Backing Up Configuration Files
Junos Space Network Management Platform enables you to back up device configuration information by importing the configuration file from a device and storing it in Junos Space Platform or on a remote server. You can use this backup file to recover device configuration in case of a system failure and also to maintain consistent configuration across multiple devices. Backing up your device configuration files is therefore a prerequisite for configuration file management.
Only devices that have been previously discovered by Junos Space Platform can have their configuration files backed up.
The backup function skips over devices that cannot be accessed by the Junos Space server. On the Job Management page, the state of a configuration file backup job shows up as Failed in the case of skipped over devices.
The backup function checks for differences between the configuration file on the device and the configuration backup file stored in Junos Space Platform before creating a new version of the configuration file. If no changes are detected, the device is skipped over. However, the status is shown as Success on the Job Management page for this backup configuration job.
The backup function checks for differences between the configuration file on the device and the configuration backup file stored in Junos Space Platform. In case the device configuration has not changed, but you edit its configuration file in Junos Space Platform and then back up the configuration from the device, a new version is created. The first backup file is Version 1, the edited configuration file is Version 2, and the second backup file is Version 3.
When you back up a configuration file, an audit log entry is automatically generated. From the audit log entry, you can identify the user who initiated the backup operation, the IP address from which this task was initiated, and so on.
In the case of an SRX Series device with logical system (LSYS), configuration file backup is supported only on the root device.
To back up configuration files from one or more devices to Junos Space Platform:
- On the Junos Space Platform UI, select Configuration
Files > Config Files Management.
The Config Files Management page appears.
- Click the Backup Configuration
The Backup Configuration Files page appears, displaying the following information for all the devices managed by Junos Space Platform:
Host Name: Name of the device whose configuration file you are backing up
Device Alias: Value of the Device Alias custom label for the device
Domain: Domain to which the device belongs
IP Address: IP address of the device
Platform: Device platform
Serial Number: Serial number of the device
Software Version: Operating system firmware version running on the device
Because the table displays one device (record) per row, a single page might not be sufficient to list all your devices.
The left side of the status bar at the bottom of the page shows which page is currently displayed and the total number of pages of records. It also provides controls for navigating from page to page and refreshing them. The right side of the status bar indicates the number of records currently displayed and the total number of records.
- From the table, select the devices whose configurations
you want to back up, by using one of the following selection modes—manually,
on the basis of tags, or on the basis of domains. These options are
mutually exclusive. If you select one, the others are disabled.
By default, the Select by Device option button is selected and the complete list of devices is displayed.
If you want to back up the configuration of all devices, select the Select All across Pages check box.
To select devices manually:
- Click the Select by Device option and select
the devices whose configurations you want to back up.
The Select Devices status bar shows the total number of devices that you selected, dynamically updating as you select.
- (Optional) To back up all the devices, select the check box in the column header next to the Host Name column.
To select devices on the basis of tags:
- Click the Select by Tags option.
The Select by tags list is activated.
- Click the arrow on the Select by tags list.
A list of tags defined for devices in Junos Space Platform appears, displaying two categories of tags—Public and Private.
If no tags are displayed, then it means that none of the devices are associated with any tag. You need to tag the devices first on the Device Management page before you can use the Select by Tags option. For more information about tagging, see Tagging an Object.
- To select tags, perform one of the following actions:
Select the check boxes next to the tag names to select the tags and click OK.
To search for a specific tag, enter the first few letters of the tag name in the Select by Tags field to the left of the OK button. If a match is found, a suggestion is made; you can select it and click OK.
The total number of devices associated with the selected tags appears just above the device display table. For example, if there are six devices associated with the selected tags, then 6 items selected is displayed.
The selected tags appear next to the Tags Selected label. An [X] icon appears after each tag name. Click the [X] icon to clear any tag from the list. The device count decrements accordingly.
To select devices on the basis of domains:
- Click the Select by Domains option.
The Select by domains list is activated.
- Click the arrow on the Select by domains list.
The list of domains appears. Only the domains that you have access to are available for selection.
- Select the check boxes next to the domain names to select
the desired domains and click OK.
The total number of devices associated with the selected domains appears just above the device display table.
The selected domains appear next to the Domain(s) Selected label. An [X] icon appears after each domain name. Click the [X] icon to clear any domain from the list. The device count decrements accordingly.
- (Optional) To export the backed-up configuration file
to a remote server, select the Export backup to a remote scp
server check box and provide the following details:
IP Address: Enter the IP address of the remote server.
Port: Enter the port number. If you do not specify the port number, the default port, 22, is used.
Directory: Enter the directory path for backup.
Username: Enter your username.
You can select the authentication mode for backing up configuration file to SCP server from Junos Space Network Management Release 17.1R1 onward.
- To use the password mode, in the Password field, enter the password that you use to access the SCP server. By default, the Password mode is selected.
- To use a key generated from Junos Space Platform, click Space Key. Click the Download Space Key link to
download the key.
Alternatively, you can download the Space Key by selecting Administration > Fabric and clicking the Manage Space SSH Key icon.
After downloading the Space Key, log in to the SCP server and append the contents of the downloaded key file to the ~/.ssh/authorized_keys file.
- To use a custom private key, click Custom Key.
(Optional) In the Passphrase field, enter the passphrase created when you generated the private key.
Next to the Private Key field, click the Browse button to upload the private key.
Fingerprint: (Optional) Enter the fingerprint of the remote server.
Junos Space Platform uses Secure Copy Protocol to back up the configuration file to the specified folder in the remote server. The name of the file is in the following format:
Here, device_name is the name of the device, device_ip is the IP address of the device, version is the configuration file version and timestamp is the date and time the configuration file is backed up.
- (Optional) To schedule a time for backup of configuration
files, select the Schedule at a later time check box, and
use the calendar icon and the drop-down list, to specify the date
and the time respectively.
If you do not select the Schedule at a Later Time check box, the configuration files are backed up as soon as you click the Backup button on the Backup Config Files page.
If a backup is already scheduled for later using password mode, in order to use Space Key or Custom Key, you must cancel the existing scheduled task and reschedule it using the authentication mode of your choice.
If a backup is already scheduled for later using Custom Key and if the key has changed, you must cancel the existing scheduled task and reschedule it using the updated key.
- (Optional) Schedule configuration files backup recurrence
by selecting the Repeat check box.
To set the recurrence:
- Specify the backup recurrence by setting the interval
and the increment.
The default recurrence interval is 1 hour.
- Select the End Time check box to specify when
the recurrence must end.
Indicate a date and time by using the date calendar and the time list. If you do not specify an end date and time, the backup operation recurs until you cancel the job manually.
If recurrence is set and the Export backup to a remote scp server check box is selected, the configuration file is copied to the remote server at specified intervals.
You can schedule the automatic export of backed-up configuration files to a remote Secure Copy Protocol (SCP) server only from Junos Space Network Management Platform Release 16.1R1 onward.
- Specify the backup recurrence by setting the interval and the increment.
- Click Backup on the Backup Configuration Files
The Backup Configuration Files dialog box appears, displaying a message indicating that Junos Space Platform has successfully scheduled the backup of the selected configuration files.
- Perform one of the following
Click the job ID in the Backup Configuration Files dialog box to view the status of the configuration file backup job from the Job Management page.
To return to the Config Files Management page, click Configuration Files > Config Files Management on the task tree.
Click OK in the Backup Configuration Files dialog box.
The Config Files Management page reappears, displaying the backup files.
For more information about viewing the backup configuration files, see Viewing Configuration Files.
For troubleshooting, see the