Applications

Storware Backup & Recovery can protect Applications and others likes:

Main concepts

There are 2 main concepts that Storware Backup & Recovery uses to execute backups:
  • Command Execution Configuration
  • Application Definition

Command Execution Configuration

This describes how to perform a backup operation. That is how to execute a command that produces a backup artefact which Storware Backup & Recovery later stores in a backup provider. Multiple Application definitions share Command Execution Configuration but with different parameter values.
Command Execution Configuration properties come in several sections:
  1. 1.
    General:
    • Name - Name of your configuration
    • Execution type:
      • Node - execute this command directly on the node
      • Remote SSH - execute this command over SSH using credentials provided in the Application definition
    • Timeout - fail execution if a command doesn't complete within the time given
      • if you think that your backup should take longer, increase this value
      • this timeout is for whole command execution - if you have several steps in your script and you need additional timeouts for these steps - add them to your script
  2. 2.
    Command arguments:
    • add arguments that contain spaces as separate arguments
    • the first argument is the path to your executable
    • make sure this command is accessible on the remote host, and Storware Backup & Recovery credentials will suffice to execute it
    • remote commands (over SSH) will invoke shell so you can use bash-style expressions (built-in commands such as echo, environmental variables or redirections) within the command argument
    • commands executed on the node are executed natively by OS, so if you want to use bash-style expressions (built-in commands such as echo, environmental variables or redirections) you need to split your command at least into 3 arguments: /bin/bash, -c and your command > with some redirections
  3. 3.
    Data export:
    • Export data - when enabled, Storware Backup & Recovery will expect artefacts to be collected as a result of a command
    • Source type:
      • FILE - result will be a file, directory or path with * wildcard
      • STREAM - output of your command
    • Source path:
      • path to your artefacts that need to be collected
      • file, directory or path with * wildcard - more than 1 file on the source will result in files being stored as a single tar archive
    • Remove files after export:
      • if artefacts (files or source directory) need to be removed once exported
      • be careful when providing a path in the source directory, the whole directory will be removed when this setting is enabled
  4. 4.
    Applications:
    • select which applications will use this command execution config
  5. 5.
    Parameters:
    • this section allows you to define the parameters that will be expected to be entered in each application definition
    • each parameter will eventually become an environment variable in the application definition
    • each parameter has several properties
      • Name - Name of the resulting environmental variable
      • User-friendly hint - a hint what this parameter is to be shown later in the application definition
      • Default value - the default value, entered during initialization in the application definition form
      • Show in UI - if the value should be shown as dotted or not - useful for passwords
      • Obligatory - if we expect that its value should always be provided in the application definition form
  6. 6.
    Error handling
    • Standard error output stream handling (when non-empty):
      • Don't ignore it - will fail if anything is in the standard error output
      • Ignore without warning - will ignore it silently
      • Ignore with a warning - will ignore it but a warning indicator in the backup history will contain this output
    • Ignored Exit Codes:
      • error codes that should be ignored and not treated by Storware Backup & Recovery as errors
      • by default, only 0 is assumed as a success

Application Definition

Once you have your command execution configuration defined (or you choose to use the predefined ones provided with Storware Backup & Recovery), you should define the instances of your application.
There are a few parameters for application definition that come in several sections:
  1. 1.
    General:
    • Name - Name of your application instance
    • Choose node - which node is going to execute this command
    • Backup policy - optionally set policy for scheduled backups
    • Command execution configuration
      • configuration of your command used for this application
      • Note: when you create a definition for the first time, you select a configuration and click Save - you will be redirected to the Settings tab for additional details
  2. 2.
    Environment variables
    • shown only when the definition has been saved on the Settings tab
    • defines a list of environment variables that will be passed to your command/script during its invocation
    • parameters from the command execution config will be populated automatically
    • each parameter has several properties:
      • Key - name of the environmental variable
      • Value - Value of the environment variable
      • Show - if the value should be shown as dotted or not - useful for passwords
  3. 3.
    SSH access:
    • shown when Remote SSH is chosen as the execution type in command execution configuration
    • parameters:
      • SSH host - host where the command will be executed
      • SSH port - port on which the SSH service is running (by default 22)
      • SSH user - user used to connect via SSH
      • SSH key path:
        • path to your key - needs to be a file only accessible by Storware Backup & Recovery with 400 permissions
        • alternatively, you can use the password access method
  4. 4.
    Password:
    • shown when Remote SSH is chosen as the execution type in command execution configuration
    • set your SSH password here if you're not using the public-key authentication method

Enabling WinRM on Windows machines

The Windows Remote Management (a.k.a. WinRM) interface is a network service that allows remote management access to computers via the network. It's used to allow remote management of computers via PowerShell. As a result, WinRM is not enabled by default on Windows Server.
There is an enable_winrm.ps1 script in the /opt/vprotect/scripts/winrm directory
A Power Shell script performs the following steps:
  • Automatically starts the WinRM service
  • Adds all addresses to trusted hosts. This can be changed in line 7, replacing the aseterix symbol with the appropriate address, e.g.
Add all computers to the TrustedHosts list
Set-Item WSMan:\localhost\Client\TrustedHosts -Value *
Add all domain computers to the TrustedHosts list
Set-Item WSMan:\localhost\Client\TrustedHosts *.yourdomain.com
Add specific computers to the TrustedHosts list
Set-Item WSMan:\localhost\Client\TrustedHosts -Value DESKTOP-R88J8V5, MacBookPro19
Add computers to the TrustedHosts list using the IP address
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 192.168.100.69
  • Adds an exception in Windows Firewall, which is used by WinRm over HTTPS (port 5986).
  • Creates a self-signed certificate and creates Create HTTPS listener.
The enable_winrm.ps1 script must be run on the Hyper-V server in the PowerShell console.
PowerShell for Linux must be installed on the machine where Node is installed. You can download it from GitHub at:
More about installation and versions for different Linux distributions here:
After the correct installation, we can test the connection. On Linux, run PowerShell with the pwsh command.
Then we connect to the Hyper-V server:
Enter-PSSession -ComputerName IP_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)
After providing the correct credentials, the PowerShell console will start on the remote machine. We end the session with the "exit" command. We can also try a test PowerShell script on a remote machine:
Invoke-Command -Session (New-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)) -ScriptBlock {Get-ChildItem Env:}
or
Enter-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)