Backup / recovery
To create a backup of your OpenIAM deployment, which is based on a Single VM deployment configuration, follow the steps outlined below. You may use any backup solution.
Backup procedures
In addition to the database, the OpenIAM architecture consists of numerous components (listed below), which need to be backed up.
- Conf folder.
- Jar and War file for the UI and backend users.
- Vault - secrets and certificates.
- Elastic search storage files.
Backup the database
You can back up your database by performing a DB dump. OpenIAM has two databases: openiam
and activiti
. Both must be backed up. If you are using MariaDB or MySQL, you can use the following approach.
Open a terminal window to the Linux host where your DB has been installed.
- MariaDB
mysqldump -u [username] -p openiam > /usr/local/openiam/backup/openiam-'date+%F'.sqlmysqldump -u [username] -p activiti > /usr/local/openiam/backup/activiti-'date+%F'.sql
- PostgreSQL
pg_dump -U postgres -W -F t openiam > /usr/local/openiam/backup/openiam-'date+%F'.tarpg_dump -U [username]] -W -F t activiti > /usr/local/openiam/backup/activiti-'date+%F'.tar
Download the backup utility
The utility currently supports a single node installation. You can modify this script to align with your environment.
First, download the utility using the following steps. This utility can be executed from either a remote server or from the server where the OpenIAM system has been installed.
mkdir /usr/local/openiam/backuputilcd /usr/local/openiam/backuputilgit clone https://bitbucket.org/openiam/backup-utils.git
Update the env file
Open the env.sh
file and update the following parameters with values that reflect your environment.
Parameter Name | Description | Default Value |
---|---|---|
HOST_NAME | The host name of remote server where backup file will be uploaded. | empty |
HOST_PORT | The port of remote server where backup file will be uploaded. | 22 (default SSH port) |
USER_NAME | Username that will be used to upload file. | empty |
AUTH_CERT_PATH | The certificate that will be used to authenticate on remote server. | ~/.ssh/id_rsa |
REMOTE_PATH | The folder on the remote server where backup will be placed. | ~/ |
Run the backup process
After the env.sh
file has been updated, you can run the backup process by using the command below.
./backup.sh
Restoring procedures
The following steps describe how to restore an RPM installation from previously created backups. The steps are for a single node installation. They assume that you have created a backup using the steps described above and the env.sh
file has already been updated.
Stop OpenIAM
If you not already done so, stop your OpenIAM deployment.
openiam-cli stop
Restore your database
Use the steps below to restore your database. Please make sure that you are using the backup files which correspond to the point in time that you want to revert to. Substitute the date earlier.
MariaDB
mysql openiam < openaim-[date].sqlmysql activiti < activity-[date].sql
PostgreSQL
pg_restore --dbname=openiam --create --verbose c/usr/local/openiam/backup/openiam-[date].tarpg_restore --dbname=activiti --create --verbose c/usr/local/openiam/backup/activiti-[date].tar
Restore the openiam application
Use the command below to restore OpenIAM from previously created backup.
./restore.sh <name_of_backup_file>.backup
The utility will restore all stored files from the specified backup and then start the OpenIAM instance again.
You can also execute the restore process from a remote server using the following command.
Please don't forget to fill AUTH_CERT_PATH`` and HOST_PORT
in env.conf
folder before running this step
./restore.sh [username]@hostname:[]/filename.backup
Example:
./restore.sh user@openiam.com:/opt/openiam/backups/2020-01-01_00-00__4.2.0.0.backup