Backing up a non-load balancer deployment
- Last Updated: March 25, 2025
- 3 minute read
- Hybrid Data Pipeline
- Version 5.0
- Documentation
For a production environment that requires a non-load balancer deployment, the deployment should, as a matter of best practices, include an external system database and a user-specified key location. An SSL certificate should also be specified during installation to enable SSL. To properly back up a non-load balancer deployment, each of these parts of the deployment should be backed up. In addition, the server installation directory itself should be backed up.
System database
Hybrid Data Pipeline requires a system database for storing user and configuration information. When deploying the service on a single node without a load balancer, you can opt to use either the embedded internal database or an external database. For a production environment, an external database should be used as a matter of best practices.
To promote the continuous availability of the service, the system database should be replicated, or mirrored, according to the database vendor documentation. In the event that the system database fails, the mirror can be integrated with the connectivity service by performing an upgrade installation of the server on the machine supporting the service. See Recovering an external system database for more information.
Key location
Hybrid Data Pipeline requires the specification of a key location during installation. For a non-load balancer deployment, you can specify a default location, which writes encryption keys and other shared files to the installation directory of the host machine, or you can specify a location on a separate machine. In a production environment, the files used to connect to the system database should be secured on a separate machine.
The key location contains the files that are used to connect to the system database, including encryption keys and encrypted information. This information must be available to recover the service. Therefore, the key location directory must be backed up. Refer to Shared files and the key location in the Deployment Guide for detailed information on the files in the key location.
KEY_LOCATION property in the
<install_dir>/ddcloud/update.properties file (where
<install_dir> is the installation directory of the
Hybrid Data Pipeline server) contains the path of the key location.Installation directory
The Hybrid Data Pipeline installation directory contains a number of files required for the recovery of a non-load balancer deployment. These files include the On-Premises authentication and encryption keys, the SSL keystore, and the SSL trustore. In addition, the installation directory includes log files that could be useful to evaluate issues with the service. Therefore, the installation directory must be backed up. Refer to Shared files and the key location in the Deployment Guide for detailed information on the files in the key location.
Best practices also recommend making a backup copy of the installation program for the particular version of Hybrid Data Pipeline that is deployed.
SSL certificate
In a non-load balancer deployment, the SSL certificate must include a server certificate and all intermediate certificates all the way to the root of the certificate chain to establish trust. A server certificate issued by a CA (certificate authority) should be used. The server certificate must be in PEM file format and must include all intermediate certificates all the way to the root of the certificate chain to establish trust. In a recovery scenario, the PEM file must be specified in the installation of the server after system failure. Therefore, a backup of the PEM file should be made. The backup should be secured with the same access controls as the one used in the standing installation of the server.