Backing up and restoring the Management subsystem

Backup your management project directory and configure scheduled database backups.

Management subsystem backups are intended for restoration in the same environment where they were taken, or a different environment that has the same network configuration, endpoints, and deployment profile.

A management subsystem backup consists of:

Project directory backup

The original project directory that was created with the apicup command during the initial product installation is essential for disaster recovery, see: First steps for deploying in a VMware environment. The project directory contains the YAML files that describe your deployment, encryption keys, and deployment ISO files. It is not possible to restore the management database on a deployment that uses a new or different project directory.

Take a new backup of your project directory every time you make any configuration changes with the apicup command. Store your project directory backups at a remote location.

Ensure that you keep all files related to your management subsystem in the project directory, so they are included in your project directory backup. For example:

Any TLS certificate .pem files that were used to customize management subsystem certificates.
Your management extra-values.yaml file, if you created one, for example: Configuring maximum size of client requests to the Management subsystem on VMware.

Management database backup

Your management database backup contains everything that you create and configure in the Cloud Manager and API Manager UI (APIs, products, TLS profiles, user registries, and so on), or with the toolkit CLI or REST API. You configure your management subsystem to run scheduled backups. You can also take backups on-demand. The configuration of your database backups, such as S3 object store credentials, are defined by the management configuration YAML file in your project directory. Therefore, to restore the management database backup after a disaster, you must first restore your project directory.

Configuring management subsystem backups

Take a backup of your project directory manually, and store the backup at a remote location. Whenever you update your management subsystem with the apicup command, you should take a new backup of this directory.
Configure management database backups: Configuring management database backups.

Snapshots

Take a Virtual Machine (VM) snapshot of all your management VMs; see Using VM snapshots for infrastructure backup and disaster recovery. Taking snapshots does require a brief outage while all the VMs in the subsystem cluster are shut down - do not take snapshots of running VMs, as they might not restore successfully. VM snapshots can provide faster recovery when compared to redeploying OVAs and restoring from a database backup.

Important: VM snapshots are not an alternative to the standard API Connect backups that are described in this section. Do not rely solely on VM snapshots for your backups.