VMware Cloud Foundation 4.5

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

Restore SDDC Manager
Last Updated January 22, 2025

Perform the following tasks to restore SDDC Manager.

Update vCenter Server SSH Keys in SDDC Manager Backup

To enable a restore of SDDC Manager, you must update the SSH keys for the new management vCenter Server appliance in the backup archive.

Prerequisites

Verify that the vCenter Server restore operation is complete.

Manual Procedure

  1. Copy the encrypted backup file to the
    /tmp
     folder on the newly-deployed SDDC Manager appliance.
  2. Run the following command to extract the backup archive.
    OPENSSL_FIPS=1 openssl enc -d -aes-256-cbc -md sha256 -in <backup_archive_name>.tar.gz | tar -xz
    When prompted, enter the
    encryption_password
    .
  3. Retrieve the new
    ecdsa-sha2-nistp256
     and
    ssh-rsa
     SSH keys for the management vCenter Server.
    ssh-keyscan <management_vc_fqdn>
  4. Open the backup of the known hosts and replace the existing SSH keys with the new SSH keys for the management vCenter Server from Step 3, and save the file.
    vi <backup_archive_folder_name>/appliancemanager_ssh_knownHosts.json
  5. Rename the original backup archive.
    mv <backup_archive_name>.tar.gz <backup_archive_name>.tar.gz.original
  6. Re-encrypt the backup folder as an archive using the same archive name.
    tar -cz <backup_archive_folder_name> | OPENSSL_FIPS=1 openssl enc -aes-256-cbc -md sha256 -out <backup_archive_name>.tar.gz

PowerShell Procedure

  1. Start PowerShell.
  2. Replace the values in the sample code with your values and run the commands in the PowerShell console.
    $rootUserPassword = "VMw@re1!"
$vcfUserPassword = "VMw@re1!"
$backupFilePath = "F:\backup\vcf-backup-sfo-vcf01-sfo-rainpole-io-2023-09-19-10-53-02.tar.gz"
$encryptionPassword = "VMw@re1!VMw@re1!"
$extractedSDDCDataFile = "F:\backup\extracted-sddc-data.json"
$tempvCenterFqdn = "sfo-m01-vc02.sfo.rainpole.io"
$tempvCenterAdmin = "Administrator@vsphere.local"
$tempvCenterAdminPassword = "VMw@re1!"
  3. Perform the configuration by running the command in the PowerShell console.
    New-UploadAndModifySDDCManagerBackup -rootUserPassword $rootUserPassword -vcfUserPassword $vcfUserPassword -backupFilePath $backupFilePath -encryptionPassword $encryptionPassword -extractedSDDCDataFile $extractedSDDCDataFile -vCenterFqdn $tempvCenterFqdn -vCenterAdmin $tempvCenterAdmin -vCenterAdminPassword $tempvCenterAdminPassword

Restore SDDC Manager from a File-Based Backup

You restore the file-based backup on the newly-deployed SDDC Manager appliance.

Manual Procedure

  1. Open an SSH connection to the SDDC Manager appliance as
    vcf
     user.
  2. Change to
    root
     user and edit the
    restore_status.json
     file.
  3. su -
cd /opt/vmware/sddc-support/backup 
cp restore_status.json restore_status.json.bak 
vi restore_status.json
  4. Delete the “PostRestoreNfsRefresh” task in two places.
  5. Save the file.
  6. Obtain the authentication token from the SDDC Manager appliance by running the following command so that you can perform the restore process.
    TOKEN=$(curl https://<sddc_manager_fqdn>/v1/tokens -k -X POST -H "Content-Type: application/json" -d '{
	"username": "admin@local",
	"password": "<admin@local_password>"
}' | awk -F "\"" '{ print $4}')
  7. Run the following command to verify the token.
    echo $TOKEN
  8. Run the following command to start the restore process.
    The command output contains the ID of the restore task.
    RESTOREID=$(curl https://<sddc_manager_fqdn>/v1/restores/tasks -k -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" \
    -d '{
  "elements" : [ {
    "resourceType" : "SDDC_MANAGER"
  } ],
  "backupFile" : "<backup_file>",
  "encryption" : {
    "passphrase" : "<encryption_password>"
  }
}' | json_pp | jq '.id' | cut -d '"' -f 2)
  9. Monitor the restore task by using the following command until the status becomes Successful.
    curl https://<sddc_manager_fqdn>/v1/restores/tasks/$RESTOREID -k -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" | json_pp

PowerShell Procedure

  1. Start PowerShell.
  2. Replace the values in the sample code with your values and run the commands in the PowerShell console.
    $extractedSDDCDataFile = "F:\backup\extracted-sddc-data.json"
$backupFilePath = "F:\backup\vcf-backup-sfo-vcf01-sfo-rainpole-io-2023-11-21-10-42-38.tar.gz"
$vcfUserPassword ="VMw@re1!"
$localUserPassword ="VMw@re1!VMw@re1!"
$rootUserPassword ="VMw@re1!"
  3. Perform the configuration by running the command in the PowerShell console.
    Invoke-SDDCManagerRestore -extractedSDDCDataFile $extractedSDDCDataFile -backupFilePath $backupFilePath -vcfUserPassword $vcfUserPassword -localUserPassword $localUserPassword -rootUserPassword $rootUserPassword

Content feedback and comments