Automated Cisco UCS Backup
Recently my cohort and I have implemented a new Cisco UCS system. The system consists of dual chassis and multiple B200 M2 blade servers. As we were going through the initial install I noticed something that Cisco had left out….a scheduling engine for UCS Backups. Since I didn’t want to rely on manually backing the system up on a regular basis I decided to tackle this head on. Below is that journey..
Need to Know:
1. The Cisco UCS backup jobs are named the hostname you enter as the backup target.
2. This script does have a hard-coded Cisco UCS username/password (I’m working on figuring out if I can pass the logged in credential to Cisco UCS)
3. I use an SCP server (Linux box) as the target, but this could be adapted using FTP or the other transfer protocols the UCS allows.
4. 4 backup types exist within Cisco UCS, you can run all of them or choose one. To see the different backup types click here.
Setting up the backup jobs within Cisco UCS
1. Create 4 separate CNAME records that point to your SCP target host (examples below):
a. ucs-allbackup.domain.com
b. ucs-fullbackup.domain.com
c. ucs-logicalbackup.domain.com
d. ucs-systembackup.domain.com
2. Create 4 separate backup jobs within Cisco UCS using the syntax below:
a. SSH to the Fabric Interconnect
b. Change to the system scope by typing “scope system”
c. create backup scp://ucsbackup@ucs-allbackup.domain.com/home/ucsbackup/fabricInterconnectName_all_configuration.bak all-configuration enabled
d. Go back to the scope system (type exit)
e. Repeat step c for each CNAME record
Note: ucsbackup is the username you login to your SCP server with. After each create backup command is issued you will be required to put in the password, this is a onetime process.
3. Verify your backups ran successfully and you have 4 files matching the names above in the /home/ucsbackup/ directory on your SCP server.
Implement the PowerShell Script
1. Download the script by clicking here and modify the PowerShell variables:
a. $url = UCSM nuova URL
b. $ucsmLogin = The login used to access the Cisco UCSM
c. $ucsmPass = The password used to access the Cisco UCSM
d. $scpPass = The password associated with the SCP backup user account (the one specified above in step c)
2. Schedule the PowerShell Script to run (I use a Windows Server 2008 R2 management server to run this script on a nightly basis)
a. Make sure the server has network access to the UCSM (80 or 443)
b. Create a folder on C:\Scripts\ and copy the UCSBackup.ps1 file to it
c. Create a new Scheduled Task called “UCS Backup”
d. Set the user account to something with privileges on the Windows server, and choose “Run whether user is logged on or not”
e. Under Triggers, set your schedule
f. Under Actions choose new/Start a program
g. Put this in the Program/script: C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe
h. Put this in the Add Arguments: -File C:\Scripts\UCSBackup.ps1
i. Put this in the Start in: C:\Scripts\
j. Test
At this point you should have nightly backups of your Cisco UCS system to the SCP server. I would recommend putting this script on an NTFS volume and server that only Domain Administrators have access to because the username/password is hardcoded in clear text within the script. Again, I will be evaluating my options to see if I can automate this from the logged in user, but until now IT is what IT is.
~Lane
Hi Lane,
Is there any workaround to take the backup by using UCS API.
I want to take backup of Fiber Interconnect for restoration purpose
Hi Delphi,
If you follow the instructions in my blog post http://www.laneroush.com/automated-cisco-ucs-backup/ you will have an automated backup of your fabric interconnects. My script uses the UCX XML API to kick off/start the backup jobs. Four types of backups exist on the UCS Fabric Interconnects which you can read about them by clicking here.
The article I have written performs a daily backup of all four types. Let me know if this is what you were looking for.
thanks!
~Lane
Lane,
With the latest UCS Powertool you can dramatically reduce the complexity of your script. The backup cmdlet removes the backup job it created which makes things much easier.
# Get the credentials setup
$password = Get-Content C:\bin\powershell\phxkarlvpass.txt | ConvertTo-SecureString
$kvcred = New-Object System.Management.Automation.PSCredential “karlv”,$password
# Login
$kvlogin=Connect-Ucs phx2-dc-ucsprod -Credential $kvcred -NotDefault
# print something
Get-UcsChassis -Ucs $kvlogin | Format-Table -Property Id, Serial, ConfigState, Power, Thermal
#Creates and Downloads full-state system backup of UCS
Backup-Ucs -Ucs $kvlogin -Type full-state -PathPattern ‘C:\Backups\${ucs}-${yyyy}${MM}${dd}-${HH}${mm}-full-state.xml’
#Creates and Downloads logical backup of UCS
Backup-Ucs -Ucs $kvlogin -Type config-logical -PathPattern ‘C:\Backups\${ucs}-${yyyy}${MM}${dd}-${HH}${mm}-config-logical.xml’
#Creates and Downloads system backup of UCS
Backup-Ucs -Ucs $kvlogin -Type config-system -PathPattern ‘C:\Backups\${ucs}-${yyyy}${MM}${dd}-${HH}${mm}-config-system.xml’
#Creates and Downloads config-all backup of UCS
Backup-Ucs -Ucs $kvlogin -Type config-all -PathPattern ‘C:\Backups\${ucs}-${yyyy}${MM}${dd}-${HH}${mm}-config-all.xml’
Disconnect-Ucs -Ucs $kvlogin
Hi Karl,
Thanks for the post/comment!
Readers, if you are interested in this process (which is awesome) you will need to go here: http://developer.cisco.com/web/unifiedcomputing/microsoft to download the Cisco UCS PowerShell cmdlets (Powertool).
Thanks,
~Lane
Good point Karl!
Anyway to backup multiple UCS domains using the UCS PowerTool?
Best way is to wrap Karl’s code into a powershell function and use a loop. The UCS names could be in a text file.
get-content ucsnames.txt | % { BackupThisUCS $_ }
With the newest UCS Powertool you can considerably decrease the complexness of your program. The back-up cmdlet eliminates the back-up job it designed which creates things much simpler.