VMware NSX Backup and Restore

This post will detail how to backup and restore NSX. NSX configuration and components configurable through the NSX Manager UI or API are included in the NSX Manager backup. This includes controller nodes, Edge configurations (Distributed Logical Router, Edge Services Gateway), firewall rules, etc. as well as all events and audit log tables. Virtual switches are included in the vCenter Server database backup. When planning a backup strategy for NSX consider the following:

• NSX Manager backups can be taken on demand, or scheduled at hourly, daily, or weekly intervals.
• Ensure that the vCenter Server (and database if external) are backed up and factored into the NSX backup schedule. For example if you need to restore the entire environment it is recommended that the NSX Manager backup is taken at the same time as vCenter Server.
• The only method of backup and restore for NSX Manager is with FTP/SFTP. Using any other method to backup NSX components could result in errors when restoring objects and is not supported by VMware.
• When restoring NSX Manager a new NSX Manager is deployed and the configuration restored. The restore process of NSX Manager is only compatible from an NSX Manager of the same version. Therefore it is important to backup NSX Manager both before and after upgrades.

NSX Manager Backup

As outlined above, NSX configuration is backed up using the NSX Manager. Open a web browser to the IP address or FQDN of your NSX Manager. Log in with the admin user.

From the home page select Backup and Restore.

Click Change next to the FTP Server Settings row.

Enter the details for the destination FTP/SFTP server, add a filename prefix for the backup files, and configure a pass phrase. Make a note of the pass phrase in a password safe since this will be needed for restores.

Optional – next to Scheduling click Change to configure a backup schedule.

Optional – next to Exclude click Change to logs or events from the backup.

Once the backup server is configured backups will run as scheduled, or click Backup to backup NSX Manager now.

Click Start to confirm the backup job.

Completed backups will be listed in the Backup History table.

To remove a backup you can delete the files from the FTP/SFTP server and it will be removed from the Backup History table when the browser page is refreshed.

NSX Manager Restore

To restore NSX configuration a new NSX Manager must first be deployed. While it is possible to restore NSX configuration from an existing NSX Manager it is assumed that since a restore is required NSX Manager has failed and it is best practise to deploy a new instance. For assistance with deploying NSX Manager see this post.

Ensure the old NSX Manager is powered off. Deploy a new NSX Manager instance and configure it with a management IP address (this will be temporary, all settings will be reverted back to the previous NSX Manager after the restore is complete).

Log into the newly deployed NSX Manager and select Backup and Restore.

Click Change next to the FTP Server Settings row.

When configuring the FTP Server Settings ensure the same settings are configured as when the NSX Manager was backed up. This includes the hostname, username, password, backup directory, filename prefix, and pass phrase.

Select the backup from the Backup History table and click Restore.

Confirm the restore when prompted. NSX Manager is unavailable during the restore process.

When the NSX Manager is available log in, the summary page will display a System restore completed message.