VMware Cloud Community
sushilkm
Enthusiast
Enthusiast

schedule VCSA 6.5 backups..

I was wondering if there is any script or similiar available to schedule VCSA backups to a FTP server.

I tried multiple stuff but none seems to be working . Adapted a Bash script but it doesn't give me output as below

VMware vSphere 6.5 Documentation Library

Capture.PNG

Tried Backup vCenter Server Appliance (VCSA) 6.5 Using PowerShell – VCDX56 

But https://www.brianjgraf.com/2016/11/18/vsphere-6-5-automate-vcsa-backup/  the link at end on guthub is missing . Page missing...

Is there a way to schedule these backups for VCSA.

21 Replies
daphnissov
Immortal
Immortal

If you tried the script that was provided but it's not working, then let's identify why it's failing because the method provided in the docs does work for scheduled backups via cron.

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Thanks. Yeah does make sense...So i followed the exact instruction as below

VMware vCSA 6.5 Scheduled Backup – The vGoodie-bag

Script does nothing. i am running it manually at the moment Or is it so that this will Run only via Cron job & cannot be invoked manually

Output is as below . I am backing up to a FTP server.

Capture.PNG

Reply
0 Kudos
daphnissov
Immortal
Immortal

Can you please show your script content?

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Here is the copy paste of same . I have just edited the user variable in below. 

root@mxxxxxxxxxx [ /usr/local/bin ]# cat backup.sh

#!/bin/bash

##### EDITABLE BY USER to specify vCenter Server instance and backup destination. #####

VC_ADDRESS=xxxxxxxxx.vcname.com

VC_USER=administrator@vsphere.local

VC_PASSWORD=secretpassword

FTP_ADDRESS=192.168.10.11

FTP_USER=vcbackup

FTP_PASSWORD=secretcode

BACKUP_FOLDER=/VMware-Backups/vCenter-APPS/

############################

# Authenticate with basic credentials.

curl -u "$VC_USER:$VC_PASSWORD" \

    -X POST \

    -k --cookie-jar cookies.txt \

    "https://$VC_ADDRESS/rest/com/vmware/cis/session"

# Create a message body for the backup request.

TIME=$(date +%Y-%m-%d-%H-%M-%S)

cat << EOF >task.json

{ "piece":

      {

          "location_type":"FTPS",

          //"location_type":"SCP",

          "comment":"Automatic backup",

          "parts":["seat"],

          "location":"ftp://$FTP_ADDRESS/$BACKUP_FOLDER/$TIME",

          //"location":"scp://$FTP_ADDRESS/$BACKUP_FOLDER/$TIME",

          "location_user":"$FTP_USER",

          "location_password":"$FTP_PASSWORD"

      }

}

EOF

# Issue a request to start the backup operation.

echo Starting backup $TIME >>backup.log

curl -k --cookie cookies.txt \

    -H 'Accept:application/json' \

    -H 'Content-Type:application/json' \

    -X POST \

    --data @task.json 2>>backup.log >response.txt \

    "https://$VC_ADDRESS/rest/appliance/recovery/backup/job"

cat response.txt >>backup.log

echo '' >>backup.log

# Parse the response to locate the unique identifier of the backup operation.

ID=$(awk '{if (match($0,/"id":"\w+-\w+-\w+"/)) \

           print substr($0, RSTART+6, RLENGTH-7);}' \

          response.txt)

echo 'Backup job id: '$ID

# Monitor progress of the operation until it is complete.

PROGRESS=INPROGRESS

until [ "$PROGRESS" != "INPROGRESS" ]

do

      sleep 10s

      curl -k --cookie cookies.txt \

        -H 'Accept:application/json' \

        --globoff \

        "https://$VC_ADDRESS/rest/appliance/recovery/backup/job/$ID" \

        >response.txt

      cat response.txt >>backup.log

      echo ''  >>backup.log

      PROGRESS=$(awk '{if (match($0,/"state":"\w+"/)) \

                      print substr($0, RSTART+9, RLENGTH-10);}' \

                     response.txt)

      echo 'Backup job state: '$PROGRESS

done

# Report job completion and clean up temporary files.

echo ''

echo "Backup job completion status: $PROGRESS"

rm -f task.json

rm -f response.txt

rm -f cookies.txt

echo ''  >>backup.log

root@xxxxxx [ /usr/local/bin ]#

Once run, i get the below output

root@xxxxxxx [ /usr/local/bin ]# /usr/local/bin/backup.sh

{"value":"286df91b94eb696cad1c02bfdcbc6b42"}Backup job id:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100    63    0    63    0     0    301      0 --:--:-- --:--:-- --:--:--   301

Backup job state:

Backup job completion status:

root@xxxxxxxxxxxx [ /usr/local/bin ]# cat backup.sh

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Not sure it helps or not but below is output of backup.sh log

/usr/local/bin ]# cat backup.log

Starting backup 2018-05-29-00-50-04

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   580    0   159  100   421   7069  18719 --:--:-- --:--:-- --:--:-- 19136

{"name":"com.vmware.vapi.rest.badRequest","localizableMessages":[{"defaultMessage":"Bad Request","id":"com.vmware.vapi.rest.badRequest"}],"majorErrorCode":400}

{"value":["20180429-061109-7515524","20180422-075341-7515524"]}

Starting backup 2018-05-29-00-51-06

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   580    0   159  100   421  10677  28272 --:--:-- --:--:-- --:--:-- 30071

{"name":"com.vmware.vapi.rest.badRequest","localizableMessages":[{"defaultMessage":"Bad Request","id":"com.vmware.vapi.rest.badRequest"}],"majorErrorCode":400}

{"value":["20180429-061109-7515524","20180422-075341-7515524"]}

Starting backup 2018-05-29-00-56-12

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   584    0   159  100   425   9850  26328 --:--:-- --:--:-- --:--:-- 26562

{"name":"com.vmware.vapi.rest.badRequest","localizableMessages":[{"defaultMessage":"Bad Request","id":"com.vmware.vapi.rest.badRequest"}],"majorErrorCode":400}

{"value":["20180429-061109-7515524","20180422-075341-7515524"]}

Reply
0 Kudos
daphnissov
Immortal
Immortal

Change the value of VC_ADDRESS to be "localhost" instead of FQDN. Change the value of VC_USER to be just "administrator" and not with the "@vsphere.local" part and run the script again.

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

/usr/local/bin ]# /usr/local/bin/backup.sh

{"type":"com.vmware.vapi.std.errors.unauthenticated","value":{"messages":[{"args":[],"default_message":"Authentication required.","id":"com.vmware.vapi.endpoint.method.authentication.required"}]}}Backup job id:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   188    0   188    0     0  11368      0 --:--:-- --:--:-- --:--:-- 11750

Backup job state:

Backup job completion status:

Thais how it looks below

#!/bin/bash

##### EDITABLE BY USER to specify vCenter Server instance and backup destination. #####

VC_ADDRESS=localhost

VC_USER=administrator

VC_PASSWORD=topsecret

FTP_ADDRESS=192..168.1.10

FTP_USER=vcbackup

FTP_PASSWORD=topsercte

BACKUP_FOLDER=/VMware-Backups/vCenter-APPS/

I am thinking if we need to use local :root: user.

Reply
0 Kudos
daphnissov
Immortal
Immortal

Although I don't think it's the cause, your FTP address has two dots separating first and second octets.

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Ah. that happened while i pasted the code here to protect my actual FTP IP Smiley Happy

JUst double checked on script.. it is correct

Reply
0 Kudos
daphnissov
Immortal
Immortal

Check your vAPI service. Is it started or does it have a status other than good?

Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Looks good to me , unless i am missing some thing

service-control --status

Running:

applmgmt lwsmd vmafdd vmonapi vmware-cm vmware-content-library vmware-eam vmware-perfcharts vmware-rhttpproxy vmware-sca vmware-sps vmware-statsmonitor vmware-updatemgr vmware-vapi-endpoint vmware-vmon vmware-vpostgres vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsphere-client vsphere-ui

Stopped:

vmcam vmware-imagebuilder vmware-mbcs vmware-netdumper vmware-rbd-watchdog vmware-vcha

root@xxxxxxxxxxx [ ~ ]# service-control --status vmware-vapi-endpoint

Running:

vmware-vapi-endpoint

Here is teh status checkl... All green.

<healthStatus xmlns="http://www.vmware.com/cis/cm/common/jaxb/healthstatus" schemaVersion="1.0">

<status>GREEN</status>

<message messageKey="com.vmware.vapi.endpoint.healthStatusProducedTimes" defaultMessage="Current vApi Endpoint health status is created between 2018-05-29T12:52:57PDT and 2018-05-29T12:52:58PDT.">

<param xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2018-05-29T12:52:57PDT</param>

<param xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2018-05-29T12:52:58PDT</param>

</message>

</healthStatus>

Reply
0 Kudos
daphnissov
Immortal
Immortal

Restart the applmgmt service on the vCenter, wait a few minutes, and try again.

Reply
0 Kudos
daphnissov
Immortal
Immortal

And to confirm, you can use "administrator@vsphere.local" for the VC_USER variable just fine. I was actually getting similar failures with no apparent cause. The login token was generated, but the REST request to the backup service was not accepting the token. I rebooted the entire appliance but think it only required the applmgmt service be cycled.

Reply
0 Kudos
aleex42
Enthusiast
Enthusiast

I've modified the orginal backup script to perfectly work with an cron schedule:

https://blog.krogloth.de/vcsa-backup/

Replacing "scp" with "ftp" should work for you.

And if you could: upgrading to vSphere 6.7 will fix this issue, too - because there you can schedule the backup in the vCenter Appliance Management. Find a screenshot linked in my blog post above.

Hope to help Smiley Happy

Alex

-- Alex (VMware VCAP-DCV, NetApp NCIE, LPIC 2)
Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Thanks Sir. But it seems that only option is to raise a case with TAC. I recycled the appliance and it still throws same error.

Tried the script that alex suggested and it;s becoming a uphill task.  you might want to fix the /home/vmware/ on line 29 as i could not find that find that path in mine appliance. below is error i got.

backup1.sh

/usr/local/bin/backup1.sh: line 29: cd: /home/vmware/: No such file or directory

/usr/local/bin/backup1.sh: line 37: log/task-172.27.67.25.json: No such file or directory

/usr/local/bin/backup1.sh: line 50: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 51: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 57: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 58: log/backup-172.27.67.25.log: No such file or directory

awk: cmd. line:1: fatal: cannot open file `log/response-172.27.67.25.txt' for reading (No such file or directory)

/usr/local/bin/backup1.sh: line 62: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 69: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 71: log/response-172.27.67.25.txt: No such file or directory

/usr/local/bin/backup1.sh: line 76: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 77: log/backup-172.27.67.25.log: No such file or directory

awk: cmd. line:1: fatal: cannot open file `log/response-172.27.67.25.txt' for reading (No such file or directory)

/usr/local/bin/backup1.sh: line 79: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 82: log/backup-172.27.67.25.log: No such file or directory

/usr/local/bin/backup1.sh: line 83: log/backup-172.27.67.25.log: No such file or directory

Here is the customized script i used from your github repository.

#!/bin/bash

# --

#Backup VMware VCSA

# --

# Copyright (C) 2018 Alexander Krogltoh, E-Mail: git <at > krogloth.de

# --

# This software comes with ABSOLUTELY NO WARRANTY. For details, see

# the enclosed file COPYING for license information (GPL). If you

# did not receive this file, see http://www.gnu.org/licenses/gpl.txt.

# --

# modified and bugfixed version of

# https://pubs.vmware.com/vsphere-6-5/index.jsp?topic=%2Fcom.vmware.vsphere.vcsapg-rest.doc%2FGUID-222...

# official VMware VCSA backup script

VC_ADDRESS="192.168.1.1"

VC_USER="administrator@vsphere.local"

VC_PASSWORD="Topsecret!"

FTP_ADDRESS="ftp://192.168.1.2./VMware-Backups/vCenter-APPS/"

FTP_USER="vcbackup"

FTP_PASSWORD="topsecret"

BACKUP_LOG="log/backup-$VC_ADDRESS.log"

COOKIES="log/cookies-$VC_ADDRESS.txt"

############################

cd /var/vmware/

curl -u "$VC_USER:$VC_PASSWORD" \

   -X POST -s \

   -k --cookie-jar $COOKIES \

   "https://$VC_ADDRESS/rest/com/vmware/cis/session" 2>&1 >/dev/null

TIME=$(date +%Y-%m-%d-%H-%M-%S)

cat << EOF >log/task-$VC_ADDRESS.json

{ "piece":

     {

         "location_type":"FTP",

         "comment":"Automatic backup",

         "parts":["seat"],

         "location":"ftp://$FTP_ADDRESS/home/vmware/data/$VC_ADDRESS/$TIME",

         "location_user":"$FTP_USER",

         "location_password":"$SCP_PASSWORD"

     }

}

EOF

echo Starting backup $TIME >>$BACKUP_LOG

curl -k --cookie $COOKIES \

   -H 'Accept:application/json' \

   -H 'Content-Type:application/json' \

   -X POST \

   --data @log/task-$VC_ADDRESS.json 2>>$BACKUP_LOG >log/response-$VC_ADDRESS.txt \

   "https://$VC_ADDRESS/rest/appliance/recovery/backup/job"

cat log/response-$VC_ADDRESS.txt >>$BACKUP_LOG

echo '' >>$BACKUP_LOG

ID=$(awk 'BEGIN{ FS=":" ; RS="," } $1 ~ "id" { ID = $2 } END { print ID }' log/response-$VC_ADDRESS.txt | sed "s/[\"}]//g" | tr -d "\n\r")

echo 'Backup job id: '$ID >>$BACKUP_LOG

PROGRESS="INPROGRESS"

ROUND="1"

until [ "$PROGRESS" != "INPROGRESS" ]

do

     sleep 60s

     echo "Round $ROUND" >>$BACKUP_LOG

     ((ROUND++))

     curl -k --cookie $COOKIES \

       -H 'Accept:application/json' \

       --globoff -s \

       "https://$VC_ADDRESS/rest/appliance/recovery/backup/job/$ID" \

       >log/response-$VC_ADDRESS.txt

     cat log/response-$VC_ADDRESS.txt >>$BACKUP_LOG

     echo ''  >>$BACKUP_LOG

     PROGRESS=$(awk 'BEGIN{ FS=":" ; RS="," } $1 ~ "state" { print $2 }' log/response-$VC_ADDRESS.txt | sed "s/\"//g")

     echo 'Backup job state: '$PROGRESS >>$BACKUP_LOG

done

echo "Backup job completion status: $PROGRESS" >>$BACKUP_LOG

echo ''  >>$BACKUP_LOG

Reply
0 Kudos
aleex42
Enthusiast
Enthusiast

Oh yeah, maybe the directory was hardcoded, sorry for that 🙂

Can you have a look at your vCSA - login via ssh and show the output of the backup logfiles:

root@vcenter [ /var/log/vmware/applmgmt ]# ls *backup*
backup.log  backup.log.1.gz  backupRestoreProgress.log  backupSchedulerCron.log  backupScheduler.log

I think you should fine your error in this logfiles.

Regards,

Alex

-- Alex (VMware VCAP-DCV, NetApp NCIE, LPIC 2)
Reply
0 Kudos
sushilkm
Enthusiast
Enthusiast

Thanks Alex.

So finally i managed to run the default scrip from vmware and it does copy the backup to FTP. Question is can this be scheduled. I created a cron job using below but could not find anything anywhere.  I hope this script can be scheduled..

VMware vSphere 6.5 Documentation Library

PS:_ i am a windows guy so my linux skills are questionable at best Smiley Happy

/usr/local/bin ]# crontab -e

no crontab for root - using an empty one

crontab: installing new crontab

It opened up a VI editor and i simply pasted the path as below

0 1 * * * /usr/local/bin/vCSA-Backup.sh

Above will run daily at 1 AM local time but i am unable to see this in any where. I tried looking into cron.daily directory but no luck... just wondering where that went . Idea was to test the cron job...

Reply
0 Kudos
aleex42
Enthusiast
Enthusiast

What was your problem with the script?

Regarding your cron question, find my crontab here:

vmware@vcsa-backup:~ > crontab -l | grep vmware

0 1 * * * /home/vmware/backup.sh vc-intern01

0 2 * * * /home/vmware/backup.sh vc-extern01

0 3 * * * /home/vmware/backup.sh vc-vdc01

0 5 * * * /home/vmware/cleanup.sh

Just change the directory paths and script names, then it should work Smiley Happy

For an idea if it works - have a look at the backup.log at the vCSA direct as mentioned above.

Hope to help.

Alex

-- Alex (VMware VCAP-DCV, NetApp NCIE, LPIC 2)
sushilkm
Enthusiast
Enthusiast

Awesome .

/ ]# crontab -l

0 1 * * * /usr/local/bin/backup2.sh

Just hoping this will work as backup2,sh is a executable in itself. Not sure if i can trigger this job now or not  like windows scheduler.

As for script failing goes, can see few Curl errors like

stdOut:

stdErr: curl: (21) QUOT command failed with 500