Cisco Intercompany Media Engine Installation and Configuration Guide, Release 9.0(1)
Disaster Recovery System
Download this chapter
Disaster Recovery SystemDisaster Recovery System
Download the complete book
Cisco Intercompany Media Engine Installation and Configuration Guide, Release 9.0(1)Cisco Intercompany Media Engine Installation and Configuration Guide, Release 9.0(1) (PDF - 3 MB)
 Feedback

Disaster Recovery System

The Disaster Recovery System (DRS), which can be invoked from the Cisco IME server command line interface (CLI), provides full data backup and restore capabilities for the Cisco IME server. The Disaster Recovery System allows you to perform regularly scheduled automatic or user-invoked data backups.

DRS restores its own settings (backup device settings and schedule settings) as part of the backup/restore process. DRS backs up and restores drfDevice.xml and drfSchedule.xml files. When the server is restored with these files, you do not need to reconfigure DRS backup device and schedule.

You can store the backup files to either a local or network device. You must choose a local device if you do not have outgoing SFTP access to the Cisco IME server. If you store backup files to a local device, DRS stores the backup files in the /common/adminsftp/backup directory. You must manually move local backup files from the Cisco IME server by opening an SFTP client and connecting to the Cisco IME server by using the adminsftp user and the administrator password that you set up during installation


Caution

Before you restore Cisco IME, ensure that the Cisco IME version that is installed on the server matches the version of the backup file that you want to restore. The Disaster Recovery System supports only matching versions of Cisco IME for restore. For example, the Disaster Recovery System does not allow a restore from version 8.0.(1).1000-1 to version 8.0(2).1000-1, or from version 8.0.(1).1000-1 to version 8.0(1).1000-2.

The Disaster Recovery System includes the following capabilities:

  • A command line interface for performing backup and restore tasks.
  • A distributed system architecture for performing backup and restore functions.
  • Scheduled backups.
  • Archive backups to a local drive or remote SFTP server. The Disaster Recovery System does not support tape drives for backup and restore on the Cisco IME server.

Note

The system automatically deletes local backup files more than one week old. A warning message displays when you perform a backup that indicates that local backup files get deleted after one week.

The Disaster Recovery System contains two key functions, Master Agent (MA) and Local Agent (LA). The Master Agent coordinates backup and restore activity with Local Agents.


Caution

Schedule backups during off-peak hours to avoid call-processing interruptions and impact to service.

Backup and restore procedures

The following sections outline the tasks for the backup and restore procedures.


Note

DRS backs up and restores the drfDevice.xml and drfSchedule.xml files. These backup device settings and schedule settings get restored as a part of the backup/restore process. After the server is restored with these files, you do not need to reconfigure DRS backup device and schedule.

Back up data

The following procedure provides a quick, high-level reference to the major steps, in chronological order, that you must perform to do a backup procedure by using the Disaster Recovery System.

Procedure
    Step 1   Create backup devices on which to back up data.

    For further information, see Manage backup devices.

    Step 2   Create backup schedules to back up data on a schedule.

    For further information, see Create backup schedules.

    Step 3   Enable and disable backup schedules to back up data.

    For further information, see Manage backup schedules.

    Step 4   Run a manual backup.

    For further information, see Start a manual backup.

    Step 5   Check the status of the backup.

    While a backup is running, you can check the status of the current backup job. For further information, see Check backup status.

    Restore data

    The following procedure provides a high-level reference to the steps, that you must perform to do a restore procedure by using the Disaster Recovery System.

    Procedure
      Step 1   Restore a backup file from a local or network directory.

      For further information about restoring a backup for the Cisco Unified Communications Manager Business Edition 5000, see Restore the server from local directory.

      Step 2   Check the status of the restore.

      While the restore process is running, you can check the status of the current restore job. For further information, see View the restore status.

      SFTP server requirements

      To back up data to a remote device on the network or to move a local backup to another location, you must have an SFTP server that is configured. Cisco allows you to use any SFTP server product but recommends SFTP products that have been certified with Cisco through the Cisco Technology Developer Partner program (CTDP). CTDP partners, such as GlobalSCAPE, certify their products with specified version of Cisco Unified Communications Manager. For information on which vendors have certified their products with your version of Cisco Unified Communications Manager, refer to the following URL:

      http://www.cisco.com/pcgi-bin/ctdp/Search.pl

      For information on using GlobalSCAPE with supported Cisco Unified Communications versions, refer to the following URL:

      http://www.globalscape.com/gsftps/cisco.aspx

      Cisco uses the following servers for internal testing. You may use one of the servers, but you must contact the vendor for support:


      Note

      While a backup or restore is running, you cannot perform any OS Administration tasks because Disaster Recovery System blocks all OS Administration requests by locking the platform API. However, this does not block most CLI commands as only the CLI-based upgrade commands use the Platform API locking package.


      Tip

      Schedule backups during periods when you expect less network traffic.

      Disaster Recovery System accessibility

      To access the Disaster Recovery System, log into the Cisco IME CLI remotely or locally using the same Administrator username and password that you use created during installation:

      • From a client workstation, you can use SSH to connect securely to the CLI.
      • You can access the Cisco IME CLI directly by using the monitor and keyboard that you used during installation or by using a terminal server that is connected to the serial port. Use this method if a problem exists with the IP address.

      Note

      You set the Administrator username and password during the Cisco IME installation, and you can change the Administrator password or set up a new Administrator account by using the CLI. Refer to the Cisco Intercompany Media Engine Command Line Interface Reference Guide.

      Master Agent duties

      The system automatically activates the Master Agent (MA) on the server. The Master Agent (MA) performs the following duties:

      • The MA stores systemwide component registration information.
      • The MA maintains a complete set of scheduled tasks in an XML file. The MA updates this file when it receives updates of schedules from the user interface. The MA sends executable tasks to the applicable Local Agents, as scheduled. (Local Agents execute immediate-backup tasks without delay.)
      • You access the MA through the Disaster Recovery System user interface to perform activities such as configuring backup devices, scheduling backups by adding new backup schedules, viewing or updating an existing schedule, displaying status of executed schedules, and performing system restoration.
      • The MA stores backup data on a local directory or a remote network location.

      Local agents

      The server has a Local Agent to perform backup and restore functions. The Local Agent runs backup and restore scripts on the server.

      Manage backup devices

      Before using the Disaster Recovery System, you must configure the locations where you want the backup files to be stored. You can create local or network backup devices. If you create a local backup device, Disaster Recovery System stores the backup files in the a preconfigured directory on the Cisco IME server. You must manually move local backup files from the Cisco IME server by opening an SFTP client and connecting to the Cisco IME server by using the adminsftp user and the administrator password that you set up during installation.

      You can configure up to 10 backup devices. Perform the following steps to configure backup devices.

      Procedure
        Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility.

        The CLI admin prompt displays.

        Step 2   To create a local device, enter the following command: utils disaster_recovery device local device_name number of backups

        Where device_name equals the name of the backup device. The backup device name may contain only alphanumeric characters, spaces ( ), dashes (-) and underscores (_). Do not use any other characters. By default, DRS stores backup files for local devices in the /common/adminsftp/backup directory.

        Where number of backups equals the number of backups allowed for this device.

        Step 3   To create a network device so that you can store backup files on a network drive that is accessed through an SFTP connection, enter the following command: utils disaster_recovery device network device_name path server_name username number of backups

        Where device_name equals the name of the backup device. The backup device name may contain only alphanumeric characters, spaces ( ), dashes (-) and underscores (_). Do not use any other characters.

        Where path equals the path name for the directory where you want to store the backup file.

        Where server_name equals the name or IP address of the network server

        Where username equals a valid username for an account on the remote system

        Where number of backups equals the number of backups allowed for this device

        Note   

        You must have access to an SFTP server to configure a network storage location. The SFTP path must exist prior to the backup. The account that is used to access the SFTP server must have write permission for the selected path.

        The DRS Master Agent validates the selected backup device. If the user name, password, server name, or directory path is invalid, the command will fail.

        Step 4   To display a list of backup devices, enter the following command: utils disaster_recovery device list

        The device name, device type, and device path for each backup device displays.

        Step 5   To delete a backup device, enter the following command: utils disaster_recovery device delete device_name

        Where device_name equals the name of the device that you want to delete.

        Note   

        You cannot delete a backup device that is configured as the backup device in a backup schedule. You must first delete the schedule which uses this devicename, and then delete this device.

        Create backup schedules

        You can create up to 10 backup schedules. Each backup schedule has its own set of properties, including a schedule for automatic backups, the set of features to back up, and a storage location.


        Caution

        Schedule backups during off-peak hours to avoid call-processing interruptions and impact to service.

        Perform the following steps to create backup schedules:

        Procedure
          Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility.

          The CLI admin prompt displays.

          Step 2   Enter the following command: utils disaster_recovery schedule add schedulename devicename featurelist datetime frequency

          Where schedulename equals the name of the schedule.

          Where devicename equals the location where Disaster Recovery System stores the backup files.

          Where featurelist equals IME.

          Where datetime specifies the time and date when Disaster Recovery System performs the backup. The formast equals yyyy/mm/dd-hh:mm . Enter the time based on a 24- hour clock.

          Where frequency equals how often Disaster Recovery System performs the backup. Options are once, daily, weekly, and monthly.

          Step 3   To enable a schedule, enter the following command: utils disaster_recovery schedule enable schedulename

          The next backup occurs automatically at the time that you set.

          Note   

          To disable or delete schedules, see the Manage backup schedules.

          Manage backup schedules

          Follow this procedure to enable, disable, or delete backup schedules.

          Procedure
            Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
            Step 2   To view the list of backup schedules, enter the following command: utils disaster_recovery schedule list The CLI displays the device name and status for each schedule. The device name specifies where Disaster Recovery System stores the backup files.
            Step 3   Perform one of the following tasks:
            • To enable a schedule, enter the following command: utils disaster_recovery schedule enable schedulename
            • To disable a schedule, enter the following command: utils disaster_recovery schedule disable schedulename
            • To delete a schedule, enter the following command: utils disaster_recovery schedule delete schedulename

              The schedules can be enabled, disabled or deleted only one at a time.

            Start a manual backup

            Follow this procedure to start a manual backup.

            Procedure
              Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
              Step 2   Enter the following command: utils disaster_recovery backup type featurelist device_name

              Where type equals the location of the backup, either local or network

              Where featurelist equals IME.

              Where device_name equals the name of the backup device.

              Step 3   To view the status of the current backup, enter the following command: utils disaster_recovery status backup
              Step 4   To cancel the current backup, enter the following command: utils disaster_recovery cancel_backup yes

              Check backup status

              You can check the status of the current backup job and cancel the current backup job. To view a list of backup files, see the View the restore status.


              Caution

              Be aware that if the backup to the remote server is not completed within 20 hours, the backup session will time out. You will then need to begin a fresh backup.

              Perform the following steps to check the status of the current backup job.

              Procedure
                Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
                Step 2   To view the status of the current backup, enter the following command: utils disaster_recovery status backup
                Step 3   To cancel the current backup, enter the following command: utils disaster_recovery cancel_backup yes
                Note   

                The backup cancels after the current component completes its backup operation.

                Display backup files

                Using the following procedures, you can see the list of backup files that are stored to the localor network drives:

                Procedure
                  Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
                  Step 2   To view backup files, do one of the following:
                  • To view the list of backup files in the local directory (/common/adminsftp/backup), enter the following command: utils disaster_recovery show_backupfiles local backup
                  • To view the list of backup files in the local restore directory (/common/adminsftp/restore), enter the following command: utils disaster_recovery show_backupfiles local restore
                  • To view the list of backup files on a network drive, enter the following command: utils disaster_recovery show_backupfiles network path servername userid

                  Where path equals the path name for the directory where the backup file is stored.

                  Where servername equals the name or IP address of the network server.

                  Where userid equals a valid user ID for an account on the remote system.

                  Restore the server from local directory


                  Caution

                  After you choose the server to which you want the data restored, any existing data on that server gets overwritten.

                  You can restore the Cisco IME server from a backup file in a network directory or in a local directory. The following restore procedure applies to the Cisco Unified Communications Manager Business Edition 5000.

                  Use the following procedures to restore the Cisco IME server from a local directory:

                  Before You Begin

                  Before you restore Cisco IME, ensure that the Cisco IME version that is installed on the server matches the version of the backup file that you want to restore. The Disaster Recovery System supports only matching versions of Cisco IME for restore. For example, the Disaster Recovery System does not allow a restore from version 8.0.(1).1000-1 to version 8.0.(2).1000-1, or from version 8.0.(1).1000-1 to version 8.0.(1).1000-2. In essence, the product version needs to match, end-to-end, for the Disaster Recovery System to run a successful Cisco IME restore. Disaster Recovery System adheres to strict version checking and allows restore only between matching versions of Cisco IME.

                  Procedure
                    Step 1   Copy the backup file to the Cisco IME server by opening an SFTP client, and connecting to the Cisco IME server by using the adminsftp user and the administrator password, that you set up during installation. To do that, navigate to the backup directory by entering cd backup, and copy the backup file to the /common/adminsftp/restore directory.
                    Step 2   Access the Disaster Recovery System by logging into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
                    Step 3   Enter the following command: utils disaster_recovery restore local restore_server tarfilename device_name

                    Where restore_server hostname of the server to be restored.

                    Where tarfilename equals the name of the backup file to be restored without extension; for example, 2008-01-21-18-25-03.

                    Where device_name equals the name of the backup device.

                    Your data gets restored on the server that you chose.
                    Step 4   To view the status of the restore, enter the following command: utils disaster_recovery status restore
                    Step 5   Restart the server.
                    Related Tasks

                    Restore the server from network directory


                    Caution

                    After you choose the server to which you want the data restored, any existing data on that server gets overwritten.

                    You can restore the Cisco IME server from a backup file in a network directory or in a local directory. Use one of the following procedures to restore the Cisco IME server from a network directory:

                    Before You Begin

                    Before you restore Cisco IME, ensure that the Cisco IME version that is installed on the server matches the version of the backup file that you want to restore. The Disaster Recovery System supports only matching versions of Cisco IME for restore. For example, the Disaster Recovery System does not allow a restore from version 8.0.(1).1000-1 to version 8.0.(2).1000-1, or from version 8.0.(1).1000-1 to version 8.0.(1).1000-2. In essence, the product version needs to match, end-to-end, for the Disaster Recovery System to run a successful Cisco IME restore. Disaster Recovery System adheres to strict version checking and allows restore only between matching versions of Cisco IME.

                    Procedure
                      Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility.

                      The CLI admin prompt displays.

                      Step 2   Enter the following command: utils disaster_recovery restore network restore_server tarfilename device_name

                      Where restore_server hostname of the server to be restored.

                      Where tarfilename file name to be restored without extension(e.g.2008-01-21-18-25-03).

                      Where device_name equals the name of the backup device.

                      Caution   

                      After you choose the server to which you want the data restored, any existing data on that server gets overwritten.

                      Your data gets restored on the server that you chose.

                      Step 3   To view the status of the restore, enter the following command: utils disaster_recovery status restore
                      Step 4   Restart the server.
                      Related Tasks

                      View the restore status

                      To check the status of the current restore job, perform the following steps:

                      Procedure
                        Step 1   To access the Disaster Recovery System, log into the Cisco IME CLI as described in Disaster Recovery System accessibility. The CLI admin prompt displays.
                        Step 2   To view information about the current restore job, enter the following command: utils disaster_recovery status restore The status shows the restore percentage, log file location, timestamp, feature name, server name, component name, and component status.

                        Trace files

                        For ViPR, we have following trace files:

                        In this release of the Disaster Recovery System, trace files for the Master Agent, the GUI, and each Local Agent get written to the following locations:

                        • For the Master Agent, find the trace file at platform/drf/trace/drfMA0*
                        • For each Local Agent, find the trace file at platform/drf/trace/drfLA0*

                        Disaster Recovery System alarms

                        The Disaster Recovery System (DRS) issues alarms for various errors that could occur during a backup or restore procedure. The following table provides a list of Cisco DRS alarms.

                        Table 1 Disaster Recovery System alarms

                        Alarm Name

                        Description

                        Explanation

                        DRFBackupDeviceError

                        DRF backup process has problems accessing device.

                        DRS backup process encountered errors while it was accessing device.

                        DRFBackupFailure

                        Cisco DRF Backup process failed.

                        DRS backup process encountered errors.

                        DRFBackupInProgress

                        New backup cannot start while another backup is still running

                        DRS cannot start new backup while another backup is still running.

                        DRFInternalProcessFailure

                        DRF internal process encountered an error.

                        DRS internal process encountered an error.

                        DRFLA2MAFailure

                        DRF Local Agent cannot connect to Master Agent.

                        DRS Local Agent cannot connect to Master Agent.

                        DRFLocalAgentStartFailure

                        DRF Local Agent does not start.

                        DRS Local Agent might be down.

                        DRFLocalDeviceError

                        DRF has problems accessing local device.

                        DRS encountered errors while it was accessing local device.

                        DRFMA2LAFailure

                        DRF Master Agent does not connect to Local Agent.

                        DRS Master Agent cannot connect to Local Agent.

                        DRFMABackupComponentFailure

                        DRF cannot back up at least one component.

                        DRS requested a component to back up its data; however, an error occurred during the backup process, and the component did not get backed up.

                        DRFMABackupNodeDisconnect

                        The node that is being backed up disconnected from the Master Agent prior to being fully backed up.

                        While the DRS Master Agent was running a backup operation on a Cisco Unified Communications Manager or Cisco Unity Connection node, the node disconnected before the backup operation completed.

                        DRFMARestoreComponentFailure

                        DRF cannot restore at least one component.

                        DRS requested a component to restore its data; however, an error occurred during the restore process, and the component did not get restored.

                        DRFMARestoreNodeDisconnect

                        The node that is being restored disconnected from the Master Agent prior to being fully restored.

                        While the DRS Master Agent was running a restore operation on a Cisco Unified Communications Manager or Cisco Unity Connection node, the node disconnected before the restore operation completed.

                        DRFMasterAgentStartFailure

                        DRF Master Agent did not start.

                        DRS Master Agent might be down.

                        DRFNoRegisteredComponent

                        No registered components are available, so backup failed.

                        DRS backup failed because no registered components are available.

                        DRFNoRegisteredFeature

                        No feature got selected for backup.

                        No feature got selected for backup.

                        DRFRestoreDeviceError

                        DRF restore process has problems accessing device.

                        DRS restore process cannot read from device.

                        DRFRestoreFailure

                        DRF restore process failed.

                        DRS restore process encountered errors.

                        DRFSftpFailure

                        DRF SFTP operation has errors.

                        Errors exist in DRS SFTP operation.

                        DRFSecurityViolation

                        DRF system detected a malicious pattern that could result in a security violation.

                        The DRF Network Message contains a malicious pattern that could result in a security violation like code injection or directory traversal. DRF Network Message has been blocked.

                        DRFTruststoreMissing

                        The IPsec truststore is missing on the node.

                        The IPsec truststore is missing on the node. DRF Local Agent cannot connect to Master Agent.

                        DRFUnknownClient

                        DRF Master Agent on the Pub received a Client connection request from an unknown server outside the cluster. The request has been rejected.

                        The DRF Master Agent on the Pub received a Client connection request from an unknown server outside the cluster. The request has been rejected.