VCAP6-NV (3V0-643) Study Guide – Part 13. Backup and Restore Configurations.

This is part 13 of 20+ blogs I am writing covering the exam prep guide for the VMware Certified Advanced Professional 6 – Network Virtualisation Deployment (3V0-643)  VCAP6-NV certification.

At the time of writing there is no VCAP Design exam stream, thus you’re automatically granted the new VMware Certified Implementation Expert 6 – Network Virtualisation (VCIX6-NV) certification by successfully passing the VCAP6-NV Deploy exam.

Previous blogs in this series:

Part 1 – Intro
Part 2 – Objective 1.1
Part 3 – Objective 1.2
Part 4 – Objective 1.3
Part 5 – Objective 2.1
Part 6 – Objective 2.2
Part 7 – Objective 2.3
Part 8 – Objective 3.1
Part 9A – Objective 3.2 IPSec VPNs
Part 9B – Objective 3.2 SSL VPNs
Part 9C – Objective 3.2 L2 VPNs
Part 10 – Objective 3.3
Part 11 – Objective 4.1
Part 12 – Objective 4.2

This blogs covers:

Section 5 – Perform Operational Management of a VMware NSX Implementation
Objective 5.1 – Backup and Restore Network Configurations

  • Schedule/Backup/Restore NSX Manager data
  • Export/Restore vSphere Distributed Switch configuration
  • Export/Import Service Composer profiles
  • Save/Export/Import/Load Distributed Firewall configurations

 

NSX Manager needs to be backed up so you can recover from failure, corruption or a configuration that has caused an issue. The backup can either be on-demand or scheduled. NSX Manager supports a backup target of either a FTP or SFTP server.

You also need to back up the vCenter Server and Distributed Switches to have a full recovery point. NSX Manager and vCenter Server backups should be taken at similar times to keep them aligned.

When you take a backup of the NSX Manager it backups up the following: the configuration, controllers, logical switching, routing, security, firewall rules and pretty much everything else configured.

Backup NSX Manager Data

Log into the NSX Manager appliance web page.

nsx01.JPG

Click on the Backup and Restore tab.

bs

Under Backups and Restore, for FTP Server Settings click the Change button. Enter the relevant details of your FTP/SFTP server.

Note: To be able to restore NSX Manager data you need these details so make sure you save them!

ftp

To carry out an On-Demand NSX Manager backup, click the Backup button.

back

Click Start to commence the backup.

back2

The backup is complete and you can see the status.

back55.JPG

The files created by the backup on the FTP Server have the date and time appended to the file name.

ftpfile

Note: The NSX Backup also looks after Controllers and Edge configurations. Should you have a failed NSX Edge you can redeploy it by clicking on the Edge Services Gateway in the Web Client and selecting Redeploy NSX Edge.

Note: Should you have faulty NSX Controllers, VMware recommend to delete all of 3 of them and redeploy. Once you have redeployed the controllers you want to re-synchronise the controller state, click ActionsUpdate Controller State. This pushes the VXLAN and routing information from the NSX Manager to the controllers.

 

Schedule a NSX Manager Backup

You can schedule NSX backups either hourly, daily or weekly and have the option to select the time and date depending on the option selected.

Under Scheduling, click the Change button.

Enter the relevant details. I have configured a daily backup at 2355 hours.

back987

 

Restore a NSX Manager Backup

The VMware supported way of restoring NSX Manager data is to deploy a new NSX Manager appliance of the same version and restore the data from the backup. The reason for this is they assume the current appliance is poked.

So, deploy a new NSX Manager appliance.

Log into the NSX Manager appliance Web Page.

Click on the Backup and Restore tab.

Under FTP Server Settings add the details of the FTP/SFTP Server that hosts your NSX Manager backups (same settings as the backup section above).

Once that is configured you will be able to see the available backups to restore from.

Select the backup to restore from and hit the Restore button.

Hit the Yes button to Restore .

restore

You will be logged out of the appliance;  wait and then log back in and the backup should have restored all the content.

 

Export vSphere Distributed Switch Configuration

This is a pretty simple task.

From the Web Client in the Networking section, select your vDS.

Click Actions, then Settings and choose Export Configuration.

export

Click the OK button to export the vDS configuration.

vds

Choose the location to save the vDS export. It saves it as a .zip file.

vds11.JPG

 

Restore vSphere Distributed Switch Configuration

Again, pretty simple.

From the Web Client in the Networking section, select your vDS.

Click Actions, then Settings and choose Restore Configuration.

Locate your .zip backup file, click Next then Finish.

vds99.JPG

 

Export Service Composer Profiles

Another simple process.

Click on Service Composer, then Security Policies.

Select the Security Policy to export, click ActionsExport Configuration.

sc99

Give the export a Name and a File Prefix if required. Click Next, Next, Finish to export.

The export contains any parent policies and security groups used by the policy.

sc100

Choose a location to save the export. The export has a file extension of .blueprint

blue

 

Import Service Composer Profiles

Click on Service Composer, then Security Policies.

Click the icon011 icon to Import Configuration.

Click Browse to locate and select your .blueprint file. Add the file prefix if required.

import.JPG

It then analyzes and shows you a preview of the policy to be imported.

import2

The Security Policy and all objects are recreated. I also confirm that the Security Groups were recreated (I deleted them prior).

sync

 

Saved Distributed Firewall Configurations

Every time you make a change to the Distributed Firewall, NSX auto-saves a copy of the firewall configuration.

This firewall config can be used at a later point in time to revert/restore should something go pear-shaped.

Auto-saves can also be Exported and then Imported down the track and then Loaded to become the running config.

To view saved configurations click on Firewall, then Saved Configurations.

fwsave

From this screen you can click an auto-saved config and then Export it.

If you Edit an auto-saved config, you can also tick the box to preserve the configuration.

auto1

 

Export Distributed Firewall Configurations

You can either Export the live configuration or Export a saved configuration.

To export the live configuration, from the Firewall section click the icon55 Export icon.

Click Download the save the configuration.

save

Select where to save the export file. The file generated has a .xml extension.

xml

 

Import Distributed Firewall Configurations

You Import a configuration file that has previously been exported.

Click on Firewall, then Saved Configurations and click the import Import Configuration icon.

Browse to the location of the .xml configuration file. Click OK.

sav101

You can now see the configuration file has been imported.

auto

Note: If you want to make this imported configuration the running live config you will now need to Load the config. See the next section.

 

Load Distributed Firewall Configurations

Anytime you want to restore a previous saved or imported configuration you use the Load Saved Configuration icon99  option.

Select the configuration to roll-back to and click Load.

load.JPG

load2

Click Publish Changes to enable the configuration.

publish.JPG

 

And that’s it for blog 13, nice and simple this one.

Stay tuned for blog 14 (now available) which is going to cover Objective 5.2:

Monitoring a VMware NSX Implementation

Woohoo, 12 exam objectives down, 9 to go!

Follow me on Twitter or LinkedIn.

Be Social; Please Share.

 

  1. […] Part 1 – Intro Part 2 – Objective 1.1 Part 3 – Objective 1.2 Part 4 – Objective 1.3 Part 5 – Objective 2.1 Part 6 – Objective 2.2 Part 7 – Objective 2.3 Part 8 – Objective 3.1 Part 9A – Objective 3.2 IPSec VPNs Part 9B – Objective 3.2 SSL VPNs Part 9C – Objective 3.2 L2 VPNs Part 10 – Objective 3.3 Part 11 – Objective 4.1 Part 12 – Objective 4.2 Part 13 – Objective 5.1 […]

    Like

    Reply

  2. […] Objective 3.2 L2 VPNs Part 10 – Objective 3.3 Part 11 – Objective 4.1 Part 12 – Objective 4.2 Part 13 – Objective 5.1 Part 14 – Objective […]

    Like

    Reply

  3. It has been a very handy material. Though we cannot afford for such labs, we can visualize them as practical, atleast remembering them we can go, give a try for the exam.. Can you just provide link for making all the objectives into one single pdf please… if not possible can you mail me.

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: