Backing Up and Restoring the Configuration

This chapter includes the following sections:

Backup and Export Configuration

When you perform a backup through Cisco UCS Manager, you take a snapshot of all or part of the system configuration and export the file to a location on your network. You cannot use Cisco UCS Manager to back up data on the servers.

You can perform a backup while the system is up and running. The backup operation only saves information from the management plane. It does not have any impact on the server or network traffic.

Backup Types

You can perform one or more of the following types of backups through Cisco UCS Manager:


  • Full state—A binary file that includes a snapshot of the entire system. You can use the file generated from this backup to restore the system during disaster recovery. This file can restore or rebuild the configuration on the original fabric interconnect, or recreate the configuration on a different fabric interconnect. You cannot use this file for an import.

  • All configuration—An XML file that includes all system and logical configuration settings. You can use the file generated from this backup to import these configuration settings to the original fabric interconnect or to a different fabric interconnect. You cannot use this file for a system restore.

  • System configuration—An XML file that includes all system configuration settings such as usernames, roles, and locales. You can use the file generated from this backup to import these configuration settings to the original fabric interconnect or to a different fabric interconnect. You cannot use this file for a system restore.

  • Logical configuration—An XML file that includes all logical configuration settings such as service profiles, VLANs, VSANs, pools, and policies. You can use the file generated from this backup to import these configuration settings to the original fabric interconnect or to a different fabric interconnect. You cannot use this file for a system restore.

Considerations and Recommendations for Backup Operations

Before you create a backup operation, consider the following:

Backup Locations

The backup location is the destination or folder on the network where you want Cisco UCS Manager to export the backup file. You can maintain only one backup operation for each location where you plan to save a backup file.

Potential to Overwrite Backup Files

If you rerun a backup operation without changing the filename, Cisco UCS Manager overwrites the existing file on the server. To avoid overwriting existing backup files, change the filename in the backup operation or copy the existing file to another location.

Multiple Types of Backups

You can run and export more than one type of backup to the same location. You need to change the backup type before you rerun the backup operation. We recommend that you change the filename for easier identification of the backup type and to avoid overwriting the existing backup file.

Scheduled Backups

You cannot schedule a backup operation. You can, however, create a backup operation in advance and leave the admin state disabled until you are ready to run the backup. Cisco UCS Manager does not run the backup operation, save, or export the configuration file until you set the admin state of the backup operation to enabled.

Incremental Backups

You cannot perform incremental backups of the Cisco UCS Manager system configuration.

Backwards Compatibility

Starting with Release 1.1(1) of the Cisco UCS Manager, full state backups are encrypted so that passwords and other sensitive information are not exported as clear text. As a result, full state backups made from Release 1.1(1) or later cannot be restored to a Cisco UCS instance running an earlier software release.

Import Configuration

You can import any configuration file that was exported from Cisco UCS Manager. The file does not need to have been exported from the same Cisco UCS Manager.

The import function is available for all configuration, system configuration, and logical configuration files. You can perform an import while the system is up and running. An import operation modifies information on the management plane only. Some modifications caused by an import operation, such as a change to a vNIC assigned to a server, can cause a server reboot or other operations that disrupt traffic.

You cannot schedule an import operation. You can, however, create an import operation in advance and leave the admin state disabled until you are ready to run the import. Cisco UCS Manager will not run the import operation on the configuration file until you set the admin state to enabled.

You can maintain only one import operation for each location where you saved a configuration backup file.

Import Methods

You can use one of the following methods to import and update a system configuration through Cisco UCS Manager:


  • Merge—The information in the imported configuration file is compared with the existing configuration information. If there are conflicts, the import operation overwrites the information on the Cisco UCS instance with the information in the import configuration file.

  • Replace—The current configuration information is replaced with the information in the imported configuration file one object at a time.

System Restore

You can restore a system configuration from any full state backup file that was exported from Cisco UCS Manager. The file does not need to have been exported from the Cisco UCS Manager on the system that you are restoring.

The restore function is only available for a full state backup file. You cannot import a full state backup file. You perform a restore through the initial system setup.

You can use the restore function for disaster recovery.

Required User Role for Backup and Import Operations

You must have a user account that includes the admin role to create and run backup and import operations.

Backup Operations

Creating a Backup Operation

Before You Begin

Obtain the backup server IP address and authentication credentials.


Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # create backup URL backup-type {disabled | enabled}  

Creates a backup operation. Specify the URL for the backup file using one of the following syntax:


  • ftp://hostname/path

  • scp://username@hostname/path

  • sftp://username@hostname/path

  • tftp://hostname:port-num/path

The backup-type argument can be one of the following values:


  • all-configuration—Backs up the server, fabric, and system related configuration

  • logical-configuration—Backs up the fabric and service profile related configuration

  • system-configuration—Backs up the system related configuration

  • full-state—Backs up the full state for disaster recovery

    Note   

    Full-state backup files cannot be imported using an import operation. They are used only to restore the configuration for a fabric interconnect.

You can save multiple backup operations, but only one operation per hostname is saved.

If you use the enable keyword, the backup operation automatically runs as soon as you enter the commit-buffer command. If you use the disable keyword, the backup operation will not run until it is enabled. When enabling a backup operation, you must specify the hostname you used when creating the backup operation.

 
Step 3 UCS-A /system # commit-buffer  

Commits the transaction.

 

The following example creates a disabled all-configuration backup operation for hostname host35 and commits the transaction:

UCS-A# scope system
UCS-A /system* # create backup scp://user@host35/backups/all-config9.bak all-configuration disabled
Password: 
UCS-A /system* # commit-buffer
UCS-A /system # 

Running a Backup Operation

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # scope backup hostname  

Enters system backup mode for the specified hostname.

 
Step 3 UCS-A /system/backup # enable  
Enables the backup operation.
Note   

For backup operations using FTP, SCP, SFTP, you are prompted for the password. Enter the password before committing the trasaction.

 
Step 4 UCS-A /system/backup # commit-buffer  

Commits the transaction.

 

The following example enables a backup operation named host35, enters the password for the SCP protocol, and commits the transaction:

UCS-A# scope system
UCS-A /system # scope backup host35
UCS-A /system/backup # enable
Password:
UCS-A /system/backup* # commit-buffer
UCS-A /system/backup # 

Modifying a Backup Operation

You can modify a backup operation to save a file of another backup type to that location or to change the filename and avoid overwriting previous backup files.

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # scope backup hostname  

Enters system backup mode for the specified hostname.

 
Step 3 UCS-A /system/backup # disable   (Optional)

Disables an enabled backup operation so that it does not automatically run when the transaction is committed.

 
Step 4 UCS-A /system/backup # enable   (Optional)

Automatically runs the backup operation as soon as you commit the transaction.

 
Step 5 UCS-A /system/backup # set descr description   (Optional)
Provides a description for the backup operation.
Note   

If your description includes spaces, special characters, or punctuation, you must begin and end your description with quotation marks. The quotation marks will not appear in the description field of any show command output.

 
Step 6 UCS-A /system/backup # set password password   (Optional)

Specifies the password for the remote server username. This step does not apply if the TFTP protocol is used.

Note   

Cisco UCS Manager does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

 
Step 7 UCS-A /system/backup # set protocol {ftp | scp | sftp | tftp}   (Optional)

Specifies the protocol to use when communicating with the remote server.

 
Step 8 UCS-A /system/backup # set remote-file filename   (Optional)

Specifies the name of the configuration file that is being backed up.

 
Step 9 UCS-A /system/backup # set type backup-type   (Optional)

Specifies the type of backup file to be made. The backup-type argument can be one of the following values:


  • all-configuration—Backs up the server, fabric, and system related configuration

  • logical-configuration—Backs up the fabric and service profile related configuration

  • system-configuration—Backs up the system related configuration

  • full-state—Backs up the full state for disaster recovery

    Note   

    Full-state backup files cannot be imported using an import operation. They are used only to restore the configuration for a fabric interconnect.

 
Step 10 UCS-A /system/backup # set user username   (Optional)

Specifies the username the system should use to log in to the remote server. This step does not apply if the TFTP protocol is used.

 
Step 11 UCS-A /system/backup # commit-buffer  

Commits the transaction.

 

The following example adds a description and changes the password, protocol, and username for the host35 backup operation and commits the transaction:

UCS-A# scope system
UCS-A /system # scope backup host35
UCS-A /system/backup # set descr "This is a backup operation for host35."
UCS-A /system/backup* # set password
Password:
UCS-A /system/backup* # set protocol sftp
UCS-A /system/backup* # set user jforlenz32
UCS-A /system/backup* # commit-buffer
UCS-A /system # 

Deleting a Backup Operation

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # delete backup hostname  

Deletes the backup operation for the specified hostname.

 
Step 3 UCS-A /system # commit-buffer  

Commits the transaction.

 

The following example enables a backup operation for the host35 hostname and commits the transaction:

UCS-A# scope system
UCS-A /system # delete backup
UCS-A /system* # commit-buffer
UCS-A /system # 

Import Operations

Creating an Import Operation

You cannot import a Full State configuration file. You can import any of the following configuration files:


  • All configuration

  • System configuration

  • Logical configuration

Before You Begin

Collect the following information that you will need to import a configuration file:


  • Backup server IP address and authentication credentials

  • Fully qualified name of a backup file


Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # create import-config URL {disabled | enabled} {merge | replace}  

Creates an import operation. Specify the URL for the file being imported using one of the following syntax:


  • ftp://hostname/path

  • scp://username@hostname/path

  • sftp://username@hostname/path

  • tftp://hostname:port-num/path

You can save multiple import operations, but only one operation per hostname is saved.

If you use the enable keyword, the import operation automatically runs as soon as you enter the commit-buffer command. If you use the disable keyword, the import operation will not run until it is enabled. When enabling an import operation, you must specify the hostname you used when creating the import operation.

If you use the merge keyword, the configuration information is merged with the existing information. If there are conflicts, the system replaces the information on the current system with the information in the import configuration file. If you use the replace keyword, the system takes each object in the import configuration file and overwrites the corresponding object in the current configuration.

 
Step 3 UCS-A /system/import-config# set descr description   (Optional)
Provides a description for the import operation.
Note   

If your description includes spaces, special characters, or punctuation, you must begin and end your description with quotation marks. The quotation marks will not appear in the description field of any show command output.

 
Step 4 UCS-A /system/import-config # commit-buffer  

Commits the transaction.

 

The following example creates a disabled import operation for hostname host35 that replaces the existing configuration and commits the transaction:

UCS-A# scope system
UCS-A /system* # create import-config scp://user@host35/backups/all-config9.bak disabled replace
Password:
UCS-A /system/import-config* # commit-buffer
UCS-A /system/import-config # 

Running an Import Operation

You cannot import a Full State configuration file. You can import any of the following configuration files:


  • All configuration

  • System configuration

  • Logical configuration

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # scope import-config hostname  

Enters system backup mode for the specified hostname.

 
Step 3 UCS-A /system/import-config # enable  

Enables the import operation.

 
Step 4 UCS-A /system/import-config # commit-buffer  

Commits the transaction.

 

The following example enables an import operation for the host35 hostname and commits the transaction:

UCS-A# scope system
UCS-A /system # scope import-config
UCS-A /system/import-config # enable
UCS-A /system/import-config* # commit-buffer
UCS-A /system/import-config # 

Modifying an Import Operation

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # scope import-confighostname  

Enters system import configuration mode for the specified hostname.

 
Step 3 UCS-A /system/import-config # disable   (Optional)

Disables an enabled import operation so that it does not automatically run when the transaction is committed.

 
Step 4 UCS-A /system/import-config # enable   (Optional)

Automatically runs the import operation as soon as you commit the transaction.

 
Step 5 UCS-A /system/import-config # set action {merge | replace}   (Optional)

Specifies one of the following action types to use for the import operation:


  • Merge—The configuration information is merged with the existing information. If there are conflicts, the system replaces the information on the current system with the information in the import configuration file.

  • Replace—The system takes each object in the import configuration file and overwrites the corresponding object in the current configuration.

 
Step 6 UCS-A /system/import-config # set descr description   (Optional)
Provides a description for the import operation.
Note   

If your description includes spaces, special characters, or punctuation, you must begin and end your description with quotation marks. The quotation marks will not appear in the description field of any show command output.

 
Step 7 UCS-A /system/import-config # set password password   (Optional)

Specifies the password for the remote server username. This step does not apply if the TFTP protocol is used.

Note   

Cisco UCS Manager does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the import operation immediately.

 
Step 8 UCS-A /system/import-config # set protocol {ftp | scp | sftp | tftp}   (Optional)

Specifies the protocol to use when communicating with the remote server.

 
Step 9 UCS-A /system/import-config # set remote-file filename   (Optional)

Specifies the name of the configuration file that is being imported.

 
Step 10 UCS-A /system/import-config # set user username   (Optional)

Specifies the username the system should use to log in to the remote server. This step does not apply if the TFTP protocol is used.

 
Step 11 UCS-A /system/import-config # commit-buffer  

Commits the transaction.

 

The following example adds a description, changes the password, protocol and username for the host35 import operation, and commits the transaction:

UCS-A# scope system
UCS-A /system # scope import-config host35
UCS-A /system/import-config # set descr "This is an import operation for host35."
UCS-A /system/import-config* # set password
Password:
UCS-A /system/import-config* # set protocol sftp
UCS-A /system/import-config* # set user jforlenz32
UCS-A /system/import-config* # commit-buffer
UCS-A /system/import-config # 

Deleting an Import Operation

Procedure
  Command or Action Purpose
Step 1 UCS-A# scope system  

Enters system mode.

 
Step 2 UCS-A /system # delete import-config hostname  

Deletes the import operation for the specified hostname.

 
Step 3 UCS-A /system # commit-buffer  

Commits the transaction.

 

The following example deletes the import operation for the host35 hostname and commits the transaction:

UCS-A# scope system
UCS-A /system # delete import-config host35
UCS-A /system* # commit-buffer
UCS-A /system # 

Restoring the Configuration for a Fabric Interconnect

Before You Begin

Collect the following information that you will need to restore the system configuration:


  • Fabric interconnect management port IP address and subnet mask

  • Default gateway IP address

  • Backup server IP address and authentication credentials

  • Fully qualified name of a Full State backup file

    Note


    You must have access to a Full State configuration file to perform a system restore. You cannot perform a system restore with any other type of configuration or backup file.



Procedure
Step 1   Connect to the console port.
Step 2   If the fabric interconnect is off, power on the fabric interconnect.

You will see the power on self-test message as the fabric interconnect boots.

Step 3   At the installation method prompt, enter console.
Step 4   Enter restore to restore the configuration from a full-state backup.
Step 5   Enter y to confirm that you want to restore from a full-state backup.
Step 6   Enter the IP address for the management port on the fabric interconnect.
Step 7   Enter the subnet mask for the management port on the fabric interconnect.
Step 8   Enter the IP address for the default gateway.
Step 9   Enter one of the following protocols to use when retrieving the backup configuration file:
Step 10   Enter the IP address of the backup server.
Step 11   Enter the full path and filename of the Full State backup file.
Step 12   Enter the username and password to access the backup server.

The fabric interconnect logs in to the backup server, retrieves a copy of the specified Full State backup file, and restores the system configuration. For a cluster configuration, you do not need to restore the secondary fabric interconnect. As soon as the secondary fabric interconnect reboots, Cisco UCS Manager synchronizes the configuration with the primary fabric interconnect.


The following example restores a system configuration from the Backup.bak file, which was retrieved from the 20.10.20.10 backup server using FTP:

  Enter the configuration method. (console/gui) ? console

  Enter the setup mode; setup newly or restore from backup. (setup/restore) ? restore

  NOTE:
    To configure Fabric interconnect using a backup file on a remote server,
    you will need to setup management interface.
    The management interface will be re-configured (if necessary),
    based on information stored in the backup file.


  Continue to restore this Fabric interconnect from a backup file (yes/no) ? yes

  Physical Switch Mgmt0 IPv4 address : 192.168.10.10

  Physical Switch Mgmt0 IPv4 netmask : 255.255.255.0

  IPv4 address of the default gateway : 192.168.10.1

  Enter the protocol to get backup file (scp/ftp/tftp/sftp) ?  scp
  Enter the IP address of backup server: 20.10.20.10
  Enter fully qualified backup file name: Backup.bak
  Enter user ID: user
  Enter password:
    Retrieved backup configuration file.
  Configuration file - Ok


Cisco UCS 6100 Series Fabric Interconnect
UCS-A login:

Erasing the Configuration


Caution


You should erase the configuration only when it is necessary. Erasing the configuration completely removes the configuration and reboots the system in an unconfigured state. You must then either restore the configuration from a backup file, or perform an initial system setup. For more information on performing an initial system setup, see the following chapter: System Configuration.


Procedure
  Command or Action Purpose
Step 1 UCS-A# connect local-mgmt  

Enters the local management CLI.

 
Step 2 UCS-A(local-mgmt)# erase configuration  

Erases the configuration.

You are prompted to confirm that you want to erase the configuration. Entering yes erases the configuration and reboots the system in an unconfigured state.

 

The following example erases the configuration:

UCS-A# connect local-mgmt
UCS-A(local-mgmt)# erase configuration
All UCS configurations will be erased and system will reboot. Are you sure? (yes/no): yes