Backup FAQs
I want to restore a later backup. Will I lose my earlier backups?
Backups are ordered by date taken. If you restore to a date where backups exist after that date, then the later backups will be impacted.
Consider the following scenario, where backups have been taken on Fridays over every week.
The following dates are for illustration only and may not conform to actual backup policy.
In this example, April 17 was selected as restore.
| Backups | Available post restore |
| April 3, 2020 | Available (still displayed) |
| April 10, 2020 | Available (still displayed) |
| April 17, 2020 | Selected for restore.
Available (still displayed) |
| April 24, 2020 | No longer available (won't be displayed) |
| May 1, 2020 | No longer available (won't be displayed) |
Where are my backups?
Several conditions result in Access Gateway showing no backups.
Backup is considered to be in an initial or empty state after any of several conditions are met. When in an initial state no backups are displayed. Conditions that result in a backup initial state include:
- Post initial deployment: After Access Gateway is initially deployed but before 24 hours have elapsed no backups are available for display.
- Post upgrade from a pre-backup version: When upgrading from a version of Access Gateway that didn't support backup, to a newer version that now does, no backups are available. Note pre-administrator facing backup backups can be retrieved by Access Gateway support.
Where do I perform a restore?
In high availability clusters it's only possible to restore to the admin node. The Access Gateway Management console interface is disabled on worker nodes. Restored configuration is propagated out to all worker nodes. The changes will automatically propagate to the workers. There may be some lag time in between restoring the admin node and the new configuration applying to the workers as requests may be in-flight.
Can I restore across versions? Are there any version constraints for restore?
Always be sure that the worker nodes are on a version that is the same as or newer than the admin node before restoring. Restore operations only work against configuration. Appliance version isn't involved in backup or restore operations.
I have a high-availability cluster fronted by a load balancer. Are there any special considerations for this architecture?
If you're using the admin node to proxy connections, Okta recommends that you remove the admin node from the load-balancer rotation while a restore is in progress.
The actual time a restore takes depends on the size of the Access Gateway high-availability cluster and the number of applications, Data Stores, and other configuration settings. There may be some lag time in between restoring the admin node and the new configuration applying to the workers, as requests may be in-flight. If you're planning to restore from a backup in a production environment, Okta recommends scheduling a maintenance window during which downtime would be acceptable.