Backup IBM API Connect Portal Database using SFTP (Scheduled)

Im using IBM APIC version 10.0.8.0–258.

On the previous article we already setup the SFTP server, we can use the same server to store our Portal Subsystem backup, you can read here.

Create folder that will be needed by the APIC

Login to you SFTP server and create folder that will be use APIC to store Portal backup files.

ssh sftpuser@192.168.192.168

sudo mkdir -p /home/sftpuser/apicbackup/DC2/ptlb
sudo chown sftpuser:sftpuser /home/sftpuser/apicbackup/DC2/ptlb
sudo chmod 700 /home/sftpuser/apicbackup/DC2/ptlb

sudo systemctl restart sshd 

Create Backup Secret

The backup secret is a Kubernetes secret that contains your access key and secret for your SFTP server or object-store. This secret will be load in API Connect Cluster CR.

oc -n <management namespace> create secret generic mgmt-backup-secret --from-literal=username='<username>' --from-literal=password='<password>'

oc -n cp4i create secret generic ptl-backup-secret --from-literal=username='myadmin' --from-literal=password='P4ss#word123!'

Edit Custom Resource of IBM API Connect Cluster

Login to you bastion server then execute this command, change your own namespace in this case we are using cp4i

oc -n cp4i edit APIConnectCluster

Add this line to the CR and also don’t forget to load your Backup Secret Here.

  portal:
    adminClientSubjectDN: ''
    mtlsValidateClient: true
    originalUID: ''
    portalAdminEndpoint: {}
    portalBackup:
      credentials: ptl-backup-secret
      host: 192.168.192.168
      path: /apicbackup/DC2/ptlb
      port: 22
      protocol: sftp
      schedule: 10 5 1 8 *

Note: The Schedule parameter follows the UTC time of the OCP server. You can ssh to one ocp node, then see the date.

Schedule:
The schedule for the backup operation, specified in cron format.

• Value: 10 5 1 8 *
• 10: Minute (10th minute)
• 5: Hour (5 AM)
• 1: Day of the month (1st day)
• 8: Month (August)
• *: Day of the week (every day of the week)

This cron expression specifies that the backup is scheduled to run at 5:10 AM on August 1st of every year.

Apply your configuration

When you apply the CR changes, apiconnect instance will be reconfigured. And the related pod will be restarted, the status of instance will be pending until all of configuration setup is done.

Just wait until the configuration is done

Check you SFTP server

Now we can check the SFTP server, is there any backup data that successfully uploaded to the server.

The 051005.tar.gz is successfully generated. This file indicate that APIC successfully backup the Portal Subsystem.

./DC2/ptlb:
total 37364
-rw-r--r--. 1 sftpuser sftpuser     3800 Aug  1 12:10 _portal_system_backup-20240801.051011.tar.gz
-rw-r--r--. 1 sftpuser sftpuser 12744105 Aug  1 12:10 portalapim.bankbjb.co.id@bank-bjb@production-20240801.051005.tar.gz
-rw-r--r--. 1 sftpuser sftpuser       45 Aug  1 12:02 apic_portal_connection_test