6-61
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
6






Configuring

Virtual

Contexts
Performing
Device

Backup

and

Restore

Functions


Store
the

backup

ar

chive

on

di

sk0:

i

n

the

context

of


the
ACE
where
you
i

ntend

to
restore

t

he
files.
Use
the

Admin

context

for

a

full

backup

and

the

corresponding

context

for

user

contexts.


When
you
back
up

the

running-configuration

file,

the

ACE

uses

the

output

of

the
show
running-configuration
CLI

command

as

the

basis

for

the

archive

file.


The
ACE

backs

up

only

exportable
certificates
and

keys.


License
files
are
backed

up

only
when
you

back

up

the

Admin

context.


Use
a

pa

ss

phr

ase

to
back
up
SSL

keys
in

encrypted

form.

Remember

the

pass

phrase

or

write

it
down
and

store

it

in

a

safe

location.

When

you

restore

the

encrypted

keys,

the

ACE

prompts

you

for
the
pass

phrase

to

decrypt

the

keys.

If

you

do

not

use

a

pass

phrase

when

you

back

up

the

SSL

keys,
the
ACE

restores

the

keys

with

AES-256

encryption

using

OpenSSL

sof

tware.


Only
probe

scripts

that

reside

in
disk0:
need

to

be
backed

up.

The

prepackaged

probe

scripts

in

the
probe:
directory

are

always

available.

When

you

perform

a

backup,

the

ACE

automatically

identifies
and
backs

up

the

scripts

in

disk0:

that

are

required

by

the

configuration.


The
ACE
does

not

resolve
any
other

dependencies

required

by
the
configuration

during

a

backup
except
for

scripts

that

reside

in

disk0:.

For

example,

if

you

configured

SSL

certificates

in

an

SSL
proxy
i

n

the

running-configuration

file,

but

you

l

ater

deleted

the

certificates,

the

backup

proceeds
anyway
as

if

the

certificates

still

existed.


To
perform

a

restore

operation,

you

must

have

the

admin

RBAC

feature

in

your

user

role.
ANM-admin
and

ORG-admin

have

access

to

this

feature

by

default.

Custom

roles

with

the

ANM
Inventory
and

Virtual

Context

role

tasks

set

to

create

or

modify

can

also

access

this

feature.


When
you

instruct

the

ACE

to

restore

the

archive

for
the
entire

ACE,

it
restores
the

Admin
context
completely
first,

and

then

it

restores

the

other

contexts.

The

ACE

restores

all

dependencies

before
it
restores

the

running

configuration.

The

order

in

which

the

ACE

restores

dependencies

is

as
follows:


License

files


SSL

certificates

and

key

files


Health-monitoring

scr

ipts


Checkpoints


Startup-configuration

file


Running-configuration

file


When
you

restore

the

ACE,

previously

installed

license

files

are

uninstalled

and

the

license

files

in
the
backup

file

are

installed

in

their

place.


In
a

redundant

configuration,

if

the

archive

that

you

want

to
restore
is
different

from

the

peer
configurations
in

the

FT

group,

redundancy

may

not

operate

properly

after

the

restore.


You
can
restore

a

single

context

from

a

full

backup

archive

provided

that:


You

execute

the

restore

operation

i

n

the

context

t

hat

you

want

to

restore


All

files

dependencies

for

the

context

exist

in

the

full

backup

archive


To
enable

ANM

to

synchronize

the

CLI

after

a

successful

restore,

do

not

navigate

from

the
Backup
/


Restore

page

until

the

Latest

Restore

status

changes

from

In

Progress

to

Success.

If

you
navigate
to

another

page

before

the

restore

process

is

complete,

the

CLI

will

not

synchronize

until
you
return

to

the

Backup

/

Restore

page.
Defaults
Ta
b

l

e


6-11

lists

the

default

settings

for


the

backup

and

restore

function

parameters.