Backup and Disaster Recovery
In the event of a failure, you can fully restore Hyper-scalable PAS by recovering or restoring the PostgreSQL data, ensuring a Redis server is also available, building a new Deployment and deploying it, and then setting the Deployment to active. To restore Hyper-scalable PAS, perform the steps below.
Determining How to Restore Hyper-scalable PAS
-
If the database is still intact and both it and the Redis server are still at their original URIs, you can reuse the last Deployment package to create as many Web and Background nodes as needed. For steps on how to reuse the Deployment package, refer to the section Deploying Hyper-scalable PAS software to Web, Background, and TCP Relay nodes under Installing Hyper-scalable PAS.
-
If the database has been corrupted or destroyed, but both the database and Redis servers are still using the same URI, restore the database and then reboot the node servers. Hyper-scalable PAS should recognize the database and resume service.
-
If the database or Redis URIs have changed, do the following:
-
Update URIs using
Centrify-PAS-ModifyInstallation
script to update the certificate. To do this, see Updating the TCP Relay or TCP Relay Logging Certificate. -
Create a new deployment:
Centrify-PAS-NewDeployment
. -
Deploy it.
-
Change the active deployment.
-
Manually Rebuilding and Restoring Hyper-scalable PAS
To manually rebuild and restore a Hyper-scalable PAS instance, perform the following steps:
Manual back up and restore is your responsibility and is not performed in any way by Hyper-scalable PAS.
-
Restore your latest backup of the PostgreSQL data to the new database server. Find the URIs and credentials for both the Redis and PostgreSQL servers.
-
Run
Centrify-PAS-ModifyInstallation
with parameters for what has changed. For example, if the certificate has not changed, you do not need certificate parameters. Alternately, for example: if the database host has changed, you must provide all database parameters. The parameter options are mostly identical toCentrify-PAS-NewInstallation.
The only exception is-Config
, which is not accepted. - Create a new Deployment package by running the
Centrify-PAS- NewDeployment.ps1
command on the Management node. -
Copy this Deployment to new Windows Server nodes and install (using command
Centrify-PAS-Deploy
) new Web, Background, and TCP Relay nodes. -
From the Management node, activate the Deployment using the
Centrify-PAS-SetActiveDeployment.ps1
command. Pass in the Deployment ID that you either set as a parameter or received as output from theCentrify-PAS-NewDeployment.ps1
script. - Ensure that the load balancer can send traffic to the Web nodes.
-
On the Management node, list out the nodes (using command
Centrify-PAS-NodeList
) and forcibly remove (usingCentrify-PAS-ForceRemoveNode
) any nodes from previous Deployment IDs that no longer exist or cannot talk to the database.
Maintaining a Snapshot
As a method of backup, it is important to maintain an accurate snapshot of your VMs. The following comprise a snapshot for Hyper-scalable PAS:
-
A copy of the Installing Hyper-scalable PAS you created during the installation process.
- A copy of a regular full pg_dump of the PostgreSQL database.