dougsland edited this page Mar 11, 2012 · 70 revisions
Clone this wiki locally

Welcome to the rhevUP wiki!
An Open Source Disaster Recovery and Migration tool for Red Hat Enterprise Virtualization (RHEV) 2.x series


rhevUP is a console tool written in C# for Microsoft Windows 2003/2008 which contain the following goals:

  • Backup current RHEV environment on Windows
  • Restore RHEV environment on Windows
  • Migrate RHEV environment from Windows 2003 to Windows 2008

Please note 1: The backup doesn't include storage or RHEV-H side.
Please note 2: Red Hat DOES NOT support it. It's open source project.

License: GPLv2
Libraries: rhevUP uses the GNU Getopt library (LGPL) for .NET (http://getopt.codeplex.com/)

Supported Environment:

  • Microsoft Windows 2003
  • Microsoft Windows 2008
  • Active Directory
  • Local Computer Account



How can I use it?

rhevUP offers the following options:
-n SQL serverName (Ex.: [Machine Name]\sqlexpress)
-s Source directory which contains the backup for restore
-r  Restore RHEV Environment
-b Backup RHEV Environment
-q Quit after backup
-i IIS wwwroot path (Ex.: c:\inetpub\wwwroot)
-p path RHEVM files (Ex.:c:\Program Files\RedHat\RHEVManager)

Ex.: (backup):

    -p c:\Program Files\RedHat\RHEVManager```

Ex.: (<b>scripting (backup mode)</b>):<br>
```C:\>rhevUP -q -b -n "[Machine Name]\sqlexpress" -d C:\myBackupDir -i C:\inetpub\wwwroot -p c:\Program Files\RedHat\RHEVManager```

Ex.: (<b>restore</b>):<br>
```C:\>rhevUP -r -n "[Machine Name]\sqlexpress" -s C:\myBackupDir -i C:\inetpub\wwwroot -p c:\Program Files (x86)\RedHat\RHEVManager```

<b>backup mode</b> will backup the following files:

* Certificates
* rhevm and rhevm_history Databases
* .config files
* Service directory
* Turn off all all RHEV Windows Services

After backup complete, the program will ask if you would like to turn
off your computer.

<b>restore mode</b> will restore the configuration

<b>scripting mode</b> this mode will do exactly the same as backup mode but
also will turn on the RHEV Windows Service after the backup.<br>
To schedule a task on Windows, please verify:

# Source code

# Developers
If you would like to help the project, below some tips:

* Install Visual Studio 2008
* Follow these steps to setup git: http://help.github.com/win-set-up-git/
* Download ILMerge.exe  (to merge rhevUP with GNU GetOpt library)<br>

```ILMerge.exe /t:exe /out:merged-rhevUP.exe rhevUP.exe Gnu.Getopt.dll```

<u>References required to build the project</u>:<br>

# Can I do manually the work? 

<u>on <b>Windows 2003</b> (backup data)</u><br>
1) Stop all RHEVM Service<br>
2) Backup databases<br>
rhevm_history (in case exists)

3) Backup Service CA directory<br>
```C:\Program Files\RedHat\RHEVManager\Service\ca```

4) Backup private key, CA Certs, .config Files and XML<br>
```C:\Program Files\RedHat\RHEVManager\Service\rhevm.pfx```<br>
```C:\Program Files\RedHat\RHEVManager\Service\rhevm.ssh.key```<br>
```C:\Program Files\RedHat\RHEVManager\Service\RHEVManager.exe.config```<br>
```C:\Program Files\RedHat\RHEVManager\Service\RHEVMHistoryService.exe.config```<br>
```C:\Program Files\RedHat\RHEVManager\Service\RHEVMNotificationService.exe.config```<br>
```C:\Program Files\RedHat\RHEVManager\Service\FieldsInVDCConfig.xml```<br>

5) Backup the current certificates installed (using mmc) from Local Computer Account on:<br>
- Trusted Root Certificate Authorities with subject RHEVM CA<br>
- Trusted Publishers with Subject Red Hat<br>
- Personal certs with Subject your RHEV-M host<br>

<u><b>Restoring</b> the data on Windows 2008</u><br>
0) Make sure you have configured the same DNS entry from the previous machine<br>
1) Install a clean RHEV-M software<br>
2) Stop all RHEV-M services<br>
3) Restore the databases<br>

4) Replace (do a backup first of your current files) the following files from your backup:<br>
```C:\Program Files\RedHat\RHEVManager\Service\ca\ca.pem```<br>
```C:\Program Files\RedHat\RHEVManager\Service\ca\private\ca.pem```<br>
```C:\Program Files\RedHat\RHEVManager\Service\rhevm.pfx```<br>

5)To rhevm.pfx file, add FULL Control permission to Network Service user.<br>
6) Restore your certificates on Local Computer account (using mmc)<br>

7) Start all RHEVM Windows Services<br>

# Screenshots
<b><u>Help menu</b></u><br>
![help menu](https://lobo.ruivo.org/~landgraf/imgs/help.png)

<b><u>Backup mode</b></u><br>
![Backup mode - screenshot 1](https://lobo.ruivo.org/~landgraf/imgs/backup1.png)<br>
![Backup mode - screenshot 2](https://lobo.ruivo.org/~landgraf/imgs/backup2.png)<br>

<b><u>Restore mode</b></u><br>
![Restore mode - screenshot](https://lobo.ruivo.org/~landgraf/imgs/restore.png)

<u><b>Schedule Backup</b></u><br>
![Schedule Backup](https://lobo.ruivo.org/~landgraf/imgs/schedule-job.png)

<u><b>RHEV Environment after backup/restore</b></u><br>
![RHEV environment](https://lobo.ruivo.org/~landgraf/imgs/rhev.png)

# Reports
## How can I get the SQL Server Name?

Usually it's your machine name\sqlexpress but you can see it opening the SQL Server Management Studio Express and check the Server Name.

![SQL ServerName](https://lobo.ruivo.org/~landgraf/imgs/rhevup-servername.png)
## User is not authorized to perform this action (Local Computer Account or different Active Directory)

The migration from Windows 2003 to Windows 2008 worked just fine but I cannot login anymore to RHEV Admin Portal, received the message "User is not authorized to perform this action". What happened? 

This issue happens because when you use Local Computer accounts or a different Active Directory, their id objects are uniques for that machine (Windows2003 or Windows2008) and moving these users to a new machine or Active Directory they will adquire a new id object (this is <b>not true/needed</b> when *SAME* use Active Directory). 

To fix:

0 - Download Microsoft SQL Server Management Studio Express and use it to execute below steps<br>

1 - To proceed, we need to identify userid from each RHEV user.<br>
```use rhevm;```<br>
```select * from dbo.users;```
userid	                                name	           surname	domain<br>
```D0ECDCE4-431A-4E5C-8888-51D373F520B4	Douglas	           Landgraf	mydomain```<br>
```38EABAB1-80CA-53A0-CBE5-5C75ED030000	Doug	           NULL	        mydomain```<br>
```4D0F173A-92EB-A925-43FF-AC8BF4030000	rhevadmin	   NULL	        mydomain```<br>
2 - Now we need to check which permissions which user has. Please check the field <b>ad_element_id</b> against userid and check the role_id field.<br>
```use rhevm;```<br>
```select * from dbo.permissions;```
id	role_id	is_readonly	ad_element_id<br>
```18133e7e-45f0-4dd7-bd56-051374a71d0a	00000000-0000-0000-0000-000000000001	False	22567dd9-97b7-4957-9734-81b4decd2990```<br>
```822edce8-eec2-451f-aead-4d559b6268b4	00000000-0000-0000-0000-000000000001	False	4d0f173a-92eb-a925-43ff-ac8bf4030000```<br>
```4fc16cf4-645b-4b53-b22a-83fee7377c4f	00000000-0000-0000-0001-000000000003	False	38eabab1-80ca-53a0-cbe5-5c75ed030000```<br>
```6ea9a353-37a1-4fce-8b2a-ad83275bad26	00000000-0000-0000-0001-000000000001	False	d0ecdce4-431a-4e5c-8888-51d373f520b4```<br>
```20525e30-3ecc-4320-af8f-c3abedf4ad1a	00000000-0000-0000-0001-000000000001	False	38eabab1-80ca-53a0-cbe5-5c75ed030000```<br>
```4089d3c5-d5f5-4abc-92a5-d13e49a8b4e3	00000000-0000-0000-0001-000000000003	False	d0ecdce4-431a-4e5c-8888-51d373f520b4```<br>
<b>00000000-0000-0000-0000-000000000001</b>  = Able to login<br>
<b>00000000-0000-0000-0001-000000000003</b>  = Not able to login<br>
If you would like to see more details about roles, check below:<br>
```use rhevm;```<br>
```select * from dbo.roles;```
id	name	description	is_readonly<br>
```00000000-0000-0000-0000-000000000001	SuperUser	Roles management administrator	True```<br>
```00000000-0000-0000-0001-000000000001	RHEVMUser	RHEVM user	True```<br>
```00000000-0000-0000-0001-000000000002	RHEVMPowerUser	RHEVM power user	True```<br>
```00000000-0000-0000-0001-000000000003	RHEVMVDIUser	RHEVM VDI user	True```<br>
<b><u>So, How to fix the issue?</u></b>
```use rhevm;```<br>
```update dbo.permissions set role_id='00000000-0000-0000-0000-000000000001' where ad_element_id='user_id entry from users table';```

# Contact
Please share your experience: dougsland at gmail dot com