Backing Up and Restoring Event Broker Configurations
This section describes how to:
- back up configuration files both locally (to the internal event broker database) and to an external file server for software event brokers and appliances
- schedule regular configuration backups for software event brokers and appliances
- restore a configuration from a backed up configuration file for software event brokers and appliances
The information in this section applies to both appliances and software event brokers, unless stated otherwise. Information in this section does not apply to event broker services in PubSub+ Cloud. For information about backing up event broker services, see Backing Up Event Broker Services.
Good configuration file management ensures that backups are created automatically and regularly, and that the backup process has a minimal impact on system performance.
Backing up configuration files allows you to recover from hardware or software failures with minimal loss of management data. You can also move configuration files from one event broker to another, for example, to facilitate hardware upgrades.
What Configuration Is Backed Up?
A configuration backup is a Linux
.tar file that contains the system configuration files needed to restore the event broker its previous state at the time that the backup was created. You can create backup files manually or you can schedule the event broker to create backups automatically.
The user account information that is preserved through a backup is not same for an appliance and a software event broker.
- Appliance—A backup performed on an appliance maintains the passwords set for the admin, support, and root users, and it maintains any created CLI users and their passwords.
- Software event broker—A backup performed on a software event broker does not maintain the passwords set for the admin, support, and root users, and it does not maintain any created CLI users and their passwords.
Some configuration information is not backed up, including:
- product keys
- TLS/SSL server certificate files
- TLS/SSL server certificate configuration
- client certificates for the following:
- Message VPN bridges
- replication bridges
- rest delivery points
- Dynamic Message Routing (DMR)
- Multi-Node Routing (MNR)
- Kerberos Keytabs
- trusted-root configuration (for appliances prior to software version 8.2.0 and software event brokers prior to version 8.7.0)
- interface configuration (IP addresses, LAGs)
- hostname and router name
- software broker storage group
- software broker scaling parameters
- monitoring agents running in the broker (Datadog, SolGeneos)
In addition, messaging data is not backed up, including:
- the guaranteed message spool
- queued messages
- replay log messages
Restoring Backed Up Configurations
A backed up appliance configuration can be restored to the same appliance or a new appliance. Similarly, a backed up software event broker configuration can be restored to the same software event broker instance or a new instance.
- If your event broker network is live, consider the timing of the backup or restore with respect to system load and the locking out of essential services. Make sure that you understand the potential impact of any backup or restore configuration command before entering it to avoid unforeseen disruptions to customer service.
- Never rename or move local backup configuration files on the event broker. This ensures that if the event broker needs to automatically restore the backup configuration file, the correct backup file is available.
PubSub+ event brokers can operate with mixed software versions up to one major or minor version difference in a deployed network. Features that depend on a newer release (for example, configuring of multiple IP addresses) may not be fully functional until all software versions match, but no features common to both versions should be affected.
While being downgraded (or upgraded), the event broker is unavailable for a short time. All other event brokers continue to operate at full capacity. All logs are preserved during a downgrade (or upgrade).
Observe all prerequisites specified in this section:
- Before using the configuration backup and restore procedures in this chapter, verify whether there are any services, such as PubSub+ Cache and Web transport, that require a product key to be used. If there are locked services, the product keys for those services should be manually recorded because they are not saved through a backup operation. In addition, the product keys for the services are needed to restore a configuration.
To view the system product keys and features that they unlock, enter the following User EXEC command:
solace> show product-key
- Before using the external backup and restore procedures in this chapter, ensure that the event brokers have access to an external file server on the network using either SFTP or SCP, and verify the IP connectivity between the event brokers and file server using the ping User EXEC command:
<ip-addr>is the IP address of the host you want to verify, specified in the dotted decimal notation form nnn.nnn.nnn.nnn
File server access is not required for the rollback, downgrade, or local file restore procedures.
solace> ping 192.168.1.1
Ensure that sufficient disk space is available on the external file server to contain two weeks of backups. Generally, there should be twice as much storage available for backup as there is for the main configuration file.
- Before using the configuration file backup and restore procedures in this chapter, if necessary, manually backup the following files on the event broker as they are not included with the event broker backup and restore processes:
- all CA certificates in the
- all CLI command files in the
- all CA certificates in the