drive to provide extra storage outside of the internal flash drive.

• iscsi-value.tgz = According to the documentation for the secure-backup command the iSCSI protocol is deprecated. This file would only be created if the include-iSCSI flag is set to ‘on’ during a secure-backup.

The InfoCenter article for the secure-backup command states the following:
"Quiesce the appliance before a secure backup. Quiescing the appliance prevents local configuration changes during the secure backup."
In the PMR we asked:
• If we can insure there are no configuration changes occurring during our backups, will secure-backups produced WITHOUT quiescing the appliance by viable backups?
• If we can insure there are no configuration changes occurring during our backups, will executing secure-backups WITHOUT quiescing the appliance during periods of no to low transaction volume be safe to execute?
IBM responded:
Quiescing the appliance is only a suggestion. We documented this as a way to be sure that there is no data loss during the backup. The backup will run regardless of whether or not the appliance is quiesced. If you are comfortable without quiescing, you may proceed as normal.
_________________
Peter Potkay
Keep Calm and MQ On
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere DataPower » Questions related to secure-backups
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.