# Applications

Storware Backup & Recovery can protect Applications and others likes:

* [MSSQL](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/mssql)
* [MySQL/MariaDB](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/mysql-mariadb)
* [PostgreSQL](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/postgresql)
* [DB2](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/db2)
* [Oracle](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/oracle)
* [Relax and Recover - ReaR](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/relax-and-recover)
* [Git](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/git)
* [oVirt/RHV/OLVM](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/ovirt-rhv-olvm)
* [Kubernetes/OpenShift etcd](https://docs.storware.eu/backup-and-recovery-71/protecting-applications/applications/kubernetes-openshift-etcd)

## Main concepts

There are 2 main concepts that Storware Backup & Recovery uses to execute backups:

* Command Execution Configuration
* Application Definition

### Command Execution Configuration

This describes **how** to perform a backup operation. That is how to execute a command that produces a backup artefact which Storware Backup & Recovery later stores in a backup provider. Multiple Application definitions share Command Execution Configuration but with different parameter values.

Command Execution Configuration properties come in several sections:

1. **General:**
   * **Name** - Name of your configuration
   * **Execution type**:
     * Node - execute this command directly on the node
     * Remote SSH - execute this command over SSH using credentials provided in the Application definition
   * **Timeout** - fail execution if a command doesn't complete within the time given
     * if you think that your backup should take longer, increase this value
     * this timeout is for whole command execution - if you have several steps in your script and you need additional timeouts for these steps - add them to your script
2. **Command arguments:**
   * add arguments that contain spaces as separate arguments
   * the first argument is the path to your executable
   * make sure this command is accessible on the remote host, and Storware Backup & Recovery credentials will suffice to execute it
   * remote commands (over SSH) will invoke shell so you can use bash-style expressions (built-in commands such as `echo`, environmental variables or redirections) within the command argument
   * commands executed on the node are executed natively by OS, so if you want to use bash-style expressions (built-in commands such as `echo`, environmental variables or redirections) you need to split your command at least into 3 arguments: `/bin/bash`, `-c` and `your command > with some redirections`
3. **Data export:**
   * **Export data** - when enabled, Storware Backup & Recovery will expect artefacts to be collected as a result of a command
   * **Source type:**
     * FILE - result will be a file, directory or path with `*` wildcard
     * STREAM - output of your command
   * **Source path:**
     * path to your artefacts that need to be collected
     * file, directory or path with `*` wildcard - more than 1 file on the source will result in files being stored as a single tar archive
   * **Remove files after export:**
     * if artefacts (files or source directory) need to be removed once exported
     * be careful when providing a path in the source directory, the whole directory will be removed when this setting is enabled
4. **Applications:**
   * select which applications will use this command execution config
5. **Parameters:**
   * this section allows you to define the parameters that will be expected to be entered in each application definition
   * each parameter will eventually become an environment variable in the application definition
   * each parameter has several properties
     * Name - Name of the resulting environmental variable
     * User-friendly hint - a hint what this parameter is to be shown later in the application definition
     * Default value - the default value, entered during initialization in the application definition form
     * Show in UI - if the value should be shown as dotted or not - useful for passwords
     * Obligatory - if we expect that its value should always be provided in the application definition form
6. **Error handling**
   * Standard error output stream handling (when non-empty):
     * Don't ignore it - will fail if anything is in the standard error output
     * Ignore without warning - will ignore it silently
     * Ignore with a warning - will ignore it but a warning indicator in the backup history will contain this output
   * Ignored Exit Codes:
     * error codes that should be ignored and not treated by Storware Backup & Recovery as errors
     * by default, only 0 is assumed as a success

### Application Definition

Once you have your command execution configuration defined (or you choose to use the predefined ones provided with Storware Backup & Recovery), you should define the instances of your application.

There are a few parameters for application definition that come in several sections:

1. **General:**
   * Name - Name of your application instance
   * Choose node - which node is going to execute this command
   * Backup policy - optionally set policy for scheduled backups
   * Command execution configuration
     * configuration of your command used for this application
     * **Note:** when you create a definition for the first time, you select a configuration and click **Save** - you will be redirected to the Settings tab for additional details
2. **Environment variables**
   * shown only when the definition has been saved on the Settings tab
   * defines a list of environment variables that will be passed to your command/script during its invocation
   * parameters from the command execution config will be populated automatically
   * each parameter has several properties:
     * Key - name of the environmental variable
     * Value - Value of the environment variable
     * Show - if the value should be shown as dotted or not - useful for passwords
3. **SSH access:**
   * shown when Remote SSH is chosen as the execution type in command execution configuration
   * parameters:
     * SSH host - host where the command will be executed
     * SSH port - port on which the SSH service is running (by default 22)
     * SSH user - user used to connect via SSH
     * SSH key path:
       * path to your key - needs to be a file only accessible by Storware Backup & Recovery with `400` permissions
       * alternatively, you can use the password access method
4. **Password:**
   * shown when Remote SSH is chosen as the execution type in command execution configuration
   * set your SSH password here if you're not using the public-key authentication method

### Enabling WinRM on Windows machines

The Windows Remote Management (a.k.a. WinRM) interface is a network service that allows remote management access to computers via the network. It's used to allow remote management of computers via PowerShell. As a result, WinRM is not enabled by default on Windows Server.

You can use `winrm.ps1` script located in the `/opt/vprotect/node/scripts/` directory to enable WinRM on the Windows system.

A Power Shell script performs the following steps:

* Automatically starts the WinRM service
* Adds all addresses to trusted hosts. This can be changed in line 7, replacing the asterisk symbol with the appropriate address, e.g.

Add all computers to the TrustedHosts list

```
Set-Item WSMan:\localhost\Client\TrustedHosts -Value *
```

Add all domain computers to the TrustedHosts list

```
Set-Item WSMan:\localhost\Client\TrustedHosts *.yourdomain.com
```

Add specific computers to the TrustedHosts list

```
Set-Item WSMan:\localhost\Client\TrustedHosts -Value DESKTOP-R88J8V5, MacBookPro19
```

Add computers to the TrustedHosts list using the IP address

```
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 192.168.100.69
```

* Adds an exception in Windows Firewall, which is used by WinRm over HTTPS (port 5986).
* Creates a self-signed certificate and creates Create HTTPS listener.

The `enable_winrm.ps1` script must be run on the Hyper-V server in the PowerShell console.

PowerShell for Linux must be installed on the machine where Node is installed. You can download it from GitHub at:

{% embed url="<https://github.com/PowerShell/PowerShell>" %}

More about installation and versions for different Linux distributions here:

{% embed url="<https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7.1>" %}

After the correct installation, we can test the connection. On Linux, run PowerShell with the pwsh command.

Then we connect to the Hyper-V server:

```
Enter-PSSession -ComputerName IP_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)
```

After providing the correct credentials, the PowerShell console will start on the remote machine. We end the session with the "exit" command. We can also try a test PowerShell script on a remote machine:

```
Invoke-Command -Session (New-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)) -ScriptBlock {Get-ChildItem Env:}
```

or

```
Enter-PSSession -ComputerName SERVER_ADDRESS -UseSSL -SessionOption (New-PSSessionOption -SkipCNCheck -SkipCACheck) -Authentication Basic -Credential (Get-Credential)
```