Restoring a policy database from a backup
The policy database stores Policy Editor items such as the Trust Framework, policies, and commit history. If someone accidentally deletes or changes those items or the database gets corrupted, restore the database from a backup.
Learn more about configuring backups in Policy database backups.
|
If you are using a managed RDBMS, such as PostgreSQL, instead of the default H2 database, make sure you implement backup strategies in line with your organization’s best practices. |
-
Not Using Docker
-
Using Docker
Restoring a database when not using Docker
About this task
To restore a policy database when not in a Docker environment:
Steps
-
Ensure the Policy Editor server is no longer running by either using
bin/stop-serveror killing the process. -
Locate the backup
.ziparchive that you want to restore.The default location is
SERVER_ROOT/policy-backupPING_H2_BACKUP_DIRenvironment variable. -
Extract the
.ziparchive to the configured database location overwriting the previous policy database file, if present.The default location is the root of the Policy Editor server installation directory. If it’s not there, check the location specified by the
PING_H2_FILEenvironment variable. -
Start the Policy Editor server.
$ bin/start-servershell
Restoring a database when using Docker
About this task
To restore a policy database in a Docker environment:
Steps
-
Locate the backup
.ziparchive that you want to restore.The location should be a directory specified using the
PING_H2_BACKUP_DIRenvironment variable, as mentioned in Policy database backups. -
Extract the
.ziparchive to the database location that you’ll specify using thePING_H2_FILEenvironment variable when you start the Docker container. -
Start the Policy Editor Docker container with a mounted volume that has the extracted backup file and use
PING_H2_FILEto specify that backup file in the container file system.For example, the following command assumes the uncompressed database file is named
Symphonic.mv.dbin the host file system. ThePING_H2_FILEenvironment variable specifies the file name without the.mv.dbextension.$ docker run --network=<network_name> --env-file ~/.pingidentity/config \ --env PING_H2_FILE=/opt/out/Symphonic \ --volume <HOST_BACKUP_DIR>:/opt/out pingidentity/{PAP_CONTAINER_NAME}:<TAG>shellFor proper communication between containers, create a Docker network using a command such as
docker network create --driver <network_type> <network_name>, and then connect to that network with the--network=<network_name>option.The Docker image <TAG> used in the example is only a placeholder. You can find actual tag values in the Docker Hub.