Backup / recovery
To create a backup of your OpenIAM deployment which is based on a Single VM deployment configuration, follow the steps outlined below. You may use any backup solution.
In addition to the database, the OpenIAM architecture consists of numerous components (listed below), which need to be backed up.
- Conf folder
- Jar and War file for the UI and backend users
- Vault - secrets and certificates
- Elastic search storage files
Backup the database
- Backup your dataabase by performing a DB dump. OpenIAM has two databases:
activiti. Both must be backed up. If you are using MariaDB or MySQL, you can use the following approach:
Open a terminal window to the Linux host where your DB has been installed:
mysqldump -u [username] -p openiam > /usr/local/openiam/backup/openiam-'date+%F'.sqlmysqldump -u [username] -p activiti > /usr/local/openiam/backup/activiti-'date+%F'.sql
pg_dump -U postgres -W -F t openiam > /usr/local/openiam/backup/openiam-'date+%F'.tarpg_dump -U [username]] -W -F t activiti > /usr/local/openiam/backup/activiti-'date+%F'.tar
Download the backup utility
The utility currently supports a single node installation. You can modify this script to align with your environment.
First, download the utility using the following steps. This utility can be executed from either a remote server or from the server where the OpenIAM system has been installed.
mkdir /usr/local/openiam/backuputilcd /usr/local/openiam/backuputilgit clone https://bitbucket.org/openiam/backup-utils.git
Update the env file
env.sh file and update the following parameters with values that reflect your environment:
|Parameter Name||Description||Default Value|
|HOST_NAME||The host name of remote server there backup file will be uploaded||empty|
|HOST_PORT||The port of remote server there backup file will be uploaded||22 (default SSH port)|
|USER_NAME||Username that will be used to upload file||empty|
|AUTH_CERT_PATH||The certificate that will be used to authenticate on remote server||~/.ssh/id_rsa|
|REMOTE_PATH||The folder on the remote server where backup will be placed||~/|
Run the backup process
After the env.sh file has been updated, you can run the backup process by using the command below
The following steps describe how to restore a RPM installation from previously created backups. The steps are for a single node installation. They assume that you have created a backup using the steps described above and the env.sh file has already been updated.
If you not already done so, stop your OpenIAM deployment.
Restore your database
Use the steps below to restore you database. Please make sure that you are using the backup files which correspond to the point in time that you want to revert back to. Substitute below the date.
mysql openiam < openaim-[date].sqlmysql activiti < activity-[date].sql
pg_restore --dbname=openiam --create --verbose c/usr/local/openiam/backup/openiam-[date].tarpg_restore --dbname=activiti --create --verbose c/usr/local/openiam/backup/activiti-[date].tar
Restore the openiam application
Use the command below to restore OpenIAM from previously created backup.
The utility will restore all stored files from the specified backup and then start the OpenIAM instance again.
You can also execute the restore process from a remote server using the following command.
Please don't forget to fill AUTH_CERT_PATH and HOST_PORT in env.conf folder before running this step