Backuping the OKS database
The OpenKeyServer has been designed to provide a reliable service even after a system or database crash. It means that if your database becomes corrupted because of bad thins happening, you just need to recover from your backup in order to make your keyserver running again.
There are two ways of backuping your keyserver: the first one consists of making a simple full backup of your database and the second one of backuping just the keyserver's recovery file.
To perform a full backup of your database, you must first ask your keyserver to commit all its unsaved information on the disk. This can be done either by shutting down your OKS database server or sending him a SIGUSR1 signal.
# ps PID COMMAND 1401 /usr/local/oks/bin/oksd /usr/local/oks/etc/oksd.conf 1404 /usr/local/oks/bin/oks_http /usr/local/oks/etc/oks_http.conf # kill -USR1 1401
When the keyserver finishes to dump its database after receiving this signal,
it enters into a pause mode and waits before continuing until it receives a SIGCONT
signal.
At this point, your keyserver's database directory contains the complete dump of
your database. You can now launch your backup tool to backup this directory or execute
the followings commands to create an archive file of your database:
# cd /mnt/backup
# tar cf oksdb.tar /usr/local/oks/var/db
# gzip oksdb.tar
Then you just have to start your OKS database server again or send him the SIGCONT signal to continue its service.
Backuping the keyserver recovery
file
Each modification to an object in the OKS database is stored into a recovery file located in the database recovery directory. Everytime the OKS database server starts, it creates a new recovery file overthere and keeps this file open until it is restarted, shutted down or asked to rotate its recovery file.
To rotate the database recovery file, just send a USR1 signal to the database server process as follow :
# ps
PID COMMAND
1401 /usr/local/oks/bin/oksd /usr/local/oks/etc/oksd.conf
1404 /usr/local/oks/bin/oks_http /usr/local/oks/etc/oks_http.conf
# kill -USR2 1401
The first command lists the current user processes and the second one sends a
SIGUSR2 signal to the database server process. In case of errors, the syslog service
is used and will print usefull error messages.
Note that each file is identified by a unique ID formed by taking the database name
concatened with a unique timestamp (year-month-day-hours-minutes-seconds) in order
to sort them in time.
If
the server encounters any errors during the rotation, the process will be automatically
paused for a certain amount of time set in its configuration file. After this delay,
the server will try to restart again and renter into pause mode if errors persist.
At this point, you will simply need to copy this file to your backup directory:
# cd /usr/local/oks/var/db
# ls
sample-199901254008562.recovery sample-199901264008564.recovery
# cp sample-199901254008562.recovery /mnt/backup