Navigation :

PreSave Backup

Presave Backup

N2FE supports backing up of NCC control plans before overriding their content via two mechanisms:

SOAP request via the NCC PI.
ACS acsDumpControlPlan via passwordless SSH execution.

Both backup mechanisms are configured within the PreSave hook configuration in the /etc/jarvis/n2fe.xml file.

Using acsDumpControlPlan

N2FE Service Configuration

The PreSave element must include the following XML configuration:

<hook module="PreSave">
    <parameter name="ssh_host"       value="SSH_HOST"/>
    <parameter name="ssh_user"       value="acs_oper"/>
    <parameter name="ssh_options"    value="-oStrictHostKeyChecking=no -i /etc/apache2/presave -p 22"/>
    <parameter name="backup_command" value="'if [ -w /IN/controlplan_backups ]; then /IN/service_packages/ACS/bin/acsDumpControlPlan -d /IN/controlplan_backups -S -u smf/SMF_PASSWORD -i %s; else exit 1; fi'"/>
</hook>

Configuration options include:

Option	Description
`ssh_host`	`[Required]`The host name for the SMS to initiate the SSH connection against.
`ssh_user`	`[Required]`The SSH user to utilize when establishing the passwordless SSH session to the SMS host.
`ssh_options`	`[Required]`SSH options to utilize when establishing the passwordless SSH session. By default it is expected that the private key is provided.
`backup_command`	`[Required]`The command to execute on the remote SMS node. The SMF user password must be configured to match the target node, the backup directory must be configured correctly, and the database login string must be correct.

NCC Server Configuration

Ensure the call plan backup location exists on the SMS host:

mkdir /IN/controlplan_backups
chown acs_oper:esg /IN/controlplan_backups

N2FE Server Configuration

On the N2FE host, generate a new passwordless SSH key that is only accessible by the Apache process:

cd /etc/httpd
ssh-keygen -f presave
# No passphrase.
chown apache:apache presave presave.pub

Transfer the presave.pub file to the SMS host as acs_oper adding it as an authorized keys file. This can be done with a single command:

ssh-copy-id -i presave.pub acs_oper@SSH_HOST

On the N2FE host, set up the base SSH directory. This is needed for SSH to store the host key. Without this errors will be written to the log on each connection request to the SMS.

mkdir /usr/share/httpd/.ssh
chown apache:apache /usr/share/httpd/.ssh

Validating the connection with:

ssh -i /etc/httpd/presave acs_oper@SMS_HOST

Set correct SELinux permissions on the httpd SSH directory. On the N2FE host:

semanage fcontext --add -t httpd_sys_rw_content_t "/usr/share/httpd/.ssh(/.*)?"
restorecon -FRv /usr/share/httpd/.ssh

Using the NCC PI

N2FE Service Configuration

The presave configuration element must include the following XML fragment:

<hook module="PreSave">
    <parameter name="pi_uri"      value="http://SMS_HOST:PI_SOAP_PORT/"/>
    <parameter name="pi_username" value="PI_USERNAME"/>
    <parameter name="pi_password" value="PI_PASSWORD"/>
</hook>

Configuration options include:

Option	Description
`pi_uri`	`[Required]`The host name for the SMS PI to perform the backup against. The target PI port should be configured to accept inbound SOAP requests.
`pi_username`	The PI username to utilize if authentication is enabled.
`pi_password`	The PI password to utilize if authentication is enabled.