GitHub Enterprise Server Backup Utilities is a backup system you install on a separate host, which takes backup snapshots of your GitHub Enterprise Server instance at regular intervals over a secure SSH network connection. You can use a snapshot to restore an existing GitHub Enterprise Server instance to a previous state from the backup host.
Only data added since the last snapshot will transfer over the network and occupy additional physical storage space. To minimize performance impact, backups are performed online under the lowest CPU/IO priority. You do not need to schedule a maintenance window to perform a backup.
For more detailed information on features, requirements, and advanced usage, see the GitHub Enterprise Server Backup Utilities README.
To use GitHub Enterprise Server Backup Utilities, you must have a Linux or Unix host system separate from your GitHub Enterprise Server instance.
You can also integrate GitHub Enterprise Server Backup Utilities into an existing environment for long-term permanent storage of critical data.
We recommend that the backup host and your GitHub Enterprise Server instance be geographically distant from each other. This ensures that backups are available for recovery in the event of a major disaster or network outage at the primary site.
Physical storage requirements will vary based on Git repository disk usage and expected growth patterns:
|Storage||Five times the primary instance's allocated storage|
More resources may be required depending on your usage, such as user activity and selected integrations.
Note: To ensure a recovered appliance is immediately available, perform backups targeting the primary instance even in a Geo-replication configuration.
Download the latest GitHub Enterprise Server Backup Utilities release and extract the file with the
$ tar -xzvf /path/to/github-backup-utils-vMAJOR.MINOR.PATCH.tar.gz
Copy the included
backup.configand open in an editor.
GHE_HOSTNAMEvalue to your primary GitHub Enterprise Server instance's hostname or IP address.
Note: If your your GitHub Enterprise Server instance is deployed as a cluster or in a high availability configuration using a load balancer, the
GHE_HOSTNAMEcan be the load balancer hostname, as long as it allows SSH access (on port 122) to your GitHub Enterprise Server instance.
GHE_DATA_DIRvalue to the filesystem location where you want to store backup snapshots.
Open your primary instance's settings page at
https://HOSTNAME/setup/settingsand add the backup host's SSH key to the list of authorized SSH keys. For more information, see Accessing the administrative shell (SSH).
Verify SSH connectivity with your GitHub Enterprise Server instance with the
To create an initial full backup, run the
For more information on advanced usage, see the GitHub Enterprise Server Backup Utilities README.
You can schedule regular backups on the backup host using the
cron(8) command or a similar command scheduling service. The configured backup frequency will dictate the worst case recovery point objective (RPO) in your recovery plan. For example, if you have scheduled the backup to run every day at midnight, you could lose up to 24 hours of data in a disaster scenario. We recommend starting with an hourly backup schedule, guaranteeing a worst case maximum of one hour of data loss if the primary site data is destroyed.
If backup attempts overlap, the
ghe-backup command will abort with an error message, indicating the existence of a simultaneous backup. If this occurs, we recommended decreasing the frequency of your scheduled backups. For more information, see the "Scheduling backups" section of the GitHub Enterprise Server Backup Utilities README.
In the event of prolonged outage or catastrophic event at the primary site, you can restore your GitHub Enterprise Server instance by provisioning another GitHub Enterprise appliance and performing a restore from the backup host. You must add the backup host's SSH key to the target GitHub Enterprise appliance as an authorized SSH key before restoring an appliance.
Note: If your GitHub Enterprise Server instance has GitHub Actions enabled, you must first configure the GitHub Actions external storage provider on the replacement appliance before running the
ghe-restore command. For more information, see "Backing up and restoring GitHub Enterprise Server with GitHub Actions enabled."
Note: When performing backup restores to your GitHub Enterprise Server instance, the same version supportability rules apply. You can only restore data from at most two feature releases behind.
For example, if you take a backup from GHES 3.0.x, you can restore it into a GHES 3.2.x instance. But, you cannot restore data from a backup of GHES 2.22.x onto 3.2.x, because that would be three jumps between versions (2.22 > 3.0 > 3.1 > 3.2). You would first need to restore onto a 3.1.x instance, and then upgrade to 3.2.x.
To restore your GitHub Enterprise Server instance from the last successful snapshot, use the
ghe-restore command. You should see output similar to this:
$ ghe-restore -c 22.214.171.124 > Checking for leaked keys in the backup snapshot that is being restored ... > * No leaked keys found > Connect 126.96.36.199:122 OK (v2.9.0) > WARNING: All data on GitHub Enterprise appliance 188.8.131.52 (v2.9.0) > will be overwritten with data from snapshot 20170329T150710. > Please verify that this is the correct restore host before continuing. > Type 'yes' to continue: yes > Starting restore of 184.108.40.206:122 from snapshot 20170329T150710 # ...output truncated > Completed restore of 220.127.116.11:122 from snapshot 20170329T150710 > Visit https://18.104.22.168/setup/settings to review appliance configuration.
Optionally, to validate the restore, configure an IP exception list to allow access to a specified list of IP addresses. For more information, see "Validating changes in maintenance mode using the IP exception list."
Note: The network settings are excluded from the backup snapshot. You must manually configure the network on the target GitHub Enterprise Server appliance as required for your environment.
You can use these additional options with
-cflag overwrites the settings, certificate, and license data on the target host even if it is already configured. Omit this flag if you are setting up a staging instance for testing purposes and you wish to retain the existing configuration on the target. For more information, see the "Using backup and restore commands" section of the GitHub Enterprise Server Backup Utilities README.
-sflag allows you to select a different backup snapshot.