Configure NFS Staging for ACS 5.x Backup on Windows and Linux

Available Languages

Download Options

  • PDF     (151.2 KB)
    View with Adobe Reader on a variety of devices
Updated:July 21, 2015
Document ID:119030

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Introduction

This document describes how to configure NFS (Network File System) staging on Windows Server 2012 or on a Linux server, and how to configure ACS (Access Control Server) for use in the backup process.

This feature can be especially helpful when there is high utilization of the /opt directory on ACS, and it is not an acceptable option to clean the view database.

The NFS staging feature lets you use remote disk space to create a backup of ACS that would otherwise be created locally in the /opt directory. After the backup is created, it is stored on the FTP server that you specify in the backup command.

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • Windows Server or Linux server
  • Cisco ACS

Components Used

The information in this document is based on these software and hardware versions:

  • Cisco ACS 5.5
  • Windows Server 2012
  • Linux server 2.6.18

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Configure

Option 1: Use Windows Server as an NFS Staging Device

  1. Click the Windows Start menu, point to Administrative Tools, and click Server Manager. The Server Manager window opens.
  2. Click the Manage menu and then click Add Roles and Features. The Add Roles and Features Wizard window opens.
  3. Click Next.
  4. On the Installation Type page, select Role-based or feature-based installation. Click Next.
  5. On the Server Selection page, specify the Windows Server you want to configure. Click Next.
  6. On the Server Roles page, select File and Storage Services, then select File and iSCSI Services, and then select Server for NFS.

  7. Click Next on each of the remaining pages of the wizard. Do not make any additional changes or selections. When you are asked to confirm the changes, click Yes.
  8. On the file system, create a folder for the backup. Give the folder a descriptive name.
  9. Right-click the folder and click Properties. The Properties dialog opens.
  10. Click the NFS Sharing tab.

  11. Click the Manage NFS Sharing button. The NFS Advanced Sharing dialog opens.

  12. Ensure that the following options are selected:
    • Share this folder
    • No server authentication [Auth_SYS]
    • Enable unmapped user access
    • Allow unmapped user Unix access (by UID/GID)
  13. Click the Permissions button. The Permissions dialog opens.
  14. Configure folder permissions so that all machines have read-write access. Do not allow root access.

  15. Click OK in order to close each open dialog window.

Option 2: Use Linux Server as an NFS Staging Device

  1. Use the ping command in order to check the connection to the Linux server.
  2. Configure the backup staging URL for the NFS.
  3. Enter the following command in order to check that the repository can be used:
acs# sh repository NFS-TEST
  ade # mount -t nfs <backup folder on Linux server>  <folder on ACS>

Note: The backup folder on the Linux server should take the form of the domain name or IP address followed by the folder path, such as "209.165.200.225:/app/backup". The ACS folder should take the form of the folder path, such as "/tmp/TEST/".

Configure NFS Staging on Cisco ACS

At the command prompt, enter configuration commands as shown in this example:

ACS56-1/admin#
ACS56-1/admin# conf t

   {Enter configuration commands, one per line.  End with CTRL+Z.}

ACS56-1/admin(config)# <backup-staging-url> nfs://209.165.200.225:/NFS_share

Note: You can use the domain name of the NFS server instead of the IP address. Please note the ':/' sequence between the address and the NFS share name.

Verify

Use this section in order to confirm that your configuration works properly.

Note: The same commands are used on the ACS (shell mode) to configure NFS staging for either a Linux server or a Windows server.

  1. Run this backup command from the command line:

    ACS56-1/admin# backup testbackup repository ftp application acs
    % Creating backup with timestamped filename: testbackup-150209-2004.tar.gpg

    A log is generated:

    Feb  9 20:22:22 piborowi-ACS56-1 ADE-SERVICE[4681]: [18126]:[info] config:backup: br_stage.c[160] [admin]: set staging url to nfs://209.165.200.225:/NFS_share
  2. Check that the backup subfolder is present in the NFS shared folder you created.

There is no difference in ADE.log debugs for backups created with or without NFS staging. The NFS is mounted only for the duration of the backup process.

In order to verify that the file system was mounted properly, use these commands:

ade # df -hFilesystem            Size  Used Avail Use% Mounted on
/dev/mapper/smosvg-rootvol
                      4.2G  364M  3.7G   9% /
/dev/sda2             965M   18M  898M   2% /storedconfig
/dev/mapper/smosvg-storeddatavol
                      3.9G  1.3G  2.5G  34% /storeddata
/dev/mapper/smosvg-usrvol
                      4.2G  1.1G  3.0G  26% /usr
/dev/mapper/smosvg-tmpvol
                      4.2G  143M  3.9G   4% /tmp
/dev/mapper/smosvg-home
                      961M   18M  894M   2% /home
/dev/mapper/smosvg-optvol
                       55G  2.7G   50G   6% /opt
/dev/mapper/smosvg-localdiskvol
                       11G  156M   11G   2% /localdisk
/dev/mapper/smosvg-altrootvol
                      961M   18M  895M   2% /altroot
/dev/mapper/smosvg-varvol
                      5.3G  223M  4.8G   5% /var
/dev/mapper/smosvg-recvol
                      961M   18M  895M   2% /recovery
/dev/sda1              92M   52M   35M  61% /boot
tmpfs                 2.0G     0  2.0G   0% /dev/shm
10.48.17.34:/NFS_share
                      400G   25G  376G   7% /opt/backup
ade # nfsstat -m
/opt/backup from 209.165.200.225:/NFS_share
 Flags: rw,vers=3,rsize=32768,wsize=32768,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=209.165.201.1

Troubleshoot

This section provides information you can use in order to troubleshoot your configuration.

Error 1

acs# sh repository NFS-TEST
% Error mounting NFS location

Solution: Make sure there is proper routing/network connectivity between the NFS and the ACS. Ping the Linux computer and also make sure that the directory created on the Linux computer has proper privileges.

Error 2

ade # mount -t nfs 209.165.200.225:/app/backup /tmp/TEST
mount: 209.165.200.225:/app/backup failed, reason given by server: unknown nfs status return value: -1

Solution: Enter this command on the Linux server:

vi /etc/hosts and <ip address of ACS> <hostname>
TAC Authored

Contributed by Cisco Engineers

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products