Applies To:

Show Versions Show Versions

Manual Chapter: Saving and Restoring Configuration Data
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

16 
On any BIG-IP® system, you have a set of data that you created when you initially configured the system, using the Setup utility and the Configuration utility or bigpipe utility. This data consists of traffic management elements such as virtual server definitions, pool definitions, and profiles. Configuration data also consists of system and network definitions such as interface properties, self IP addresses, VLAN configurations, redundant system settings, and more.
Once you have created the configuration data for the BIG-IP system, you can replicate this set of data in a separate file. You can then use this replicated data later, for these reasons:
As an archive for disaster recovery
Using the Archives feature, you can back up the current configuration data, and if necessary, restore the data at a later time. We highly recommend that you use this feature to mitigate the potential loss of BIG-IP system configuration data. To create an archive, you can use the Configuration utility, which stores the configuration data in a special file known as a user configuration set, or UCS file. You can then use the UCS file to recover from any loss of data, in the unlikely event that you need to do so. For more information on creating and managing archives, see the remainder of this chapter.
As a way to propagate data to other systems
Using the single configuration file feature, you can easily and quickly propagate the exact configuration of the BIG-IP system to other BIG-IP systems. To create a single configuration file, you use the bigpipe utility, which exports the configuration data to a special file known as an .scf file. You can then use the .scf file to configure another system in one simple operation. For details on creating and using a single configuration file, see the BIG-IP® Command Line Interface Guide.
Before you replace a version of the BIG-IP system with a newer version, you should always create an archive, which is a backup copy of the configuration data. This archive is in the form of a user configuration set, or UCS. Then, if you need to recover that data later, you can restore the data from the archive that you created.
Each time you back up the configuration data, the BIG-IP system creates a new file with a .ucs extension. Each UCS file contains various configuration files needed for the BIG-IP system to operate correctly, as well as the configuration data.
Important: To create, delete, upload, or download an archive, you must have either the Administrator or Resource Administrator role assigned to your user account.
Using the Configuration utility, you can save and restore archives that are stored on the BIG-IP system. Furthermore, for added security, you can save archives to and restore archives from a remote system, that is, the system on which you are running the Configuration utility.
By default, the system stores all archives in the directory /var/local/ucs. You can specify a different location, but in this case, the Configuration utility does not display the UCS files when you view the list of archives
After you create an archive on the BIG-IP system, you can download a copy of the UCS file to the system from which you are running the Configuration utility (a secure remote system). This provides an extra level of protection by preserving the configuration data on a remote system. In the unlikely event that you need to restore the data, and a BIG-IP system event prevents you from accessing the archive in the BIG-IP system directory in which you saved the archive, you still have a backup copy of the data. For more information on saving archives, see Creating and saving an archive on the BIG-IP system.
Important: Any UCS file that you create includes the host name of the BIG-IP system as part of the data stored in that file. When you later specify this UCS file during the process of restoring configuration data to a BIG-IP system, the host name stored in this UCS file must match the host name of the system to which you are restoring the configuration data. Otherwise, the system does not fully restore the data.
Important: If your configuration data includes SSL keys and certificates, be sure to store the archive file in a secure environment.
Not only is the /var/local/ucs directory the only location on the BIG-IP system in which you can save an archive, but it is also the only location on the BIG-IP system from which you can restore an archive. However, if you previously downloaded an archive to a remote system, and a BIG-IP system event prevents you from accessing the /var/local/ucs directory, you can upload the archive from that remote system. For more information on restoring archive data, see Restoring data from a BIG-IP system archive.
When you have a redundant system configuration, it is essential that the same set of configuration data exists on both units of the BIG-IP system. To synchronize configuration data, you use the High Availability screens in the System area of the Configuration utility. To mitigate against data loss, however, you use the Archives screens.
We recommend that you use the archives feature to routinely create an archive of the configuration data on each unit of the redundant system. Note, too, that when you synchronize configuration data for a redundant system, the BIG-IP system automatically creates a backup archive, named cs_backup.ucs, immediately prior to performing the synchronization. This ensures that you always have a copy of the most recent configuration data in the event that a system event occurs during the synchronization process.
If you have set the Archive Encryption setting to On (using the Preferences screen), the BIG-IP system encrypts any UCS file that you create, including the cs_backup.ucs file.
As described in Introducing configuration data storage and retrieval, you can create, store, and access archives, on both the BIG-IP system and a remote system. You can also view any existing archive files and their properties, as well as delete archives that you no longer need. Specifically, you can use the Configuration utility to:
Note: Only users with either the Administrator or Resource Administrator user role can manage archives.
You can view a list of archives (that is, UCS files) that are currently stored in the /var/local/ucs directory on the BIG-IP system. When you view a list of archives, the Configuration utility displays the following information:
The date that the UCS file was created or uploaded
Note: Whenever you last upgraded the BIG-IP system to a new version, you were required to create a UCS file named config.ucs, using the bigpipe config save command. This UCS file appears in the list of UCS files on the Archives screen.
On the Main tab of the navigation pane, expand System, and click Archives. The Archives screen opens, displaying a list of existing UCS files.
You can create a new archive, which the BIG-IP system automatically stores in a default location, the /var/local/ucs directory. You can create as many separate archives as you want, as long as each archive has a unique file name. Also, you can specify that the BIG-IP system store an archive in a directory other than /var/local/ucs, although in this case, the Configuration utility does not include the archive name in the list of archives on the Archives screen. For more information on storing UCS files, see Introducing configuration data storage and retrieval.
When you create an archive, you configure some settings, such as a setting to encrypt the archive file for security reasons. Table 16.1 lists and describes these settings, and shows their default values.
Specifies the file name for the archive. You do not need to specify the UCS file name extension. The BIG-IP system appends the UCS extension automatically.
Enables or disables encryption of the archive. If you select Enabled, two other settings, Passphrase and Verify Passphrase, appear on the screen.

Note: This setting appears only when you have used the Preferences screen to set the Archive Encryption setting to On Request or On.
Displays the version of the BIG-IP system application that is currently running on the BIG-IP hardware platform. You cannot configure the Version setting.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
2.
In the upper-right corner of the screen, click Create.
The New Archive screen opens.
Note: If the Create button is unavailable, you do not have permission to create an archive. You must have the Administrator role assigned to your user account.
3.
In the File Name box, type a unique file name for the archive.
We recommend that the file name match the name of the BIG-IP system. For example, if the name of the BIG-IP system is bigip2, then the name of the archive file should be bigip2.ucs. For more information, see Working with archives.
4.
If you want to encrypt the archive, locate the Encryption list and select Enabled.
Note: If the Encryption setting is unavailable, you must configure the Archive Encryption setting located on the Preferences screen. For more information, see the description of the Configuration utility in Chapter 1, Introducing BIG-IP Network and System Management.
5.
If you want the BIG-IP system to include any private keys, locate the Private Keys list and select Include.
In this case, be sure to store the archive file in a secure environment.
6.
Click Finished.
Using the Configuration utility, you can view the properties of an archive that you previously created. Note that you cannot modify the properties of an archive. If you want to modify an archive, you must delete the archive you want to change and then create a new one.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
2.
In the Name column, click the name of the archive that you want to view.
This displays the properties of that archive.
In the unlikely event that the BIG-IP system configuration data becomes corrupted, you can restore the data from the archive that is currently stored in the directory /var/local/ucs. If no archive exists in that directory, then you cannot restore configuration data.
Important: The name of the archive must match the host name of the BIG-IP system you are restoring. For example, if the host name of the BIG-IP system you are restoring is bigip2, then the name of the archive must be bigip2.ucs. If necessary, you can change the host name of the BIG-IP system to match the name of the archive.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
2.
In the File Name column, click the name of the archive that you want to use to restore the configuration data.
This displays the properties of that archive.
3.
Click Restore.
This restores the BIG-IP system configuration data.
As described in the section Introducing configuration data storage and retrieval, you can download a copy of an existing archive to a remote system, that is, the system from which you ran the Configuration utility to create the archive. This feature protects the configuration data in the unlikely event that the BIG-IP system experiences a system catastrophe.
When you download an existing archive, you first display the properties of the archive you want to download, and then specify the complete path name of the location to which you want to save the archive copy.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
2.
In the File Name column, click the name of the archive that you want to view.
This displays the properties of that archive.
3.
For the Archive File setting, click the Download: <.ucs filename> button.
A confirmation screen appears.
4.
Click Save.
The BIG-IP system downloads a copy of the UCS file to the system from which you initiated the download.
If you previously downloaded a copy of an archive to a remote system (that is, the system from which you initiated the download), you can upload that archive to the BIG-IP system at any time. This is most useful when a BIG-IP system event has occurred that has caused the archive stored on the BIG-IP system to either become unavailable or corrupted for some reason.
Note that when you upload a copy of an archive, you must specify the exact path name for the directory in which the downloaded archive copy is stored.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
2.
In the upper-right corner of the screen, click Upload.
This opens the Upload screen.
3.
In the File Name box, type the complete path and file name of the archive that you want to upload onto the BIG-IP system.
If you do not recall the path or file name, you can use the Browse button to locate and select the file name.
4.
For the Options setting, check the Overwrite existing archive file box if you want the BIG-IP system to overwrite any existing archive file.
Note: The BIG-IP system overwrites an existing file with the uploaded file only when the name of the archive you are uploading matches the name of an archive on the BIG-IP system.
5.
Click Upload.
This uploads the specified archive to the directory /var/local/ucs on the BIG-IP system.
You can use the Configuration utility to delete any archive on the BIG-IP system that is stored in the directory /var/local/ucs.
1.
On the Main tab of the navigation pane, expand System, and click Archives.
The Archives screen opens.
4.
Click Delete.
A confirmation box appears.
5.
Click Delete again.
This deletes the archive from the /var/local/ucs directory on the BIG-IP system.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)