Hi Rudy

I would actually try to turn around the question somewhat - there is a lot of old school thinking about backup/restore and HA that has changed over the years and really is more of nuisance and creates more problems that is solves....

First - what is the purpose of the procedure ? There is no procedure that solves all problems in a good way - there is a lot of difference whether you need to restore a complete environment in case your datacenter went down - or whether you need to recover from a stupid administrator error that wiped out half of your policies - and then everything in between...

When I propose backup/restore strategies I separate them into these buckets : 

• Database online backup of both the database and the underlying ldap database - this is for data point in time restore
• Ldap data (ldif export) on at least daily basis - this is for supporting recovery of data in case of bad administration - and the most often used and important IMHO
• Filesystem online backup - for point in time restore down to individual level - should also cover deployment filesystem (starter kit etc.)
• Virtualization Infrastructure based backup - in the modern world this is the true HADR solution and should be the primary option. I strongly belive that all HA support should be at this level - the only reason to have additional pods for database/ldap should be scalabiltity/performance - not failover - move that to the infrastructure - that can handle it much simpler and using common methodologies that are not IVIG specific... 

Does this make sense ? 

And just to add the obvious which is mostly always disregarded - you do not have a backup/restore/failover solution if you do not exercise it regularly....

My recommendation - depending on size/complexity/effort/risk is 3-6 month as maximum between exercising your HADR solutions... 

Hi Rudy

I would actually try to turn around the question somewhat - there is a lot of old school thinking about backup/restore and HA that has changed over the years and really is more of nuisance and creates more problems that is solves....

First - what is the purpose of the procedure ? There is no procedure that solves all problems in a good way - there is a lot of difference whether you need to restore a complete environment in case your datacenter went down - or whether you need to recover from a stupid administrator error that wiped out half of your policies - and then everything in between...

When I propose backup/restore strategies I separate them into these buckets : 

• Database online backup of both the database and the underlying ldap database - this is for data point in time restore
• Ldap data (ldif export) on at least daily basis - this is for supporting recovery of data in case of bad administration - and the most often used and important IMHO
• Filesystem online backup - for point in time restore down to individual level - should also cover deployment filesystem (starter kit etc.)
• Virtualization Infrastructure based backup - in the modern world this is the true HADR solution and should be the primary option. I strongly belive that all HA support should be at this level - the only reason to have additional pods for database/ldap should be scalabiltity/performance - not failover - move that to the infrastructure - that can handle it much simpler and using common methodologies that are not IVIG specific... 

Does this make sense ? 

And just to add the obvious which is mostly always disregarded - you do not have a backup/restore/failover solution if you do not exercise it regularly....

My recommendation - depending on size/complexity/effort/risk is 3-6 month as maximum between exercising your HADR solutions... 

Hi Rudy

I would actually try to turn around the question somewhat - there is a lot of old school thinking about backup/restore and HA that has changed over the years and really is more of nuisance and creates more problems that is solves....

First - what is the purpose of the procedure ? There is no procedure that solves all problems in a good way - there is a lot of difference whether you need to restore a complete environment in case your datacenter went down - or whether you need to recover from a stupid administrator error that wiped out half of your policies - and then everything in between...

When I propose backup/restore strategies I separate them into these buckets : 

• Database online backup of both the database and the underlying ldap database - this is for data point in time restore
• Ldap data (ldif export) on at least daily basis - this is for supporting recovery of data in case of bad administration - and the most often used and important IMHO
• Filesystem online backup - for point in time restore down to individual level - should also cover deployment filesystem (starter kit etc.)
• Virtualization Infrastructure based backup - in the modern world this is the true HADR solution and should be the primary option. I strongly belive that all HA support should be at this level - the only reason to have additional pods for database/ldap should be scalabiltity/performance - not failover - move that to the infrastructure - that can handle it much simpler and using common methodologies that are not IVIG specific... 

Does this make sense ?