Controller Backup and Restore

When deployed in a cloud environment, the Aviatrix Controller is not in the data path as packet processing and encryption is done by the Aviatrix gateways.

When the Controller is down or out of service, your network will continue to be operational and encrypted tunnels and OpenVPN® users stay connected and are not affected. Since most of the data logs are forwarded from the gateways directly, the loss of log information from the Controller is minimal. The only impact is that you cannot build new tunnels or add new OpenVPN® users.

This loosely coupled relationship between the Controller and gateways reduces the impact of the availability of the Controller and simplifies your infrastructure. Since the Controller stores configuration data, it should be periodically backed up to the appropriate AWS/Azure/Google account. If a replacement Controller is launched, you can restore the configuration data from your backup.

Note

Note: If you have the Controller HA cloud formation stack running, please make sure you delete the stack prior to stopping the existing Controller, to avoid complications and failures in this restore operation.

Important

If you choose to migrate your Controller using backup and then restoring to a new Controller, you must reset the IP address of your newly launched Controller in CoPilot before shutting down your old CoPilot. Reset the IP address of your newly launched Controller in CoPilot > Settings > Configuration > click Reset Controller IP. If you fail to do so, you may be locked out of your CoPilot after the migration.

Backing up the Configuration

Aviatrix stores the Controller backup in an AWS S3 bucket or an Azure Container. Before you begin, determine where you would like to store the backup and create either the S3 bucket or Azure Container.

Warning

  • Make sure your Controller backup and Controller restore are in the same CSP (Cloud Service Provider): AWS, Azure, or GCP and share the same basic configuration. For example, an AWS backup can only restore to another AWS Controller.

  • Note that in the case of AWS backups, an AWS Controller set up with IAM roles cannot backup and restore to an AWS Controller set up with a secret key, or vice versa.

  • (AWS) The S3 bucket you use or create for Controller HA and Backups does not need to have public access enabled and should be configured to restrict general public access.

  1. Log into the Controller.

  2. Click on the Settings navigation item.

  3. Click on the Maintenance sub item.

  4. Click on the Backup & Restore tab.

  5. Under the Backup section:

    • Select the appropriate Cloud Type and Account Name.

    • Populate the S3 Bucket Name for AWS or Region, Storage Name, and Container Name for Azure.

    Note

    By default, only the latest configuration data is stored. Each time the configuration is backed up, it overwrites the previous one. If you would like to keep every copy, check the box Multiple Backup.

  6. Click Enable.

    imageBackupAWS

The first time you enable this feature, the configuration will backed up to your specified location. After this, the configuration data is automatically backed up daily at 12am.

Selecting the “Multiple Backup” checkbox enables the Controller to backup up to a maximum of 3 rotating backups. Each backup filename will contain the date and time of when the backup is made. Additionally, the backup without any date and time in the filename contains a copy of the latest backup.

If you want to force an immediate backup (e.g. for a configuration change) you can accomplish this by clicking on the “Backup Now” button. If multiple backups are not enabled, each time the configuration is backed up, the backup up file will be overwritten. Otherwise, the oldest backed up will be overwritten.

Note

Selecting the ‘Multiple Backup’ option is recommended. If the backup is already ‘Enabled’, go ahead and ‘Disable’ it, turn on the ‘Multiple Backup’ option and then ‘Enable’ the backup again.

Note

You should enable cross-region replication in AWS when creating your S3 buckets. This ensures that an S3 bucket remains accessible if there is a regional CSP failure. The replacement Controller can retrieve and restore its backup file.

Restoring the Configuration

Note

In Private Mode, restoration can only be done in the same VPC as the previous Controller. You cannot restore a Controller that has been created in a different VPC. Click here for more information on Private Mode.

Warning

  • Make sure your Controller backup and Controller restore take place in the same CSP (Cloud Service Provider): AWS, Azure, or GCP and share the same basic configuration. For example, an AWS backup can only restore to another AWS Controller.

  • Note that in the case of AWS backups, an AWS Controller set up with IAM roles cannot backup and restore to an AWS Controller set up with a secret key, or vice versa.

If you are starting from a new Controller, follow these steps to get started:

  1. Log in to the Controller with the admin username and the default password.

  2. Follow the initial steps to get the Controller up and running.

    1. Shut down the older Controller.

    2. Transfer the IP address to the new Controller.

    3. Proceed to configure the new Controller by entering an email address.

    4. Change your admin password.

    5. Enter or skip the proxy configuration.

    6. Allow the upgrade to run.

Once you are past the initial configuration steps:

  1. Log into the Controller.

    1. Click on the Settings navigation item.

    2. Click on the Maintenance sub item.

    3. Click on the Backup & Restore tab.

    4. Under the Restore section:

    • Select the Cloud Type

    • For AWS

      • If you would like to use an existing account, please make sure you create one Access Account only with the EXACT Access Account Name that was used in your previous Controller. Check the box Use Cloud Account Name and select the account. Otherwise, enter an Access Key and Secret Key

      • Enter the Bucket Name and File Name of the file to restore.

    • For Azure

      • Enter the Subscription ID and Certificate Path.

      • Enter the Storage Name, Container Name, and File Name of the file to restore.

  1. Click Restore.

imageRestoreAWS

If Aviatrix Managed CloudN exists in the backup Controller, after the restore operation on the new Controller, you must navigate to the Aviatrix Managed CloudN UI and follow steps of 2.2 and 2.5 in https://docs.aviatrix.com/HowTos/CloudN_workflow.html?highlight=managed%20CloudN by entering the new FQDN or IP of the new Controller to complete the restore. You must repeat 2.2 and 2.5 on other Aviatrix Managed CloudN devices if you have more than one.

Important

If you choose to migrate your Controller using backup and then restoring to a new Controller, you must reset the IP address of your newly launched Controller in CoPilot before shutting dow your old CoPilot. Reset the IP address of your newly launched Controller in CoPilot > Settings > Configuration > click Reset Controller IP. If you fail to do so, you may be locked out of your CoPilot after the migration.

How to Backup configuration with AWS Encrypted Storage

AWS S3 allows uploaded backup files to be encrypted in the server side for more secure storage. The encryption is all done in the AWS S3 server side. This server side secure storage is in addition to the already encrypted Aviatrix Controller backups.

1. Create AWS S3 bucket

S3Create

Note

Note: The S3 bucket you use or create for Controller HA and Backups does not need to have public access enabled and should be configured to restrict general public access.

2. Configure bucket server side encryption in S3 bucket properties.

S3Properties

3. Select either None, AES-256, AWS-KMS AWS/S3, or AWS-KMS Custom KMS ARN.

S3SelectDefaultEncryption

S3SelectEncryption

4. If AWS-KMS with Custom KMS ARN is selected, additional configuration will be needed:

  1. Create a Custom Encryption Key by going to IAM->Encryption Keys->Create Key

KMSKeyCreate

  1. Copy the custom Key KMS ARN to the S3 encryption property configuration.

Note

Make sure that the custom encryption key and the S3 bucket are in the same region.

  1. If IAM user is used for onboarding authentication, add user “aviatrix-role-app” into the key.

KMSKeyAddUser