How to: VMware VCF NSX backup to external destination

By default, VCF will back up NSX configuration to itself. However, we should point it to an external location.

This is a File-Based Backup of SDDC Manager and NSX Manager. When you first log into VCF SDDC manager, you will see an Orange banner with information to reconfigure it to point to an external file based backup for SDDC / NSX manager. First we will need to create a new user in vCenter with a new Group for the job.

https://docs.vmware.com/en/VMware-Cloud-Foundation/4.0/com.vmware.vcf.admin.doc_40/GUID-28DF03BC-654B-4E41-A3C1-230B356E87C6.html

Log into VCenter and navigate to administration > Single Sign On > Users and Groups and create a new user and give that user a password on the vsphere.local domain. Not the localos domain.

Create a Group and put that user in that Group.

That user we create in VCenter will be used to perform the Authentication from SDDC manager.

Scroll down to see that field, and you will need to remember an Encryption Passphrase. I made it the same as my NSX-T enable passphrase, but you do you.

Once we click save it will either like it or tell us something went wrong and we need to correct it in order to be submitted and enabled. You should see it configuring the backup on successful form completion.

It starts configuring a backup configuration job we can expand in SDDC manager.

We can dig into the task by expanding tasks view and double click the backup task, we can explore the sub-tasks as they progress.

I like how SDDC manager we can make the tasks screen large and click on a tasks to view sub-tasks. After a minute or two, the Backup configuration tasks will complete.

If we check our external SFTP destination, we will see a backup file.

We reconfigured SDDC manager and NSX-T to an external location using SFTP.

https://docs.vmware.com/en/VMware-Validated-Design/6.0/sddc-deployment-of-the-management-domain-in-the-first-region/GUID-187F567B-13EB-493F-8B4F-520E1C4CAED4.html

Published by Ben

I do stuff in the datacenter.

Leave a comment

Your email address will not be published. Required fields are marked *