Archiving BIG-IP Configurations with an iApp in v11.2

I wrote an article last year on utilizing iApps to put a front-end on a common system task, BIG-IP configuration archiving. This worked well for that initial v11 release, but something changed along the way that prevented some of the magic from happening. I think there are two things at play here on later versions:

1. In v11.2, the /var file system is mounted with the noexec flag, so that makes it problematic to use /var/local.
2. In the cron daemon, utilizing a +x flag on the files in /etc/cron.d prevents their inclusion in the cron cycle, so the previous file permissions of 755 should probably be 644 in the updated script.

I recommend utilizing the /shared mount for this process. It’s not read-only like the /usr file system, and it mounts in every boot slot, which is ideal for carrying forward through upgrades.

Create the File Structure

Login into your BIG-IP and create the necessary directories

[root@dctest-01:Active:Standalone] # cd /shared
[root@dctest-01:Active:Standalone] shared # mkdir backups
[root@dctest-01:Active:Standalone] shared # mkdir backups/bin
[root@dctest-01:Active:Standalone] shared # mkdir backups/archives

Upload the Files

First, upload the shell script (f5backup.sh from the attachement available on the iApp codeshare page)via scp from your desktop to the /shared/backups/bin directory you created on your BIG-IP. Next, login to the BIG-IP GUI and then click on iApp and Templates

Click Import and upload the bigip_archiving_iApp.tcl file from the attachment linked above.

The f5.archiving iApp should now be in the Templates listing:

Schedule A Backup

Click on Application Services and click Create. Select the f5.archiving template and you’ll see the Backup Schedule options. Choose Daily, Weekly, or Monthly settings as appropriate. For the purposes of this article, I’ll select the Daily and a time of 14:45.

This will create the file in /etc/cron.d, as verified in the cli output below:

[root@dctest-01:Active:Standalone] archives # ls -las /etc/cron.d
total 12
2 drwx------  2 root root 1024 Sep 25 14:07 .
6 drwxr-xr-x 59 root root 5120 Sep 25 12:14 ..
2 -rw-r--r--  1 root root  177 Sep 25 14:42 f5backups
2 -rw-r--r--  1 root root   87 Aug 29 15:52 sysstat

Now we’ll verify the contents of the f5backups script created by the iApp:

[root@dctest-01:Active:Standalone] archives # cat /etc/cron.d/f5backups
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
#MAILTO=user@somewhere
HOME=/var/tmp/
45 14 * * * root /bin/bash /shared/backups/bin/f5backup.sh 1>/var/tmp/f5backup.log 2>&1

Verify the Backup

All the work is done, now all that’s left is to verify the backup actually occurred:

[root@dctest-01:Active:Standalone] archives # ls -las /shared/backups/archives
total 50736
    8 drwx------ 2 root root     4096 Sep 25 14:45 .
    8 drwx------ 4 root root     4096 Sep 25 12:58 ..
12680 -rw------- 1 root root 12956815 Sep 25 13:10 f5backup-dc2-dev-egw-01.dc.local-20120925130958.tar.bz2
12680 -rw-r--r-- 1 root root 12956947 Sep 25 14:45 f5backup-dc2-dev-egw-01.dc.local-20120925144501.tar.bz2

The full URL for the codeshare sample added today: https://devcentral.f5.com/s/wiki/iApp.Configuration_Backup_Scheduler_v11_2.ashx