Backup / Restore a Juniper NSM
VendorJuniper
PlatformNSM
Version2008.2r1
Firewalls - NSM
Saturday, 08 August 2009 14:15

This article will show you how to backup and restore your Juniper NSM. This article was written using NSM version 2008.2r1.
Within NSM the HighAvailSvr contains processes that run in both HA and non-HA mode and handles database backups and a watchdog daemon to restart NSM processes in case of failure.

Backup

Even though you will have your NSM configured to run automated backups. You may need to run a manual backup before making any major changes (such as upgrades etc).

To create a manual backup run the following,

[root@localhost /]# sudo -u nsm /usr/netscreen/HaSvr/utils/replicateDb backup

This should run through and create a manual backup. If not you may get the following error,

[root@localhost utils]# sudo -u nsm /usr/netscreen/HaSvr/utils/replicateDb backup
 Got arguments: backup.  This might take a while to process ...
Ha/Backup: FAIL

This will most likey be down to permission issues. The following should help you resolve the issue,

  • Error Log - /usr/netscreen/HaSvr/bin/.backupDoLocal.result
  • Locate the problem files - find /usr/netscreen /var/netscreen ! -group nsm ! -user nsm
  • Run the setperm/rync scripts. Steps can be found in the Juniper Knowledge base KB12188

Its worth noting that you may find no files using the find command which are not owned by nsm and also you may receive little or no errors in the logs to help you troubleshoot the issue.

In this instance you will need to stop all servers and run the set permissions scripts, this will require you running the following commands,

[root@localhost ~]# /etc/init.d/devSvr stop
[root@localhost ~]# /etc/init.d/guiSvr stop
[root@localhost ~]# /etc/init.d/haSvr stop
[root@localhost ~]# /usr/netscreen/GuiSvr/utils/setperms.sh DevSvr
[root@localhost ~]# /usr/netscreen/GuiSvr/utils/setperms.sh GuiSvr
[root@localhost ~]# /usr/netscreen/GuiSvr/utils/setperms.sh HaSvr
[root@localhost ~]# /etc/init.d/guiSvr start
[root@localhost ~]# /etc/init.d/devSvr start
[root@localhost ~]# /etc/init.d/haSvr start

Restore

To restore your backup run the following (you may want to ls -l /var/netscreen/dbbackup/ to confirm the name of the backup file),

[root@localhost ~]# cd /usr/netscreen/HaSvr/utils
[root@localhost ~]# ./restoreDbFromBackup.sh /var/netscreen/dbbackup/[backup]

Useful Files

/usr/netscreen/HaSvr/bin/.haDoLocal.result  Logfile - Contains the syntax used to perform the local daily backup.
/usr/netscreen/HaSvr/bin/.backupDoLocal.result Logfile - Contains Rsync errors. 
/usr/netscreen/HaSvr/var/errorLog/backup.log Logfile - Contains the replicateDb script log.  
/usr/netscreen/HaSvr/utils/setRsyncUser Script - Set rsync user script 
/usr/netscreen/GuiSvr/utils/setperms.sh Script - Set permissions script 
/var/netscreen/dbbackup/exclude.rsync Configuration file - Exclude folders from local backup. 
/usr/netscreen/HaSvr/var/haSvr.cfg Configuration file - Backup configuration file.
/var/netscreen/dbbackup/ Directory - Default backup directory.  

  



Related Articles
 
We have 24 guests online