Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-04 Thread KodaK 
I use the following to dump my LDAP databases:

#!/bin/sh
/usr/lib64/dirsrv/slapd-PKI-IPA/db2ldif.pl -D "cn=directory manager"
-j /var/lib/dirsrv/scripts-YOUR-KERB-REALM/dmanager.credentials -n
ipaca -a /var/lib/dirsrv/slapd-PKI-IPA/bak/ipaca.`/bin/date
+%Y%m%d%H%M%S`.ldif
/var/lib/dirsrv/scripts-YOUR-KERB-REALM/db2ldif.pl -D "cn=directory
manager" -j /var/lib/dirsrv/scripts-YOUR-KERB-REALM/dmanager.credentials
-n userroot -a /var/lib/dirsrv/slapd-YOUR-KERB-REALM/bak/userroot.`/bin/date
+%Y%m%d%H%M%S`.ldif

I have that in a script that's run by cron, followed up by a script to
delete old backups.  Netbackup takes care of backing up the systems.

dmanager.credentials just has the Directory Manager password in it in
plain test.  Not optimal, but it works.

--Jason

On Mon, Feb 4, 2013 at 10:51 AM, Rajnesh Kumar Siwal
 wrote:
> Thanks Christian.
> I am still looking for some workaround till then.
>
> On Mon, Feb 4, 2013 at 10:16 PM, Christian Hernandez
>  wrote:
>> Looks like a "backup/restore" procedure is in the roadmap
>>
>> http://www.freeipa.org/page/Roadmap
>>
>>
>> Thank you,
>>
>> Christian Hernandez
>> 1225 Los Angeles Street
>> Glendale, CA 91204
>> Phone: 877-782-2737 ext. 4566
>> Fax: 818-265-3152
>> christi...@4over.com 
>> www.4over.com 
>>
>>
>> On Mon, Feb 4, 2013 at 2:54 AM, Rajnesh Kumar Siwal
>>  wrote:
>>>
>>> Does it means that we don't have any backup / restoration process as
>>> of now for IPA 2.2 ?
>>> I am really concerned about such a critical application.
>>>
>>> It would be greate if you could please specify the set of manual
>>> commands in case they can be used for Backup / Restoration purpose.
>>>
>>> --
>>> Regards,
>>> Rajnesh Kumar Siwal
>>>
>>> ___
>>> Freeipa-users mailing list
>>> Freeipa-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>
>>
>
>
>
> --
> Regards,
> Rajnesh Kumar Siwal
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users



-- 
The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-04 Thread Rajnesh Kumar Siwal 
Thanks Christian.
I am still looking for some workaround till then.

On Mon, Feb 4, 2013 at 10:16 PM, Christian Hernandez
 wrote:
> Looks like a "backup/restore" procedure is in the roadmap
>
> http://www.freeipa.org/page/Roadmap
>
>
> Thank you,
>
> Christian Hernandez
> 1225 Los Angeles Street
> Glendale, CA 91204
> Phone: 877-782-2737 ext. 4566
> Fax: 818-265-3152
> christi...@4over.com 
> www.4over.com 
>
>
> On Mon, Feb 4, 2013 at 2:54 AM, Rajnesh Kumar Siwal
>  wrote:
>>
>> Does it means that we don't have any backup / restoration process as
>> of now for IPA 2.2 ?
>> I am really concerned about such a critical application.
>>
>> It would be greate if you could please specify the set of manual
>> commands in case they can be used for Backup / Restoration purpose.
>>
>> --
>> Regards,
>> Rajnesh Kumar Siwal
>>
>> ___
>> Freeipa-users mailing list
>> Freeipa-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>



-- 
Regards,
Rajnesh Kumar Siwal

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-04 Thread Christian Hernandez 
Looks like a "backup/restore" procedure is in the roadmap

http://www.freeipa.org/page/Roadmap


Thank you,

Christian Hernandez
1225 Los Angeles Street
Glendale, CA 91204
Phone: 877-782-2737 ext. 4566
Fax: 818-265-3152
christi...@4over.com 
www.4over.com 


On Mon, Feb 4, 2013 at 2:54 AM, Rajnesh Kumar Siwal  wrote:

> Does it means that we don't have any backup / restoration process as
> of now for IPA 2.2 ?
> I am really concerned about such a critical application.
>
> It would be greate if you could please specify the set of manual
> commands in case they can be used for Backup / Restoration purpose.
>
> --
> Regards,
> Rajnesh Kumar Siwal
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-04 Thread Fred van Zwieten 
This triggers me on something related. We do use snapshots on VM's.
However, we want to separate data and system disks within the guests. We
have /var on a seperate disk and only that disk is getting snapshots.

So, is IPA data living in /var?

Fred


On Mon, Feb 4, 2013 at 11:54 AM, Rajnesh Kumar Siwal <
rajnesh.si...@gmail.com> wrote:

> Does it means that we don't have any backup / restoration process as
> of now for IPA 2.2 ?
> I am really concerned about such a critical application.
>
> It would be greate if you could please specify the set of manual
> commands in case they can be used for Backup / Restoration purpose.
>
> --
> Regards,
> Rajnesh Kumar Siwal
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-03 Thread Christian Hernandez 
I also Snapshot Cold.

Since I have many replicas; it's really no big deal in shutting down an IPA
server for a few seconds to get a quiescent snapshot


Thank you,

Christian Hernandez
1225 Los Angeles Street
Glendale, CA 91204
Phone: 877-782-2737 ext. 4566
Fax: 818-265-3152
christi...@4over.com <mailto:christi...@4over.com>
www.4over.com <http://www.4over.com>


On Sun, Feb 3, 2013 at 12:17 PM, Steven Jones wrote:

> Hi,
>
> The problem I had with snapshots is I found if snapshoting hot they got
> confused and the users all doubled on some replicas, on others replication
> broke...very weird...
>
> So snapshot cold.
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> 
> From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com]
> on behalf of Dmitri Pal [d...@redhat.com]
> Sent: Monday, 4 February 2013 7:01 a.m.
> To: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] Backup and Restoration of IPA Server
>
> On 02/03/2013 12:10 PM, Rajnesh Kumar Siwal wrote:
> > As the IPA server has been the backbone of any Company, is there any
> > recommended approach for Backup/Restore.
> > Please suggest the best approach how to backup and rebuilt the server
> > from scratch and restore the IPA Server.
> >
>
> For redundancy we recommend running several replicas so that if you
> loose one you can easily redeploy.
> It you want, you can run one of the replicas in a VM and take snapshots
> of the whole system.
>
> A more fine grained Backup/Restore procedure is on the roadmap for the
> next release.
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager for IdM portfolio
> Red Hat Inc.
>
>
> ---
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
>
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-03 Thread Steven Jones 
Hi,

The problem I had with snapshots is I found if snapshoting hot they got 
confused and the users all doubled on some replicas, on others replication 
broke...very weird...

So snapshot cold.

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272


From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Dmitri Pal [d...@redhat.com]
Sent: Monday, 4 February 2013 7:01 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Backup and Restoration of IPA Server

On 02/03/2013 12:10 PM, Rajnesh Kumar Siwal wrote:
> As the IPA server has been the backbone of any Company, is there any
> recommended approach for Backup/Restore.
> Please suggest the best approach how to backup and rebuilt the server
> from scratch and restore the IPA Server.
>

For redundancy we recommend running several replicas so that if you
loose one you can easily redeploy.
It you want, you can run one of the replicas in a VM and take snapshots
of the whole system.

A more fine grained Backup/Restore procedure is on the roadmap for the
next release.

--
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Backup and Restoration of IPA Server

2013-02-03 Thread Dmitri Pal 
On 02/03/2013 12:10 PM, Rajnesh Kumar Siwal wrote:
> As the IPA server has been the backbone of any Company, is there any
> recommended approach for Backup/Restore.
> Please suggest the best approach how to backup and rebuilt the server
> from scratch and restore the IPA Server.
>

For redundancy we recommend running several replicas so that if you
loose one you can easily redeploy.
It you want, you can run one of the replicas in a VM and take snapshots
of the whole system.

A more fine grained Backup/Restore procedure is on the roadmap for the
next release.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users