How to Configure Database Backups to write to an NFS File Share instead of Local Directory '/home/oracle/AveksaExportImportDir' in RSA Identity Governance & Lifecycle
3 years ago
Originally Published: 2015-02-12
Article Number
000062901
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Product/Service Type: Appliance
Platform: SUSE, Red Hat Enterprise Linux (RHEL)
RSA Version/Condition: All
 
Issue
By default when backing up the RSA Identity Governance & Lifecycle Oracle database using one of the options outlined in RSA Knowledge Base Article 000038174 -- How to perform a database backup (export) and a database restore (import) in RSA Identity Governance & Lifecycle, the RSA Identity Governance & Lifecycle database backups are written to the /home/oracle/AveksaExportImportDir local directory. The purpose of this RSA Knowledge Base Article is to provide steps on how to configure your server to switch the database backup location from the default local directory to an NFS file share.
 
Resolution
To change the storage location of an RSA Identity Governance & Lifecycle database backup from the default local directory to a remote NFS file share, follow the steps below.

NOTE: Your NFS server should be connected, configured, and tuned for the best transfer speed possible.The network performance to the NFS server will have a direct impact on the amount of time that the backup will take to complete. If there are issues with backups failing, the failure will need to be demonstrated or reproduced using the default local directory in order for RSA Identity Governance & Lifecycle Customer Support to assist.


SUSE

To configure:

  1. Login as root.
  2. Move the existing contents of the local backup folder (/home/oracle/AveksaExportImportDir) to a different location for safe keeping:
mkdir /home/oracle/backups-local
mv /home/oracle/AveksaImportExportDir/* /home/oracle/backups-local/
  1. Use the /home/oracle/AveksaExportImportDir as your mount point for your NFS file share.
Here is an example using a non-persistent command.
mount -t nfs -o proto=tcp,port=2049 192.168.26.107:/nfs-backups /home/oracle/AveksaExportImportDir
mount | grep nfs
192.168.26.107:/nfs-backups on /home/oracle/AveksaExportImportDir type nfs 
(rw,proto=tcp,port=2049,addr=192.168.26.120)
The remote NFS server's IP is 192.168.26.107 and it has a shared folder named /nfs-backups.
 
Here is an example of a persistent configuration. This is done by creating an entry in /etc/fstab.  

User-added image
 

Once this change is in effect, the local directory /home/oracle/AveksaExportImportDir will be a pointer to the remote NFS file share. The backup will continue to write to the /home/oracle/AveksaExportImportDir directory but will write to the file location that this directory points to. In this case the NFS file share.

 

To reverse:

To reverse these steps so that backups are still written to the local directory /home/oracle/AveksaExportImportDir, login as root and:

  • To reverse the non-persistent command  

    umount /home/oracle/AveksaExportImportDir

  • To reverse the persistent command:  

  1. Edit /etc/fstab and comment out or remove the line that references /home/oracle/AveksaExportImportDir  
vi /etc/fstab
  1. Dismount the NFS file share  
umount /home/oracle/AveksaExportImportDir
  

RHEL

  1. Login as root.
  2. Move the existing contents of the local backup folder (/home/oracle/AveksaExportImportDir) to a different location for safe keeping:
mkdir /home/oracle/backups-local
mv /home/oracle/AveksaImportExportDir/* /home/oracle/backups-local/
  1. Create a directory for the backup files. Ensure there is a server that has sufficient storage off of the root partition:
mkdir /nfs-backups
  1. Grant write access to the directory:  
chmod 777 /nfs-backups

  1. Edit the /etc/exports file to define the directory as an NFS file share and grant the remote host access:

Example contents of /etc/exports:

cat /etc/exports
/nfs-backups       192.168.26.113(rw,sync)
  1. Backup your existing configuration.
cp /etc/sysconfig/nfs /etc/sysconfig/nfs.backup_date
  1. Edit the configuration file and set the ports used for NFS:
vi /etc/sysconfig/nfs

Uncomment these lines:

LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
  1. Backup your iptables configuration:
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.backup_date
  1. Edit the iptables configuration file and add the following rules (if they do not already exist):
vi /etc/sysconfig/iptables

Add these lines:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 32803 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 32769 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 32769 -j ACCEPT
  1. Restart iptables and nfs for the changes to take effect:
/sbin/service iptables restart
/sbin/service nfs restart
  1. To test the connectivity and view the NFS file shares, you can run the following command:
showmount -e 192.168.26.107

where 192.168.26.107 is the RedHat Server’s IP address.


 

Related Articles

Trending Articles

Don't see what you're looking for?