KeyControl Backup and Restore

KeyControl stores the configuration information, keys, and objects for all KeyControl nodes in an encrypted object store that is shared among all nodes. Any changes you make on any KeyControl node in the cluster is automatically disseminated to the other nodes in the cluster in a secure manner. This also allows you to backup all required information from any node in the cluster.

Important: Because encryption keys are stored in the KeyControl backup file, you should create a new backup file every time you encrypt a new disk or rekey existing disks. If you restore KeyControl from a backup file made before the disks were encrypted or rekeyed, the new keys will be lost and you will not be able to access the encrypted data.

You can back up KeyControl using:

  • The KeyControl webGUI. The encrypted backup files KeyControl creates can be downloaded locally or accessed through NFS on authorized servers. For details, see Backing Up KeyControl Through the webGUI.
  • A third-party application that can take and restore system snapshots. You can restore KeyControl at any time from a previous snapshot, but if any part of the VM changes you may be required to recover the Admin key as described in Recovering Access to KeyControl.

You can restore KeyControl from a backup file using the KeyControl webGUI. For details, see Restoring KeyControl Through the webGUI.

Automatic Backup Feature

KeyControl automatically creates a backup file once every 12 hours as long as the cluster is healthy. If this is the first time the automatic backup has completed successfully since the node was first initialized or restarted, KeyControl records this information in the audit log. It does not send an alert or email to any KeyControl users. It also does not record any subsequent successful backups.

The automatic backup schedule may change based on the following rules:

  • If the cluster is in a degraded state, no automatic backup is attempted. The cluster must be healthy in order for KeyControl to create a backup file.
  • If the cluster is healthy but the automatic backup fails for some reason, KeyControl retries the backup operation every hour. The first time the automatic backup fails KeyControl records this information in the audit log and alerts all KeyControl accounts with Domain Admin privileges. It does not record subsequent failed backup attempts.
  • Changes to the KeyControl configuration may trigger an automatic backup, but it is better to backup KeyControl manually whenever you make changes to be certain that you have an up-to-date backup file available.

Related Topics