KB Article #180639
LEC: Backup and Restore for Unix-based Secure Transport installations with external database
Preface
This article provides instructions for backup and restore of the SecureTransport software on Unix-based systems and provides information on the following topics:
- Back up the existing Secure Transport installation
- Database backups - MSSQL and Oracle
- Database restore - MSSQL and Oracle
- Recover the SecureTransport installation from backup
For Secure Transport Windows installations, refer to KB article 180641.
Back up the existing installation
A full SecureTransport backup must include:
- Application backup
- Database backup
IMPORTANT NOTE: The backups created with the below procedure, should be restored on machines with the same IP(s) and hostname and into the original installation folder of your previous SecureTransport installation.
Application backup
Prerequisites and considerations
The backup consist of copying the contents of the Secure Transport directories, preserving the subdirectory structure.
The backup should be taken using the same OS account that ST was installed with (and is running under).
When ST is installed on a VM, another backup mechanism is to take a snapshot of the VM machine, with the ST services stopped. Refer to your virtualization administrator for suggestions.
In case of multiple ST nodes in the cluster, it is recommended that application backup and restore is done for each ST node independently.
Steps
Stop all the SecureTransport services with $FILEDRIVEHOME/bin/stop_all
Verify all services are stopped by checking for running processes (ex. ps -ef
) and looking for .pid files in the $FILEDRIVEHOME/var/run
directory (there should not be leftover .pid files there). Being extra cautious, in the rare case where there are no .pid files but some processes still remained active, you can examine the process tree with the appropriate OS tools for running processes before proceeding further.
Back up the existing ST installation. The most common way is to create an archive with all necessary files, using tar
or another achiving tool.
The backup must include the following files and directories:
- The Axway Installer directory (for example:
/opt/Axway
or/opt/TMWD
for older ST installations) - The SecureTransport home directory (this is required when the SecureTransport directory is outside of the Axway Installer directory from the previous point)
- The
/etc/rc.d/init.d/rc.stransport
file and its subdirectories if present - The files in the
/etc
directory that end with the installation name. You can use thefind /etc -name "*<installation name>" -print
command to find those files. The result of this command may be empty if you are running ST with a non-root account, proceed to the next step if this is the case. - The root crontab file or, for a non-root installations, the crontab file of the user that runs SecureTransport
Here is an example command for backing up the entire /opt/Axway
Axway Installer directory, which also holds the Secure Transport directory:
tar -cvzPf /tmp/st_full_backup.tgz /opt/Axway/ /etc/rc.d/init.d/rc.st*
To reduce the backup size, you could exclude the old rotated logs. For example:
tar -zcvf /tmp/st_full_backup.tgz /opt/Axway/ --exclude=/opt/Axway/SecureTransport/var/db/hist/* /etc/rc.d/init.d/rc.st*
Move the archives to a safe location (or multiple) outside the ST host server.
It is also a good practice to backup some of the OS settings. For example, the files /etc/hosts
, /etc/security/limits
, and /etc/sysctl.conf
.
Database Backup
- For a SecureTransport Server using an external Oracle database, refer to KB 180637.
- For a SecureTransport Server using an external Microsoft SQL Server database, refer to KB 180635.
Recover the SecureTransport installation from a backup
The two main situations in which the SecureTransport installation needs to be recovered:
- A failed application upgrade
- In case of Disaster Recovery (i.e. after a hardware failure)
Recover ST installation after a failed upgrade
Prerequisites and considerations
The restore should be done with the same account Secure Transport was installed with. If different login account is used to restore the instance, the ownership of the Axway Installer and ST home directories must be changed afterwards to be the original user: chown -R user:user /opt/Axway
.
Secure Transport should be recovered on the original machine the backup was taken from.
In case of multiple ST servers, each of them should be restored independently.
WARNING: You can not use a backup of a Server A to restore ST on Server B, when both servers A and B are part of a cluster. Each node of a cluster MUST have its own separate backup!
Database Restore
Make sure all ST services are stopped with $FILEDRIVEHOME/bin/stop_all
.
Restore the database
- For a SecureTransport Server using an external Oracle database, restore the database using standard Oracle procedures or refer to KB 180637.
- For a SecureTransport Server using an external Microsoft SQL Server database, restore the database using standard Microsoft procedures or refer to KB 180635.
Application Restore
Move or delete the current Axway Installation directory and Secure Transport home directory
mv -R /opt/Axway /tmp/Axway_old
Extract the backup archive files into the original folders of your previous SecureTransport installation. For example:
tar -zxvf /tmp/st_full_backup.tgz -C /
Start ST's services with $FILEDRIVEHOME/bin/start_all
Secure Transport Disaster Recovery
In case the server where Secure Transport was installed fails beyond repair and has to be rebuilt, follow the procedure below to recover the Secure Transport instance.
On the newly installed system, change the hostname and IP to match the ones of the failed server.
If the /etc/hosts
, /etc/security/limits
, and /etc/sysctl.conf
files were included in the backup, you can also restore some of the OS settings from them.
Make sure the new server meets the OS prerequisites from the ST Installation Guide, chapter Prerequisites → Unix-based platforms.
Make sure the same user exists as the one the previous SecureTransport was installed with.
Move over the Secure Transport backup files to the new server.
Login with the user the SecureTransport will be installed with (same as before the backup).
Extract the backup archive files into the original folders of your previous SecureTransport installation. For example:
tar -zxvf /tmp/st_full_backup.tgz -C /
Start ST's services with $FILEDRIVEHOME/bin/start_all