On 01/04/2012 01:29 PM, Erinn Looney-Triggs wrote: > On 01/04/2012 09:24 AM, Rob Crittenden wrote: >> Erinn Looney-Triggs wrote: >>> On 12/27/2011 04:01 PM, Craig T wrote: >>>> Hi, >>>> >>>> Is there a hot backup technique for IPA? From my reading the best >>>> solution is to setup a replication server then shut the replication >>>> server down and do a backup? >>>> >>>> cya >>>> >>>> Craig >>>> >>>> _______________________________________________ >>>> Freeipa-users mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/freeipa-users >>> >>> >>> Yeah this seems to be a bit of a problem. I am currently working through >>> the same thing and all I can find is advice like, "back everything up", >>> because there are files used by IPA all over the place. That seems a bit >>> ridiculous to me, so I am trying to piece together what it really does, >>> and what files are really needed. >>> >>> One part I have found so far is the hot backups for the directory >>> servers (note the plural, PKI has its own instance). You need to use the >>> db2bak.pl (not the db2bak script which requires dirsrv to be stopped) >>> script to do a hot backup of the directory server. The general idea can >>> be found in these docs here: >>> >>> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Populating_Directory_Databases-Backing_Up_and_Restoring_Data.html >>> >>> >>> >>> Under section 4.3.1.2. Unfortunately, those docs are wrong about how to >>> run the db2bak.pl script, so to figure that out you have to read here: >>> >>> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Perl_Scripts.html#Perl_Scripts-db2bak.pl_Create_backup_of_database >>> >>> >>> >>> So far that is all I have, just remember to back up both your domain >>> instance of the LDAP db, as well as the PKI instance. You can then >>> easily copy those backup files, using your backup tool of choice. As >>> well as taking a copy of /etc/dirsrv/ and all it contains. >>> >>> -Erinn >> This covers just one piece of IPA. There are also config files, SSL >> certificates, etc, for many different services. >> >> Backing up is easy. Restoring to a new bare metal machine and having it >> actually work is hard. Better to back up too much than too little. >> >> rob > Yeah folks, that is why I say "one part". I am pointing out how to deal > with one, and only one, piece of your setup. If I had unlimited storage > I would back everything up all the time, forever, because more is better > than less. >
You probably just need to backup one system out of the ring of the servers. It depend upon your requirements and how much activity happens in between the backups. > -Erinn > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
