Backing Up KeyControl Through the webGUI

This procedure creates an encrypted backup file that can be downloaded through NFS on authorized servers or downloaded via the KeyControl webGUI to the administrator's default download directory.

The backup file can later be used to restore KeyControl to the state it was in when the backup was taken.

Before You Begin 

If you have an enabled a Linux Access Control Policy on any of the VMs registered with KeyControl, you must disable those Access Control Policies before you create the backup file. You can then re-enable the Access Control Policies after the backup is complete.

If you create the backup with any Linux Access Control Policies still active, you may be unable to access those VMs when you restore your KeyControl configuration from the backup file.

For details, see Removing Access Controls from a Disk.

Procedure 

  1. Log into the KeyControl webGUI using an account with Domain Admin privileges.
  2. In the top menu bar, click Cluster.
  3. Go to the Cluster tab.

  4. If you want to make the backup file available through NFS:

    1. Make sure the Backup Over NFS option is set to Enabled.
    2. Verify the IP addresses in the Backup Hosts field. If you want any server to have access to the backup directory, enter 0.0.0.0.
  5. Select Actions > KeyControl Backup. KeyControl displays the latest backup information if one exists.
  6. Click Perform Backup. KeyControl creates a new backup file in the backup directory on the server and updates the information in this dialog box.

  7. If you want to download the backup file locally, click Download. KeyControl saves the encrypted backup file to your browser's default download location. The filename is in the format <server-name>-<product_version><-datetimestamp>-<admin_key_version>.bu.

    If you want to access the backup file through NFS, log into one of the servers listed in the Backup Hosts field and mount the directory using the mount command. For example, if your KeyControl node IP address is 192.168.140.135, you would enter:

    # mount -t nfs 192.168.140.135:/hcs/backup /backup
# ls -l /backup
total 506
lrwxrwxrwx  1 root root     30 Dec 16 14:57 htkc.bu -> testkc01-5.1-20191216092703-4.bu
-rw-r--r--  1 root root 191776 Dec 16 14:57 testkc01-5.1-20191216092703-4.bu
  8. When you are done, click Close.

What to Do Next 

If you disabled any Linux Access Control Policies for the backup, you can now re-enable those policies on the Linux VMs.