Manual Chapter : UCS Backup Management for the BIG-IQ System

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 5.4.0
Manual Chapter

How do I back up and restore a BIG-IQ system's configuration?

The configuration details of the BIG-IQ® system are kept in a compressed user configuration set (UCS) file. The UCS file has all of the information you need to restore a BIG-IQ system's configuration, including:

  • System-specific configuration files
  • License
  • User account and password information
  • SSL certificates and keys

Create an immediate backup of the BIG-IQ system's current UCS file

  1. At the top of the screen, click System.
  2. On the left, click BACKUP & RESTORE > Backup Schedules .
  3. Click the Back Up Now button.
  4. Type a name to identify this backup, and an optional description for it.
  5. If you want to include the SSL private keys in the backup file, select the Include Private Keys check box.

    If you save a copy of the SSL private key, you can reinstall it if the original one becomes corrupt.

  6. To encrypt the backup file, select the Encrypt Backup Files check box, and type and verify the passphrase.
  7. Use the Local Retention Policy setting to specify how long you want to keep the backup file on BIG-IQ.
    • In the Delete local backup copy field, select the number of days to keep the backup copy before deleting it.
    • To keep copies of the backups indefinitely, select Never Delete.
  8. To keep copies of backups remotely on a SCP or SFTP server:
    1. For the Archive setting, select the Store archive copy of backup check box.
    2. For the Location setting, select SCP or SFTP.
    3. In the IP Address field, type the IP address of the remote server where you want to store the archives.
    4. In the User Name and Password fields, type the credentials to access this server.
    5. In the Directory field, type the name of the directory where you want to store the archives on the remote server.
    Storing a backup remotely means you can restore data to a BIG-IP device even if you can't access the archive in the BIG-IQ system directory.
    If you configure BIG-IQ to save backup files to a remote server and that server is unavailable during a scheduled backup, BIG-IQ ignores the local retention policy and retains the local copy of the backup file. This ensures that a backup is always available. To remove those local backups, you must delete them.
    Tip: Archived copies of backups are kept permanently on the remote server you specify. If you want to clear space on the remote server, you have to manually delete the backups.
  9. Click the Start button at the bottom of the screen.
When UCS backup file is complete, you can restore the BIG-IQ system.

Schedule BIG-IQ system's UCS file backups

Back up the BIG-IQ system's UCS file on a regular schedule to be sure you have a current copy of its configuration in case you ever have to perform a system recovery.
Note: If your BIG-IQ system is part of an HA pair, create a backup schedule only for the primary BIG-IQ system.
  1. At the top of the screen, click System.
  2. On the left, click BACKUP & RESTORE > Backup Schedules .
  3. the Schedule Backup button.
  4. Near the top of the screen, click the Create button.
  5. Type a name to identify this backup, and an optional description for it.
  6. If you want to include the SSL private keys in the backup file, select the Include Private Keys check box.

    If you save a copy of the SSL private key, you can reinstall it if the original one becomes corrupt.

  7. To encrypt the backup file, select the Encrypt Backup Files check box, and type and verify the passphrase.
  8. For the Backup Frequency setting, select Daily, Weekly, or Monthly for the Schedule Backup to specify how often backups are created. Based on the frequency, you can then specify the days and time you want to create the backups..
  9. For the Start Date setting, click the calendar and select the date you want BIG-IQ to start creating backups.
  10. Use the Local Retention Policy setting to specify how long you want to keep the backup file on BIG-IQ.
    • In the Delete local backup copy field, select the number of days to keep the backup copy before deleting it.
    • To keep copies of the backups indefinitely, select Never Delete.
  11. To keep copies of backups remotely on a SCP or SFTP server:
    1. For the Archive setting, select the Store archive copy of backup check box.
    2. For the Location setting, select SCP or SFTP.
    3. In the IP Address field, type the IP address of the remote server where you want to store the archives.
    4. In the User Name and Password fields, type the credentials to access this server.
    5. In the Directory field, type the name of the directory where you want to store the archives on the remote server.
    Storing a backup remotely means you can restore data to a BIG-IP device even if you can't access the archive in the BIG-IQ system directory.
    If you configure BIG-IQ to save backup files to a remote server and that server is unavailable during a scheduled backup, BIG-IQ ignores the local retention policy and retains the local copy of the backup file. This ensures that a backup is always available. To remove those local backups, you must delete them.
    Tip: Archived copies of backups are kept permanently on the remote server you specify. If you want to clear space on the remote server, you have to manually delete the backups.
  12. In the OID field, type the object identifier (OID) you want to associate with this user.
  13. Click the Save & Close button at the bottom of the screen to save your changes.

Restore the BIG-IQ system with a UCS file backup stored remotely

You must create a backup of a F5® BIG-IQ® Centralized Management system's UCS file and store it to a remote system before you can restore it. To perform these steps, you must have access to the command line of the BIG-IQ system.

If for some reason your BIG-IQ system becomes inoperable or corrupt, you can use a backup UCS file to restore the BIG-IQ system without having to recreate all of the BIG-IQ system's content. You can also use a backup to restore BIG-IQ to a previous version after you upgrade, if necessary.

Use this procedure if you stored your UCS backup file remotely.

Important: Restoration might take several minutes, during which time the system might be unavailable. Restoring the system requires a reboot.
  1. Using SSH, log in to the BIG-IQ system with the root user name and password.
  2. From the BIG-IQ system you want to restore, open the Traffic Management Shell (tmsh) by typing, tmsh.
  3. Choose the backup you want to restore, and copy it to /var/local/ucs by typing, scp root@<IP address and port for UCS archive server>:<path of UCS file> /var/local/ucs/<backup name>.ucs
  4. Load the UCS file on the BIG-IQ system by typing, load sys ucs <backup name>.ucs
  5. Restart rest javad by typing, bigstart status restjavad.
After restoration is complete, you can log back into the BIG-IQ system. If your BIG-IQ system is part of an HA pair, you must re-create the HA configuration.

Restore the BIG-IQ system with a UCS file backup stored locally

You must create a backup of a F5® BIG-IQ® Centralized Management system's UCS file and store it to a remote system before you can restore it.

If for some reason your BIG-IQ system becomes inoperable or corrupt, you can use a backup UCS file to restore the BIG-IQ system without having to recreate all of the BIG-IQ system's content. You can also use a backup to restore BIG-IQ to a previous version after you upgrade, if necessary.

Use this procedure to restore a configuration you stored locally on the BIG-IQ system.

Important: Restoration might take several minutes, during which time the system might be unavailable. Restoring the system requires a reboot.
  1. At the top of the screen, click System.
  2. On the left, click BACKUP & RESTORE > Backup Files .
  3. Select the check box next to the backup file you want to restore and click the Restore button.
The BIG-IQ system restores the saved UCS backup file to the BIG-IQ system.
Important: If you restore a BIG-IQ with a backup that is older than its current configuration, any existing backups that are more recent no longer appear in the Backup Files list. Those files, however, are still stored in the /shared/ucs_backups directory until you delete them.
After restoration is complete, you can log back into the BIG-IQ system. If your BIG-IQ system is part of an HA pair, you must re-create the HA configuration.