Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Justin_Hickey
Collaborator
Jump to solution

R80.10 - Set snapshot export command

I'm trying to automate the regular export of snapshots. I always run into an issue with the 'path'. I don't understand, if this is an export, how else would the path be formatted ?

set snapshot export CPMGT_Snapshot_01 path ftp://admin:thepassword@10.1.1.11/ name CPMGT_Snapshot_01

NMSNAP0042  Bad Path input


Thanks, Your CheckMate,

Justin

0 Kudos
2 Solutions

Accepted Solutions
Declan__McGill
Contributor

Yep, I do. We have a gaia virtual appliance (no fw , no mgt stuff started) which we use to fetch the files.

Just bash scripts.

One to trigger a snapshot script in the middle of the night (staggering cluster members) once per month and then a fetch script that scans for new snapshots on all machines each Sunday.

The snapshot script just runs a snapshot and checks to see when it’s finished, when it is it exports it to /var/log from where it’s picked up by the fetch script some time during he night.

Of course I also do daily backups which we fetch every night too and I also do a save configuration and fetch that too.

I like to keep my options open ☺

D

View solution in original post

JozkoMrkvicka
Authority
Authority

All your custom-made scripts can be replaced by build-in feature in R81 - Scheduled snapshots and upload snapshot to the backup server over FTP or SCP:

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/Snapsho...

Kind regards,
Jozko Mrkvicka

View solution in original post

15 Replies
Jerry
Mentor
Mentor

have you tried other than FTP proto's like SCP instead?

it works like a charm on my vm with SCP as FTP seem yet buggy or simply does not accept user:password in the middle.

Jerry
Jerry
Mentor
Mentor

try SCP instead, it works for me even with user:password 

little bug on r80.10? Smiley Happy

Jerry
PhoneBoy
Admin
Admin

Snapshots are actually stored on a different partition on the system.

The path, in this case, is a local filesystem.

Once it's on the local filesystem it can be copied using your supported method of choice.

Justin_Hickey
Collaborator

Thanks for the replies.

So the snapshot has to first be moved out of its virtual harddrive. So I issue this:

 set snapshot export CP_Snapshot_01 path /var/CPsnapshot/snapshots/ name CP_Snapshot_01

and I get this error:
NMSNAP0042  Snapshot can be exported just to user home directory in the current partition.

so, let me ask... If there is only one option of where to put it, is it really and option at all ??  <deep, I know>

PhoneBoy
Admin
Admin

You could put it into a subdirectory of your home directory, but the point is taken.

0 Kudos
Americo_two
Participant

Hi PhoneBoy,

Do you know how can export the snapshot directly to another server? or is necessary export first to local path and after copy to a server, in my case I want to export directly to a backup server.

0 Kudos
Uri_Lewitus
Employee
Employee

Hi Justin

Snapshots (as opposed to backup)  are not meant to be used regularly as the proffered method for recovery.

The outcome is very big (entire root partition + some of /var/log partition and some extra) and this is the main reason for this feature not having the option for scheduled operation (as in Backup).

Its main purpose is to be used after a major configuration change such as completing gateway or management server first time configuration (including HFs, routes, etc.) and after installing a Jumbo for example.

Snapshot will restore everything from scratch and takes time.

Backup is the preferred method for restoring the GW/MGMT/Other state of software level (policy rules, IPS files etc.)

I hope this sheds some light on the subject and you find it helpful.

Anyways the Gaia admin guide will be updates soon to address this knowledge gap.

Thanks

Uri

Declan__McGill
Contributor

We use snapshots and backups as the preferred restoration tool because it is deterministic and pretty bullet proof.

We take a snapshot monthly (with 100 boxes it takes about 400G keeping just 1 ) and a daily backup. Restore is trivial because we boot a new box and copy the snapshot.tar file and the backup file then revert the snap and reboot, then revert the backup, job done.

Takes max 30-40 mins and not much can go wrong.

D

Justin_Hickey
Collaborator

Thanks Declan,

Do you automate the extraction of the snapshot from the servers ? If so, how ?

Thanks,

Justin

0 Kudos
Declan__McGill
Contributor

Yep, I do. We have a gaia virtual appliance (no fw , no mgt stuff started) which we use to fetch the files.

Just bash scripts.

One to trigger a snapshot script in the middle of the night (staggering cluster members) once per month and then a fetch script that scans for new snapshots on all machines each Sunday.

The snapshot script just runs a snapshot and checks to see when it’s finished, when it is it exports it to /var/log from where it’s picked up by the fetch script some time during he night.

Of course I also do daily backups which we fetch every night too and I also do a save configuration and fetch that too.

I like to keep my options open ☺

D

Justin_Hickey
Collaborator

Could you possible share that script ? I think your approach is the right one. Backup all you can.

0 Kudos
Vladimir
Champion
Champion

I too am interested in this script, when you'll get  a chance.

0 Kudos
Justin_Hickey
Collaborator

Respectfully, I don't see it as a knowledge gap but rather as a matter of company preference. In order to have a solid backup strategy, I see a need for regular standard backups AND snapshots. The snapshots in my instance are less then 5 GB each so I don't see storage as a major issue to keep one or two around for disaster recovery purposes. If the worst happens, I'll need every and all options at my disposal.

0 Kudos
JozkoMrkvicka
Authority
Authority

All your custom-made scripts can be replaced by build-in feature in R81 - Scheduled snapshots and upload snapshot to the backup server over FTP or SCP:

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/Snapsho...

Kind regards,
Jozko Mrkvicka
Americo_two
Participant

Thanks @JozkoMrkvicka 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events