Red Hat SummitChapter 11. Backing up Satellite Server and Capsule Server
You can back up your Satellite deployment to ensure the continuity of your Red Hat Satellite deployment and associated data in the event of a disaster. If your deployment uses custom configurations, you must consider how to handle these custom configurations when you plan your backup and disaster recovery policy.
If you create a new instance of the Satellite Server, decommission the old instances after restoring the backup. Cloned instances are not supposed to run in parallel in a production environment.
To create a backup of your Satellite Server or Capsule Server and all associated data, use the satellite-maintain backup command. Backing up to a separate storage device on a separate system is highly recommended.
Satellite services are unavailable during the backup. Therefore, you must ensure that no other tasks are scheduled by other administrators. You can schedule a backup by using cron. For more information, see the Section 11.5, “Example of a weekly full backup followed by daily incremental backups”.
During offline backups, the services are inactive and Satellite is in a maintenance mode. All the traffic from outside on port 443 is rejected by a firewall to ensure there are no modifications triggered.
A backup contains sensitive information from the /root/ssl-build directory. For example, it can contain hostnames, ssh keys, request files and SSL certificates. You must encrypt or move the backup to a secure location to minimize the risk of damage or unauthorized access to the hosts.
Conventional backup methods
You can also use conventional backup methods. For more information, see Recovering and restoring a system in Red Hat Enterprise Linux 9 Configuring basic system settings.
If you plan to use the satellite-maintain backup command to create a backup, do not stop Satellite services.
When creating a snapshot or conventional backup, you must stop all services as follows:
satellite-maintain service stop
# satellite-maintain service stopCopy to Clipboard Copied! Toggle word wrap Toggle overflow Start the services after creating a snapshot or conventional backup:
satellite-maintain service start
# satellite-maintain service startCopy to Clipboard Copied! Toggle word wrap Toggle overflow
11.1. Estimating the size of a backup
The full backup creates uncompressed archives of PostgreSQL and Pulp database files, and Satellite configuration files. Compression occurs after the archives are created to decrease the time when Satellite services are unavailable.
A full backup requires space to store the following data:
- Uncompressed Satellite database and configuration files
- Compressed Satellite database and configuration files
- An extra 20% of the total estimated space to ensure a reliable backup
Procedure
Enter the
ducommand to estimate the size of uncompressed directories containing Satellite database and configuration files:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Calculate how much space is required to store the compressed data.
The following table describes the compression ratio of all data items included in the backup:
Expand Table 11.1. Backup data compression ratio Data type Directory Ratio Example results PostgreSQL database files
/var/lib/pgsql/data80 – 85%
100 GB
20 GB Pulp RPM files
/var/lib/pulp(not compressed)
100 GB
Configuration files
/var/lib/tftpboot/etc/root/ssl-build/var/www/html/pub/opt/puppetlabs85%
942 MB
141 MB In this example, the compressed backup data occupies 120 GB in total.
To calculate the amount of available space you require to store a backup, calculate the sum of the estimated values of compressed and uncompressed backup data, and add an extra 20% to ensure a reliable backup.
This example requires 201 GB plus 120 GB for the uncompressed and compressed backup data, 321 GB in total. With 64 GB of extra space, 385 GB must be allocated for the backup location.
11.2. Performing a full backup of Satellite Server or Capsule Server
Red Hat Satellite uses the satellite-maintain backup command to make backups.
There are two main methods of backing up Satellite Server:
Offline backup
All Satellite services are shut down during an offline backup.
Online backup
Only Satellite services that affect the consistency of the backup, including all background workers, are shut down while the backup process is running. Online backups check for consistency and require more time than offline backups.
For more information about each of these methods, you can view the usage statements for each backup method.
Offline backups
satellite-maintain backup offline --help
# satellite-maintain backup offline --helpOnline backups
satellite-maintain backup online --help
# satellite-maintain backup online --helpDirectory creation
The satellite-maintain backup command creates a time-stamped subdirectory in the backup directory that you specify. The satellite-maintain backup command does not overwrite backups, therefore you must select the correct directory or subdirectory when restoring from a backup or an incremental backup. The satellite-maintain backup command stops and restarts services as required.
When you run the satellite-maintain backup offline command, the following default backup directories are created:
-
satellite-backupon Satellite -
foreman-proxy-backupon Capsule
If you want to set a custom directory name, add the --preserve-directory option and add a directory name. The backup is then stored in the directory you provide in the command line. If you use the --preserve-directory option, no data is removed if the backup fails.
Note that if you use a local PostgreSQL database, the postgres user requires write access to the backup directory.
Remote databases
You can use the satellite-maintain backup command to back up remote databases.
You can use both online and offline methods to back up remote databases, but if you use offline method, the satellite-maintain backup command performs a database dump.
Backing up to a remote NFS share
To enable Satellite to save the backup to an NFS share, ensure that the root user of your Satellite Server or Capsule Server can write to the NFS share. NFS export options such as root_squash and all_squash are known to prevent this.
For more information, see Red Hat Enterprise Linux Configuring and using network files services and Red Hat Enterprise Linux Securing network services.
Prerequisites
- Ensure that your backup location has sufficient available disk space to store the backup. For more information, see Section 11.1, “Estimating the size of a backup”.
Request other users of Satellite Server or Capsule Server to save any changes and warn them that Satellite services are unavailable for the duration of the backup. Ensure no other tasks are scheduled for the same time as the backup.
Procedure
On Satellite Server, enter the following command:
satellite-maintain backup offline /var/satellite-backup
# satellite-maintain backup offline /var/satellite-backupCopy to Clipboard Copied! Toggle word wrap Toggle overflow On Capsule Server, enter the following command:
satellite-maintain backup offline /var/foreman-proxy-backup
# satellite-maintain backup offline /var/foreman-proxy-backupCopy to Clipboard Copied! Toggle word wrap Toggle overflow
11.3. Performing a backup without Pulp content
You can perform an offline backup that excludes the contents of the Pulp directory. The backup without Pulp content is useful for debugging purposes and is only intended to provide access to configuration files without backing up the Pulp database. For production usecases, do not restore from a directory that does not contain Pulp content.
Request other users of Satellite Server or Capsule Server to save any changes and warn them that Satellite services are unavailable for the duration of the backup. Ensure no other tasks are scheduled for the same time as the backup.
Prerequisites
- Ensure that your backup location has sufficient available disk space to store the backup. For more information, see Section 11.1, “Estimating the size of a backup”.
Procedure
To perform an offline backup without Pulp content, enter the following command:
satellite-maintain backup offline --skip-pulp-content /var/backup_directory
# satellite-maintain backup offline --skip-pulp-content /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow
11.4. Performing an incremental backup
Use this procedure to perform an offline backup of any changes since a previous backup.
To perform incremental backups, you must perform a full backup as a reference to create the first incremental backup of a sequence. Keep the most recent full backup and a complete sequence of incremental backups to restore from.
Request other users of Satellite Server or Capsule Server to save any changes and warn them that Satellite services are unavailable for the duration of the backup. Ensure no other tasks are scheduled for the same time as the backup.
Prerequisites
- Ensure that your backup location has sufficient available disk space to store the backup. For more information, see Section 11.1, “Estimating the size of a backup”.
Procedure
To perform a full offline backup, enter the following command:
satellite-maintain backup offline /var/backup_directory
# satellite-maintain backup offline /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow To create a directory within your backup directory to store the first incremental back up, enter the
satellite-maintain backupcommand with the--incrementaloption:satellite-maintain backup offline --incremental /var/backup_directory/full_backup /var/backup_directory
# satellite-maintain backup offline --incremental /var/backup_directory/full_backup /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow To create the second incremental backup, enter the
satellite-maintain backupcommand with the--incrementaloption and include the path to the first incremental backup to indicate the starting point for the next increment. This creates a directory for the second incremental backup in your backup directory:satellite-maintain backup offline --incremental /var/backup_directory/first_incremental_backup /var/backup_directory
# satellite-maintain backup offline --incremental /var/backup_directory/first_incremental_backup /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow Optional: If you want to point to a different version of the backup, and make a series of increments with that version of the backup as the starting point, you can do this at any time. For example, if you want to make a new incremental backup from the full backup rather than the first or second incremental backup, point to the full backup directory:
satellite-maintain backup offline --incremental /var/backup_directory/full_backup /var/backup_directory
# satellite-maintain backup offline --incremental /var/backup_directory/full_backup /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow
11.5. Example of a weekly full backup followed by daily incremental backups
The following script performs a full backup on a Sunday followed by incremental backups for each of the following days. A new subdirectory is created for each day that an incremental backup is performed. The script requires a daily cron job.
Note that the satellite-maintain backup command requires /sbin and /usr/sbin directories to be in PATH and the --assumeyes option is used to skip the confirmation prompt.
11.6. Performing an online backup
Risks associated with online backups
When you perform an online backup, most Satellite services remain running and usable. Background workers are shut down to ensure consistent backups. Operations that require background workers remain in pending state. The backup process ensures that the Pulp data (/var/lib/pulp) is not altered during the backup. Any changes to the Pulp data during the backup will result in restart of the backup process, taking additional time.
Request other users of Satellite Server or Capsule Server to save any changes and warn them that some Satellite services may be unavailable for the duration of the backup. Ensure no other tasks are scheduled for the same time as the backup.
Prerequisites
- Ensure that your backup location has sufficient available disk space to store the backup. For more information, see Section 11.1, “Estimating the size of a backup”.
Procedure
To perform an online backup, enter the following command:
satellite-maintain backup online /var/backup_directory
# satellite-maintain backup online /var/backup_directoryCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}