Registering the Deployed Capabilities

Before backing up the configuration data, you should ensure that your capabilities have been registered.

You must register the capability only once. You do not need not to repeat the registration each time you perform the backup.

Name	Time to register	PostgreSQL Server Container Hostname	DB Name	DB User	DB Password Key	Pod/ Deployment Names for Restore Instructions
Autopass	Always	itom-postgresql.core	defaultdbapsdb	postgres	ITOM_DB_DEFAULT_PASSWD_KEY	autopass-lm
CDF Data and Deployments	N/A, registered automatically	cdfapiserver-postgresql.core	cdfapiserverdb	postgres	ITOM_DB_API_PASSWD_KEY	cdfapiserver-postgresql
CDF Identity Manager	N/A, registered automatically	itom-postgresql.core	cdfidmdb	postgres	ITOM_DB_DEFAULT_PASSWD_KEY	itom-idm
Fusion ArcMC	N/A, registered automatically	itom-postgresql.core	arcmc_rwdb	postgres	ITOM_DB_DEFAULT_PASSWD_KEY	fusion-arcmc-web-app
ArcSight Configuration Service (ACS)	When Fusion is deployed	itom-postgresql.core	arcsight_configuration_service	postgres	ITOM_DB_DEFAULT_PASSWD_KEY	fusion-arcsight-configuration-service
SOAR	When Fusion is deployed	itom-postgresql.core	soar	postgres	ITOM_DB_DEFAULT_PASSWD_KEY	soar-web-app

To register the capability, complete the following steps:

Generate the IDM Token
Verifying Application Registration
Registering a Capability

Generate the IDM Token

The backup service requires an IDM token to authorize the capabilities that you want to register.

SSH to the OMT master node.

Use integration_admin as username and run the following command to fetch the password:

kubectl exec -it -n core $(kubectl get pods -n core | grep itom-postgresql | awk '{print $1}') -c itom-postgresql -- get_secret idm_integration_admin_password | cut -d '=' -f2-

Run:
```
curl -k -X POST --data '{ 
"passwordCredentials": {  
"password": "<password>",   
"username": "<username>"
},
"tenantName": "provider"
}' -H 'content-type:application/json' https://<itom-management-portal-fqdn>:5443/suiteInstaller/urest/v1.1/tokens
```
The output from the command above has two possible values: X-Auth-Token and refreshToken. Make sure to utilize only the X-Auth-Token part.

For itom-management-portal-fqdn, use the master node’s IP address/FQDN or the virtual IP address/FQDN, depending on the environment you are using. Also, replace the <itom-management-portal-fqdn> variable, with a specific value, before you run the command.

Verifying Application Registration

You do not have to re-register the application if it is currently registered. To check which capabilities have been registered, run the following command:

curl -k -v -H "Accept: application/json" --header \
"X-Auth-Token: <Token>" -X \
GET https://<itom-pg-backup-pod-IP>:8443/backupd/api/v1/registry/applications

Note: Use curl with --noproxy '*' option if there are proxy related errors. Also, ensure to replace the <Token> variable, with a specific value, before you run the command.

itom-pg-backup-pod-IP:To determine the pod's IP address, run this command:

kubectl get pods -A -o json | jq -r '.items[] | select (.metadata.name | test("itom-pg-backup.")) | .status.podIP'

Example Input:

curl -k -v -H "Accept: application/json" --header "X-AuthToken:eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyYzkwODA5YTg2NTVjYzg2MDE4NjU1Y2NhZjZjMDEzNCIsImlzcyI6IklkTSAxLjM1LjAtYnVpbGQuMzc3IiwiY29tLmhwZS5pZG06dHJ1c3RvciI6bnVsbCwiZXhwIjoxNjc2OTA2ODQzLCJjb20uaHAuY2xvdWQ6dGVuYW50Ijp7ImlkIjoiMmM5MDgwOWE4NjU1Y2M4NjAxODY1NWNjYTliYzAwYzkiLCJuYW1lIjoiUHJvdmlkZXIiLCJlbmFibGVkIjp0cnVlfSwicHJuIjoiaW50ZWdyYXRpb25fYWRtaW4iLCJpYXQiOjE2NzY5MDUwNDMsImp0aSI6IjFkYzlkZTNmLTlkNDktNGI5Zi05ZDlkLWVlMTc0OGNjNTYzOCJ9.anLcXEg6ZZls_h3PLhXFT2U9mYKpiic3mxxdfEe0Dvg" -X GET https://172.16.0.4:8443/backupd/api/v1/registry/applications

Example Output:

{   
  "_links": { 
"self": {   
      "href": "/backupd/api/v1/registry/applications",
"class": "collection" 
    },
    "items": [ 
{ 
"href": "/backupd/api/v1/registry/applications/itom-core", 
"title": "itom-core" 
}
]
}
}

Registering a Capability

If the capabilities are not displayed in the registered capabilities list Verifying Application Registration , then you must register the capability.

Run and input the requested information as shown below:

curl -k -X PUT --data '
{
"services":{
"<postgresql-server-container-hostname>":{
"userName":"<application-db-owner-username>",
"passwordKey":"<application-db-owner-passwordKey-on Vault>",
"port":"5432",
"dbName":"<application-db-name>",
"type":"backup.type.postgres",
"secure":true}}}' \
-H 'content-type:application/json' -H "Accept: application/json" -H "X-Auth-Token: \
<IDM Token>" https://<itom-pg-backup-pod-IP>:8443/backupd/api/v1/registry/applications/<application-name>

Note: Ensure to replace the <postgresql-server-container-hostname>, <application-db-owner-username>, <application-db-owner-passwordKey-on Vault>, <application-db-name>, <IDM Token>, <itom-pg-backupd-pod-IP> and <application-name> variables, with specific values, before you run the command.

Where:

PostgreSQL Server Container Hostname: Hostname of the PostgreSQL server container used by the application.
Application Database Owner Username: Application database user name. If the application's database password is not kept in the vault, "postgres" can be used.
Application Database Owner PasswordKey on Vault: Application database password key name in the vault. If the application's database password is not kept in the vault, "defaultdb_user_password" can be used.
Application Database Name: Name of the application database.
Secure: When set to true, the connection to the PostgreSQL service is in secure mode. This is an optional parameter but it should always be set to true to ensure security.

itom-pg-backup-pod-IP:To determine the pod's IP address, run this command:

kubectl get pods -A -o json | jq -r '.items[] | select (.metadata.name | test("itom-pg-backup.")) | .status.podIP'

Application Name: Descriptive name of the application.