Please add breadcrumbs in author

Nexus Dashboard Orchestrator Backups and Restore for ACI Fabrics, Release 4.3.x

Tech Article
 
Last updated: March 28, 2024
PDF
Is this helpful? Feedback

Configuration Backup and Restore Guidelines

You can create backups of your Cisco Nexus Dashboard Orchestrator configuration that can facilitate in recovering from Orchestrator failures or cluster restarts. We recommend creating a backup of the configuration before every upgrade or downgrade of your Orchestrator and after every configuration change or deployment. The backups are always created on a remote server (not Cisco Nexus Dashboard cluster), which is defined in the Cisco Nexus Dashboard Orchestrator as described in the following sections.

When creating configuration backups, the following guidelines apply:

  • Importing and restoring backups that are created from later releases is not supported.

    For example, if you downgrade your Cisco Nexus Dashboard Orchestrator to an earlier release, you cannot restore a backup of the configuration that is created on a later release.

  • Restoring configuration backups created on releases before Release 4.0(1) is supported only during the initial upgrade to this release.

    If you want to upgrade from a release before release 4.0(1) to this release, see the "Upgrading NDO Service in Cisco Nexus Dashboard" chapter in the Cisco Nexus Dashboard Orchestrator Deployment Guide.

  • When saving a backup, the configuration is saved in the same state in which it was deployed. When restoring a backup, any policies that were deployed will show as deployed, while any policies that were not deployed will remain in the undeployed state.

  • Restoring a backup action restores the database on the Cisco Nexus Dashboard Orchestrator, but it does not make any changes to the controller (such as APIC, Cloud Network Controller, or NDFC) databases on each site.

    We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in the "Configuration Drifts" section of this guide, and then redeploy the existing templates to avoid potentially mismatching policies between the Cisco Nexus Dashboard Orchestrator and each site’s controller.

  • When you create a configuration backup, the files are first created on the Orchestrator’s local drives, then uploaded to the remote location, and finally deleted from the local storage. If there is not enough local disk space, the backup fails.

  • If you have a backup scheduler that is enabled to take local backups before upgrading to Release 4.0(1) or later, it will be disabled after the upgrade.

    After the upgrade, you must readd any remote locations you had set up and then re-enable backup scheduler.

  • Deleting a backup using the UI also deletes the backup files from the remote location.

When restoring configuration backups, the following guidelines apply:

  • If there have been no policy changes between when the backup was created and when it is being restored, no additional considerations are required and you can simply restore the configuration as described in Restoring Backups.

  • If any configuration changes took place between the time when the configuration backup was created and the time it is being restored, consider the following:

    • Restoring a backup will not modify any objects, policies, or configurations on the sites. Any new objects or policies that are created and deployed since the backup will remain deployed.

      We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in "Configuration Drifts" section of this guide, and then redeploy the existing templates to avoid potentially mismatching policies between the Cisco Nexus Dashboard Orchestrator and each site’s controller.

      Alternatively, you can choose to undeploy all policies first, which will avoid any potential stale objects after the configuration is restored from backup. However, this would cause a disruption in traffic or services that are defined by those policies.

    • The steps required to restore a configuration backup are described in Restoring Backups.

    • After a sucessfull restore of Cisco Nexus Dashboard Orchestrator configuration wait for at least 15 minutes before trying to deploy any templates to the fabric.

    • If the configuration backup you restored was saved before it was deployed to the sites, it will be restored in the undeployed state and you can simply deploy it to the sites as necessary.

    • If the configuration backup you restored was saved when the configuration was already deployed, it will be restored in the deployed state, although none of the configurations exist in the sites yet.

      In this case, resolve any configuration drifts that may appear in the templates, as described in the "Configuration Drifts" section of this guide and redeploy the templates to sync the Cisco Nexus Dashboard Orchestrator’s configuration with the sites.

    • If sites that were managed when the backup was created are no longer present in the Cisco Nexus Dashboard, the restore fails.

    • If sites status since the backup has changed (managed vs unmanaged) but the sites are still present in the Cisco Nexus Dashboard, the status will be restored to what it was at the time of backup.

Configuring Remote Locations for Backups

This section describes how to configure a remote location in Cisco Nexus Dashboard Orchestrator to which you can then export your configuration backups.

  1. Log in to your Cisco Nexus Dashboard and open the Cisco Nexus Dashboard Orchestrator service.

  2. From the left navigation pane, select Admin > Backup and Restore > Remote Locations tab.

  3. In the top right of the main window, click Create Remote Location.

    An Create New Remote Location screen appears.

  4. Provide the name for the remote location and an optional description.

    Two protocols are currently supported for remote export of configuration backups:

    • SCP

    • SFTP

    note.svg

    SCP is supported for non-Windows servers only. If your remote location is a Windows server, you must use the SFTP protocol.

  5. Specify the host name or IP address of the remote server.

    Based on your Protocol selection, the server you specify must allow SCP or SFTP connections.

  6. Provide the full path to a directory on the remote server where you save the backups.

    The path must start with a slash (/) characters and must not contain periods (.) or backslashes (\). For example, /backups/multisite.

    note.svg

    The directory must exist on the remote server.

  7. Specify the port used to connect to the remote server.

    By default, port is set to 22.

  8. Specify the authentication type used when connecting to the remote server.

    You can configure one of the following two authentication methods:

    • Password-Provide the username and password that is used to sign in to the remote server.

    • SSH Private Files-provide the username and the SSH Key/Passphrase pair that is used to sign in to the remote server.

  9. Click Save to add the remote server.

Creating Backups

Before you begin:

You must first add the remote location as described in Configuring Remote Locations for Backups.

This section describes how to create a new backup of your Cisco Nexus Dashboard Orchestrator configuration.

  1. Log in to your Cisco Nexus Dashboard Orchestrator.

  2. Backup existing deployment configuration.

    1. From the left navigation pane, select Admin > Backups & Restore.

    2. In the main window, click Create New Backup.

      A New Backup window opens.

    3. Provide the backup information.

      • In the Name field, provide the name for the backup file.

        The name can contain up to 10 alphanumeric characters, but no spaces or underscores (_).

      • From the Remote Location drop-down, select a remote location that you have configured for storing backups.

      • (Optional) In the Remote Path, provide the specific directory on the remote server where to save the backup.

        The directory that you specify must exist.

    4. Click Save to create the backup.

Restoring Backups

Before you begin:
note.svg

Restoring a backup action restores the database on the Cisco Nexus Dashboard Orchestrator, but it does not make any changes to the controller (such as APIC, Cloud Network Controller, or NDFC) databases on each site.
We recommend that after you restore the Orchestrator database you resolve any configuration drifts that may appear in the templates, as described in the "Configuration Drifts" section of this guide, and then redeploy the existing templates to avoid potentially mismatching policies between the Cisco Nexus Dashboard Orchestrator and each site’s controller.
For information on specific configuration mismatch scenarios and recommended restore procedures that are related to each one, see Configuration Backup and Restore Guidelines.

This section describes how to restore a Cisco Nexus Dashboard Orchestrator configuration to a previous state.

  1. Log in to your Cisco Nexus Dashboard Orchestrator GUI.

  2. If necessary, undeploy existing policies.

    We recommend you perform this step if new objects or policies were added to the configuration between when the backup was created and current configuration. Extra context is available in Configuration Backup and Restore Guidelines.

  3. From the left navigation menu, select Admin > Backups & Restore.

  4. In the main window, click the actions (…​) icon next to the backup you want to restore and select Rollback to this backup.

    If the version of the selected backup is different from the running Cisco Nexus Dashboard Orchestrator version, the rollback could cause a removal of the features that are not present in the backup version.

  5. Click Yes to confirm that you want to restore the backup you selected.

    If you click Yes, the system stops the current session and the user is logged out.

    note.svg

    Multiple services are restarted during the configuration restore process. As a result, you may notice an up to 10-minute delay before the restored configuration is properly reflected in the NDO GUI.

  6. Check if any templates contain configuration drifts.

    You repeat the following steps for every schema and template in your deployment.

    You can check for configuration drifts in one of the following two ways:

    • Check the template deployment status icon for each site to which the template is assigned:

      505221.jpg
      Figure 1. Deployment status

    • Select the template and click Deploy template to bring up the configuration comparison screen to check which objects contain configuration drifts:

    505222.jpg
    Figure 2. Deploy to sites

  7. If any template contains a configuration drift, resolve the conflicts.

    For more information about configuration drifts, check the "Configuration Drifts" chapter in the Cisco Nexus Dashboard Orchestrator Configuration Guide for ACI Fabrics.

    1. Close the template deployment dialog to return to the Schema view.

      Deploying any templates at this point would push the values in the Orchestrator database and overwrite any existing settings in the fabrics.

    2. From the template’s Actions menu, select Reconcile Configuration Drifts.

      505212.jpg
      Figure 3. Reconcile Configuration Drifts

      The Drift Reconciliation wizard opens.

    3. In the Drift Reconciliation screen, compare the template-level configurations for each site and choose the one you want.

      505210.jpg
      Figure 4. Drift Reconciliation

      Template-level properties are common across all sites that are associated to the template. You can compare the template level properties that are defined on Cisco Nexus Dashboard Orchestrator with the configuration that is rendered in each site and decide what should become the new configuration in the Cisco Nexus Dashboard Orchestrator template. Selecting the site configuration modifies those properties in the existing Cisco Nexus Dashboard Orchestrator template, whereas selecting the Cisco Nexus Dashboard Orchestrator configuration keeps the existing Cisco Nexus Dashboard Orchestrator template settings as is.

    4. Click Go to Site Specific Properties to switch to site-level configuration.

      505224.jpg
      Figure 5. Go to Site Specific Properties

      You can choose a site to compare that specific site’s configuration. Unlike template-level configurations, you can choose either the Cisco Nexus Dashboard Orchestrator-defined or actual existing configurations for each site individually to be retained as the template’s site-local properties for that site.

      Although in most scenarios you make the same choice for both template-level and site-level configuration, the drift reconciliation wizard allows you to choose the configuration defined in the site’s controller at the "Template Properties" level and the configuration that is defined in Cisco Nexus Dashboard Orchestrator at the "Site Local Properties" level or conversely.

    5. Click Preview Changes to verify your choices.

      The preview displays full template configuration adjusted based on the choices that are picked in the Drift Reconciliation wizard. You can then click Deploy to sites to deploy the configuration and reconcile the drift for that template.

  8. After all configuration drifts are resolved and there are no changes that are shown in the Deploy to sites dialog for the template, perform full redeployment of the template.

    note.svg

    Due to database transformations, you must perform a full redeployment of each template.

    note.svg

    After the restore process is complete, wait for at least 15 minutes before trying to deploy any templates to the fabric.

    Ensure that the Deploy to sites dialog contains no changes as shown in the following figure, then click Deploy to redeploy complete configuration:

    505225.jpg
    Figure 6. Deploy to sites

  9. Repeat the above steps for every schema and template in your Cisco Nexus Dashboard Orchestrator.

  10. Check audit logs to verify that all templates have been redeployed.

    You can view the audit signs in the Operations tab.

    Audit Logs page and confirm that all templates show as Redeployed to ensure that full redeployment successfully completed.

Exporting (Downloading) Backups

Before you begin:

This section describes how to download the backup from the Cisco Nexus Dashboard Orchestrator.

  1. Log in to your Cisco Nexus Dashboard Orchestrator GUI.

  2. From the left navigation menu, select Admin > Backups & Restore.

  3. In the main window, click the actions (…​) icon next to the backup you want to download and select Download.

    This downloads the backup file in msc-backups-<timestamp>.tar.gz format to your system. You can then extract the file to view its contents.

Importing Backups to Remote Location

Before you begin:

You must have completed the following:

This section describes how to upload an existing configuration backup you have previously downloaded and import it into one of the remote locations that are configured in your Cisco Nexus Dashboard Orchestrator.

  1. Log in to your Cisco Nexus Dashboard Orchestrator.

  2. From the left navigation pane, select Admin > Backups & Restore.

  3. In the main pane, click Upload.

  4. In the Upload from file window that opens, click Select File and choose the backup file that you want to import.

    Uploading a backup adds it to the list of the backups displayed the Backups page.

  5. From the Remote Location drop-down list, select the remote location.

  6. (Optional) Update the remote location path.

    The target directory on the remote server, which you configured when creating the remote backup location, will be displayed in the Remote Path field.

    You can choose to append extra subdirectories to the path. However, the directories must be under the default-configured path and must have been already created on the remote server.

  7. Click Upload to import the file.

    Importing a backup adds it to the list of the backups displayed the Backups page.

    Note that although the backups are shown on the NDO UI, they are located on the remote servers only.

Backup Scheduler

Before you begin:

You must have already added a remote location for backups as described in Configuring Remote Locations for Backups.

This section describes how to enable or disable the backup scheduler, which will perform complete configuration backup at regular intervals.

  1. Log in to your Cisco Nexus Dashboard Orchestrator GUI.

  2. From the left navigation menu, select Admin > Backups & Restore.

  3. In the top right of the main pane, click No Schedule.

    The Backup Scheduler Settings window opens.

  4. Set up backup scheduler.

    1. Check the Enable Scheduler check box.

    2. In the Select Starting Date field, provide the day when you want the scheduler to start.

    3. In the Select Time fields, provide the time of day when you want the scheduler to start.

    4. From the Select Frequency drop-down, choose how often the backup should be performed.

    5. From the Remote Location drop-down, select the location where the backups will be saved.

    6. (Optional) In the Remote Path field, update the path on the remote location where the backups will be saved.

      The target directory on the remote server, which you configured when creating the remote backup location, will be displayed in the Remote Path field.

      You can choose to append extra subdirectories to the path. However, the directories must be under the default-configured path and must have been already created on the remote server.

    7. Click Save to finish.

  5. If you want to disable the backup scheduler, simply uncheck the Enable Scheduler check box in the preceding step.

First Published: 2024-03-01
Last Modified: 2024-03-01

Need help?