Backing up critical configuration data

Back up critical configuration data for OpsCenter and Lifecycle Manager.

The main OpsCenter configuration directory contains critical data, such as the opscenterd.conf configuration file. The cluster topology, configuration profiles, credentials, repositories, and job history for Lifecycle Manager (LCM) is stored in the lcm.db database. Your organization is responsible for backing up these files, in addition to the critical configuration data outlined in this procedure.

Important: DataStax strongly recommends enabling automatic failover from the primary OpsCenter instance to a designated backup OpsCenter instance.

The following steps indicate mirroring data between a primary OpsCenter instance and a backup OpsCenter instance.

lcm.key

The location of the Lifecycle Manager database encryption key lcm.key depends on the type of installation:
  • Package installations: /etc/opscenter/lcm.key
  • Tarball installations: install_location/keys/lcm.key

opscenterd.conf

The location of the opscenterd.conf file depends on the type of installation:
  • Package installations: /etc/opscenter/opscenterd.conf
  • Tarball installations: install_location/conf/opscenterd.conf

lcm.db

The location of the Lifecycle Manager database lcm.db depends on the type of installation:
  • Package installations: /var/lib/opscenter/lcm.db
  • Tarball installations: install_location/lcm.db

passwd.db

The default location of the password database passwd.db for OpsCenter authentication depends on the type of installation:
  • Package installations: /etc/opscenter/passwd.db
  • Tarball installations: install_location/passwd.db

Procedure

  1. Mirror the contents of the main configuration directory on the primary OpsCenter instance to the backup OpsCenter instance.
    • /etc/opscenter (package installs)
    • install_location/conf (tarball installs)
    scp /etc/opscenter/* secondary:/etc/opscenter
    Note: Do not mirror the [failover] failover_configuration_directoryacross OpsCenter installs when configuring OpsCenter to support failover.
  2. Mirror the contents of the persist_directory location that indicates the current status of the Repair Service. The location of the persist directory for the Repair Service depends on the type of installation:
    • /var/lib/opscenter/repair_service (package installs)
    • install_location/repair_service (tarball installs)
    scp /var/lib/opscenter/repair_service/* secondary:/var/lib/opscenter/repair_service
    Repair Service progress is stored on the filesystem. If using an NFS mount to mirror to, the Repair Service starts up after a failover from approximately the same point where it was interrupted. If manually copying directories or using rysnc, the Repair Services resumes from whenever the Repair Service directory was last synced. Otherwise, the Repair Service simply restarts rather than continuing from where it left off.
    Note: The diagnostic tarball includes the repair persistence files. See repair_service_incremental.json file and repair_service_subrange.json file.
  3. Back up the Lifecycle Manager database, encryption key, and security certificates:
    1. Mirror the Lifecycle Manager database lcm.db:
      • /var/lib/opscenter/lcm.db (package installs)
      • install_location/lcm.db (tarball installs)
      scp /var/lib/opscenter/lcm.db secondary:/var/lib/opscenter/lcm.db
    2. Mirror the Lifecycle Manager database encryption key lcm.key:
      • /etc/opscenter/lcm.key (package installs)
      • install_location/keys/lcm.key (tarball installs)
      scp /etc/opscenter/lcm.key secondary:/etc/opscenter/lcm.key
    3. If Lifecycle Manager has generated any certificates for clusters configured to use node-to-node or client-to-node encryption, mirror the Lifecycle Manager certificate authority.
      • /var/lib/opscenter/ssl/lcm (package installs)
      • install_location/ssl/lcm/cacerts (tarball installs)
      scp -r /var/lib/opscenter/ssl/lcm secondary:/var/lib/opscenter/ssl/
  4. If SSL is enabled, mirror the contents of the SSL configuration directory on the primary OpsCenter instance to the backup OpsCenter instance.
    • /var/lib/opscenter/ssl (package installs)
    • install_location/ssl (tarball installs)
    scp /var/lib/opscenter/ssl/* secondary:/var/lib/opscenter/ssl
  5. If OpsCenter role-based security is enabled, mirror the roles and password database passwd.db:
    • /etc/opscenter/passwd.db (package installs)
    • install_location/passwd.db (tarball installs)
    scp /etc/opscenter/passwd.db secondary:/etc/opscenter/passwd.db