XenServer hosts store metadata about VMs and associated resources such as storage and networking. This metadata forms a complete view of all VMs available across the pool. You can backup this database to recover from physical hardware failure and other disaster scenarios.

The legacy backup and restore capability in Citrix Hypervisor 8.2 Cumulative Update 1 contains a potential vulnerability. For more information, see XenServer and Citrix Hypervisor Security Update for CVE-2024-31143 and CVE-2024-31144. A replacement solution is provided for Citrix Hypervisor 8.2 Cumulative Update 1 in hotfix XS82ECU1066. If you previously created backups with the legacy version of this capability, ensure that you review this article to understand the differences between the two and the steps needed to restore from a legacy backup with the new capability.

The VM metadata backup and restore capability in xsconsole was not initially present in XenServer 8. We delivered this replacement solution to XenServer 8 in an update. 

This article refers to XenServer throughout, but these instructions apply to both Citrix Hypervisor 8.2 Cumulative Update 1 and to XenServer 8.

Access xsconsole backup and restore

The VM metadata backup and restore capability is available from xsconsole. To access xsconsole:

1. Connect to your XenServer host either through XenCenter or SSH.
2. In the console tab of XenCenter or in your SSH console, type xsconsole.

Alternatively, if you accessing the XenServer host locally, you can press Alt + F1 to access the first virtual console screen.

In xsconsole, use the up and down arrows to select Backup, Restore, and Update. Press Enter.

Note: This feature is also accessible through the following command-line tools: xe-backup-metadata and xe-restore-metadata. You can run these tools with the -h flag for more information. This article only describes using xsconsole.

Backup VM metadata

This action creates a virtual disk containing the backed up VM metadata on the SR that you choose:

1. Select Backup Virtual Machine Metadata.
2. Log in as root with the pool password.
3. Select the storage repository to save the metadata to from the list of available SRs.
   Note: XFS (XenServer 8 only) and GFS2 SRs are not supported with this feature.

The back up takes a short time and shows a message when it is complete to indicate success or failure.

On the SR that you chose in the Storage tab, you can see the Pool Metadata Backup virtual disk. This disk is usually about 500 MiB.

Subsequent backups are added to this same Pool Metadata Backup virtual disk. The most recent 25 backups are kept in this virtual disk. The size of the virtual disk does not exceed 500 MiB. If doing a backup will cause this limit to be exceeded, the backup fails

Schedule a regular backup

You can schedule the VM metadata backup to occur daily, weekly, or monthly:

1. Select Schedule Virtual Machine Metadata.
2. Log in as root with the pool password.
   The Schedule Regular Metadata Backup screen displays. This screen displays the current backup schedule.
3. Select how often you want the backups to occur: Daily, Weekly, or Monthly.
   If you already have a backup schedule selected, you can select Never to cancel it.

The scheduled backups are created on the pool's default SR.

Restore VM metadata

You can restore the VM metadata from the Pool Metadata Backup virtual disk. We only support restoring a backup created by the same or earlier version of the backup capability. For example, you can use XenServer 8 to restore a backup made by Citrix Hypervisor 8.2 Cumulative Update 1, but not the other way around.

Note: This section describes how to restore a backup created with the new version of this capability. If you created a backup with the legacy version of the tool, restoring from this backup is slightly different. Refer to Restore VM metadata from a legacy backup.

1. Select Restore Virtual Machine Metadata.
2. Log in as root with the pool password.
3. Select the SR that has your Pool Metadata Backup virtual disk on it. XenServer lists the available metadata backups on this SR.
4. Select the backup that you want to use.
5. Choose what kind of restore operation to do:
   • Only VMs on This SR: This option restores the metadata for VMs that have disks on the SR the metadata is stored on.
   • All VM Metadata: This option restores all VMs, including VMs that have disks on other SRs (and any diskless VMs).

You can also choose to do a dry run of the restore operation. This enables you to check whether there are any problems with the restore before committing to it.

The restore action can take a few minutes. When the operation is complete, xsconsole reports success or failure.

Restore VM metadata from a legacy backup (Citrix Hypervisor 8.2 CU1 only)

If you created a backup before applying hotfix XS82ECU1066 to your Citrix Hypervisor 8.2 hosts and want to restore from that legacy backup, you can restore this backup with either Citrix Hypervisor 8.2 or XenServer 8.

To restore from a legacy backup, complete the following steps:

1. Select Restore Virtual Machine Metadata.
2. Log in as root with the pool password.
3. Select the SR that has your legacy Pool Metadata Backup virtual disk on it.
4. If there are no newer versions of backed up metadata on this SR, XenServer prompts you to scan for a legacy backup and shows the following warning: "Warning: this operation should only be performed if you trust the contents of all VDIs in this storage repository". Confirm that you want to scan for these legacy Pool Metadata Backup virtual disks.
5. XenServer scans for legacy backups:
   
   • If multiple VDIs are found that contain legacy backups, xsconsole lists these VDIs by UUID.  In normal operation, the SR should not have more than one legacy backup VDI, so this scenario might indicate an attempted attack or malicious action.
     If you are confident in the integrity of the available legacy backups, select the appropriate VDI. XenServer proceeds to the next screen.
   • If a single VDI containing legacy backups is found, XenServer assumes this is the correct VDI and proceeds to the next screen.
6. XenServer lists the available backups. Select the backup that you want to use.
7. Choose what kind of restore operation to do:
   • Only VMs on This SR: This option restores the metadata for VMs that have disks on the SR the metadata is stored on.
   • All VM Metadata: This option restores all VMs, including VMs that have disks on other SRs (and any diskless VMs).

You can also choose to do a dry run of the restore operation. This enables you to check whether there are any problems with the restore before committing to it.

The restore action can take a few minutes. When the operation is complete, xsconsole reports success or failure.

Note: If your SR contains a backup created with the newer version of this capability, you cannot restore through xsconsole from a legacy backup on the same SR. If you want to take this action, contact Technical Support for advice.