Backup Restore APIs | VMware Cloud Foundation for VxRail API

Backup Restore APIs

APIs for managing Backups and Restore

Back up and restore solution is provided to backup SDDC manager and configure NSX manager backup.

1. Configure backup of SDDC manager and NSX manager

It is essential to review the basic principles in a file-based solution for backup. In such a solution, the state of a product is periodically exported to a file that is stored in a domain different than the one where the product is running. If the product needs to be restored, the OVA is re-deployed and a selected backup-file is used to restore the state.
NSX Manager files are backed up by default in the SDDC Manager VM which also has to be backed up. You can configure an external SFTP server as a backup location which is the recommended solution. NSX Manager is backed up every 1 hour
This section provides the steps to configure NSX backup location and the SDDC Manager backup location to an external SFTP server along with encryption configuration for both SDDC Manager and NSX Manager backup.
Backup of SDDC manager can be scheduled by setting the schedule for SDDC Manager in the configuration. The state change driven backups are enabled by default with SDDC Manager scheduled backups and can not be enabled when the scheduled backups are disabled. User must disable state change driven backups when disabling scheduled backups. User can also set a backup retention policy for SDDC Manager backups. When the scheduled backups of SDDC Manager are enabled, the below default retention policy is set for SDDC Manager backups.

{"numberOfMostRecentBackups" : 10, "numberOfDaysOfHourlyBackups" : 2, "numberOfDaysOfDailyBackups" : 15}

SDDC Manager's backup retention policy is designed to retain as many latest backups as possible and also to retain optimal number of backups for a long period of time. Using this policy, user can retain a given number of most recent backups, and hourly backups(only the latest backup is retained in an hour) for a given number of days, and daily backups(only the latest backup is retained per day) for a given number of days. For example, as per the above default policy, the very recent 10 backups will be retained, and on top of that hourly backups will be retained for last 2 days, and on top of that daily backups will be retained for last 15 days.

1.1. Prerequisites

The following data is required

Encryption
- Twelve or more characters.
- At least one upper-case letter.
- At least two digits.
- At least one special character.

Note : SDDC Manager does not store previously-used passphrases. You must store the passphrase in a secure location separate from the backup files and from the Cloud Foundation environment you are protecting.

FTP server details to save the backup file :
- IP or FQDN of the server
- port
- protocol, which is SFTP
- username
- password
- ssh fingerprint
- directory path to save the backup file
SDDC manager schedule details :
- Frequency of the schedule
- Schedule details
The user credentials should have the role of an ADMIN

Tip : To get fingerprint execute the below command

ssh-keygen -lf <(ssh-keyscan -t ssh-rsa -p <port-number> <server-IP-address> 2>/dev/null)

Note : Fingerprint should be SHA-256 RSA key.

1.2. Steps

Trigger the task using the valid input specification.

Note : To trigger the API, the user should have a role of an ADMIN in VCF.

Note : Resource Type allowed for scheduling backup is SDDC_MANAGER.

Note : Only absolute path is accepted for directory path

Note : Scheduling frequency WEEKLY takes the fields daysOfTheWeek , hoursOfTheDay and minuteOfTheHour . Scheduling frequency HOURLY takes the field minuteOfTheHour.

Tip : Refer to Security section to set the role as ADMIN for the user.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/system/backup-configuration' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "encryption" : {
    "passphrase" : "VMwareBackup@1"
  },
  "backupLocations" : [ {
    "server" : "10.92.33.23",
    "port" : 22,
    "protocol" : "SFTP",
    "username" : "backup",
    "password" : "FTPServer@1",
    "directoryPath" : "/vmware/backup",
    "sshFingerprint" : "SHA256:w2NgXhG2XXXXXXXX"
  } ],
  "backupSchedules" : [ {
    "resourceType" : "SDDC_MANAGER",
    "takeScheduledBackups" : true,
    "frequency" : "WEEKLY",
    "daysOfWeek" : [ "SUNDAY", "THURSDAY" ],
    "hourOfDay" : 12,
    "minuteOfHour" : 34,
    "takeBackupOnStateChange" : true,
    "retentionPolicy" : {
      "numberOfMostRecentBackups" : 15,
      "numberOfDaysOfHourlyBackups" : 10,
      "numberOfDaysOfDailyBackups" : 20
    }
  } ]
}'

HTTP Request

PUT /v1/system/backup-configuration HTTP/1.1
Content-Type: application/json
Content-Length: 732
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "encryption" : {
    "passphrase" : "VMwareBackup@1"
  },
  "backupLocations" : [ {
    "server" : "10.92.33.23",
    "port" : 22,
    "protocol" : "SFTP",
    "username" : "backup",
    "password" : "FTPServer@1",
    "directoryPath" : "/vmware/backup",
    "sshFingerprint" : "SHA256:w2NgXhG2XXXXXXXX"
  } ],
  "backupSchedules" : [ {
    "resourceType" : "SDDC_MANAGER",
    "takeScheduledBackups" : true,
    "frequency" : "WEEKLY",
    "daysOfWeek" : [ "SUNDAY", "THURSDAY" ],
    "hourOfDay" : 12,
    "minuteOfHour" : 34,
    "takeBackupOnStateChange" : true,
    "retentionPolicy" : {
      "numberOfMostRecentBackups" : 15,
      "numberOfDaysOfHourlyBackups" : 10,
      "numberOfDaysOfDailyBackups" : 20
    }
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/2942d4ff-bd70-47c6-9097-33d707e60eef
Content-Type: application/json
Content-Length: 210

{
  "id" : "2942d4ff-bd70-47c6-9097-33d707e60eef",
  "name" : "Configure backup on VCF Components and register backup locations",
  "status" : "IN_PROGRESS",
  "creationTimestamp" : "2019-05-10T11:13:22.551Z"
}

Poll the task until "status" is not "IN_PROGRESS" using the "id" from the previous response.

Tip : Refer to: Get a Task.

If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.

Note : The SFTP server credentials are saved before configuring any NSX managers. In case configuring the NSX manager failed, an attempt is still made to configure as many NSX managers as possible before failing the task.

Tip : Refer to: Retry a Task.

2. Edit the Backup Configuration

2.1. Prerequisites

The following data is required

The configuration which has to be edited (Backup location or Encryption or Backup schedules or all).
User credentials with role as an ADMIN in VCF.

Note : In case you are editing the passphrase, you must store the passphrase in a secure location separate from the backup files and from the Cloud Foundation environment. The encryption passphrase is mapped to the backup file. Editing the passphrase will not update the configured passphrase for previously backed up file.

Note : In case you are editing the backup location, previously collected NSX backups must be manually migrated to the new location. All the parameters of backup location have to be given as input while editing the backup location.

Note : Editing backup configuration updates all the NSX manager's backup configuration.

2.2. Steps

Invoke the API

Tip : To get the current backup configuration Refer to: Get the Backup Configuration

The example shown is to edit only the backup location whereas encryption and backup schedule is unchanged.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/system/backup-configuration' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "backupLocations" : [ {
    "server" : "10.92.33.24",
    "port" : 22,
    "protocol" : "SFTP",
    "username" : "backup",
    "password" : "FTPServer@2",
    "directoryPath" : "/vmware/backup",
    "sshFingerprint" : "SHA256:w2NgXhG2XXXXXXXX"
  } ]
}'

HTTP Request

PATCH /v1/system/backup-configuration HTTP/1.1
Content-Type: application/json
Content-Length: 255
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "backupLocations" : [ {
    "server" : "10.92.33.24",
    "port" : 22,
    "protocol" : "SFTP",
    "username" : "backup",
    "password" : "FTPServer@2",
    "directoryPath" : "/vmware/backup",
    "sshFingerprint" : "SHA256:w2NgXhG2XXXXXXXX"
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/b87d7608-404e-4714-af1e-d7e3c7aaf666
Content-Type: application/json
Content-Length: 210

{
  "id" : "b87d7608-404e-4714-af1e-d7e3c7aaf666",
  "name" : "Configure backup on VCF Components and register backup locations",
  "status" : "IN_PROGRESS",
  "creationTimestamp" : "2019-05-10T11:13:22.551Z"
}

The example shown is to edit only the backup schedule whereas backup location and encryption is unchanged.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/system/backup-configuration' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "backupSchedules" : [ {
    "resourceType" : "SDDC_MANAGER",
    "takeScheduledBackups" : true,
    "frequency" : "WEEKLY",
    "daysOfWeek" : [ "MONDAY" ],
    "hourOfDay" : 12,
    "minuteOfHour" : 23,
    "takeBackupOnStateChange" : true,
    "retentionPolicy" : {
      "numberOfMostRecentBackups" : 15,
      "numberOfDaysOfHourlyBackups" : 10,
      "numberOfDaysOfDailyBackups" : 20
    }
  } ]
}'

HTTP Request

PATCH /v1/system/backup-configuration HTTP/1.1
Content-Type: application/json
Content-Length: 407
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "backupSchedules" : [ {
    "resourceType" : "SDDC_MANAGER",
    "takeScheduledBackups" : true,
    "frequency" : "WEEKLY",
    "daysOfWeek" : [ "MONDAY" ],
    "hourOfDay" : 12,
    "minuteOfHour" : 23,
    "takeBackupOnStateChange" : true,
    "retentionPolicy" : {
      "numberOfMostRecentBackups" : 15,
      "numberOfDaysOfHourlyBackups" : 10,
      "numberOfDaysOfDailyBackups" : 20
    }
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/6e97e18c-860f-479a-a33d-3437d2584985
Content-Type: application/json
Content-Length: 209

{
  "id" : "6e97e18c-860f-479a-a33d-3437d2584985",
  "name" : "Configure backup on VCF Components and register backup schedule",
  "status" : "IN_PROGRESS",
  "creationTimestamp" : "2019-05-10T11:13:22.551Z"
}

Poll the task until "status" is not "IN_PROGRESS" using the "id" from the previous response.

Tip : Refer to: Get a Task.

If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry a Task.

3. Get the Backup Configuration

3.1. Prerequisites

None

3.2. Steps

Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/system/backup-configuration' -i -X GET \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/system/backup-configuration HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 603

{
  "backupLocations" : [ {
    "server" : "10.92.33.24",
    "port" : 22,
    "protocol" : "SFTP",
    "username" : "backup",
    "directoryPath" : "/vmware/backup"
  } ],
  "backupSchedules" : [ {
    "resourceType" : "SDDC_MANAGER",
    "takeScheduledBackups" : true,
    "frequency" : "WEEKLY",
    "daysOfWeek" : [ "MONDAY" ],
    "hourOfDay" : 12,
    "minuteOfHour" : 23,
    "takeBackupOnStateChange" : true,
    "retentionPolicy" : {
      "numberOfMostRecentBackups" : 15,
      "numberOfDaysOfHourlyBackups" : 10,
      "numberOfDaysOfDailyBackups" : 20
    }
  } ],
  "isConfigured" : true
}

Note : "isConfigured" notifies if the backup has been configured.

Note : Encryption details which was configured is not returned due to security reasons.

4. Initiate Backup of SDDC Manager

Back up the SDDC Manager VM regularly to avoid downtime and data loss in case of a system failure. If the SDDC Manager VM does fail, you can restore VM to the last backup
In case you need to restore the SDDC Manager VM, you select the backup file to restore and download the appropriate OVA file. You can deploy this OVA either through vCenter Server or the OVF tool. You then load the state on the newly deployed SDDC Manager VM.

4.1. Prerequisites

The following action needs to be performed
- Backup must be configured
Computer that runs the backup automation script (or where you manually run the APIs). This computer may also be used to coordinate and support a restore operation. It can also host the FTP server required to protect the NSX Manager instances.
Reliable and secure storage volume on which the backup files are stored. The computer and the storage need to be in a different fault domain.

Note : Only resourceType:SDDC_MANAGER is supported currently.

Tip : Refer to: Configure backup of SDDC manager and NSX manager

4.2. Steps

Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/backups/tasks' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "elements" : [ {
    "resourceType" : "SDDC_MANAGER"
  } ]
}'

HTTP Request

POST /v1/backups/tasks HTTP/1.1
Content-Type: application/json
Content-Length: 64
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "elements" : [ {
    "resourceType" : "SDDC_MANAGER"
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: 3b48ffc5-fafd-46e5-88ee-ce3ccc4d7a93
Content-Type: application/json
Content-Length: 252

{
  "id" : "3b48ffc5-fafd-46e5-88ee-ce3ccc4d7a93",
  "name" : "SDDC Manager Backup Operation",
  "status" : "IN_PROGRESS",
  "resources" : [ {
    "type" : "BACKUP",
    "name" : "vcf-backup-sddc-manager-vrack-vsphere-local-2019-07-29-12-02-46"
  } ]
}

Poll the task until "status" is not "IN_PROGRESS" using the "id" from the previous response.

Tip : Refer to: Get a Task.

If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED", the task can be re-executed.
The backup files are saved in the /nfs/vmware/vcf/nfs-mount/sddc-manager-backup directory on the SDDC Manager VM.
In this example, the full filename of the backup file will be vcf-backup-sddc-manager-vrack-vsphere-local-2019-07-29-12-02-46.tar.gz

Tip : To inspect the contents of a backup tar file, use the decrypt command described in Initiate Restore of SDDC Manager

Note : Make sure to copy the backup file to a known location along with the corresponding passphrases.

5. Initiate Restore of SDDC Manager

In case of a failure, you can restore SDDC Manager from a saved backup.

5.1. Prerequisites

The following data is required

Backup file name and location of the backup file
Encryption passphrase used to encrypt the backup file

Note : Only resourceType:SDDC_MANAGER is supported currently

5.2. Steps

Power off the original SDDC Manager VM.
Rename the VM to something like sddc-manager-original using the management domain vCenter Server.
Identify the backup file to be used for the restore operation.

Tip : In most cases, you should select the most recently taken backup.

The backup file contains sensitive data about your Cloud Foundation instance, including passwords in plain text. It is recommended you control access to the decrypted files and securely delete them when you are done with the restore operation.
Using a computer that has access to the secure secondary storage where the backup files are stored, navigate to the backup file and extract the contents of the encrypted tar file using the following command.

OPENSSL_FIPS=1  openssl enc -d -aes-256-cbc -md sha256 -in filename-of-selected-file | tar -xz

At the prompt, enter the passphrase that you configured before backing up SDDC Manager.
The extracted metadata.json file contains the networking details and fips enablement details required for new SDDC manager deployment in further steps.
In order to restore SDDC Manager, you need to deploy the SDDC Manager OVA.
The link to download the OVA is found in the metadata.json file in the backup file.
Download the SDDC Manager OVA from the link provided.
Deploy SDDC Manager VM from vCenter Server or with the OVF Tool either in fips or non fips mode as specified in the metadata.json.
- Deploy SDDC Manager VM from vCenter server
  - Log in to the management domain vCenter Server using a web browser that is running on a system that has access to the downloaded SDDC Manager OVA.
  - In the vSphere Client, expand SDDC-Datacenter > SDDC-Cluster1.
  - Right-click on Mgmt-ResourcePool and select Deploy OVF Template.
  - The Deploy OVF Template wizard appears.
  - Use the local file option and choose the downloaded SDDC Manager OVA
  - Specify the VM name as sddc-manager.
  - Select the location of the SDDC Manager VM as SDDC-Datacenter > Management VMs and click Next.
  - Specify the compute resource destination. See the metadata.json file for the name of the pool and click Next.
  - Verify the template details and click Next.
  - Read the license terms and click the checkbox at the bottom of the page to accept the license agreements.
  - On the storage page, keep the vSAN datastore selection. The datastore name is in the metadata.json file and click Next.
  - On the networks page:
    - Do not change the default setting for Source Network.
    - In Destination Network, select the port group that is listed in the metadata.json file.
    - Do not change the default setting for IP allocation and IP protocol.
  - Click Next.
  - For the fields on the Customize template page, refer to the metadata.json file. Note the following:
    - Specify the backup user password from the security_password_vault.jsonfile.
    - For the root, vcf, and admin user accounts, you can re-use the same passwords from the original SDDC Manager deployment or assign new ones. For password considerations, refer to the About the Deployment Parameter Workbook section in the VMware Cloud Foundation Deployment Guide.
    - Select the fips mode if the fips_enabled flag is set to true in metadata.json
    - Specify the Hostname. See the metadata.json file for the hostname.
    - Leave the DNS and NTP fields empty
    - (Optional) Existing PSC Settings section.
    - Specify the Networking Properties(ip, netmask, and gateway) referring to the metadata.json file.
  - Click Next.
  - Review the OVF details and click Finish. The OVF deployment begins. You can view the details in the Tasks pane.
  - Power on the newly deployed SDDC Manager VM and wait for the vCenter Server UI to report its IP address has been assigned.
  - SSH in to the SDDC Manager and log in as the vcf user.
- Deploy SDDC Manager VM with the OVF tool
  - Install the OVF tool on a system that has access to the SDDC Manager OVA that you downloaded.
  - Prerequisites
    - Download the OVF tool and install it on a system that has access to the SDDC Manager OVA that you downloaded
    - Retrieve the DNS name or IP address of a host from the management domain.
      - Log into the management domain vCenter Server
      - navigate to the management domain cluster
      - select an active host that is not reporting any vSAN errors
    - Retrieve the root password for the selected host. Search for the host's DNS name in the security_password_vault.json, which displays the root password.
  - Run the following command with information from the metadata.json file.
    
    For non-fips mode
```
ovftool --noSSLVerify --skipManifestCheck --powerOn --diskMode=thin --acceptAllEulas --
allowExtraConfig --ipProtocol=IPv4 --ipAllocationPolicy=fixedPolicy --datastore=datastoreName --
name=sddc-manager --X:injectOvfEnv --X:waitForIp --prop:ROOT_PASSWORD=Password --
prop:VCF_PASSWORD=Password --prop:LOCAL_USER_PASSWORD=Password --prop:BACKUP_PASSWORD=Password
--prop:vami.gateway.SDDC-Manager=gatewayIP --prop:vami.ip0.SDDC-Manager=SDDC_Manager_IP --
prop:vami.netmask0.SDDC-Manager=networkMask --prop:vami.hostname=hostName --
prop:vami.searchpath.SDDC-Manager=searchPath --prop:vami.domain.SDDC-Manager=domain --
network=portGroupName --prop:guestinfo.ntp="ntp" --prop:vami.DNS.SDDC-Manager="dns"
--X:logFile=./ovftool.log --X:logLevel=verbose OVA_filename vi://root:password_for_selected_host>@host_DNS_name_or_ IP
```
    For the fips mode
```
ovftool --noSSLVerify --skipManifestCheck --powerOn --diskMode=thin --acceptAllEulas --
allowExtraConfig --ipProtocol=IPv4 --ipAllocationPolicy=fixedPolicy --datastore=datastoreName --
name=sddc-manager --X:injectOvfEnv --X:waitForIp --prop:ROOT_PASSWORD=Password --
prop:VCF_PASSWORD=Password --prop:LOCAL_USER_PASSWORD=Password  --prop:FIPS_ENABLE=True --prop:BACKUP_PASSWORD=Password
--prop:vami.gateway.SDDC-Manager=gatewayIP --prop:vami.ip0.SDDC-Manager=SDDC_Manager_IP --
prop:vami.netmask0.SDDC-Manager=networkMask --prop:vami.hostname=hostName --
prop:vami.searchpath.SDDC-Manager=searchPath --prop:vami.domain.SDDC-Manager=domain --
network=portGroupName --prop:guestinfo.ntp="ntp" --prop:vami.DNS.SDDC-Manager="dns"
--X:logFile=./ovftool.log --X:logLevel=verbose OVA_filename vi://root:password_for_selected_host>@host_DNS_name_or_ IP
```
    OUTPUT:
```
Opening OVA source: /mnt/iso/sddc-foundation-bundle-4.0.0.0-16156896/sddc_manager_ova/VCF-SDDC-Manager-Appliance-4.0.0.0-16156896_OVF10.ova
The manifest does not validate
Opening VI target: vi://[email protected]:443/
Deploying to VI: vi://[email protected]:443/
Transfer Completed
Powering on VM: sddc-manager
Task Completed
Waiting for IP address...
Received IP address: 10.0.0.4
Completed successfully
```

Note : Refer to attribute "fips_enabled" in metadata.json for the FIPS mode

* Navigate to the management domain vCenter Server.

* Move the sddc-manager VM into the Management VM folder.

* Move the sddc-manager VM into the Management Resource Pool. The name of this pool is available in the metadata.json file.

* To confirm that SDDC Manager has been deployed correctly, ssh in to the VM as the vcf user.

Take a snapshot of the SDDC Manager VM.
Copy the encrypted backup file to the /tmp directory on the SDDC Manager VM.
Trigger the task using the valid input specification.

Note : This API follows the Token-Based Authentication scheme. To invoke this API, a token is required. Generate token using the local account by providing the correct password of local user that was supplied during the deployment of SDDC Manager VM with the OVF tool. Note that the username of local account is admin@local Here is the example command on how to generate token using local account: curl -d '{"username" : "admin@local", "password" : "Password"}' -H "Content-Type: application/json" -X POST http://sfo-vcf01.rainpole.io/v1/tokens

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/restores/tasks' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "elements" : [ {
    "resourceType" : "SDDC_MANAGER"
  } ],
  "backupFile" : "/tmp/backup.tar.gz",
  "encryption" : {
    "passphrase" : "VMwareBackup@1"
  }
}'

HTTP Request

POST /v1/restores/tasks HTTP/1.1
Content-Type: application/json
Content-Length: 163
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "elements" : [ {
    "resourceType" : "SDDC_MANAGER"
  } ],
  "backupFile" : "/tmp/backup.tar.gz",
  "encryption" : {
    "passphrase" : "VMwareBackup@1"
  }
}

HTTP Response

HTTP/1.1 202 Accepted
Location: c0081cc5-36a6-4012-8e3b-d2d0b0490e7f
Content-Type: application/json
Content-Length: 79

{
  "id" : "c0081cc5-36a6-4012-8e3b-d2d0b0490e7f",
  "status" : "IN_PROGRESS"
}

Poll the task until "status" is not "IN_PROGRESS" using the "id" from the previous response.

Note : This API follows the Token-Based Authentication scheme. To invoke this API, a token is required. Generate token using the local account by providing the correct password of local user that was supplied during the deployment of SDDC Manager VM with the OVF tool. Note that the username of local account is admin@local Here is the example command on how to generate token using local account: curl -d '{"username" : "admin@local", "password" : "Password"}' -H "Content-Type: application/json" -X POST http://sfo-vcf01.rainpole.io/v1/tokens

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/restores/tasks/d14d42ea-3061-4874-a2ed-651253db37a3' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/restores/tasks/d14d42ea-3061-4874-a2ed-651253db37a3 HTTP/1.1
Content-Type: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2545

{
  "id" : "875ca777-32af-4aed-8241-bfc58f1f9602",
  "name" : "SDDC Manager Restore Operation",
  "status" : "SUCCESSFUL",
  "creationTimestamp" : "2020-05-26T17:14:45.306Z",
  "subTasks" : [ {
    "name" : "ExtractSDDCManagerBackup",
    "description" : "Decrypt and Extract Backup and Validate SDDC Manager for Restore operation",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:14:46.132Z",
    "completionTimestamp" : "2020-05-26T17:14:51.712Z"
  }, {
    "name" : "StopSDDCManagerServices",
    "description" : "Stop all VCF SDDC Manager Services",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:14:51.714Z",
    "completionTimestamp" : "2020-05-26T17:15:23.950Z"
  }, {
    "name" : "RestoreSDDCManagerConfiguration",
    "description" : "Restore SDDC Manager Configuration files",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:15:23.954Z",
    "completionTimestamp" : "2020-05-26T17:15:24.638Z"
  }, {
    "name" : "RestoreSDDCManagerDatabase",
    "description" : "Restore SDDC Manager Database",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:15:24.642Z",
    "completionTimestamp" : "2020-05-26T17:16:11.931Z"
  }, {
    "name" : "StartSDDCManagerServices",
    "description" : "Start and Validate all VCF SDDC Manager Services",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:16:11.940Z",
    "completionTimestamp" : "2020-05-26T17:19:57.841Z"
  }, {
    "name" : "RestoreSDDCSystemConfiguration",
    "description" : "Restore SDDC Manager System Configuration",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:19:57.846Z",
    "completionTimestamp" : "2020-05-26T17:20:45.278Z"
  }, {
    "name" : "PostRestoreRemediation",
    "description" : "Post Restore Remediation",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:20:45.475Z",
    "completionTimestamp" : "2020-05-26T17:20:51.559Z"
  }, {
    "name" : "PostRestoreNfsRefresh",
    "description" : "Refresh NFS post restore",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:20:51.563Z",
    "completionTimestamp" : "2020-05-26T17:21:05.918Z"
  }, {
    "name" : "UnquiesceSystem",
    "description" : "Unquiesce the system after Restore operation",
    "status" : "SUCCESSFUL",
    "creationTimestamp" : "2020-05-26T17:21:05.922Z",
    "completionTimestamp" : "2020-05-26T17:21:06.013Z"
  } ],
  "errors" : [ ],
  "resources" : [ ],
  "resolutionStatus" : "UNRESOLVED",
  "isCancellable" : false
}

If the "status" is "SUCCESSFUL", the task is completed successfully.
If the "status" is "FAILED" , perform the following steps to retry.
- Copy the contents of /var/log/vmware/vcf/sddc-support/ to a filesystem that is external to SDDC Manager. This preserves the restore log file.
- Revert the SDDC Manager VM to the snapshot taken in step 12.
- Take a new snapshot.
- Perform steps 13 - 16.
- If this attempt fails, contact VSDDC ManagerMware Support.
Verify SDDC Manager VM operations after restore:
- SSH in to the SDDC Manager as the vcf user.
- Run the following command:
```
sudo /opt/vmware/sddc-support/sos --health-check
```
- When prompted, enter the vcf user password.
- A green status indicates that the health is normal, yellow provides a warning that attention might be required, and red indicates that the component needs immediate attention. Possible reasons for yellow or red status are that you used an SDDC Manager backup with unresolved workflows, you used a backup taken before a workflow was completed successfully, you restored other products in addition to SDDC Manager, or some components are not operational. Call VMware Support if you need help with resolving the yellow or red status
- If the status was green,
  - Download the applicable install and upgrade bundles.
  - Download the upgrade bundles applicable to your environment.