Backing up and restoring Puppet Enterprise
Keep regular backups of your PE infrastructure. Backups allow you to more easily migrate to a new master, troubleshoot, and quickly recover in the case of system failures.
puppet-backup
command to back up and
restore your primary master or master of masters in monolithic installations only. You
can't use this command to back up split installations or compile masters. By default,
the backup command creates a backup of:-
Your PE configuration, including license, classification, and RBAC settings. However, configuration backup does not include Puppet gems or Puppet Server gems.
-
PE CA certificates and the full SSL directory.
-
The Puppet code deployed to your code directory at backup time.
-
PuppetDB data, including facts, catalogs and historical reports.
Each time you create a new backup, PE creates a single, timestamped backup file, named in
the format pe_backup-<TIMESTAMP>.tgz
. This file includes everything you're
backing up. By default, PE writes
backup files to /var/puppetlabs/backups
, but you can change this location when you run the
backup command. When you restore, specify the backup file you want to restore from.
If you are restoring to a previously existing master, uninstall and reinstall PE before restoring your infrastructure. If you are restoring or migrating your infrastructure to a master with a different hostname than the previous master, you'll redirect your agents to the new master during the restore process. In both cases, the freshly installed PE must be the same PE version that was in use when you backed up the files.
By default, backup and restore functions include your Puppet configuration, certificates, code, and PuppetDB. However, you can limit the scope of backup and restore with command line options. This allows you to back up to or restore from multiple files. This is useful if you want to back up some parts of your infrastructure more often than others.
For example, if you have frequent code changes, you might back up the code more often than you back up the rest of your infrastructure. When you limit backup scope, the backup file contains only the specified parts of your infrastructure. Be sure to give your backup file a name that identifies the scope so that you always know what a given file contains.
During restore, you must restore all scopes: code, configuration, certificates, and PuppetDB. However, you can restore each scope from different files, either by restoring from backup files with limited scope or by limiting the scope of the restore. For example, by specifying scope when you run the restore command, you could restore code, configuration, and certificates from one backup file and PuppetDB from a different one.
Back up your PE infrastructure
PE backup creates a copy of your Puppet infrastructure, including configuration, certificates, code, and PuppetDB.
You can back up monolithic masters only, whether they are the only master or master of masters. The backup and restore commands are not supported for split installations or compile masters.
puppet-backup create
To change the default command behavior, pass option flags and values to the command. See the backup and restore reference for a complete list of options.
For example, to limit a backup to
certain parts of your PE
infrastructure, pass the --scope
option, specifying the scopes in a
comma-separated list. To change the name of your backup file, pass the
--name
option with a string specifying the filename. For example, to back up PuppetDB only and name
your file with the scope and date, run:
puppet-backup create --scope=puppetdb --name=puppetdb_backup_03032018.tgz
By default, if you don't
specify the --dir
or
--name
options,
PE creates files to /var/puppetlabs/backups
and names them with a timestamp, such as pe_backup-<TIMESTAMP>.tgz
After backing up, you can move your backup files to another location. Always store your backups in a safe location that is not on the master.
Restore your infrastructure
Use the restore commands to migrate your PE master to a new host or to recover from system failure.
Remember that you must restore files to a fresh installation of the same version of PE used in your backup file.
Backup and restore reference
Use these options to change the backup and restore scope
and other options for the puppet-backup
command.
puppet-backup create
Run the puppet-backup create
command to create backup files of your PE infrastructure.
puppet-backup create [--dir=<DIRECTORY_PATH>] [--name=<BACKUP_NAME>.tgz] [--scope=<SCOPE_LIST>] [--force]
Option | Description | Values | Default |
---|---|---|---|
--dir=BACKUP_DIR
|
Specifies the directory to write the backup file to. | A valid filepath that the pe-postgres user has write permission for. |
/var/puppetlabs/backups/
|
--name=BACKUP_NAME.tgz
|
Specifies the name for the backup file. | A string designating a file name. |
pe_backup-<TIMESTAMP>.tgz
|
--pe-environment=ENVIRONMENT
|
Specifies the environment to back up. To ensure configuration is recovered correctly, this should be the environment where your master is located. | A valid environment name. |
production
|
--scope=SCOPE
|
Scope of backup to create. | Either all or any combination of the other available
scopes, as a comma-separated list:
|
all
|
--force
|
Bypass validation checks and ignore warnings. | None. | If you don't specify --force , PE verifies that the destination directory
exists and has enough space for the backup process. |
puppet-backup create --scope=puppetdb --name=puppetdb_backup_03032018.tgz
puppet-backup restore
Run the puppet-backup restore
command to restore your PE infrastructure from backup files.
puppet-backup restore <PATH/TO/BACKUP_FILE.tgz> [--scope=<SCOPE_LIST>] [--force]
Option | Description | Values | Default |
---|---|---|---|
--pe-environment=ENVIRONMENT
|
Specifies the environment to restore. | A valid environment name for which you have an existing backup. |
production
|
--scope=SCOPE
|
Scope of backup to restore. All scopes must eventually be restored, but you can restore different scopes from different backup files with successive restore commands. | Either all or any combination of the other available
scopes, as a comma-separated list:
|
all
|
--force
|
Bypass validation checks and ignore warnings. | None. | If you don't specify --force , PE verifies that the destination directory
exists and has enough space for the restore process. Returns warnings for
insufficient space or invalid locations. |
puppet-backup restore /mybackups/pe_backup_03032018.tgz --scope=puppetdb
puppet-backup restore /mybackups/pe_backup_04042018.tgz --scope=config,certs,code
Directories and data backed up
Scope | Directories and databases backed up |
---|---|
certs
|
|
code
|
|
config
|
|
puppetdb
|
|