Red Hat Summit Red Hat Summit지원콘솔개발자평가판 시작연락처

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Back Up and Restore the Director Undercloud

Red Hat OpenStack Platform 10

Back up and restore the director undercloud

OpenStack Documentation Team

Abstract

A guide to backing up and restoring the undercloud in Red Hat OpenStack Platform director.

Chapter 1. Back Up the Undercloud
링크 복사

This guide describes how to back up the undercloud used in the Red Hat OpenStack Platform director. The undercloud is usually a single physical node (although high availability options exist using a two-node pacemaker cluster that runs director in a VM) that is used to deploy and manage your OpenStack environment.

1.1. Backup Considerations
링크 복사

Formulate a robust back up and recovery policy in order to minimize data loss and system downtime. When determining your back up strategy, you will need to answer the following questions:

  • How quickly will you need to recover from data loss? If you cannot have data loss at all, you should include high availability in your deployment strategy, in addition to using backups. You’ll need to consider how long it will take to obtain the physical backup media (including from an offsite location, if used), and how many tape drives are available for restore operations.
  • How many backups should you keep? You will need to consider legal and regulatory requirements that affect how long you are expected to store data.
  • Should your backups be kept off-site? Storing your backup media offsite will help mitigate the risk of catastrophe befalling your physical location.
  • How often should backups be tested? A robust back up strategy will include regular restoration tests of backed up data. This can help validate that the correct data is still being backed up, and that no corruption is being introduced during the back up or restoration processes. These drills should assume that they are being performed under actual disaster recovery conditions.
  • What will be backed up? The following sections describe database and file-system backups for components, as well as information on recovering backups.

1.2. High Availability of the Undercloud node
링크 복사

You are free to consider your preferred high availability (HA) options for the Undercloud node; Red Hat does not prescribe any particular requirements for this. For example, you might consider running your Undercloud node as a highly available virtual machine within Red Hat Enterprise Virtualization (RHEV). You might also consider using physical nodes with Pacemaker providing HA for the required services.

When approaching high availability for your Undercloud node, you should consult the documentation and good practices of the solution you decide works best for your environment.

1.3. Creating a baremetal Undercloud backup
링크 복사

A full undercloud backup includes the following databases and files:

  • All MariaDB databases on the undercloud node
  • MariaDB configuration file on the undercloud (so that you can accurately restore databases)
  • The configuration data: /etc
  • Log data: /var/log
  • Image data: /var/lib/glance
  • Certificate generation data if using SSL: /var/lib/certmonger
  • All swift data: /srv/node
  • All data in the stack user home directory: /home/stack
Note

Confirm that you have sufficient disk space available on the undercloud before performing the backup process. Expect the archive file to be at least 3.5 GB, if not larger.

Procedure

  1. Log into the undercloud as the root user.

  2. Create a backup directory, and change the user ownership of the directory to the stack user: 

    [root@director ~]# mkdir /backup
[root@director ~]# chown stack: /backup
    Copy to Clipboard Toggle word wrap

  3. From the backup directory, back up the database: 

    [root@director ~]# cd /backup
[root@director backup]# mysqldump --opt --all-databases > /root/undercloud-all-databases.sql
    Copy to Clipboard Toggle word wrap

  4. Archive the database backup and the configuration files: 

    [root@director ~]# tar --xattrs --xattrs-include='*.*' --ignore-failed-read -cf \
    undercloud-backup-`date +%F`.tar \
    /root/undercloud-all-databases.sql \
    /etc \
    /var/log \
    /var/lib/glance \
    /var/lib/certmonger \
    /var/lib/docker \
    /var/lib/registry \
    /srv/node \
    /root \
    /home/stack
    Copy to Clipboard Toggle word wrap
    • The --ignore-failed-read option skips any directory that does not apply to your undercloud.
    • The --xattrs option includes extended attributed, which are required to store metadata for Object Storage (swift).

    This creates a file named undercloud-backup-<date>.tar.gz, where <date> is the system date. Copy this tar file to a secure location.

1.4. Validate the Completed Backup
링크 복사

You can validate the success of the completed back up process by running and validating the restore process. See the next section for further details on restoring from backup.

Part I. Restore the Undercloud
링크 복사

This section describes how to restore the undercloud used in the Red Hat OpenStack Platform Director.

Chapter 2. Restoring the undercloud
링크 복사

The following restore procedure assumes your undercloud node has failed and is in an unrecoverable state. This procedure involves restoring the database and critical filesystems on a fresh installation. It assumes the following:

  • You have re-installed the latest version of Red Hat Enterprise Linux 7.
  • The hardware layout is the same.
  • The hostname and undercloud settings of the machine are the same.
  • The backup archive has been copied to the root directory.

Procedure

  1. Log into your undercloud as the root user.

  2. Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted: 

    [root@director ~]# subscription-manager register
    Copy to Clipboard Toggle word wrap

  3. Attach the Red Hat OpenStack Platform entitlement: 

    [root@director ~]# subscription-manager attach --pool=Valid-Pool-Number-123456
    Copy to Clipboard Toggle word wrap

  4. Disable all default repositories, and then enable the required Red Hat Enterprise Linux repositories: 

    [root@director ~]# subscription-manager repos --disable=*
[root@director ~]# subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-rh-common-rpms --enable=rhel-ha-for-rhel-7-server-rpms --enable=rhel-7-server-openstack-10-rpms
    Copy to Clipboard Toggle word wrap

  5. Perform an update on your system to make sure you have the latest base system packages: 

    [root@director ~]# yum update -y
[root@director ~]# reboot
    Copy to Clipboard Toggle word wrap

  6. Ensure the time on your undercloud is synchronized. For example: 

    [root@director ~]# yum install -y ntp
[root@director ~]# systemctl start ntpd
[root@director ~]# systemctl enable ntpd
[root@director ~]# ntpdate pool.ntp.org
[root@director ~]# systemctl restart ntpd
    Copy to Clipboard Toggle word wrap
  7. Copy the undercloud backup archive to the undercloud’s root directory. The following steps use undercloud-backup-$TIMESTAMP.tar as the filename, where $TIMESTAMP is a Bash variable for the timestamp on the archive.

  8. Install the database server and client tools: 

    [root@director ~]# yum install -y mariadb mariadb-server
    Copy to Clipboard Toggle word wrap

  9. Start the database: 

    [root@director ~]# systemctl start mariadb
[root@director ~]# systemctl enable mariadb
    Copy to Clipboard Toggle word wrap

  10. Increase the allowed packets to accommodate the size of our database backup: 

    [root@director ~]# mysql -uroot -e"set global max_allowed_packet = 1073741824;"
    Copy to Clipboard Toggle word wrap

  11. Extract the database and database configuration from the archive: 

    [root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/my.cnf.d/*server*.cnf
[root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar root/undercloud-all-databases.sql
    Copy to Clipboard Toggle word wrap

  12. Restore the database backup: 

    [root@director ~]# mysql -u root < /root/undercloud-all-databases.sql
    Copy to Clipboard Toggle word wrap

  13. Extract a temporary version of the root configuration file: 

    [root@director ~]# tar -xvf undercloud-backup-$TIMESTAMP.tar root/.my.cnf
    Copy to Clipboard Toggle word wrap

  14. Get the old root database password: 

    [root@director ~]# OLDPASSWORD=$(sudo cat root/.my.cnf | grep -m1 password | cut -d'=' -f2 | tr -d "'")
    Copy to Clipboard Toggle word wrap

  15. Reset the root database password: 

    [root@director ~]# mysqladmin -u root password "$OLDPASSWORD"
    Copy to Clipboard Toggle word wrap

  16. Move the root configuration file from the temporary directory to the root directory: 

    [root@director ~]# mv ~/root/.my.cnf ~/.
[root@director ~]# rmdir ~/root
    Copy to Clipboard Toggle word wrap

  17. Get a list of old user permissions: 

    [root@director ~]# mysql -e 'select host, user, password from mysql.user;'
    Copy to Clipboard Toggle word wrap

  18. Remove the old user permissions for each host listed. For example: 

    [root@director ~]# HOST="192.0.2.1"
[root@director ~]# USERS=$(mysql -Nse "select user from mysql.user WHERE user != \"root\" and host = \"$HOST\";" | uniq | xargs)
[root@director ~]# for USER in $USERS ; do mysql -e "drop user \"$USER\"@\"$HOST\"" || true ;done
[root@director ~]# mysql -e 'flush privileges'
    Copy to Clipboard Toggle word wrap

    Perform this for all users accessing through the host IP and any host ("%")

  19. Restart the database: 

    [root@director ~]# systemctl restart mariadb
    Copy to Clipboard Toggle word wrap

  20. Create the stack user: 

    [root@director ~]# useradd stack
    Copy to Clipboard Toggle word wrap

  21. Set a password for the user: 

    [root@director ~]# passwd stack
    Copy to Clipboard Toggle word wrap

  22. Disable password requirements when using sudo: 

    [root@director ~]# echo "stack ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/stack
[root@director ~]# chmod 0440 /etc/sudoers.d/stack
    Copy to Clipboard Toggle word wrap

  23. Restore the stack user home directory: 

    # tar -xvC / -f undercloud-backup-$TIMESTAMP.tar home/stack
    Copy to Clipboard Toggle word wrap

  24. Install the policycoreutils-python package: 

    [root@director ~]# yum -y install policycoreutils-python
    Copy to Clipboard Toggle word wrap

  25. Install the openstack-glance package and restore its data and file permissions: 

    [root@director ~]# yum install -y openstack-glance
[root@director ~]# tar --xattrs -xvC / -f undercloud-backup-$TIMESTAMP.tar var/lib/glance/images
[root@director ~]# chown -R glance: /var/lib/glance/images
[root@director ~]# restorecon -R /var/lib/glance/images
    Copy to Clipboard Toggle word wrap

  26. Install the openstack-swift package and restore its data and file permissions: 

    [root@director ~]# yum install -y openstack-swift
[root@director ~]# tar --xattrs -xvC / -f undercloud-backup-$TIMESTAMP.tar srv/node
[root@director ~]# chown -R swift: /srv/node
[root@director ~]# restorecon -R /srv/node
    Copy to Clipboard Toggle word wrap

  27. Install the openstack-keystone package and restore its configuration data: 

    [root@director ~]# yum -y install openstack-keystone
[root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/keystone
[root@director ~]# restorecon -R /etc/keystone
    Copy to Clipboard Toggle word wrap

  28. Install the openstack-heat and restore configuration: 

    [root@director ~]# yum install -y openstack-heat*
[root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/heat
[root@director ~]# restorecon -R /etc/heat
    Copy to Clipboard Toggle word wrap

  29. Install puppet and restore its configuration data: 

    [root@director ~]# yum install -y puppet hiera
[root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/puppet/hieradata/
    Copy to Clipboard Toggle word wrap

  30. If using SSL in the undercloud, refresh the CA certificates: 

    [root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/pki/instack-certs/undercloud.pem
[root@director ~]# tar -xvC / -f undercloud-backup-$TIMESTAMP.tar etc/pki/ca-trust/source/anchors/*
[root@director ~]# restorecon -R /etc/pki
[root@director ~]# semanage fcontext -a -t etc_t "/etc/pki/instack-certs(/.*)?"
[root@director ~]# restorecon -R /etc/pki/instack-certs
[root@director ~]# update-ca-trust extract
    Copy to Clipboard Toggle word wrap

  31. Switch to the stack user: 

    [root@director ~]# su - stack
[stack@director ~]$
    Copy to Clipboard Toggle word wrap

  32. Install the python-tripleoclient package: 

    $ sudo yum install -y python-tripleoclient
    Copy to Clipboard Toggle word wrap

  33. Run the undercloud installation command. Ensure to run it in the stack user’s home directory: 

    [stack@director ~]$ openstack undercloud install
    Copy to Clipboard Toggle word wrap
  34. Wait until the install completes. The undercloud automatically restores its connection to the overcloud. The nodes will continue to poll OpenStack Orchestration (heat) for pending tasks.

Chapter 3. Restoring images for overcloud nodes
링크 복사

The director requires the latest disk images for provisioning new overcloud nodes. Follow this procedure to restore these images.

Procedure

  1. Source the stackrc file to enable the director’s command line tools: 

    [stack@director ~]$ source ~/stackrc
    Copy to Clipboard Toggle word wrap

  2. Install the rhosp-director-images and rhosp-director-images-ipa packages: 

    (undercloud) [stack@director ~]$ sudo yum install rhosp-director-images rhosp-director-images-ipa
    Copy to Clipboard Toggle word wrap

  3. Extract the images archives to the images directory in the stack user’s home (/home/stack/images): 

    (undercloud) [stack@director ~]$ cd ~/images
(undercloud) [stack@director images]$ for i in /usr/share/rhosp-director-images/overcloud-full-latest-10.0.tar /usr/share/rhosp-director-images/ironic-python-agent-latest-10.0.tar; do tar -xvf $i; done
    Copy to Clipboard Toggle word wrap

  4. Import these images into the director: 

    (undercloud) [stack@director images]$ cd ~/images
(undercloud) [stack@director images]$ openstack overcloud image upload --image-path /home/stack/images/
    Copy to Clipboard Toggle word wrap

  5. Configure nodes in your environment to use the new images: 

    (undercloud) [stack@director images]$ for NODE in $(openstack baremetal node list -c UUID -f value) ; do openstack overcloud node configure $NODE ; done
    Copy to Clipboard Toggle word wrap

Chapter 4. Validate the Completed Restore
링크 복사

Use the following commands to perform a healthcheck of your newly restored environment:

4.1. Check Identity Service (Keystone) Operation
링크 복사

This step validates Identity Service operations by querying for a list of users. 

# source stackrc
# openstack user list
Copy to Clipboard Toggle word wrap

When run from the controller, the output of this command should include a list of users created in your environment. This action demonstrates that keystone is running and successfully authenticating user requests. For example: 

# openstack user list
+----------------------------------+------------+---------+----------------------+
|                id                |    name    | enabled |        email         |
+----------------------------------+------------+---------+----------------------+
| 9e47bb53bb40453094e32eccce996828 |   admin    |   True  |    root@localhost    |
| 9fe2466f88cc4fa0ba69e59b47898829 | ceilometer |   True  | ceilometer@localhost |
| 7a40d944e55d422fa4e85daf47e47c42 |   cinder   |   True  |   cinder@localhost   |
| 3d2ed97538064f258f67c98d1912132e |    demo    |   True  |                      |
| 756e73a5115d4e9a947d8aadc6f5ac22 |   glance   |   True  |   glance@localhost   |
| f0d1fcee8f9b4da39556b78b72fdafb1 |  neutron   |   True  |  neutron@localhost   |
| e9025f3faeee4d6bb7a057523576ea19 |    nova    |   True  |    nova@localhost    |
| 65c60b1278a0498980b2dc46c7dcf4b7 |   swift    |   True  |   swift@localhost    |
+----------------------------------+------------+---------+----------------------+
Copy to Clipboard Toggle word wrap

Legal Notice
링크 복사

Copyright © 2017 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Portions adopted from the OpenStack Configuration Reference. See "Configuration Reference" in Red Hat OpenStack Platform Licenses for Documentation.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
맨 위로 이동
Red Hat logoGithubredditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다. 최신 업데이트를 확인하세요.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

Theme

© 2025 Red Hat