Professional Documents
Culture Documents
Practical Considerations
The primary objective of a good backup and recovery strategy is to minimize the impact a systems disaster has on the business. Having a good plan will enable administrators to restore Windchill as quickly and with as little data lost as possible in the event of a failure on one of the many systems supporting the Windchill application. Developing the right plan requires calculating the real cost to the business of data loss in the event of a failure versus the recurring cost to the business of maintaining the backup and recovery solution. A backup and recovery plan provides a means for restoring the Windchill application to exactly the same state it was in at a given point in the past, and having a good backup and recovery plan will enable administrators to restore Windchill as quickly and with as little data lost as possible. Note that restoring from backup will always result in loss of data, though the amount of data lost will depend on the sophistication (and therefore the cost) of the system environment. It is important to take a pragmatic, methodical approach when determining your systems availability targets. Spares in
the closet and fully-redundant automatic fail-over are both valid approaches, depending on the needs of your business and the cost to the business of downtime or data loss. If Windchill must be restored, there may be a gap in the state of the data between Windchill and other enterprise systems such as ERP. A similar gap may likewise occur if any other enterprise system must be restored to an earlier point in time, and any recovery plans should accommodate any such gaps. During recovery, files may have to be modified in order to fully restore the system. Be sure to make a backup copy of any file which must be modified or removed, in case it must be restored again or reverted to an earlier state. Finally, be sure to practice. In order to reduce the mean time to recovery, regardless of your backup and recovery plan, it is important to go through the motions. It is also critical to verify that your backup plan produces a recoverable backup image. For more information on Backup and Recovery as it relates to archive functionality, see the Windchill Archive Administrators Guide. For more general information on Backup and Recovery, refer to the following documentation: Windchill System Administrators Guide Windchill Business Administrators Guide
Architectural Considerations
Windchill stores its persistent data in several different repositories, so to restore Windchill to a point in time it is necessary to restore each of these repositories to that same point in time. Simply restoring Oracle (or SQL Server) will not be sufficient. The LDAP directory service database, file vaults, and potentially replica sites and other components also have to be considered.
Directory Service(s)
The LDAP Directory Services are used to store user and group information. Windchill is shipped with the Aphelion LDAP directory service, and must be used to store configuration information for Windchills integration capabilities as well as for storing system groups such as Organization definitions. Aphelion may also be used to store user and group information, or Windchill may be configured to connect to one or more additional LDAP directory services for this information. In Windchill 8.0 and earlier, information on context team membership was also stored in the Aphelion Directory. This information was moved to the Windchill Database in Windchill 9.0. Note that while the configuration, user, and group information must be restored from backup, the container team information can mostly, but not entirely, be rebuilt from information stored in the Relational Database. See the Minimizing Synchronization Issues section below for further details. Windchill is supported with Aphelion, plus any other LDAP v3 compliant directory for additional user and group definitions. See the platform support matrix for further details.
In addition, despite the fact that database vendors are making progress on minimizing the impact of storing content directly in the relational database, it will still have a negative impact on the runtime performance of the system as well. For these reasons, it is generally recommended that external vaulting be utilized. Likewise, the benefit to runtime performance of using Remote File Servers for replication generally outweighs the cost of additional architectural and procedural complexity needed to accommodate them.
While it is possible to restore Windchill to a later point in time than the cold backup point through applying the appropriate transaction logging to the restored database, ensuring that all the data repositories are rolled forward to exactly the same state will be challenging. Likewise, while it is possible to design and implement a hot backup scheme, ensuring that you have a valid backup across all the data repositories which can be used to restore them all to exactly the same state will also be challenging. In any recovery situation for the Production environment, immediately open a Technical Support call and mark it as Enterprise Down. This will ensure the right resources are available to help get the environment back online, and will provide access to Technical Support and Developments latest data validation and repair tools if needed.
Data Repository Vaults Item Metadata and non-vaulted content LDAP information Location See Relational Database Configuration See LDAP Directory Configuration Prerequisites None Backup Method RMAN Backup Location
Relational Database
Enterprise Search Index File Server Vault Remote File Server Vault
See Index Search Configuration See Vault Administration See Vault Administration
ZIP
ZIP ZIP
5. Copy the backup files to the directories as appropriate 6. Restore or Recover the components as appropriate 7. Restart the system. Once the system is restored to the cold backup point, all the data repositories should be in exactly the same state they were in when shut down. Thus, they should be in synch and it should be possible to simply turn on the system and allow users to begin using it.
3. Backup index search indexes if desired 4. Backup Aphelion, using LDIF export from the command line 5. Backup other LDAP directories if necessary 6. Backup Oracle, using a standard oracle hot backup technique 7. Backup Local File Servers 8. Backup Remote File Servers if desired 9. Restart queues and local content caching
3. Stop Oracle (if running) 4. Stop Aphelion (if running) 5. Select a target restoration point 6. Copy the backup files to the directories as appropriate 7. Restore Oracle Apply Archive/redo logs to reach the restore point
8. Restore Aphelion Remove any modlog files later than the restore point Import the LDIF file Restart the Aphelion process to apply the modification logs
9. Startup Windchill 10. Remove any content items in the vaults which are more recent than the metadata information in the database Execute the Remove unreferenced files action from the Vault Configuration interface
For user convenience, it may make sense to override the default authorization failed error page (i.e. a 403 response) to explain to the user that the system is temporarily unavailable. Note that in Windchill 9.0 on Apache, this error response page is already overridden by default in the APACHE/conf/extra/app-Windchill.conf file as follows: <Location /Windchill> Deny from all Order Deny,Allow Allow from [hosts to allow connections from] </Location> Note the Location should be modified if necessary to reflect the WebApp name for the target system, and the [hosts to allow connections from] text should be replaced by a list of trusted administrative hosts. When the web server is restarted, it will deny any users not logging in from one of the approved host machines.
%USERPROFILE%\Application Data\PTC\Windchill
For Unix:
~/.ptc/windchill
Although changes to configuration information are far less frequent than data changes, being able to restore the system will require that the system configuration be correct. Having an up-to-date and reliable backup of the configuration will minimize misconfiguration issues on restore. For example, customizations to the Windchill object model will often result in both changes to the codebase and changes to the database schema. For the application to startup, the codebase and database must be in synch. Furthermore, some information used by Templates (e.g. Project, Library, and Product Templates) are stored as load files in the Windchill Home Directory. These templates are used at runtime when new contexts are created using the templates, so these should be accommodated in the plan. Finally, there may be custom scripts or utilities (such as scripts to startup Windchill automatically on UNIX platforms) which should also be included in a backup. There are a few directories with content that does change relatively frequently, though these are not critical to restore. These include: Windchill logs: WT_HOME/logs Workflow Expression class files: WT_HOME/codebase/wt/workflow/definer/expr Workflow Expression (and other) runtime compilation java files: WT_HOME/tmp Tomcat uses the following directory for runtime compilation: TOMCAT_HOME/work Note that backups of the system configuration should for the most part be considered to be machine-specific. Files such as site.xconf and /etc/hosts contain references to the local host name and local file paths which may not be consistent across systems.
Configuration File
The oracle parameters file (or pfile) is named init<SID>.ora (e.g. initWIND.ora). This configuration file is typically converted to binary form (or spfile) so that the parameters can be edited from within the application. If an spfile exists, Oracle will use the spfile and not the pfile as the system of
11
record for parameter values. The spfile is not editable directly, but must be viewed and modified from within the Oracle application. It is possible to generate a pfile from a spfile, or vice versa, through the SQLPlus interface. SQL> create pfile from spfile; SQL> create spfile from pfile; The Oracle Configuration Utility (Windchill OCU) will by default place these files into the OCU_HOME/oradata/<SID> folder (e.g. c:\ptc\Windchill_9.0\ocu\oradata\WIND).
Database Files
The database files are where the actual data is stored. At a minimum, you need valid database files to restore the database. The following query, which must be run as a user with sysdba privileges, should provide the location of the Oracle database files SQL> select name from v$dbfile; The Oracle Configuration Utility (Windchill OCU) will by default place these files into the OCU_HOME/oradata/<SID> folder (e.g. c:\ptc\Windchill_9.0\ocu\oradata\WIND).
Control Files
Control files record the structure of the database, including the location of data files, configuration of tablespaces, and so on. While the database may be restored without valid control files, it is much more difficult. The following query, which must be run as a user with sysdba privileges, should provide the location of the Oracle control files SQL> select name from v$controlfile; The Oracle Configuration Utility (Windchill OCU) will by default place these files into the OCU_HOME/oradata/<Database_SID> folder. The OCU_HOME is specified during installation.
12
mode. This will archive each redo log before it is flagged as available to be overwritten, and ensure that there is a complete record of all the actions performed on the data since the last backup. Enabling Archive Mode does require additional disk space for the backed-up redo logs, but having the complete transactional record available allows for recovery past the last cold backup point. Therefore, configuring Oracle to run in Archive mode is strongly recommended for production systems. The following query, which must be run as a user with sysdba privileges, should provide the location of the Oracle archive logs SQL> select destination from v$archive_dest; Note that the Oracle Configuration Utility (Windchill OCU) configures the database with Archive Mode disabled.
Using Oracle Enterprise Resource Manager to configure a Backup and Recovery Procedure
The OEM interface can be used to fairly easily define a backup routine for your system.
13
For example, there are relatively straightforward interfaces for defining the contents of a backup and for scheduling regular hot backups of the database.
14
15
For example: Windows: R:\usr\var\lde\PTCLdap UNIX: /usr/var/lde/PTCLdap Under this directory, the Aphelion data files are stored in the PTCLdap_database sub-directory, and the logs are stored in the PTCLdap_logs sub-directory. The primary configuration file is directly under the PTCLdap directory, and is called PTCLdap_lde.conf.
16
of the file system while the application is running may not produce a valid backup. However, as with the Relational Database, it is possible to produce a valid backup while the application is running by generating an LDIF export of the entire database. An export can be performed while the database is under load. To export an LDIF from Aphelion, the command-line export utility should be used. To execute an export, use the following syntax: export f [conf_file] o [output_location] The export command and the conf_file are located in the Aphelion home directory, and are most easily found via the virtual mount point created during installation: Windows: A virtual drive letter (R by default) is assigned to Aphelion R:\usr\sbin\lde\export.exe R:\usr\var\lde\PTCLdap\PTCLdap_lde.conf UNIX: A symbolic link is created within \usr\sbin /usr/sbin/lde/export /usr/var/lde/PTCLdap/PTCLdap_lde.conf Particularly for releases earlier than 9.0, it is recommended that fairly regular exports of the Aphelion LDAP are produced, so that the system can be recovered in the event of a synchronization issue. Perhaps the easiest way to automate this is to wrap the export into a shell script, and execute the script regularly via a cron job. The following is an example method on UNIX platforms for creating periodic backups of Aphelion: Create a script for generating the LDIF export, modifying the environment variables as appropriate:
Create: aphelion_backup.sh #!/usr/bin/csh ### MODIFY these variables per your environment setenv EXPORT_COMMAND /usr/sbin/lde/export setenv CONF_FILE /var/lde/PTCLdap/PTCLdap_lde.conf setenv BACKUP_PATH /opt/ptc/baseline/aphelion ### END modification block # Append date to every backup file setenv DATE `/bin/date +%m%d%Y` echo $DATE # Export the Aphelion LDAP to the desired location and filename ${EXPORT_COMMAND} f ${CONF_FILE} o ${BACKUP_PATH}/root_backup_${DATE}.ldif l
17
# Modify permissions on files so they are accessible by wcadmin /bin/chmod a+rw ${BACKUP_PATH}/root_backup_${DATE}.ldif Modify the crontab file to execute the script, replacing #SCRIPT_DIR# with the path to the newly created script, and #LOGS_DIR# with the path to the directory you wish to use for storing the backups:
Execute: crontab e 0 3 * * * #SCRIPT_DIR#/aphelion_backup.sh 2>&1 #LOGS_DIR#/aphelion_backup.log
Note: This should be one line. Note: In this case, the script will run at 3:00 AM. To change the schedule, simply change the 03 to the desired hour (on a 24 hour clock). Aphelion also creates modification logs (modlog files) which are similar to Oracles archive logs. They keep track of changes in the Aphelion database files (.db files), and can be used to roll the database forward from an older backup point during system restoration. Note: Do not use the LDAP browser to export an LDIF file, as this does not access the Aphelion database file directly but instead accesses it through the JNDI interface. The command-line tool is far more robust, and preserves important metadata such as the modify timestamps which are used during restoration to determine which modification logs need be applied.
If alternatively you do wish to try to restore to a later point in time than your latest valid backup, you can attempt to use these modification log files to roll the database forward. Note: The Aphelion process will be very slow to startup if it is attempting to apply modification logs. If the data in the directory changes frequently, consider taking more frequent LDIF export backups to minimize recovery time in the event of a failure. Additional considerations and resources for further information The PTCLdap_lde.conf file contains parameters for controlling the number and frequency of the modification logs. These are: File: PTCLdap_lde.conf max_mod_logs=8 mod_log_roll_time=24 To swap the logs twice per day and keep the old logs for one month, change mod_log_roll_time to 12 and the max_mod_logs to 62. Aphelion may also be configured to create and maintain a read-only copy of itself, which can be swapped into the environment if the primary Aphelion process fails due to media or other failure. For more information on these topics, see the Aphelion administration guides.
Content Cache Vault can be configured to write to two physical locations simultaneously so externally managed synchronization of the devices is not necessary. When creating the logical folder within the Remote File Server configuration, simply enter in a semi-colon delimited list of paths to the different devices.
20
21
22
Mismatches in actual versus expected (per the metadata in the database) file sizes The tool output is in XML format, and the tool may be configured to send the results to one or more recipients via email in addition to writing the output to the command line. The output contains details of the business object associated with missing or corrupt content files.
The tool is a command-line java application which can be run as follows (note the packaging change between 8.0 and 9.0): 8.0 M050 and higher in the 8.0 stream: wt.fv.WContentVerify 9.0 F000 and higher: wt.fv.tools.WContentVerify
For more information, see the Windchill System Administrators Guide. Arguments may be specified on the command line, or driven from a property file. To see all the available options, run the command with the usage flag. For example, here is the output from 9.0 F000: Windchill wt.fv.tools.WContentVerify usage All command line arguments are optional, and if no arguments are supplied, the system runs in the following way: All system content is checked for internal integrity. All vaults and folders are checked for missing or incorrectly sized files. List of valid arguments: user=<adminid> password=<adminpassword> propertyFile=path vaults=vault1,vault2,... User ID of the Administrator user Password of the Administrator user Location of the utilitys property file Only folders for the specified vaults will be checked. No spaces allowed. folders=folder1,folder2,... Only specified folders will be checked. No spaces allowed. replicavaults=vault1,vault2,... Only folders for the specified vaults will be checked. No spaces allowed. replicafolders=folder1,folder2,... Only folders for the specified vaults will be checked. No spaces allowed. onlyExistence onlyReportLatest Only check and report file existence Report only latest iteration of Iterated documents
23
email=[DIRECT_EMAIL,EMAIL_GROUP]
Utility enables mail to specified users. This argument overwrites equivalent properties of the property file. Print vault and folder names and exit Print vault and folder names on remote sites and exit Print list of valid arguments and exit
To specify a property file, either create a file called WContentVerify.properties in the WT_HOME/codebase directory, or use the propertyFile command line option to specify a different input property file. As with most Windchill tools, command-line arguments will override property-file arguments for the same parameter. The following is an example property input file: WT_HOME/codebase/WContentVerify.properties # Path to the directory that will store utility's output. If not specified, will default to $WT_HOME/logs OUTPUT_STORAGE_PATH=D:\\XML_Output\\ # true/false Enable sending of summary email after a run of the utility # The wt.properties setting of wt.mail.mailhost is required EMAIL_GROUP.enabled=true # Comma separated windchill usernames. Everyone on this list receives # email notification of a completed utility execution. No spaces allowed. EMAIL_GROUP.list=testUser1,testUser2 # Enable sending emails to modifiers of the files that have been detected to have errors DIRECT_EMAIL.enabled=true # Subject of emails sent to modifiers of files that have been detected to have errors DIRECT_EMAIL.mailSubject=Direct Email Report # Opening line(s) of emails sent to modifiers of files that have been detected to have errors DIRECT_EMAIL.body=First line of Direct Email Report # Valid windchill username that will be set as the originator of the email notification DIRECT_EMAIL.replyTo=testUser3 # Valid values are html or text. Determines whether the modifiers receive a text or html email DIRECT_EMAIL.format=html # The maximum number of errors permissible for direct email to be sent. If the total number of # errors is greater than this number, no direct emails will be sent, default is 2000
24
DIRECT_EMAIL.limit=1500 # Must be one of All or onlyReportLatest . Reports errors either in all iterations or the # last iteration of iterated objects, default is All. REPORT_DOCUMENTS_FILTER=All
25
Run the following script to generate a list of the FVItems in the order that they were stored. Output of this script should be written to a spool file:
select lpad(lower(dectohex(a0.UNIQUESEQUENCENUMBER)),14,'0') from fvitem a0,fvfolder a1,fvmount a2,fvvault a3 where a0.ida3a4=a1.ida2a2 and a2.IDA3A5 = a1.ida2a2 and a3.ida2a2=a1.ida3a5 order by a1.SEQNUMBER,a0. UNIQUESEQUENCENUMBER a1.SEQNUMBER,a0.CREATESTAMPA2
Run the following script to generate a list of the FVItems and their corresponding vault locations. Output of this script should be written to a spool file
select lpad(lower(dectohex(a0.UNIQUESEQUENCENUMBER)),14,'0'),a1.name,a2.PATH,a3.NAME as VAULT_NAME from fvitem a0,fvfolder a1,fvmount a2,fvvault a3 where a0.ida3a4=a1.ida2a2 and a2.IDA3A5 = a1.ida2a2 and a3.ida2a2=a1.ida3a5 order by a1.SEQNUMBER,a0.CREATESTAMPA2
2. From the Object menu, select Reset Replication. At the next prompt, select okay:
26
D:\ptc\PDMLink\logs\ccs_backup_1001551784964.log --- --- List of Files to Backup (cached on Replica sites) --- --Date/Time: Wed Sep 26 16:49:44 GMT-08:00 2001 Query performed at Site: http://localhost/Windchill/servlet/WindchillGW Description: find all files to backup related to contents cached at all Replica sites. --------------------------------------------------------------------------For Site: remotehost, http://remotehost/Windchill/servlet/WindchillGW Folder Path: upload1 File Name: 0000000000001d
Additional considerations and resources for further information The Remove unreferenced files utility should be run immediately after restoring the system from backup. Because the file names assigned to new content are based on a hexadecimal sequence, there will be naming conflicts when new content is created if the vault information is more recent than the database information. You may wish to ensure that the contents of the vault directory are available in a separate (unreferenced by Windchill) location, so that any newer content can be re-uploaded to the system post restoration if necessary. However, only run the Remove unreferenced files utility after a cold backup of the entire environment or immediately after restoring from backup. Running the utility at other times may result in losing content that would be required to fully restore the system to an earlier point in time.
28
Do not run any replication sessions while the vaults are being backed up. Otherwise, any content uploaded after the Oracle backup but before the File Server backup may be replicated, causing the Remote File Servers to potentially get out of synch with the Master Site if the system must be recovered. See the Windchill System Administrators Guide for more information on configuring mirroring and parallel write, specifically under Mirroring in the Local Cache Vault and Utility to Assist Backups.
29
30
Note that the data_index contents will be regenerated if necessary, but having a good backup will reduce recovery time 5. Backup the system bootstrap files INSTREAM_HOME/etc/searchrc-1.xml INSTREAM_HOME/etc/rtsplatformrc.xml 6. Restart InStream
for a Cognos only database, though it should not cause any issues if they are enabled. For more information on exporting the Full Deployment, see the Administration and Security Guide. For each machine that has a Cognos component installed, the following information should be included in a system backup: An unencrypted export of the Configuration File A file system backup of all Framework Manager models stored in a user specified location during creation of the model or while saving the model The contents of the following key directories: COGNOS_HOME/webcontent/skins COGNOS_HOME/configuration COGNOS_HOME/deployment The LDAP directory, or other identity management system If Aphelion is used, this should be accommodated as part of the overall Windchill backup The source code for any custom extensions The web server configuration information
32
performed by comparing the DNs listed in the remoteObjectInfo table with the DNs in the LDAP.
On Startup of Windchill
Set the wt.org.verbose=true property, and attempt to startup the system. If any errors are encountered due to LDAP and Database or codebase and Database synchronization issues, errors will be reported in the logs.
Assumptions
The following components are installed in the specified directories: Windchill Apache Tomcat Aphelion Oracle InStream External Vault Mount c:\ptc\Windchill_9.0\Windchill c:\ptc\Windchill_9.0\Apache c:\ptc\Windchill_9.0\Tomcat c:\ptc\Windchill_9.0\Aphelion c:\Oracle c:\ptc\Windchill_9.0\IndexSearch c:\ptc\Windchill_9.0\Vaults\contentCache
Oracle database parameters are as follows: SYS User Password SID manager wind
33
c:\ptc\Windchill_9.0\Apache\bin\httpd k stop 2. Shutdown the Servlet Engine c:\ptc\Windchill_9.0\Tomcat\bin\wttomcat_stop.bat 3. Shutdown the Windchill application c:\ptc\Windchill_9.0\Windchill\bin\windchill stop 4. Shutdown the Cognos server 5. Suspend InStream Indexing d:\ptc\InStream\bin\rtsadmin chill 16099 webcluster 0 0 suspend 6. Shut down InStream 7. Shutdown Oracle by stopping the listener and database instance C:\> emctl stop dbconsole C:\> lsnrctl stop C:\> sqlplus SYSTEM/password as sysdba SQL> shutdown immediate Backup Aphelion 8. Execute the export command export f R:\usr\var\lde\PTCLdap\PTCLdap_lde.conf c 9. Shutdown Aphelion From the Windows Services, stop the three Aphelion services: Aphelion Administration Aphelion Drive Mapping Aphelion Services
34
Backup static file system files 10. Copy any changed files from the home directory to the backup location Restart Aphelion 11. From the services interface, restart the Aphelion services Restart the system 12. Restart the Windchill platform components, and Windchill c:\ptc\Windchill_9.0\Windchill\bin\windchill start c:\ptc\Windchill_9.0\Tomcat\bin\wttomcat_start.bat c:\ptc\Windchill_9.0\Apache\bin\httpd k start c:\ptc\Windchill_9.0\Windchill\*.* c:\ptc\Windchill_9.0\Apache\conf\*.* c:\ptc\Windchill_9.0\Tomcat\conf\*.* c:\ptc\Windchill_9.0\Aphelion\*.* c:\ptc\Windchill_9.0\ocu\*.* c:\ptc\Windchill_9.0\IndexSearch\data\data_fixml c:\ptc\Windchill_9.0\IndexSearch\data\data_index c:\ptc\Windchill_9.0\IndexSearch\etc\searchrc-1.xml c:\ptc\Windchill_9.0\IndexSearch\etc\rtsplatformrc.xml c:\ptc\Windchill_9.0\Cognos\webcontent\skins\*.* c:\ptc\Windchill_9.0\Cognos\configuration\*.* c:\ptc\Windchill_9.0\Cognos\deployment\*.* c:\ptc\Windchill_9.0\Aphelion\var\lde\PTCLdap\*.* c:\ptc\Windchill_9.0\Vaults\*.*
35
Oracle database parameters are as follows: SYS User Password SID manager wind
36
16. Shut down InStream 17. Copy the contents of the data directories to the backup location.
37
d:\ptc\InStream\data\data_fixml d:\ptc\InStream\data\data_index
18. Copy the system bootstrap files to the backup location d:\ptc\InStream\etc\searchrc-1.xml d:\ptc\InStream\etc\rtsplatformrc.xml
19. Restart InStream Export and backup an LDIF file from Aphelion 20. Execute the export command export f R:\usr\var\lde\PTCLdap\PTCLdap_lde.conf c 21. Copy the resulting R:\usr\var\lde\PTCLdap\PTCLdap_database\root.ldif file to the backup location Backup the Oracle Database
This site has decided to perform a weekly backup of the entire database, and a daily backup of the archive logs. Since they are using OEM to configure RMAN, they can actually specify the target backup device (e.g. tape) in addition to scheduling the type of backup and files to be included. 22. Log into OEM a. Schedule a weekly backup of the database (including the init.ora file) b. Schedule a nightly backup of the archive logs Backup Local File Server Vaults 23. Copy the vault contents to the backup location Restart queues 24. From the Queue Manager, re-enable the queues
Select a recovery point 2. Identify the desired recovery point in time Restore Oracle, and recover it 3. Restore the most recent database initialization file (init.ora) available 4. Restore the most recent control files available 5. Login to Oracle Enterprise Manager as the SYSDBA user 6. Open the Instance, and select the database
7. Select Mount the database and apply the changes. 8. Restore the database files using the Maintenance tools 9. Select the Open state to bring the database online Restore Aphelion, and recover it 10. Copy the modlog files from the cold backup point to the target recovery point into the R:\usr\var\lde\PTCLdap\PTCLdap_logs directory 11. Start the Aphelion process Restart Windchill 12. Restart the Server Managers and Method Servers 39
Clean and validate the File Server vault contents 13. Run the Purge unreferenced files command from the Vault Configuration interface 14. Run the WContentValidate tool to verify that all content referenced by the metadata is present in the vaults
Example Procedure for PTC administered instances Backup Procedure for PTCs PDMLink/ProjectLink system (pds.ptc.com) and for PDMLink On-Demand
The following procedure is not supported. It is documented here to serve as a reference for customers designing their own backup procedures. Note that this example contains some sample UNIX scripts for performing an Aphelion export and Oracle backup. These scripts are tailored specifically for the PTC system environments, and will not work without modification at other sites. These scripts are not supported by PTC technical support, but are provided here in the interest of sharing a more complete sample backup and recovery plan. Once Daily: Aphelion Backup (LDIF Export) A CRON job is run to export an LDIF file from Aphelion. The exported file will be collected as part of the nightly backup of the component installation directories (see Component Installation Directories step below) aphelion_export.sh #!/bin/sh PREVIOUS=`ls -l /aphelion/lde/var/PTCLdap/PTCLdap_database/root.ldif` cd /aphelion/lde/var/PTCLdap sudo /aphelion/lde/sbin/export -f PTCLdap_lde.conf CURRENT=`ls -l /aphelion/lde/var/PTCLdap/PTCLdap_database/root.ldif` /usr/lib/sendmail -t -oi <<EOF From: Aphelion Admin xxxxx@ptc.com To: yyyyy@ptc.com Subject: Daily Aphelion export status X-Priority: 1 (Highest) ------------------ Previous Export --------------------$PREVIOUS ------------------ Current Export ---------------------$CURRENT EOF Once Daily: External LDAP backup pds.ptc.com is integrated with PTCs corporate LDAP for user and group information. This LDAP is managed by a different group within IT, and is backed up nightly.
40
Once Daily: File Vault Backup The file vaults are backed up along with the component installation directories (see Component Installation Directories step below) Once Daily: Backup of the Windchill Component Installation Directories Perform an operating system backup which includes: Windchill codebase Aphelion LDAP installation directory Tomcat installation directory Apache installation directory Oracle installation directory Oracle archive logs
Backup files are copied to tape. Twice Weekly: Oracle Database Hot Backup The oracle database is backed up once mid-week and once over the weekend. Users are not locked out of the system during this time, but the backup is performed during a period of very low system activity. 1. Switch Oracle into Hot Backup Mode hot_bk_on.sh #!/bin/ksh cnt=`whoami |grep oracle | wc -l` if [ $cnt != 1 ] then echo "\nscript needs to be run as oracle" echo "instead of `id`" echo "exiting with return code 99 " exit 99 fi
for line in `egrep -v '^#' /etc/oratab` do ORACLE_SID=`echo $line | cut -d: -f1` export ORACLE_SID ORACLE_HOME=`echo $line | cut -d: -f2` export ORACLE_HOME export PATH=$PATH:$ORACLE_HOME/bin export SPOOLFILE=/tmp/begin_hotbackup.sql curr_date=`date '+%y-%m-%d'` sqlplus -s /nolog << EOF >> ~/log/begin_hot_backup.$curr_date conn / as sysdba WHENEVER SQLERROR EXIT SQL.SQLCODE set head off set termout off set feed off set pages 9999 select '# $ORACLE_SID : start log sequence : '||to_char(sequence#)
41
from v\$log where status = 'CURRENT'; spool $SPOOLFILE select distinct 'alter tablespace '|| t.tablespace_name||' begin backup;' from v\$backup a , DBA_DATA_FILES c, DBA_TABLESPACES t where a.status != 'ACTIVE' and t.TABLESPACE_NAME = c.tablespace_name and t.status = 'ONLINE' and c.file_id = a.file#; spool off set termout on @$SPOOLFILE !rm $SPOOLFILE EXIT SQL.SQLCODE EOF sqlplus -s /nolog << EOF >> ~/log/begin_hot_backup.$curr_date conn / as sysdba set pages 1999 lines 140 col TABLESPACE_NAME for a10 col FILE_NAME for a50 col status for a10 select TABLESPACE_NAME, file_name , bytes, a.STATUS from DBA_DATA_FILES c, v\$backup a where c.file_id = a.file# / exit EOF done 2. Copy all database files to the backup location
data_file.sh #!/bin/ksh curr_date=`date '+%y-%m-%d'` for file in `ls -1 /d???/ORACLE_DB/xxxxx/*` do dir_name=`dirname $file` backup_dir=`echo /d000/backup${dir_name}` if [ ! -d $backup_dir ]; then mkdir -p $backup_dir fi cp $file /d000/backup${file} compress -f /d000/backup${file} echo "cp $file /d000/backup${file}" >> ~/log/disk_backup.$curr_date done ls -lt /d000/backup/d*/ORACLE_DB/xxxxx/* >> ~/log/disk_backup.$curr_date
42
for line in `egrep -v '^#' /etc/oratab` do ORACLE_SID=`echo $line | cut -d: -f1` export ORACLE_SID ORACLE_HOME=`echo $line | cut -d: -f2` export ORACLE_HOME export PATH=$PATH:$ORACLE_HOME/bin export SPOOLFILE=/tmp/begin_hotbackup.sql curr_date=`date '+%y-%m-%d'` sqlplus -s /nolog << EOF >> ~/log/begin_hot_backup.$curr_date conn / as sysdba WHENEVER SQLERROR EXIT SQL.SQLCODE set head off set termout off set feed off set pages 9999 select '# $ORACLE_SID : start log sequence : '||to_char(sequence#) from v\$log where status = 'CURRENT'; spool $SPOOLFILE select distinct 'alter tablespace '|| t.tablespace_name||' begin backup;' from v\$backup a , DBA_DATA_FILES c, DBA_TABLESPACES t where a.status != 'ACTIVE' and t.TABLESPACE_NAME = c.tablespace_name and t.status = 'ONLINE' and c.file_id = a.file#; spool off set termout on @$SPOOLFILE !rm $SPOOLFILE EXIT SQL.SQLCODE EOF sqlplus -s /nolog << EOF >> ~/log/begin_hot_backup.$curr_date conn / as sysdba set pages 1999 lines 140 col TABLESPACE_NAME for a10 col FILE_NAME for a50 col status for a10 select TABLESPACE_NAME, file_name , bytes, a.STATUS from DBA_DATA_FILES c, v\$backup a where c.file_id = a.file# / exit EOF done
Once Monthly: Oracle Database Cold Backup The database is running in a mirrored environment. The basic procedure is to break the mirror, backup the shutdown half of the mirror, and then remerge the mirror. 1. Shutdown the Database briefly 2. Split the database mirror
43
3. Bring half the mirror back online 4. Copy all the database files from the shut down half of the mirror to the backup location 5. Bring the other half of the mirror back online and re-merge the mirror environment
Restore Procedures
The following procedure is not supported. It is documented here to serve as a reference for customers designing their own recovery procedures. Aphelion Restoration (LDIF Import) Typically, Aphelion is restored by importing the LDIF file External Vault Restoration Typically, vaults can be recovered as part of a standard installation directory restoration Windchill Application Component Restoration Typically, Windchill application components can be recovered as part of a standard installation directory restoration Oracle Restoration Typically, the database can be restored through restoring from the hot backup and applying the archive/redo logs to roll forward to the desired restore point. 2008 Parametric Technology Corporation (PTC). The information contained herein is provided for informational use and is subject to change without notice. The only warranties for PTC products and services are set forth in the express warranty statements accompanying such products and services and nothing herein should be construed as constituting an additional warranty. PTC shall not be liable for technical or editorial errors or omissions contained herein. PTC, the PTC Logo, The Product Development Company, Pro/ENGINEER, Wildfire, Windchill, Windchill PDMLink, Windchill ProjectLink, Arbortext, Mathcad and all PTC product names and logos are trademarks or registered trademarks of PTC and/or its subsidiaries in the United States and in other countries. For Important Copyright, Trademark, Patent, and Licensing Information: For Windchill products, select About Windchill at the bottom of the product page. For InterComm products, on the Help main page, click the link for Copyright. For other products, click Help > About on the main menu of the product.
44