PreSave Backup
Presave Backup
N2FE supports backing up of NCC control plans before overriding their content via two mechanisms:
- SOAP request via the NCC PI.
- ACS
acsDumpControlPlan
via passwordless SSH execution.
Both backup mechanisms are configured within the PreSave
hook configuration in the /etc/jarvis/n2fe.xml
file.
Using acsDumpControlPlan
N2FE Service Configuration
The PreSave
element must include the following XML configuration:
<hook module="PreSave">
<parameter name="ssh_host" value="SSH_HOST"/>
<parameter name="ssh_user" value="acs_oper"/>
<parameter name="ssh_options" value="-oStrictHostKeyChecking=no -i /etc/apache2/presave -p 22"/>
<parameter name="backup_command" value="'if [ -w /IN/controlplan_backups ]; then /IN/service_packages/ACS/bin/acsDumpControlPlan -d /IN/controlplan_backups -S -u smf/SMF_PASSWORD -i %s; else exit 1; fi'"/>
</hook>
Configuration options include:
Option | Description |
---|---|
ssh_host |
[Required] The host name for the SMS to initiate the SSH connection against. |
ssh_user |
[Required] The SSH user to utilize when establishing the passwordless SSH session to the SMS host. |
ssh_options |
[Required] SSH options to utilize when establishing the passwordless SSH session. By default it is expected that the private key is provided. |
backup_command |
[Required] The command to execute on the remote SMS node. The SMF user password must be configured to match the target node, the backup directory must be configured correctly, and the database login string must be correct. |
NCC Server Configuration
Ensure the call plan backup location exists on the SMS host:
mkdir /IN/controlplan_backups
chown acs_oper:esg /IN/controlplan_backups
N2FE Server Configuration
On the N2FE host, generate a new passwordless SSH key that is only accessible by the Apache process:
cd /etc/httpd
ssh-keygen -f presave
# No passphrase.
chown apache:apache presave presave.pub
Transfer the presave.pub
file to the SMS host as acs_oper
adding it as an
authorized keys file. This can be done with a single command:
ssh-copy-id -i presave.pub acs_oper@SSH_HOST
On the N2FE host, set up the base SSH directory. This is needed for SSH to store the host key. Without this errors will be written to the log on each connection request to the SMS.
mkdir /usr/share/httpd/.ssh
chown apache:apache /usr/share/httpd/.ssh
Validating the connection with:
ssh -i /etc/httpd/presave acs_oper@SMS_HOST
Set correct SELinux permissions on the httpd SSH directory. On the N2FE host:
semanage fcontext --add -t httpd_sys_rw_content_t "/usr/share/httpd/.ssh(/.*)?"
restorecon -FRv /usr/share/httpd/.ssh
Using the NCC PI
N2FE Service Configuration
The presave
configuration element must include the following XML fragment:
<hook module="PreSave">
<parameter name="pi_uri" value="http://SMS_HOST:PI_SOAP_PORT/"/>
<parameter name="pi_username" value="PI_USERNAME"/>
<parameter name="pi_password" value="PI_PASSWORD"/>
</hook>
Configuration options include:
Option | Description |
---|---|
pi_uri |
[Required] The host name for the SMS PI to perform the backup against. The target PI port should be configured to accept inbound SOAP requests. |
pi_username |
The PI username to utilize if authentication is enabled. |
pi_password |
The PI password to utilize if authentication is enabled. |