Restoring a server database to a point in time

To restore a server database for IBM Spectrum® Protect to the state at a specified point in time, you require the most recent full backup before the point in time. You also require the incremental backup that was created immediately after that last full backup. You can also use snapshot database backups to restore a database to a specific point in time.

Before you begin

Important:

After you restore a server database to a point in time, you must run the PROTECT STGPOOL command on the source server with the FORCERECONCILE=YES parameter before you run either the REPAIR STGPOOL or REPLICATE NODE commands. The first time that you run the REPLICATE NODE command after a database restore, ensure that you set the FORCERECONCILE=YES parameter.

Restoring a server database to a point in time can cause the server to encounter the following errors:
  • In the server database, records are missing for some of the data on disk and tape.
  • In the server database, records exist for data that no longer exists.
These inconsistencies result in ANR1330E and ANR1331E errors or ANR0340E messages for servers that use node replication. Complete the steps in this procedure to resolve these inconsistencies.

Before you restore the database, complete the following actions:

  1. Locate the following infrastructure setup files:
    • Server options file
    • Volume history file
    • Device configuration file
    • Detailed query output about the database and recovery log
  2. Copy the volume history file that is referenced in the server options file. The backup copy must have a different file name than the name that is listed in the original server options file. If the restore operation fails and you must try the procedure again, you might need the backup copy of the volume history file. After the database is restored, any volume history information that is referenced in the server options file is lost. This information is required to identify the volumes to be audited.
  3. If necessary, modify the device configuration file based on the hardware that is available at the recovery site. For example, the recovery site might require different device class, library, and drive definitions.
Conditions for updating the device configuration file:
If any of the following conditions are true, you might have to manually update the device configuration file at a recovery site:
  • Definitions for paths are included when the SRCTYPE=SERVER parameter is set.
  • An automated tape library is used at the recovery site.
  • Server-to-server virtual volumes are used.

For more information, see: Updating the device configuration file.

Preventing inconsistencies between volume inventories: A point-in-time restore of a library manager server can create inconsistencies between the volume inventories of the library manager and library client servers. You must take precautions to prevent this problem. For more information, see Restoring to a point-in-time for a library manager server.
Preventing volumes from being removed: A point-in-time restore of a library client server can cause volumes to be removed from the volume inventory of a library client server and later overwritten. For more information, see Restoring to a point-in-time of a library client server.

About this task

If files were reclaimed or moved after a backup, the files might be lost and the space that is occupied by those files might be reused. In the future, you can minimize this loss by using the REUSEDELAY parameter when you define or update sequential-access storage pools.

If your old volume history file shows the following conditions for volumes that are required to restore storage pools, you might not be able to restore all of your files:
  • Copy storage pool volumes that were reused. These volumes are listed by setting the STGREUSE parameter.
  • Copy storage pool volumes that were deleted. These volumes are listed by setting the STGDELETE parameter.
In the future, you can avoid this problem by including the REUSEDELAY parameter when you define copy storage pools.

For more information, see UPDATE STGPOOL.

Procedure

To restore the server database to a point in time, complete the following steps:

  1. If the database or recovery log directories were lost, re-create the directories. For example:
    Linux operating systemsAIX operating systems
    
mkdir /tsmdb001
mkdir /tsmdb002
mkdir /tsmdb003
mkdir /activelog
mkdir /archlog
mkdir /archfaillog
    Windows operating systems
    
mkdir e:\tsm\db001
mkdir f:\tsm\db001
mkdir f:\tsm\db001
mkdir h:\tsm\activelog
mkdir i:\tsm\archlog
mkdir j:\tsm\archfaillog
  2. Optional: To prevent client or server operations from accessing data on the storage pool volumes until the database restore operation is complete, you can temporarily disable server maintenance processes and client sessions. To disable these processes, start the server in maintenance mode. For more information, see Starting the server for maintenance or reconfiguration tasks.
  3. Run the DSMSERV RESTORE DB command. For example, to restore the database to a backup series that was created on 19 April 2016, run the following command: 
    dsmserv restore db todate=04/19/2016

    You can use several parameters with the DSMSERV RESTORE DB command. For example, if your environment uses encrypted container storage pools in a cloud environment, you can use the RESTOREKEYS and PASSWORD parameters. Other parameters specify the paths that are used for database and log information and the ability to preview the operation. For more information, see DSMSERV RESTORE DB.

    The server completes the following actions:
    1. Reads the volume history file to locate the last full backup that occurred on or before the specified date and time.
    2. Using the device configuration file, requests a mount of the first volume. The first volume contains the beginning of the full backup.
    3. Restores the backup data from the first volume.
    4. Continues to request mounts and to restore data from the backup volumes that contain the full backup and any incremental backups that occurred on or before the specified date.
  4. Run the QUERY VOLHISTORY command to obtain a list of all the volumes that were reused, added, and deleted since the original backup. Use this list to complete the remaining steps in this procedure. The device configuration file in the restored database might also need to be updated. To ensure that volumes are accurately audited in the restored database, you can temporarily disable access to sequential volumes in the list until the remaining steps in this procedure are complete.
  5. Optional: To temporarily disable access to the sequential volumes, run the following command: 
    UPDATE VOLUME volume_name ACCESS=UNAVAILABLE

    If you disable access to the volumes, you must run the following command before you run the AUDIT VOLUME commands in the remaining steps:

    UPDATE VOLUME volume_name ACCESS=READONLY
  6. Run the AUDIT VOLUME command and specify the FIX=YES parameter for the following volume types:
    • All disk volumes
    • Reused volumes and deleted volumes for TAPE, VTL, and non-deduplicated FILE volumes
    The audit volume process identifies files that are recorded in the database that can no longer be found on a volume. If a copy of the file is in a copy storage pool or an active-data storage pool, the file on the audited volume is marked as damaged. Otherwise, the file is deleted from the database and is lost.
    Auditing FILE volumes in a deduplicated storage pool: Do not run the AUDIT VOLUME command with the FIX=YES parameter on FILE volumes in a deduplicated storage pool. For more information about special considerations for FILE volumes in a deduplicated storage pool, see step 9.d in this procedure.
  7. If the audit volume process detects any damaged files, run the RESTORE STGPOOL command to restore the files.
  8. Complete the following steps:
    1. Mark any volumes that cannot be located as deleted from the database. To mark the volumes as deleted, you can use the DELETE VOLUME command with the DISCARDDATA=YES parameter. This action discards the database entries that would allow the server to access the files on the volume if the files are located in future.
    2. If your storage environment includes directory-container storage pools, you might have to take additional steps to recover data in the storage pools. For instructions, see Recovering from data loss or system outages.
    3. If node replication is configured in your system environment, review the information and take any appropriate steps. A point-in-time database restore of a source replication server disables replication operations that originate from the source server to prevent deleting copies of data that might exist on the target replication servers. To preserve the data that exists on target replication servers, determine whether data copies that are on the target replication server are needed. If they are, you must replicate data that is on the target replication server to the source replication server. Follow the steps in message ANR0340E.
    4. For FILE volumes in a deduplicated storage pool, you must take further actions. Follow the instructions in technote 1883611.
    5. Recover any other volumes from copy storage pool backups. If no backups are available, delete the volumes from the database by using the DELETE VOLUME command with the DISCARDDATA=YES parameter.
  9. Redefine any storage pool volumes that were added since the database backup.

What to do next

  • After a database restore operation on a source or target replication server, run the PROTECT STGPOOL command to completion on the source server with the FORCERECONCILE=YES parameter before you run either the REPAIR STGPOOL or REPLICATE NODE commands. For more information, see PROTECT STGPOOL.
    Running the REPLICATE NODE command: If you intend to run the REPLICATE NODE command after a database restore, ensure that you set the FORCERECONCILE=YES parameter for the first invocation after the database restore operation.
  • After a restore operation, the volume inventories for the server and for your tape management system might be inconsistent. For example, after a database backup, a new volume is added to the server. The tape management system inventory records the volume as belonging to the server. If the database is restored from the backup, the server has no record of the added volume, but the tape management system does. You must synchronize these inventories. Similarly, the volume inventories for the server and for any automated libraries might also be inconsistent. Run the AUDIT LIBRARY command to synchronize these inventories.
  • When you restore a database on a server that uses virtual volumes, you must reconcile the virtual volumes on the source server and the archive files on the target server. For more information, see RECONCILE VOLUMES.
  • If the source server is not synchronized with the LDAP directory server, you might notice unexpected errors. To synchronize the data, run the AUDIT LDAPDIRECTORY command. For more information, see AUDIT LDAPDIRECTORY.
  • A point-in-time database restore operation might invalidate the server-to-server verification key. Run the following command to create a new server-to-server verification key: 
    UPDATE SERVER server_name FORCESYNC=YES

    For more information, see UPDATE SERVER.