HPE Community
Operating System - HP-UX
1833776 Members
2334 Online
110063 Solutions
New Discussion

make_recovery to a file

 
Brian Pontius
Occasional Contributor

‎03-31-2005 09:24 AM

‎03-31-2005 09:24 AM

make_recovery to a file

To all,

In our growing environment, we have more and more rack mount systems without local tapes drives. Maintaining make_recoveries has become a considerable task. However, because of security requirements, we cannot run an Ignite-UX server and thus cannot use make_net_recovery.

Is there anyway to get make_tape_recovery to write to a file instead of device file, that we would store on another system by nfs? Then, if needed, we would then we would make a tape with that image.

thanks for any thoughts


0 Kudos
Reply
5 REPLIES 5
Patrick Wallek
Honored Contributor

‎03-31-2005 09:55 AM

‎03-31-2005 09:55 AM

Re: make_recovery to a file

You're trying to reinvent make_net_recovery.

I think you just need to work harder to convince the "powers-that-be" that the security risk of an Ignite server is minimal compared to the benefits.
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎04-01-2005 04:15 AM

‎04-01-2005 04:15 AM

Re: make_recovery to a file

I disagree, Patrick.

I have a similar scenario where I would like to do the same thing and an Ignite server is just not an option.

Now, one work-around is to simply use the install media and reinstall the system, being careful to specify the correct file sizes. After the re-install, then restore the NFS'd backup.

But, I'd like to be able to create a bootable cd that would minimally boot, create vg00 with correct sizes and then simply restore the NFS image, perhaps using an accompanying config file.

Yes, very similar to Ignite, but in my case the NFS server is a Win2k server!

bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎04-01-2005 04:21 AM

‎04-01-2005 04:21 AM

Re: make_recovery to a file

Where is the security concern with an Ignite server? That is the part I don't quite understand.

As I said, I believe the benefits outweigh the risks here.

0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎04-01-2005 04:37 AM

‎04-01-2005 04:37 AM

Re: make_recovery to a file

My concern is not security.
Suppose that you only have one HP server.
You can't use Ignite over the network in that case.

As I said, I have only Windows boxes available to recover from and no tape on the HP box. This is not an enterprise scenario, but a scenario where the HP and Win2k boxes must be able to exist isolated from other servers.

This is doable in Linux, and I'm dual-booting the server into Linux or HPUX.

bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
TwoProc
Honored Contributor

‎04-01-2005 05:05 AM

‎04-01-2005 05:05 AM

Re: make_recovery to a file

Brian, the ports that Ignite opens that are the security risks (tftp) are real simple to shutdown while not in use. You can add to that solution that the Ignite server has Bastille with IPFilter running so that even when the tftp is up - it's only going to allow connections from specific hosts that are in the ignite pool, and that's only open during the restore. Using IPFilter, you could also just allow the one host that is backing up/ restoring to use the tftp service - and no other.
OK, that's not your question I know, and I agree that putting the data to a file would be a great option. Hopefully, someone knows a trick on that as I'd like to have that option too - just to have another option...
We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.