Configuring SFTP backup settings for a fresh install of the Management subsystem on OpenShift or Cloud Pak for Integration
Configure SFTP backups for the API Connect Management subsystem that you will deploy in your OpenShift or Cloud Pak for Integration environment.
Before you begin
APIConnectCluster instance is already created, do not use these instructions.
Instead, add the Management backup configuration by following the instructions in Reconfiguring or adding backup settings after installation of the management subsystem on OpenShift and Cloud Pak for Integration.
About this task
Beginning with API Connect 10.0.1.1-eus, when creating an instance of API Connect, you can use the advanced configuration settings to configure database backups for the Management subsystem.
Create a backup secret.
The backup secret is a Kubernetes secret that contains your credentials for accessing the SFTP backup database. Supported credentials types:
- Username and password (10.0.1.1-eus or later).
- Username and SSH-key (10.0.1.4-ifix1-eus or later). Only OpenSSH keys are supported.1
Use one of the following commands to create the secret:
- Username and password
$ oc create secret generic mgmt-backup-secret --from-literal=username='<YOUR USERNAME>' --from-literal=password='<YOUR PASSWORD>' -n <namespace-of-mgmt-subsystem>
- Version 10.0.1.4-ifix1-eus or later: Username and SSH-key credentials:
$ oc create secret generic mgmt-backup-secret --from-literal=username='<YOUR USERNAME>' --from-file=ssh-privatekey='<YOUR PRIVATEKEY FILE>' -n <namespace-of-mgmt-subsystem>
- Configure th Management backup settings.
APIConnectClusterinstallation CR and add the Management backup configuration using one of the following methods:
- OpenShift web console:
- Navigate to
- See the on-screen instructions for how to fill in each field. See also Management subsystem settings.
The following fields are unique to SFTP backup configuration:
- Server port. Default is 22.
- The fields in the Restart Database section. Changing SFTP (protocol) backup configures does not involve any downtime.
- Cloud Pak Platform Navigator:
- In Platform Navigator for the API Connect cluster instance, select Configuration. On the UI Form tab, set Advanced Options to On.
- See the on-screen instructions for how to fill in values for:
- Server Hostname
- Server Port
For more information, see Management subsystem settings.
- YAML file: Use Table 1 for guidance while you define the backup settings as shown in the
spec: management: databaseBackup: protocol: sftp host: <SFTP-host-name> port: <SFTP-port> path: apic-backup retries: 0 credentials: mgmt-backup-secret schedule: "0 3 * * *"
Table 1. Backup configuration settings Setting Description
The type of the backup. For SFTP storage:
The backups host. For
sftptype, the SFTP server hostname
The SFTP server port. Optional. Default:
The path to the location of the backup. For
sftptype, the folder name on the SFTP server.
The number of times the
ibm-apiconnectOperator attempts backups in the event of a failed SFTP backup.
Name of the Kubernetes secret containing your SFTP Username/password. For Version 10.0.1.4-ifix1-eus or later, the Kubernetes secret can contain your SFTP Username and SSH key.
Cron like schedule for performing automatic backups. The format for the schedule is:
- * * * * *
- - - - - -
- | | | | |
- | | | | +----- day of week (0 - 6) (Sunday=0)
- | | | +------- month (1 - 12)
- | | +--------- day of month (1 - 31)
- | +----------- hour (0 - 23)
- +------------- min (0 - 59)
The timezone for backups is that of the node on which the postgres-operator pod is scheduled.
There is no default backup schedule set. Be sure to set your backup schedule.
All scheduled Management subsystem backups are of type
- OpenShift web console: