I know that with older versions of AsyncOS a configuration file backed up while in a cluster could not be restored/loaded. However, in more recent versions (possibly introduced in 8.x), you can now load the configuration files you backed up while in a cluster. I cannot find any detailed information on this process and was wondering if someone could point me in the right direction. For example, are there any limitations or caveats that I should be aware of? Can it definitely be used to restore the entire cluster's configuration as well as specific machine's?
What type of detailed information are you looking for? This was a new feature as of 8.5, and per the release notes:
Full details are in the end user guide, 37-22:
Thanks. I did review the end user guide and wasn't quite sure about Step 3.3 on page 37-23. Can you shed any light on this step? Also, I'm assuming all the specific appliances' information is stored in the config file, which is what allows you to restore a single appliance in the event of a failure.
Yes - the appliance information is contained and separated in the cluster configuration. But - keep in mind that you will be restoring the cluster configuration to an appliance that was in cluster @ the time that configuration was saved. (*So - if you did a restore of the configuration and then wanted to remove that appliance FROM cluster, yes - it would then save out that original single appliance.)
To review this in a little more detail ---
Thanks a lot for the detailed overview of the process. It definitely helps to have the screenshots and explanation.
Last questions - I think. Do you still need to save any certs you use separately, or is that stored in the cluster configuration?
No worries. It's a new feature, and a little on the confusing side. If you don't test a get a feel for it, it is easy to get confused.
As for the certs - the certs are included in the saved configuration - so, either at cluster level, if they are imported and saved @ cluster, or individually, if they are machine level.
(*But - as a paranoid admin, I would also have saved out the certificates regardless, but that is just my experience.)
I wanted to confirm one other thing with you. For loading an appliance configuration in a cluster, can you simply save the configuration file on one machine in the cluster and use that to load the configuration of any appliance in the cluster (since it contains all appliances' information)? Or is it necessary to save the configuration file on each machine in the cluster, and use that appliance's specific saved configuration file to load that appliance's configuration file?
Hopefully that makes sense.
No - still no build in way to automate/built-in from the appliance(s) - this would still be based on an external process to accomplish that...
Note - this TechNote does contain proof of concept, and is not intended as a supported option from Cisco.