Transcript Document

Keeping Your Business Online
with eDirectory™ Backup and
Restore
www.novell.com
Brian Hawkins
Software Engineer
Novell, Inc.
[email protected]
Roger Harrison
Engineering Manager
Novell, Inc.
[email protected]
Vision…one Net
A world where networks of all types—corporate and public,
intranets, extranets, and the Internet—work together as
one Net and securely connect employees, customers,
suppliers, and partners across organizational boundaries
Mission
To solve complex business and technical challenges with Net
business solutions that enable people, processes, and
systems to work together and our customers to profit from
the opportunities of a networked world
Deployed Versions Novell eDirectory™
and Novell Directory Services® (NDS®)
Product Version
Build Version
Platforms
NetWare 5.1 SP4 (NDS 7)
DS.nlm v7.57
NetWare 5.1
NetWare 5.1 SP 4 (NDS 8)
DS.nlm v8.79
NetWare 5.1
eDirectory 8
DS.nlm & DS.dlm v8.79
NetWare 5.0,Win NT/2K
eDirectory 8.5.x
DS v85.23
NetWare 5.x,Win,Solaris
NetWare 6 (eDirectory 8.6)
DS.nlm v10110.20
NetWare 6
eDirectory 8.6.1
DS v10210.43
NW 5.1,NW 6,Win,Solaris,Linux
NetWare 6 SP1 (eDirectory 8.6.2)
DS.nlm v10310.17
NetWare 6
eDirectory 8.6.2
DS v103xx.xx
NW 5.1,NW 6,Win,Solaris,Linux
eDirectory 8.7
DS v10410.xx
NW 5.1,NW 6,Win,Solaris,Linux,AIX
Differences between eDirectory
and Novell Directory Services (NDS)
NDS
eDirectory
NOS directory focused on
managing NetWare® servers
A cross-platform, scalable,
standards-based directory
used for managing identities
that span all aspects of
the network—eDirectory
is the foundation for eBusiness
NetWare 5
NetWare
NetWare 6
eDirectory Backup/Restore
Design Goals
• High availability
 Ability
to perform backups on a live server that is
performing updates concurrently with the backup
• Scalable
 Performance
that enables backup of directory servers
containing tens or hundreds of millions of objects
 Ability to restore in hours
• Work within the distributed nature of eDirectory
Solution: Hot Continuous Backup
with Roll Forward Logging
• High availability
 Performs
hot backups on a live server that is
performing updates concurrently with the backup
• Scalable
 Backup
and restore entire DIB (Data Information
Base)
 Limited only by I/O channel bandwidth
• Work within the distributed nature of eDirectory
 Keeps
Roll Forward Logs to ensure recovered server
matches the synchronization state that other servers
in the tree expect
How Hot Backup Works
• Two “flavors” of backup
 Full
backup includes all blocks in the entire DIB
 Incremental backup includes any blocks in the
DIB that were modified since the last full or
incremental backup
How Hot Backup Works
Update Object
How Hot Backup Works
How Restore Works
• Restore last full backup
• Apply incremental backups taken since last full
backup (in order)
• Replay roll-forward logs since last incremental
backup
• Verify that the synchronization status of newlyrestored DIB matches what other servers in the
tree think it should be
• Open the DIB and bring the server back on line
Typical Backup Strategy
• Full backup weekly on Sunday night
• Incremental backup each night except Sunday
• Roll-forward logging enabled
Backup
Schedule
Setup/Configuration
• Roll forward log settings are stored in the
_ndsdb.ini file
• Roll forward logs are off by default
• Changing the location of the roll forward logs
 Place
the logs on a separate drive system then the
DIB set
 Roll forward logs will contain sensitive information
so control access to the roll forward log directory
 Roll forward log volume must be monitored as the
logs grow
Setup/Configuration
(cont.)
• Maximum and minimum size
Maximum: This is the maximum size the log can reach
before creating a new file
Minimum: After reaching this size a new log will be
started after the current transaction is finished
• Log stream files
A copy of modified stream files are placed inside
the log file
Backing Up eDirectory
• Backup header contains valuable information
Backup file header is in XML format
• The backup file can be limited in size
A 250 meg backup limited to 100 meg would be
Test.bak < 100 meg
Test.001 < 100 meg
Test.002 ~ 50 meg
Each file has its own header
• A log is kept of each backup
Backing Up eDirectory
(cont.)
• Including the security files in the backup
• Including other files in the backup




A file is given to the backup program that contains a list of files
to include
Files are listed with a “;” between and a “;” at the end
No spaces no returns
These files are placed in the header of the first backup file
sys:/system/autoexec.ncf;vol1:/personal.txt;
Backing Up eDirectory
(cont.)
• Cold backups
 Database
is closed during the backup
 Database can be disabled after the backup
• Provides the ability to migrate a database with
security information
 This
method does not include file system trustee
rights (NetWare only)
Restoring eDirectory
• Restore process
1.
2.
3.
4.
5.
6.
NDS Database is closed
Backup file is restored to RST
Incremental backups and roll forward logs are
applied
The RST database is disabled (to prevent accidental
opening)
The RST undergoes the verification process
On success the RST database is renamed to NDS
and opened
Restore Verification
• The restored DIB is opened and all partition
entries are read
Items read
 Servers in replica ring
 Referrals for each server
 Local received up to vector
• Each server in the replica ring is contacted and
the local received up to vector is compared to
the transitive vector from the remote server
Trees Designed for Backups
• For catastrophic failure/recovery eDirectory
needs to be designed so recovery can take place
without using the roll forward logs
 One
server or a set of servers that contain replicas of
the entire tree but do not share replicas
• These servers are then used as master copies of the tree and
the rest of the servers are restored using replication
 Not
configuring eDirectory for catastrophic failure
can still be restored using a lot of dsrepair work
Demo
Server 3
Server 1
Server 2
X
Demo
Server 1
Server 3
Demo
Server 1
Server 3
Updates
Updates
New
Server
2
Server
Updates
Roll-Forward
Incremental
Full
Backups
Logs
Backup
Getting More Information:
BrainShare 2002
• IO206—Choices in Disaster Recovery
 Reviews
the best strategies for providing
disaster recovery in Novell networks and
presents a range of solutions from low-budget
options to larger investments that provide
everything plus the kitchen sink