VMware Cloud Community
sc2317
Enthusiast
Enthusiast

Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script

Hi,

I want to configure & schedule VCSA 6.5 backup via vRealize Orchestrator or PowerCLI script. In VCSA 6.7, VMware has added functionality to schedule backup of vCenter servers, however in VCSA 6.5 this is missing.

http://www.vmwarebits.com/vcenterbackup

In above link "RobBastiaansen" has provided way to configure via vRealize orchestrator. However, I am not sure if someone has tested or validated this.

Please assist me in configuring automated backup of VCSA that can be copied over network via SCP.

Reply
0 Kudos
9 Replies
sc2317
Enthusiast
Enthusiast

Hi,

I have checked below links to run backups via script. However, I am not sure how to change for SCP instead of FTP. I tried replacing FTP with SCP but its throwing errors.

http://vcdx56.com/2017/11/backup-vcenter-server-appliance-vcsa-6-5-using-powershell/?unapproved=1795...

https://code.vmware.com/forums/2530/vsphere-powercli#571923?start=0&tstart=0

https://www.brianjgraf.com/2016/11/18/vsphere-6-5-automate-vcsa-backup/

Errors while running the script in 1st link

Backup-VCSAToFile : A server error occurred: 'com.vmware.vapi.std.errors.error': Access to the remote server is denied. Check your credentials and permissions. (Server error id:

'com.vmware.applmgmt.err_access_denied'). Check $Error[0].Exception.ServerError for more details.

At C:\Users\admin372720\Desktop\test.ps1:114 char:2

+     Backup-VCSAToFile -BackupPassword $BackupPassword -LocationType $ ...

+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException

    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Backup-VCSAToFile

A server error occurred: 'com.vmware.vapi.std.errors.error': Status for '' does not exist. (Server error id: 'com.vmware.applmgmt.err_status_does_not_exist'). Check $Error[0].Exception.ServerError for

more details.

At C:\Users\admin372720\Desktop\test.ps1:89 char:35

+                 $BackupAPI.get("$($BackupJob.ID)") | select id, progr ...

+                                   ~~~~~~~~~~~~~

    + CategoryInfo          : OperationStopped: (:) [], CisServerException

    + FullyQualifiedErrorId : VMware.VimAutomation.Cis.Core.Types.V1.CisServerException

Reply
0 Kudos
sc2317
Enthusiast
Enthusiast

LucD

Apologies, I have just received email with below message. I cannot see this message in this discussion, so copying it here so that its visible to everyone in case someone else is also facing this similar issue.

Hi,
I have no experience with vRO I'm afraid.
But the error you are getting seems to say that you can't access the backup functionality on the VCSA with the account you are using.
Are you using an SSO account or a local account on the VCSA?
Did you do the Connect-CisServer?
Have a look at Brian's script, see VSPHERE 6.5 – AUTOMATE VCSA BACKUP (vSphere 6.5 - Automate VCSA Backup | BRIAN GRAF ).
It allows selecting the protocol (SCP.FTP...)

Just follow this link to see Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script

Yes, I am using administrator@vsphere.local and have connected using connect-CisServer. If I just use connect-CisServer, then it gets connected properly without any issues. However, when I execute script I get the error. I have used Automating File-Based Backups of vCenter Server Appliance - VMware PowerCLI Blog - VMware Blogs this link to run the script, I am not bothered about scheduling this because I can get this scheduled via vRealize orchestrator by calling the script, however before that I want to test if script runs manually without any issues.

Reply
0 Kudos
sc2317
Enthusiast
Enthusiast

Hi,

I have been able to run the script successfully after identifying that SCP server that I was using to copy the backup was wrong and after modifying the name script ran successfully.

Now, can someone please help me in how to provide input (Specially passwords) via vRealize orchestrator to the below script, so that I can schedule the same.

Below is the script that I used and is explained in https://blogs.vmware.com/PowerCLI/2018/07/automate-file-based-backup-of-vcsa.html

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

# Login to the CIS Service of the desired VCSA

Connect-CisServer -Server vcsa01.corp.local -User administrator@vsphere.local -Password *****

# Store the Backup Job Service into a variable

$backupJobSvc = Get-CisService -Name com.vmware.appliance.recovery.backup.job

# Create a specification based on the Help response

$backupSpec = $backupJobSvc.Help.create.piece.CreateExample()

# Fill in each input parameter, as needed

$backupSpec.parts = @("common")

$backupSpec.location_type = "FTP"

$backupSpec.location = "ftp01.corp.local"

$backupSpec.location_user = "backup"

[VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = "VMware1!"

$backupSpec.comment = "PowerCLI Backup Job"

# Create the backup job

$backupJobSvc.create($backupSpec)

Reply
0 Kudos
sc2317
Enthusiast
Enthusiast

I have managed to run the script by saving password using ConvertTo-SecureString. However, I am getting below error and if its resolved then It would get my work done

Cannot convert the "System.Security.SecureString" value of type "System.Security.SecureString" to type "VMware.VimAutomation.Cis.Core.Types.V1.Secret".

Below is the content of the script that us causing this error

$pass1 = Get-Content "C:\back\Password1.txt" | ConvertTo-SecureString

[VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password =$pass1

Can someone please assist.

Reply
0 Kudos
LucD
Leadership
Leadership

You don't need the ConvertTo-SecureString.
Try like this

$pass1 = Get-Content "C:\back\Password1.txt"

[VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = $pass1


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
sc2317
Enthusiast
Enthusiast

Hi LucD,

Thanks, unfortunately doing that threw error. However, by doing below I was able to run the backup on my test VCSA 6.5 with embedded PSC successfully.

$data1 = Get-Content "C:\data1.txt" | ConvertTo-SecureString

$data2=[System.Net.NetworkCredential]::new("", $data1).Password

[VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = $data2

However, now running the same script on Production 6.5 host with external PSC is throwing below error.

A server error occurred: 'com.vmware.vapi.std.errors.unauthenticated': Unable to authenticate user (Server error id:

'vapi.security.authentication.invalid'). Check $Error[0].Exception.ServerError for more details.

I tried restarting applmgmt and vmware-vapi-endpoint, but no luck. Please suggest.

Reply
0 Kudos
LucD
Leadership
Leadership

That sounds more as if the credentials might not be correct.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
sc2317
Enthusiast
Enthusiast

I am using same credentials as of my test vcenter server no change in the passwords. Also, it connects to cisservice, however after few seconds I get this error.

Reply
0 Kudos
LucD
Leadership
Leadership

I'm afraid I don't have much experience with an external PSC.

You could check some of the PSC logs to check if there any further clues in there.

But I would definitely advise creating an SR for this.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos