Applications

Storware Backup & Recovery can protect Applications and others likes:

Main concepts

There are 2 main concepts that Storware Backup & Recovery uses to execute backups:

  • Command Execution Configuration

  • Application Definition

Command Execution Configuration

This describes how to perform a backup operation. That is how to execute a command that produces a backup artefact which Storware Backup & Recovery later stores in a backup provider. Multiple Application definitions share Command Execution Configuration but with different parameter values.

Command Execution Configuration properties come in several sections:

  1. General:

    • Name - Name of your configuration

    • Execution type:

      • Node - execute this command directly on the node

      • Remote SSH - execute this command over SSH using credentials provided in the Application definition

    • Timeout - fail execution if a command doesn't complete within the time given

      • if you think that your backup should take longer, increase this value

      • this timeout is for whole command execution - if you have several steps in your script and you need additional timeouts for these steps - add them to your script

  2. Command arguments:

    • add arguments that contain spaces as separate arguments

    • the first argument is the path to your executable

    • make sure this command is accessible on the remote host, and Storware Backup & Recovery credentials will suffice to execute it

    • remote commands (over SSH) will invoke shell so you can use bash-style expressions (built-in commands such as echo, environmental variables or redirections) within the command argument

    • commands executed on the node are executed natively by OS, so if you want to use bash-style expressions (built-in commands such as echo, environmental variables or redirections) you need to split your command at least into 3 arguments: /bin/bash, -c and your command > with some redirections

  3. Data export:

    • Export data - when enabled, Storware Backup & Recovery will expect artefacts to be collected as a result of a command

    • Source type:

      • FILE - result will be a file, directory or path with * wildcard

      • STREAM - output of your command

    • Source path:

      • path to your artefacts that need to be collected

      • file, directory or path with * wildcard - more than 1 file on the source will result in files being stored as a single tar archive

    • Remove files after export:

      • if artefacts (files or source directory) need to be removed once exported

      • be careful when providing a path in the source directory, the whole directory will be removed when this setting is enabled

  4. Applications:

    • select which applications will use this command execution config

  5. Parameters:

    • this section allows you to define the parameters that will be expected to be entered in each application definition

    • each parameter will eventually become an environment variable in the application definition

    • each parameter has several properties

      • Name - Name of the resulting environmental variable

      • User-friendly hint - a hint what this parameter is to be shown later in the application definition

      • Default value - the default value, entered during initialization in the application definition form

      • Show in UI - if the value should be shown as dotted or not - useful for passwords

      • Obligatory - if we expect that its value should always be provided in the application definition form

  6. Error handling

    • Standard error output stream handling (when non-empty):

      • Don't ignore it - will fail if anything is in the standard error output

      • Ignore without warning - will ignore it silently

      • Ignore with a warning - will ignore it but a warning indicator in the backup history will contain this output

    • Ignored Exit Codes:

      • error codes that should be ignored and not treated by Storware Backup & Recovery as errors

      • by default, only 0 is assumed as a success

Application Definition

Once you have your command execution configuration defined (or you choose to use the predefined ones provided with Storware Backup & Recovery), you should define the instances of your application.

There are a few parameters for application definition that come in several sections:

  1. General:

    • Name - Name of your application instance

    • Choose node - which node is going to execute this command

    • Backup policy - optionally set policy for scheduled backups

    • Command execution configuration

      • configuration of your command used for this application

      • Note: when you create a definition for the first time, you select a configuration and click Save - you will be redirected to the Settings tab for additional details

  2. Environment variables

    • shown only when the definition has been saved on the Settings tab

    • defines a list of environment variables that will be passed to your command/script during its invocation

    • parameters from the command execution config will be populated automatically

    • each parameter has several properties:

      • Key - name of the environmental variable

      • Value - Value of the environment variable

      • Show - if the value should be shown as dotted or not - useful for passwords

  3. SSH access:

    • shown when Remote SSH is chosen as the execution type in command execution configuration

    • parameters:

      • SSH host - host where the command will be executed

      • SSH port - port on which the SSH service is running (by default 22)

      • SSH user - user used to connect via SSH

      • SSH key path:

        • path to your key - needs to be a file only accessible by Storware Backup & Recovery with 400 permissions

        • alternatively, you can use the password access method

  4. Password:

    • shown when Remote SSH is chosen as the execution type in command execution configuration

    • set your SSH password here if you're not using the public-key authentication method

Enabling WinRM on Windows machines

The Windows Remote Management (a.k.a. WinRM) interface is a network service that allows remote management access to computers via the network. It's used to allow remote management of computers via PowerShell. As a result, WinRM is not enabled by default on Windows Server.

There is an enable_winrm.ps1 script in the /opt/vprotect/scripts/winrm directory

A Power Shell script performs the following steps:

  • Automatically starts the WinRM service

  • Adds all addresses to trusted hosts. This can be changed in line 7, replacing the aseterix symbol with the appropriate address, e.g.

Add all computers to the TrustedHosts list

Set-Item WSMan:\localhost\Client\TrustedHosts -Value *

Add all domain computers to the TrustedHosts list

Set-Item WSMan:\localhost\Client\TrustedHosts *.yourdomain.com

Add specific computers to the TrustedHosts list

Set-Item WSMan:\localhost\Client\TrustedHosts -Value DESKTOP-R88J8V5, MacBookPro19

Add computers to the TrustedHosts list using the IP address

Set-Item WSMan:\localhost\Client\TrustedHosts -Value 192.168.100.69
  • Adds an exception in Windows Firewall, which is used by WinRm over HTTPS (port 5986).

  • Creates a self-signed certificate and creates Create HTTPS listener.

The enable_winrm.ps1 script must be run on the Hyper-V server in the PowerShell console.

PowerShell for Linux must be installed on the machine where Node is installed. You can download it from GitHub at:

More about installation and versions for different Linux distributions here:

After the correct installation, we can test the connection. On Linux, run PowerShell with the pwsh command.

Then we connect to the Hyper-V server:

Enter-PSSession -ComputerName IP_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)

After providing the correct credentials, the PowerShell console will start on the remote machine. We end the session with the "exit" command. We can also try a test PowerShell script on a remote machine:

Invoke-Command -Session (New-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)) -ScriptBlock {Get-ChildItem Env:}

or

Enter-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)