LATEST VERSION: 1.10 - CHANGELOG
Pivotal Cloud Foundry v1.9

Backing Up Pivotal Cloud Foundry

Page last updated:

This topic describes the procedure for manually backing up each critical backend Elastic Runtime component. Pivotal recommends frequently backing up your installation settings before making any changes to your PCF deployment, such as configuration of any tiles in Ops Manager.

To back up a deployment, export installation settings, download the BOSH Deployment Manifest, temporarily stop the Cloud Controller, create and export backup files for each critical backend component, and restart the Cloud Controller. It is also important to record your Cloud Controller Database encryption credentials which you will need if you contact Pivotal Support for help restoring your installation.

To restore your backup, see the Restoring Pivotal Cloud Foundry from Backup topic.

Record the Cloud Controller Database Encryption Credentials

From the Installation Dashboard, select Pivotal Elastic Runtime > Credentials and locate the Cloud Controller section. Record the Cloud Controller DB Encryption Credentials. You must provide these credentials if you contact Pivotal Support for help restoring your installation.

Ccdb encrypt creds

Export Installation Settings

Pivotal recommends that you back up your installation settings by exporting frequently. This option is only available after you have deployed at least one time. Always export an installation before following the steps in the Import Installation Settings section of the Restoring Pivotal Cloud Foundry from Backup topic.

Note: Exporting your installation only backs up your installation settings. It does not back up your virtual machines (VMs) or any external MySQL databases.

From the Installation Dashboard in the Ops Manager interface, click your user name at the top right navigation. Select Settings.

Export installation settings exports the current PCF installation settings and assets. When you export an installation, the exported file contains the base VM images, all necessary packages, and references to the installation IP addresses. As a result, an exported installation file can exceed 5 GB in size.

Settings

Note: For versions of Ops Manager 1.3 or older, the process of archiving files for export may exceed the timeout limit of 600 seconds and result in a 500 error. To resolve this issue, you can manually increase the timeout value, or assign additional resources to the Ops Manager VM to improve performance. For more information, see the Pivotal Support Knowledge Base.

Target the BOSH Director

  1. Install Ruby and the BOSH CLI Ruby gem on a machine outside of your PCF deployment.

  2. From the Installation Dashboard in Ops Manager, select Ops Manager Director > Status and record the IP address listed for the Director. You access the BOSH Director using this IP address.

  3. Click Credentials and record the Director credentials.

  4. From the command line, run bosh target to log into the BOSH Director using the IP address and credentials that you recorded:

    $ bosh target 192.0.2.3
    Target set to 'microbosh-1234abcd1234abcd1234'
    Your username: director
    Enter password: ********************
    Logged in as 'director'
    

    Note: If bosh target does not prompt you for your username and password, run bosh login.

Download BOSH Manifest

  1. Install Ruby and the BOSH CLI Ruby gem on a machine outside of your Pivotal Cloud Foundry (PCF) system deployment.

  2. From the Installation Dashboard in Ops Manager, select Ops Manager Director > Status and record the IP address listed for the Director. You access the BOSH Director using this IP address.

  3. Click Credentials and record the Director credentials.

  4. From the command line, target the BOSH Director using the IP address and credentials that you recorded:

    $ bosh target 10.0.0.3
    Target set to `microbosh-1234abcd1234abcd1234'
    Your username: director
    Enter password: ********************
    Logged in as `director'
    

    Note: If bosh target does not prompt you for your username and password, run bosh login.

  5. Run bosh deployments to identify the name of your current BOSH deployment:

    $ bosh deployments
    +-------------+--------------+-------------------------------------------------+
    | Name        | Release(s)   | Stemcell(s)                                     |
    +-------------+--------------+-------------------------------------------------+
    | cf-example  | cf-mysql/10  | bosh-vsphere-esxi-ubuntu-trusty-go_agent/2690.3 |
    |             | cf/183.2     |                                                 |
    +-------------+--------------+-------------------------------------------------+
    

  6. Run bosh download manifest DEPLOYMENT-NAME LOCAL-SAVE-NAME to download and save each BOSH deployment manifest. You need this manifest to locate information about your databases. For each manifest, you will need to repeat these instructions. Replace DEPLOYMENT-NAME with the name of the current BOSH deployment. For this procedure, use cf.yml as the LOCAL-SAVE-NAME.

    $ bosh download manifest cf-example cf.yml
    Deployment manifest saved to `cf.yml'
    

Back Up Critical Backend Components

Your Elastic Runtime deployment contains several critical data stores that must be present for a complete restore. This section describes the procedure for backing up the databases and the servers associated with your PCF installation.

You must back up each of the following:

  • Cloud Controller Database
  • UAA Database
  • WebDAV Server
  • Pivotal MySQL Server

Note: If you are running PostgreSQL and are on the default internal databases, follow the instructions below. If you are running your databases or filestores externally, disregard instructions for backing up the Cloud Controller, and UAA Databases, and ensure that you back up your external databases and filestores.

Note: To follow the backup instructions below, your network must be configured to allow access to the BOSH Director VM from your local machine. If you do not have local administrator access, use the scp command to copy the TAR file to the BOSH Director VM. For example: scp vcap@192.0.2.10:webdav.tar.gz \ and vcap@192.0.2.3:/webdav.tar.gz

Stop Cloud Controller

  1. From a command line, run bosh deployment DEPLOYMENT-MANIFEST to select your PCF deployment. The manifest is located in /var/tempest/workspaces/default/deployments/ on the Ops Manager VM. For example:

    $ bosh deployment /var/tempest/workspaces/default/deployments/cf-bd784.yml
    Deployment set to '/var/tempest/workspaces/default/deployments/cf-bd784.yml'
    

  2. Run bosh vms CF-DEPLOYMENT-NAME to view a list of VMs in your PCF deployment. CF-DEPLOYMENT-NAME corresponds to the name of your PCF release deployment, which is also the filename of your manifest file without the .yml ending. For example:

    $ bosh vms cf-bd784
    +-------------------------------------------+---------+----------------------------------+--------------+
    | Job/index                                 | State   | Resource Pool                    | IPs          |
    +-------------------------------------------+---------+----------------------------------+--------------+
    | ccdb-partition-bd784/0                    | running | ccdb-partition-bd784             | 10.85.xx.xx  | 
    | cloud_controller-partition-bd784/0        | running | cloud_controller-partition-bd784 | 10.85.xx.xx  |
    | cloud_controller_worker-partition-bd784/0 | running | cloud_controller-partition-bd784 | 10.85.xx.xx  |
    | clock_global-partition-bd784/0            | running | clock_global-partition-bd784     | 10.85.xx.xx  |
    | nats-partition-bd784/0                    | running | nats-partition-bd784             | 10.85.xx.xx  |
    | router-partition-bd784/0                  | running | router-partition-bd784           | 10.85.xx.xx  |
    | uaa-partition-bd784/0                     | running | uaa-partition-bd784              | 10.85.xx.xx  |
    +-------------------------------------------+---------+----------------------------------+--------------+
    

  3. Run bosh stop SELECTED-VM for each Cloud Controller VM. For example, stop the cloud_controller-partition-bd784 and cloud_controller_worker-partition-bd784 VMs.

    $ bosh stop cloud_controller-partition-bd784
    Acting as user 'director'...
    You are about to stop cloud_controller-partition-bd784/0
    Detecting deployment changes
    ----------------------------
    Stop cloud_controller-partition-bd784/0? (type 'yes' to continue)
    
    $ bosh stop cloud_controller_worker-partition-bd784
    Acting as user 'director'...
    You are about to stop cloud_controller_worker-partition-bd784/0
    Detecting deployment changes
    ----------------------------
    Stop cloud_controller_worker-partition-bd784/0? (type 'yes' to continue)
    

    Do not stop the ccdb-partition VM, which is the backend database for Cloud Controller if you opted to use PostgreSQL in your database deployment.

Back Up the Cloud Controller Database

Note: Follow these instructions only if you are using a PostgreSQL database.

  1. Use bosh ssh to SSH into the Cloud Controller Database VM:

    1. Run ssh-keygen -t rsa to provide BOSH with the correct public key.
    2. Accept the defaults.
    3. Run bosh ssh.
    4. When prompted to choose an instance, enter the number that corresponds to the VM beginning with ccdb.
    5. Create a password for the temporary user that the bosh ssh command creates. Use this password if you need sudo access in this session.
  2. Run pg_dump to export the database:

    $ pg_dump -U admin -p 2544 ccdb > /tmp/ccdb.sql
    

  3. Run bosh scp to copy the exported database to your BOSH client.

    $ bosh scp --download ccdb/0 /tmp/ccdb.sql .
    

  4. Exit from the Cloud Controller database VM.

Back Up the UAA Database

Note: Follow these instructions only if you are using a PostgreSQL database.

  1. Use bosh ssh to SSH into the UAA Database VM:

    1. Run ssh-keygen -t rsa to provide BOSH with the correct public key.
    2. Accept the defaults.
    3. Run bosh ssh.
    4. When prompted to choose an instance, enter the number that corresponds to the VM beginning with uaadb.
    5. Create a password for the temporary user that the bosh ssh command creates. Use this password if you need sudo access in this session.
  2. Run pg_dump to export the database:

    $ pg_dump -U admin -p 2544 uaa > /tmp/uaa.sql
    

  3. Run bosh scp to copy the exported database to your BOSH client.

    $ bosh scp --download uaadb/0 /tmp/uaa.sql .
    

  4. Exit from the UAA database VM.

Back Up WebDAV Server

  1. In the BOSH deployment manifest, locate the nfs_server component and record the address:

    nfs_server:
      address: 192.0.2.10
      network: 192.0.2.0/24
    syslog_aggregator:
      address:
      port:
    

    Note: The job name associated with the WebDAV server is nfs_server for historical reasons. The server is not based on NFS.

  2. From the Installation Dashboard in Ops Manager, select Elastic Runtime and click Credentials > Link to Credential. Record the File Storage server VM credentials.

    File store creds

  3. SSH into the WebDAV server VM and create a TAR file:

    $ ssh vcap@192.0.2.10 'cd /var/vcap/store && tar cz shared' > webdav.tar.gz
    

    Note: The TAR file that you create to back up WebDAV server might be large. To estimate the size of the TAR file before you create it, run the following command: ssh vcap@192.0.2.10 tar -cf - /dir/to/archive/ | wc -c

Back Up Pivotal MySQL Server

Note: The Elastic Runtime deploy contains an embedded MySQL Server that serves as the data store for the Application Usage Events, Notifications, and Autoscaler services. If you are using an internal MySQL, this will also include the Cloud Controller and UAA.

There are two ways to backup the MySQL Server:

Backing up MySQL Server Manually

  1. From the Installation Dashboard in Ops Manager, select Pivotal Elastic Runtime. Click Status and record the IP address of the first instance of MySQL Server.

    Mysql ip

  2. Click Credentials and record the Mysql Admin Credentials of MySQL Server.

    Mysql cred

  3. SSH into the MySQL database VM as the admin using the IP address and password recorded in the previous steps.

  4. Run the following command to dump the data from the p-mysql database and save it:

     $ mysqldump -u root -p -h 10.0.1.26 --all-databases > user_databases.sql
    

  5. Run scp to copy the exported database to your local machine.

    $ scp vcap@10.0.1.26:~/user_databases.sql .
    

Start Cloud Controller

  1. Run bosh vms to view a list of VMs in your selected deployment. The names of the Cloud Controller VMs begin with cloud_controller.

    $ bosh vms
    +-------------------------------------------+---------+----------------------------------+--------------+
    | Job/index                                 | State   | Resource Pool                    | IPs          |
    +-------------------------------------------+---------+----------------------------------+--------------+
    | cloud_controller-partition-bd784/0        | failing | cloud_controller-partition-bd784 | 10.85.xx.xx  |
    | cloud_controller_worker-partition-bd784/0 | running | cloud_controller-partition-bd784 | 10.85.xx.xx  |
    | clock_global-partition-bd784/0            | running | clock_global-partition-bd784     | 10.85.xx.xx  |
    | nats-partition-bd784/0                    | running | nats-partition-bd784             | 10.85.xx.xx  |
    | router-partition-bd784/0                  | running | router-partition-bd784           | 10.85.xx.xx  |
    | uaa-partition-bd784/0                     | running | uaa-partition-bd784              | 10.85.xx.xx  |
    +-------------------------------------------+---------+----------------------------------+--------------+
    

  2. BOSH indicates a stopped VM with the state: failing. Run bosh start SELECTED-VM for each stopped Cloud Controller VM.

    $ bosh start cloud_controller-partition-bd784
    Processing deployment manifest
    ------------------------------
    Processing deployment manifest
    ------------------------------
    You are about to start cloud_controller-partition-bd784/0
    Processing deployment manifest
    ------------------------------
    Detecting deployment changes
    ------------------------------
    Start cloud_controller-partition-bd784/0? (type 'yes' to continue): yes
    Performing `start cloud_controller-partition-bd784/0'...
    Director task 1428
    Started preparing deployment
    Started preparing deployment > Binding deployment. Done (00:00:00)
    Started preparing deployment > Binding releases. Done (00:00:00)
    Started preparing deployment > Binding existing deployment. Done (00:00:01)
    Started preparing deployment > Binding resource pools. Done (00:00:00)
    Started preparing deployment > Binding stemcells. Done (00:00:00)
    Started preparing deployment > Binding templates. Done (00:00:00)
    Started preparing deployment > Binding properties. Done (00:00:00)
    Started preparing deployment > Binding unallocated VMs. Done (00:00:00)
    Started preparing deployment > Binding instance networks. Done (00:00:00)
     Done preparing deployment (00:00:01)
    Started preparing package compilation > Finding packages to compile. Done (00:00:01)
    Started preparing dns > Binding DNS. Done (00:00:00)
    Started preparing configuration > Binding configuration. Done (00:00:13)
    Started updating job cloud_controller-partition-bd784/0 > cloud_controller-partition-bd784/0 (canary)^@. Done (00:01:44)
    Task 1428 done
    Started     2015-02-25 17:54:28 UTC
    Finished    2015-02-25 17:56:27 UTC
    Duration    00:01:59
    cloud_controller-partition-bd784/0 has been started
    

Follow the steps in the Restoring Pivotal Cloud Foundry from Backup topic to restore a backup, import an installation to restore your settings, or to share your settings with another user.

Create a pull request or raise an issue on the source for this page in GitHub