recommends performing regular backups. You can use the Disaster Recovery System
(DRS) to do a full data backup for all servers in a cluster. You can set up
automatic backups or invoke a backup at any time.
Disaster Recovery System performs a cluster-level backup, which means that it
collects backups for all servers in a Cisco Unified Communications Manager
cluster to a central location and archives the backup data to physical storage
device. Backup files are encrypted and can be opened only by the system
restores its own settings (backup device settings and schedule settings) as
part of the platform backup/restore. DRS backs up and restores the
drfDevice.xml and drfSchedule.xml files. When the server is restored with these
files, you do not need to reconfigure DRS backup device and schedule.
When you perform a system data restoration, you can choose which nodes
in the cluster you want to restore.
Disaster Recovery System includes the following capabilities:
A user interface
for performing backup and restore tasks.
system architecture for performing backup functions.
backups or manual (user-invoked) backups.
backups to a remote sftp server.
Make sure that you meet the version requirements:
All Cisco Unified Communications Manager cluster nodes must be running the same version of
the Cisco Unified Communications Manager application.
All IM and Presence Service cluster nodes must be running the same version of
the IM and Presence Service application.
The software version saved in the backup file must match the version that is running on the cluster nodes.
The entire version string must match. For example, if the IM and Presence database publisher node is at version 220.127.116.1100-1, then all IM and Presence subscriber nodes must be 18.104.22.16800-1, and the backup file must also be must be 22.214.171.12400-1. If you try to restore the system from a backup file that does not match the current version, the restore will fail. Ensure that you backup the system whenever you upgrade the software version so that the version saved in the backup file matches the version that is running on the cluster nodes.
the DRS encryption depends on the cluster security password. When running the
backup, DRS generates a random password for encryption and then encrypts the
random password with the cluster security password. If the cluster security
password ever gets changed between the backup and this restore, you will need
to know what the password was at the time of the backup in order to use that
backup file to restore your system or take a backup immediately after the
security password change/reset.
If you want
to back up to a remote device, make sure that you have an SFTP server set up.
For more information on the available SFTP servers, see
SFTP Servers for Remote Backups
tasks to configure and run a backup. Do not perform any OS Administration tasks
while a backup is running. This is because Disaster Recovery System blocks all
OS Administration requests by locking platform API. However, Disaster Recovery
System does not block most CLI commands, because only the CLI-based upgrade
commands use the Platform API locking package.
Communications Manager will estimate the size of the backup tar, only if a
backup history exists for one or more selected features.
size is not an exact value but an estimated size of the backup tar. Size is
calculated based on the actual backup size of a previous successful backup and
may vary if the configuration changed since the last backup.
You can use this
procedure only when the previous backups exist and not when you back up the
system for the first time.
procedure to estimate the size of the backup tar that is saved to a SFTP
Disaster Recovery System, select
Backup > Manual
Features area, select the features to back up.
Estimate Size to view the estimated size of backup
for the selected features.
What to Do Next
Perform one of the
following procedures to backup your system:
You can create up
to 10 backup schedules. Each backup schedule has its own set of properties,
including a schedule for automatic backups, the set of features to back up, and
a storage location.
Be aware that
your backup .tar files are encrypted by a randomly generated password. This
password is then encrypted by using the cluster security password and gets
saved along with the backup .tar files. You must remember this security
password or take a backup immediately after the security password change or
backups during off-peak hours to avoid call processing interruptions and impact
Disaster Recovery System, choose
Schedule List window, do one of the following steps
to add a new schedule or edit an existing schedule.
To create a new schedule,
To configure an existing
schedule, click the name in the Schedule List column.
scheduler window, enter a schedule name in the
Schedule Name field.
change the name of the default schedule.
backup device in the
Select Backup Device area.
features to back up in the
Select Features area. You must choose at least one
date and time when you want the backup to begin in the
Start Backup at area.
frequency at which you want the backup to occur in the
Frequency area. The frequency can be set to Once
Daily, Weekly, and Monthly. If you choose
Weekly, you can also choose the days of the week
when the backup will occur.
To set the
backup frequency to
Weekly, occurring Tuesday through Saturday, click
these settings, click
of the following options:
To enable the selected
Enable Selected Schedules.
To disable the selected
Disable Selected Schedules.
To delete the selected
To enable the
backup occurs automatically at the time that you set.
all servers in the cluster are running the same version of
Cisco Unified Communications Manager or
Cisco IM and Presence Service and are reachable
through the network. Servers that are not reachable at the time of the
scheduled backup will not get backed up.
Ensure that you use a network device as the storage location for the
backup files. Virtualized deployments of
Unified Communications Manager do not support the use
of tape drives to store backup files.
all cluster nodes have the same installed version of
Unified Communications Manager or
and Presence Service.
process can fail due to non availability of space on a remote server or due to
interruptions in the network connectivity. You need to start a fresh backup
after addressing the issues that caused the backup to fail.
that you have a record of the cluster security password. If the cluster
security password changes after you complete this backup, you will need to know
the password or you will not be able to use the backup file to restore your
While a backup
is running, you cannot perform any tasks in Cisco Unified OS Administration or
Cisco Unified IM and Presence OS Administration because
Recovery System locks the platform API to block all requests.
Recovery System does not block most CLI commands because only the
CLI-based upgrade commands use the Platform API locking package.
Disaster Recovery System, select
Backup > Manual
Backup window, select a backup device from the
Device Name area.
the following steps to view the backup history.
Disaster Recovery System, select
Backup > History.
History window, you can view the backups that you have performed,
including filename, backup device, completion date, result, version, features
that are backed up, and failed features.
Backup History window displays only the last 20
Interactions and Restrictions
The following restrictions apply to backups:
Cluster Security Password
We recommend that you run a backup whenever you change the
cluster security password.
Backup encryption uses the cluster security password to
encrypt data on the backup file. If you edit the cluster security password
after a backup file is created, you will not be able to use that backup file to
restore data unless you remember the old password.
Disaster Recovery System (DRS) uses an
SSL-based communication between the Master Agent and the Local Agent for
authentication and encryption of data between the
Cisco Unified Communications Manager
cluster nodes. DRS makes use of the IPsec
certificates for its Public/Private Key encryption. Be aware that if you delete
the IPSEC truststore(hostname.pem) file from the Certificate Management pages,
then DRS will not work as expected. If you delete the IPSEC-trust file
manually, you must ensure that you upload the IPSEC certificate to the
IPSEC-trust. For more details, see the
"Certificate management" section in the
Security Guide for Cisco Unified Communications
SFTP Servers for
up data to a remote device on the network, you must have an SFTP server that is
configured. You can use any SFTP server product, but we recommend products that
are certified with Cisco Technology Partners. For information on which vendors
have certified their products with your version of Cisco Unified Communications
Manager, see the
Catalog on the Cisco Developer Network at
information in the following table to determine which SFTP server solution to
use in your system.
Table 2 SFTP Server
Server on Cisco Prime Collaboration Deployment
server is provided and tested by Cisco, and supported by Cisco TAC.
compatibility depends on your version of Unified Communications Manager and
Cisco Prime Collaboration Deployment. See the
Prime Collaboration Deployment Admin Guide before you upgrade its
version (SFTP) or Unified Communications Manager to ensure that the versions
Server from a Technology Partner
servers are third party provided, third party tested, and jointly supported by
TAC and the Cisco vendor.
compatibility depends on the third party test. See the Technology Partner page
if you upgrade their SFTP product and/or upgrade Unified Communications Manager
for which versions are compatible:
servers are third party provided, have limited Cisco testing, and are not
officially supported by Cisco TAC.
compatibility is on a best effort basis to establish compatible SFTP versions
and Unified Communications Manager versions.
fully tested and supported SFTP solution, use Cisco Prime Collaboration
Deployment or a Technology Partner.
uses the following servers for internal testing. You may use one of the
servers, but you must contact the vendor for support:
Cisco does not
support using the SFTP product freeFTPd. This is because of the 1 GB file size
limit on this SFTP product.
For details on how
to set up third-party SFTP products, contact the third-party vendor for
support. For issues with third-party products that have not been certified
through the Cisco Technology Developer Program process, contact the third-party
vendor for support. For information on using GlobalSCAPE with the supported
Unified Communications Manager versions, contact GlobalSCAPE.
that you retest the DRS with your SFTP server after you upgrade your Unified
Communications Manager, upgrade your SFTP server, or you switch to a different
SFTP server. Perform this step to ensure that these components operate
correctly together. As a best practice, perform a backup and restore on a
standby or backup server.