Restoring a corrupted or lost local keystore from the backup
When the local keystore is not working or is corrupted on a particular node or on the all the nodes of IIAS, you can restore the keystore from the latest backup you have taken.
Restoring the local keystore on a particular IIAS node
If you determined that the local keystore needs to be restored on only one or a subset of nodes
in the IIAS system, execute the following steps:
- Log in as
apuser
or equivalent into the node in which the local keystore is corrupted. - Run the
command, where survivingNode is the name of the node that is in a healthy state with respect to the local keystore.apsedbackup restore -–fromnode <survivingNode>
[apuser@node0103 ]# apsedbackup restore --fromnode node0101
Key-store already exists. Are you sure you want to overwrite with backup from node0101? (y/n) y
Restored key-store from node0101
Restoring the local keystore on all nodes from the latest backup
If you determined that the local keystore needs to be restored on all of the nodes in the IIAS
system, execute the following steps:
- Log in as
apuser
or equivalent into any of the IIAS nodes. - Download the latest keystore backup into a file system directory from your external backup
repository using scp. Example:
[apuser@node0101]# scp myremoteuser@myremotesystem.domain.com:/backuprepo/latest-sedbackup.tgz /tmp/mylatestsedbackup
- Run the following
command:
where local backup path is the name of the latest backup of the local keystore.apsedbackup restore --frombackup <local backup path>
Example:[apuser@node0101]# apsedbackup restore --frombackup /tmp/mylatestsedbackup/latest-sedbackup.tgz Key-store already exists. Are you sure you want to overwrite with your backup file? (y/n) y Restored successful from backup file: /tmp/mylatestsedbackup/latest-sedbackup.tgz
- After successful restore, you can remove the backup file from the downloaded directory in the
IIAS. Example:
[apuser@node0101]# rm -f /tmp/mylatestsedbackup/latest-sedbackup.tgz