-
Notifications
You must be signed in to change notification settings - Fork 65
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #4459 from sgibson91/howto-recover-filesystems
Document enabling backups of and recovering filestores on GCP
- Loading branch information
Showing
4 changed files
with
100 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| (howto:filesystem-backups:enable)= | ||
| # Enable Automatic Filesystem Backups | ||
|
|
||
| This document covers how to enable automatic filesystem backups across the cloud | ||
| providers we use. | ||
|
|
||
| (howto:filesystem-backups:enable:gcp)= | ||
| ## GCP | ||
|
|
||
| ```bash | ||
| export CLUSTER_NAME=<cluster-name> | ||
| ``` | ||
|
|
||
| 1. **Create relevant resources via terraform.** | ||
|
|
||
| Our terraform configuration supports creating the relevant resources to support | ||
| automatic filesystem backups, including: creating a GCP IAM Service Account | ||
| with enough permissions to manage backups, binding that Service Account to | ||
| a Kubernetes Service Account, and outputting the relevant annotation to use | ||
| in helm chart config to make the relevant connections. | ||
|
|
||
| 1. In `terraform/gcp/projects/<cluster-name>.tfvars`, add the following variable: | ||
| ``` | ||
| enable_filestore_backups = true | ||
| ``` | ||
| 1. Ensure you are in the correct terraform workspace to apply this change: | ||
| ``` | ||
| terraform workspace select $CLUSTER_NAME | ||
| ``` | ||
| 1. Plan and apply the changes | ||
| ```bash | ||
| terraform plan -var-file=projects/$CLUSTER_NAME.tfvars | ||
| terraform apply -var-file=projects/$CLUSTER_NAME.tfvars | ||
| ``` | ||
| 1. **Enable the `gcpFilestoreBackups` deployment in the cluster's support values.** | ||
| 1. In `config/clusters/<cluster-name>/support.values.yaml`, add the following config: | ||
| ```yaml | ||
| gcpFilestoreBackups: | ||
| enabled: true | ||
| filestoreName: <filestore-name> | ||
| project: <gcp-project> | ||
| zone: <gcp-zone> | ||
| annotations: | ||
| iam.gke.io/gcp-service-account: <gcp-service-account-email> | ||
| ``` | ||
| where: | ||
| - `filestoreName` is the name of the filestore to be backed up (can be found | ||
| from the Filestore Instances page in the GCP console) | ||
| - `project` is the name of the GCP project in which the filestore exists | ||
| - `zone` is the GCP zone the filestore is deployed to and where the backups | ||
| will be stored (e.g. `us-central-b`) | ||
| - `annotations` is the output from the `terraform apply` command in the | ||
| previous step. You can run `terraform output gcp_filestore_backups_k8s_sa_annotations` | ||
| to retrieve this. | ||
| 1. **Upgrade the support chart.** | ||
| ```bash | ||
| deployer deploy-support $CLUSTER_NAME | ||
| ``` | ||
|
|
||
| This will have successfully enabled automatic backups of GCP Filestores for this | ||
| cluster. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| (howto:filesystem-backups)= | ||
| # Filesystem Backups | ||
|
|
||
| The filesystem is where our users keep a lot of critical files, such as code. | ||
| Hence if the filesystem is lost, for some reason, this is a disastrous event. | ||
| These documents describe how to enable automated backups of the filesystems for | ||
| various cloud providers, and recover filesystems from those backups. | ||
|
|
||
| ```{toctree} | ||
| :maxdepth: 2 | ||
| enable-backups | ||
| restore-filesystem | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| (howto:filesystem-backup:restore)= | ||
| # Restore a Filesystem from a Backup | ||
|
|
||
| In the event of a disaster and the filesystem needs recovering, this document | ||
| covers those steps for the cloud providers. | ||
|
|
||
| (howto:filesystem-backup:restore:gcp)= | ||
| ## GCP | ||
|
|
||
| ```{note} | ||
| We follow GCP's guidance for [restoring fileshares from a backup](https://cloud.google.com/filestore/docs/backup-restore#restore) | ||
| ``` | ||
|
|
||
| To restore a share on a Filestore instance on GCP, we follow the documentation | ||
| linked above. In short, this involves: | ||
|
|
||
| 1. [Go to the Filestore instances page](https://console.cloud.google.com/filestore/instances) in the GCP console | ||
| 1. Click the instance ID of the Filestore you want to restore and click the "Backups" tab | ||
| 1. Locate the backup you want to restore from (most likely the most recently created), and click (...) "More actions" | ||
| 1. Click "Restore backup" and then select "Source instance" | ||
| 1. Click "Restore" and complete the dialog box that appears | ||
|
|
||
| This should successfully restore the Filestore instance to its last backed-up state |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters