Recovering from a disaster

Reinstall the management subsystem by using your infrastructure configuration backup, then restore the management database backup.

Before you begin

To successfully recover the management subsystem, you must have the following backups:

About this task

  • Management subsystem backups can be restored in the same environment where they were taken, or in a different environment that has the same network configuration, endpoints, and deployment profile. You cannot restore a management subsystem backup in a different network environment, form factor, or deployment profile. If you want to move your API Connect deployment to a different form factor or change endpoints, see Migrating from v10 to v10 on a different form factor.
  • When you restore a management database backup, you must also restore the database backups of all registered developer portal services, so that the portal and management databases remain in sync.
Note: For OpenShift users: The steps that are detailed in this topic use the Kubernetes kubectl command. On OpenShift, use the equivalent oc command in its place.

Procedure

  1. Reinstall your management subsystem by using the YAML files from your infrastructure configuration backup.
    Your infrastructure configuration backup consists of:
    • Management CR YAML: mgmt_cr_backup.yaml.
    • Management database encryption secret: management_enc_key_backup.yaml.
    • Management backup secret: mgmt-backup-secret_backup.yaml
    • Multiple <credential secret>_backup.yaml files, one for each credential secret.
    • If you customized any certificates, a YAML file of the secret for each customized certificate. For example: apim-endpoint_secret_backup.yaml.
    1. Create the database encryption secret with the management_enc_key_backup.yaml file:
      kubectl -n <management namespace> apply -f management_enc_key_backup.yaml
    2. Create the backup credential secret with your mgmt-backup-secret_backup.yaml file:
      kubectl -n <management namespace> apply -f mgmt-backup-secret_backup.yaml
    3. Create the credential secrets with the <credential secret>_backup.yaml files you saved in step 5 of Taking a management infrastructure configuration backup:
      kubectl -n <management namespace> apply -f <credential secret backup file>
    4. Set the object-store CA secret (if required) from your backup file:
      kubectl -n <management namespace> apply -f mgmt_custom_objstore_ca.yaml
    5. Create the secrets for any customized certificates from their backup files:
      kubectl -n <management namespace> apply -f <custom certificate secret backup file>
    6. Install the management subsystem. Follow Installing the management subsystem, but use the settings from the spec section of your mgmt_cr_backup.yaml file.
  2. Restore your management database: Restoring the management database with a backup ID.

What to do next

Restore the backups of any portal subsystems that are registered with the management subsystem. See Backing up and restoring the developer portal.