1831339 Members
2929 Online
110024 Solutions
New Discussion

make_recovery to a file

 
Brian Pontius
Occasional Contributor

make_recovery to a file

To all,

In our growing environment, we have more and more rack mount systems without local tapes drives. Maintaining make_recoveries has become a considerable task. However, because of security requirements, we cannot run an Ignite-UX server and thus cannot use make_net_recovery.

Is there anyway to get make_tape_recovery to write to a file instead of device file, that we would store on another system by nfs? Then, if needed, we would then we would make a tape with that image.

thanks for any thoughts


5 REPLIES 5
Patrick Wallek
Honored Contributor

Re: make_recovery to a file

You're trying to reinvent make_net_recovery.

I think you just need to work harder to convince the "powers-that-be" that the security risk of an Ignite server is minimal compared to the benefits.
Bob_Vance
Esteemed Contributor

Re: make_recovery to a file

I disagree, Patrick.

I have a similar scenario where I would like to do the same thing and an Ignite server is just not an option.

Now, one work-around is to simply use the install media and reinstall the system, being careful to specify the correct file sizes. After the re-install, then restore the NFS'd backup.

But, I'd like to be able to create a bootable cd that would minimally boot, create vg00 with correct sizes and then simply restore the NFS image, perhaps using an accompanying config file.

Yes, very similar to Ignite, but in my case the NFS server is a Win2k server!

bv
"The lyf so short, the craft so long to lerne." - Chaucer
Patrick Wallek
Honored Contributor

Re: make_recovery to a file

Where is the security concern with an Ignite server? That is the part I don't quite understand.

As I said, I believe the benefits outweigh the risks here.

Bob_Vance
Esteemed Contributor

Re: make_recovery to a file

My concern is not security.
Suppose that you only have one HP server.
You can't use Ignite over the network in that case.

As I said, I have only Windows boxes available to recover from and no tape on the HP box. This is not an enterprise scenario, but a scenario where the HP and Win2k boxes must be able to exist isolated from other servers.

This is doable in Linux, and I'm dual-booting the server into Linux or HPUX.

bv
"The lyf so short, the craft so long to lerne." - Chaucer
TwoProc
Honored Contributor

Re: make_recovery to a file

Brian, the ports that Ignite opens that are the security risks (tftp) are real simple to shutdown while not in use. You can add to that solution that the Ignite server has Bastille with IPFilter running so that even when the tftp is up - it's only going to allow connections from specific hosts that are in the ignite pool, and that's only open during the restore. Using IPFilter, you could also just allow the one host that is backing up/ restoring to use the tftp service - and no other.
OK, that's not your question I know, and I agree that putting the data to a file would be a great option. Hopefully, someone knows a trick on that as I'd like to have that option too - just to have another option...
We are the people our parents warned us about --Jimmy Buffett