diff --git a/docs/guides/postgres/backup/kubestash/_index.md b/docs/guides/postgres/backup/kubestash/_index.md new file mode 100644 index 0000000000..febbaf5289 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/_index.md @@ -0,0 +1,10 @@ +--- +title: Backup & Restore PostgreSQL | KubeStash +menu: + docs_{{ .version }}: + identifier: guides-pg-backup-stashv2 + name: KubeStash (aka Stash 2.0) + parent: guides-pg-backup + weight: 50 +menu_name: docs_{{ .version }} +--- diff --git a/docs/guides/postgres/backup/kubestash/application-level/examples/backupconfiguration.yaml b/docs/guides/postgres/backup/kubestash/application-level/examples/backupconfiguration.yaml new file mode 100644 index 0000000000..d2ab57f692 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/examples/backupconfiguration.yaml @@ -0,0 +1,37 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: manifest-backup + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/application-level/examples/backupstorage.yaml b/docs/guides/postgres/backup/kubestash/application-level/examples/backupstorage.yaml new file mode 100644 index 0000000000..6ab3df02ac --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/examples/backupstorage.yaml @@ -0,0 +1,17 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/application-level/examples/restoresession.yaml b/docs/guides/postgres/backup/kubestash/application-level/examples/restoresession.yaml new file mode 100644 index 0000000000..7ff80b1266 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/examples/restoresession.yaml @@ -0,0 +1,21 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: restore-sample-postgres + namespace: demo +spec: + manifestOptions: + restoreNamespace: dev + postgres: + db: true + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore + - name: manifest-restore \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/application-level/examples/retentionpolicy.yaml b/docs/guides/postgres/backup/kubestash/application-level/examples/retentionpolicy.yaml new file mode 100644 index 0000000000..4591562860 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/examples/retentionpolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/application-level/examples/sample-postgres.yaml b/docs/guides/postgres/backup/kubestash/application-level/examples/sample-postgres.yaml new file mode 100644 index 0000000000..4a1abc9f9a --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/examples/sample-postgres.yaml @@ -0,0 +1,18 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/application-level/index.md b/docs/guides/postgres/backup/kubestash/application-level/index.md new file mode 100644 index 0000000000..404fa34eec --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/application-level/index.md @@ -0,0 +1,775 @@ +--- +title: Application Level Backup & Restore PostgreSQL | KubeStash +description: Application Level Backup and Restore using KubeStash +menu: + docs_{{ .version }}: + identifier: guides-application-level-backup-stashv2 + name: Application Level Backup + parent: guides-pg-backup-stashv2 + weight: 40 +menu_name: docs_{{ .version }} +section_menu_id: guides +--- + +# Application Level Backup and Restore PostgreSQL database using KubeStash + +KubeStash offers application-level backup and restore functionality for `PostgreSQL` databases. It captures both manifest and data backups of any `PostgreSQL` database in a single snapshot. During the restore process, KubeStash first applies the `PostgreSQL` manifest to the cluster and then restores the data into it. + +This guide will give you an overview how you can take application-level backup and restore your `PostgreSQL` databases using `Kubestash`. + +## Before You Begin + +- At first, you need to have a Kubernetes cluster, and the `kubectl` command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using `Minikube` or `Kind`. +- Install `KubeDB` in your cluster following the steps [here](/docs/setup/README.md). +- Install `KubeStash` in your cluster following the steps [here](https://kubestash.com/docs/latest/setup/install/kubestash). +- Install KubeStash `kubectl` plugin following the steps [here](https://kubestash.com/docs/latest/setup/install/kubectl-plugin/). +- If you are not familiar with how KubeStash backup and restore PostgreSQL databases, please check the following guide [here](/docs/guides/postgres/backup/kubestash/overview/index.md). + +You should be familiar with the following `KubeStash` concepts: + +- [BackupStorage](https://kubestash.com/docs/latest/concepts/crds/backupstorage/) +- [BackupConfiguration](https://kubestash.com/docs/latest/concepts/crds/backupconfiguration/) +- [BackupSession](https://kubestash.com/docs/latest/concepts/crds/backupsession/) +- [RestoreSession](https://kubestash.com/docs/latest/concepts/crds/restoresession/) +- [Addon](https://kubestash.com/docs/latest/concepts/crds/addon/) +- [Function](https://kubestash.com/docs/latest/concepts/crds/function/) +- [Task](https://kubestash.com/docs/latest/concepts/crds/addon/#task-specification) + +To keep everything isolated, we are going to use a separate namespace called `demo` throughout this tutorial. + +```bash +$ kubectl create ns demo +namespace/demo created +``` + +> **Note:** YAML files used in this tutorial are stored in [docs/guides/postgres/backup/kubestash/application-level/examples](https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/application-level/examples) directory of [kubedb/docs](https://github.com/kubedb/docs) repository. + +## Backup PostgreSQL + +KubeStash supports backups for `PostgreSQL` instances across different configurations, including Standalone and HA Cluster setups. In this demonstration, we'll focus on a `PostgreSQL` database using HA cluster configuration. The backup and restore process is similar for Standalone configuration. + +This section will demonstrate how to take application-level backup of a `PostgreSQL` database. Here, we are going to deploy a `PostgreSQL` database using KubeDB. Then, we are going to back up the database at the application level to a `GCS` bucket. Finally, we will restore the entire `PostgreSQL` database. + +### Deploy Sample PostgreSQL Database + +Let's deploy a sample `PostgreSQL` database and insert some data into it. + +**Create PostgreSQL CR:** + +Below is the YAML of a sample `PostgreSQL` CR that we are going to create for this tutorial: + +```yaml +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut +``` + +Create the above `PostgreSQL` CR, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/application-level/examples/sample-postgres.yaml +postgres.kubedb.com/sample-postgres created +``` + +KubeDB will deploy a `PostgreSQL` database according to the above specification. It will also create the necessary `Secrets` and `Services` to access the database. + +Let's check if the database is ready to use, + +```bash +$ kubectl get pg -n demo sample-postgres +NAME VERSION STATUS AGE +sample-postgres 16.1 Ready 5m1s +``` + +The database is `Ready`. Verify that KubeDB has created a `Secret` and a `Service` for this database using the following commands, + +```bash +$ kubectl get secret -n demo +NAME TYPE DATA AGE +sample-postgres-auth kubernetes.io/basic-auth 2 5m20s + +$ kubectl get service -n demo -l=app.kubernetes.io/instance=sample-postgres +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +sample-postgres ClusterIP 10.96.23.177 5432/TCP,2379/TCP 5m55s +sample-postgres-pods ClusterIP None 5432/TCP,2380/TCP,2379/TCP 5m55s +sample-postgres-standby ClusterIP 10.96.26.118 5432/TCP 5m55s +``` + +Here, we have to use service `sample-postgres` and secret `sample-postgres-auth` to connect with the database. `KubeDB` creates an [AppBinding](/docs/guides/postgres/concepts/appbinding.md) CR that holds the necessary information to connect with the database. + + +**Verify AppBinding:** + +Verify that the `AppBinding` has been created successfully using the following command, + +```bash +$ kubectl get appbindings -n demo +NAME TYPE VERSION AGE +sample-postgres kubedb.com/postgres 16.1 9m30s +``` + +Let's check the YAML of the above `AppBinding`, + +```bash +$ kubectl get appbindings -n demo sample-postgres -o yaml +``` + +```yaml +apiVersion: appcatalog.appscode.com/v1alpha1 +kind: AppBinding +metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"kubedb.com/v1","kind":"Postgres","metadata":{"annotations":{},"name":"sample-postgres","namespace":"demo"},"spec":{"deletionPolicy":"DoNotTerminate","replicas":3,"standbyMode":"Hot","storage":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"1Gi"}}},"storageType":"Durable","streamingMode":"Synchronous","version":"16.1"}} + creationTimestamp: "2024-09-04T10:07:04Z" + generation: 1 + labels: + app.kubernetes.io/component: database + app.kubernetes.io/instance: sample-postgres + app.kubernetes.io/managed-by: kubedb.com + app.kubernetes.io/name: postgreses.kubedb.com + name: sample-postgres + namespace: demo + ownerReferences: + - apiVersion: kubedb.com/v1 + blockOwnerDeletion: true + controller: true + kind: Postgres + name: sample-postgres + uid: 0810a96c-a2b6-4e8a-a70a-51753660450c + resourceVersion: "245972" + uid: 73bdba85-c932-464b-93a8-7f1ba8dfff1b +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo + clientConfig: + service: + name: sample-postgres + path: / + port: 5432 + query: sslmode=disable + scheme: postgresql + parameters: + apiVersion: appcatalog.appscode.com/v1alpha1 + kind: StashAddon + stash: + addon: + backupTask: + name: postgres-backup-16.1 + restoreTask: + name: postgres-restore-16.1 + secret: + name: sample-postgres-auth + type: kubedb.com/postgres + version: "16.1" +``` + +KubeStash uses the `AppBinding` CR to connect with the target database. It requires the following two fields to set in AppBinding's `.spec` section. + +Here, + +- `.spec.clientConfig.service.name` specifies the name of the Service that connects to the database. +- `.spec.secret` specifies the name of the Secret that holds necessary credentials to access the database. +- `.spec.type` specifies the types of the app that this AppBinding is pointing to. KubeDB generated AppBinding follows the following format: `/`. + +**Insert Sample Data:** + +Now, we are going to exec into one of the database pod and create some sample data. At first, find out the database `Pod` using the following command, + +```bash +$ kubectl get pods -n demo --selector="app.kubernetes.io/instance=sample-postgres" +NAME READY STATUS RESTARTS AGE +sample-postgres-0 2/2 Running 0 16m +sample-postgres-1 2/2 Running 0 13m +sample-postgres-2 2/2 Running 0 13m +``` + +Now, let’s exec into the pod and create a table, + +```bash +$ kubectl exec -it -n demo sample-postgres-0 -- sh + +# login as "postgres" superuser. +/ $ psql -U postgres +psql (16.1) +Type "help" for help. + +# list available databases +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(4 rows) + +# create a database named "demo" +postgres=# create database demo; +CREATE DATABASE + +# verify that the "demo" database has been created +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + demo | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(5 rows) + +# connect to the "demo" database +postgres=# \c demo +You are now connected to database "demo" as user "postgres". + +# create a sample table +demo=# CREATE TABLE COMPANY( NAME TEXT NOT NULL, EMPLOYEE INT NOT NULL); +CREATE TABLE + +# verify that the table has been created +demo=# \d + List of relations + Schema | Name | Type | Owner +--------+---------+-------+---------- + public | company | table | postgres +(1 row) + +# insert multiple rows of data into the table +demo=# INSERT INTO COMPANY (NAME, EMPLOYEE) VALUES ('TechCorp', 100), ('InnovateInc', 150), ('AlphaTech', 200); +INSERT 0 3 + +# verify the data insertion +demo=# SELECT * FROM COMPANY; + name | employee +-------------+---------- + TechCorp | 100 + InnovateInc | 150 + AlphaTech | 200 +(3 rows) + +# quit from the database +demo=# \q + +# exit from the pod +/ $ exit +``` + +Now, we are ready to backup the database. + +### Prepare Backend + +We are going to store our backed up data into a `GCS` bucket. We have to create a `Secret` with necessary credentials and a `BackupStorage` CR to use this backend. If you want to use a different backend, please read the respective backend configuration doc from [here](https://kubestash.com/docs/latest/guides/backends/overview/). + +**Create Secret:** + +Let's create a secret called `gcs-secret` with access credentials to our desired GCS bucket, + +```bash +$ echo -n '' > GOOGLE_PROJECT_ID +$ cat /path/to/downloaded-sa-key.json > GOOGLE_SERVICE_ACCOUNT_JSON_KEY +$ kubectl create secret generic -n demo gcs-secret \ + --from-file=./GOOGLE_PROJECT_ID \ + --from-file=./GOOGLE_SERVICE_ACCOUNT_JSON_KEY +secret/gcs-secret created +``` + +**Create BackupStorage:** + +Now, create a `BackupStorage` using this secret. Below is the YAML of `BackupStorage` CR we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete +``` + +Let's create the BackupStorage we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/backupstorage.yaml +backupstorage.storage.kubestash.com/gcs-storage created +``` + +Now, we are ready to backup our database to our desired backend. + +**Create RetentionPolicy:** + +Now, let's create a `RetentionPolicy` to specify how the old Snapshots should be cleaned up. + +Below is the YAML of the `RetentionPolicy` object that we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All +``` + +Let’s create the above `RetentionPolicy`, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/retentionpolicy.yaml +retentionpolicy.storage.kubestash.com/demo-retention created +``` + +### Backup + +We have to create a `BackupConfiguration` targeting respective `sample-postgres` PostgreSQL database. Then, KubeStash will create a `CronJob` for each session to take periodic backup of that database. + +At first, we need to create a secret with a Restic password for backup data encryption. + +**Create Secret:** + +Let's create a secret called `encrypt-secret` with the Restic password, + +```bash +$ echo -n 'changeit' > RESTIC_PASSWORD +$ kubectl create secret generic -n demo encrypt-secret \ + --from-file=./RESTIC_PASSWORD \ +secret "encrypt-secret" created +``` + +**Create BackupConfiguration:** + +Below is the YAML for `BackupConfiguration` CR to take application-level backup of the `sample-postgres` database that we have deployed earlier, + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: manifest-backup + - name: logical-backup +``` + +- `.spec.sessions[*].schedule` specifies that we want to backup at `5 minutes` interval. +- `.spec.target` refers to the targeted `sample-postgres` PostgreSQL database that we created earlier. +- `.spec.sessions[*].addon.tasks[*].name[*]` specifies that both the `manifest-backup` and `logical-backup` tasks will be executed. + +Let's create the `BackupConfiguration` CR that we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/kubestash/application-level/examples/backupconfiguration.yaml +backupconfiguration.core.kubestash.com/sample-postgres-backup created +``` + +**Verify Backup Setup Successful** + +If everything goes well, the phase of the `BackupConfiguration` should be `Ready`. The `Ready` phase indicates that the backup setup is successful. Let's verify the `Phase` of the BackupConfiguration, + +```bash +$ kubectl get backupconfiguration -n demo +NAME PHASE PAUSED AGE +sample-postgres-backup Ready 2m50s +``` + +Additionally, we can verify that the `Repository` specified in the `BackupConfiguration` has been created using the following command, + +```bash +$ kubectl get repo -n demo +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +gcs-postgres-repo 0 0 B Ready 3m +``` + +KubeStash keeps the backup for `Repository` YAMLs. If we navigate to the GCS bucket, we will see the `Repository` YAML stored in the `demo/postgres` directory. + +**Verify CronJob:** + +It will also create a `CronJob` with the schedule specified in `spec.sessions[*].scheduler.schedule` field of `BackupConfiguration` CR. + +Verify that the `CronJob` has been created using the following command, + +```bash +$ kubectl get cronjob -n demo +NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE +trigger-sample-postgres-backup-frequent-backup */5 * * * * 0 2m45s 3m25s +``` + +**Verify BackupSession:** + +KubeStash triggers an instant backup as soon as the `BackupConfiguration` is ready. After that, backups are scheduled according to the specified schedule. + +```bash +$ kubectl get backupsession -n demo -w +NAME INVOKER-TYPE INVOKER-NAME PHASE DURATION AGE +sample-postgres-backup-frequent-backup-1725449400 BackupConfiguration sample-postgres-backup Succeeded 7m22s +``` + +We can see from the above output that the backup session has succeeded. Now, we are going to verify whether the backed up data has been stored in the backend. + +**Verify Backup:** + +Once a backup is complete, KubeStash will update the respective `Repository` CR to reflect the backup. Check that the repository `sample-postgres-backup` has been updated by the following command, + +```bash +$ kubectl get repository -n demo sample-postgres-backup +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +sample-postgres-backup true 1 806 B Ready 8m27s 9m18s +``` + +At this moment we have one `Snapshot`. Run the following command to check the respective `Snapshot` which represents the state of a backup run for an application. + +```bash +$ kubectl get snapshots -n demo -l=kubestash.com/repo-name=gcs-postgres-repo +NAME REPOSITORY SESSION SNAPSHOT-TIME DELETION-POLICY PHASE AGE +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 gcs-postgres-repo frequent-backup 2024-01-23T13:10:54Z Delete Succeeded 16h +``` + +> Note: KubeStash creates a `Snapshot` with the following labels: +> - `kubestash.com/app-ref-kind: ` +> - `kubestash.com/app-ref-name: ` +> - `kubestash.com/app-ref-namespace: ` +> - `kubestash.com/repo-name: ` +> +> These labels can be used to watch only the `Snapshot`s related to our target Database or `Repository`. + +If we check the YAML of the `Snapshot`, we can find the information about the backed up components of the Database. + +```bash +$ kubectl get snapshots -n demo gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 -oyaml +``` + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: Snapshot +metadata: + creationTimestamp: "2024-09-05T09:08:03Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + kubestash.com/app-ref-kind: Postgres + kubestash.com/app-ref-name: sample-postgres + kubestash.com/app-ref-namespace: demo + kubestash.com/repo-name: gcs-postgres-repo + annotations: + kubedb.com/db-version: "16.1" + name: gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 + namespace: demo + ownerReferences: + - apiVersion: storage.kubestash.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: Repository + name: gcs-postgres-repo + uid: fa9086e5-285a-4b4a-9096-072bf7dbe2f7 + resourceVersion: "289843" + uid: 43f17a3f-4ac7-443c-a139-151f2e5bf462 +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo + backupSession: sample-postgres-backup-frequent-backup-1725527283 + deletionPolicy: Delete + repository: gcs-postgres-repo + session: frequent-backup + snapshotID: 01J70Q1NT6FW11YBBARRFJ6SYB + type: FullBackup + version: v1 +status: + components: + dump: + driver: Restic + duration: 6.684476865s + integrity: true + path: repository/v1/frequent-backup/dump + phase: Succeeded + resticStats: + - hostPath: dumpfile.sql + id: 4b820700710f9f7b6a8d5b052367b51875e68dcd9052c749a686506db6a66374 + size: 3.345 KiB + uploaded: 3.634 KiB + size: 1.135 KiB + manifest: + driver: Restic + duration: 7.477728298s + integrity: true + path: repository/v1/frequent-backup/manifest + phase: Succeeded + resticStats: + - hostPath: /kubestash-tmp/manifest + id: 9da4d1b7df6dd946e15a8a0d2a2a3c14776351e27926156770530ca03f6f8002 + size: 3.064 KiB + uploaded: 1.443 KiB + size: 2.972 KiB + conditions: + - lastTransitionTime: "2024-09-05T09:08:03Z" + message: Recent snapshot list updated successfully + reason: SuccessfullyUpdatedRecentSnapshotList + status: "True" + type: RecentSnapshotListUpdated + - lastTransitionTime: "2024-09-05T09:08:49Z" + message: Metadata uploaded to backend successfully + reason: SuccessfullyUploadedSnapshotMetadata + status: "True" + type: SnapshotMetadataUploaded + integrity: true + phase: Succeeded + size: 4.106 KiB + snapshotTime: "2024-09-05T09:08:03Z" + totalComponents: 2 +``` + +> KubeStash uses `pg_dump` or `pg_dumpall` to perform backups of target `PostgreSQL` databases. Therefore, the component name for logical backups is set as `dump`. + +> KubeStash set component name as `manifest` for the `manifest backup` of PostgreSQL databases. + +Now, if we navigate to the GCS bucket, we will see the backed up data stored in the `demo/popstgres/repository/v1/frequent-backup/dump` directory. KubeStash also keeps the backup for `Snapshot` YAMLs, which can be found in the `demo/postgres/snapshots` directory. + +> Note: KubeStash stores all dumped data encrypted in the backup directory, meaning it remains unreadable until decrypted. + +## Restore + +In this section, we are going to restore the entire database from the backup that we have taken in the previous section. + +For this tutorial, we will restore the database in a separate namespace called `dev`. + +First, create the namespace by running the following command: + +```bash +$ kubectl create ns dev +namespace/dev created +``` + +#### Create RestoreSession: + +We need to create a RestoreSession CR. + +Below, is the contents of YAML file of the `RestoreSession` CR that we are going to create to restore the entire database. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: restore-sample-postgres + namespace: demo +spec: + manifestOptions: + restoreNamespace: dev + postgres: + db: true + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore + - name: manifest-restore +``` + +Here, + +- `.spec.manifestOptions.postgres.db` specifies whether to restore the DB manifest or not. +- `.spec.dataSource.repository` specifies the Repository object that holds the backed up data. +- `.spec.dataSource.snapshot` specifies to restore from latest `Snapshot`. +- `.spec.addon.tasks[*]` specifies that both the `manifest-restore` and `logical-backup-restore` tasks. + +Let's create the RestoreSession CR object we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/application-level/examples/restoresession.yaml +restoresession.core.kubestash.com/restore-sample-postgres created +``` + +Once, you have created the `RestoreSession` object, KubeStash will create restore Job. Run the following command to watch the phase of the `RestoreSession` object, + +```bash +$ watch kubectl get restoresession -n demo +Every 2.0s: kubectl get restores... AppsCode-PC-03: Wed Aug 21 10:44:05 2024 +NAME REPOSITORY FAILURE-POLICY PHASE DURATION AGE +restore-sample-postgres gcs-postgres-repo Succeeded 3s 53s +``` + +The `Succeeded` phase means that the restore process has been completed successfully. + + +#### Verify Restored PostgreSQL Manifest: + +In this section, we will verify whether the desired `PostgreSQL` database manifest has been successfully applied to the cluster. + +```bash +$ kubectl get postgres -n dev +NAME VERSION STATUS AGE +sample-postgres 16.1 Ready 9m46s +``` + +The output confirms that the `PostgreSQL` database has been successfully created with the same configuration as it had at the time of backup. + + +#### Verify Restored Data: + +In this section, we are going to verify whether the desired data has been restored successfully. We are going to connect to the database server and check whether the database and the table we created earlier in the original database are restored. + +At first, check if the database has gone into **`Ready`** state by the following command, + +```bash +$ kubectl get postgres -n dev sample-postgres +NAME VERSION STATUS AGE +sample-postgres 16.1 Ready 9m46s +``` + +Now, find out the database `Pod` by the following command, + +```bash +$ kubectl get pods -n dev --selector="app.kubernetes.io/instance=sample-postgres" +NAME READY STATUS RESTARTS AGE +sample-postgres-0 2/2 Running 0 12m +sample-postgres-1 2/2 Running 0 12m +sample-postgres-2 2/2 Running 0 12m +``` + + +Now, lets exec one of the Pod and verify restored data. + +```bash +$ kubectl exec -it -n dev sample-postgres-0 -- /bin/sh +# login as "postgres" superuser. +/ # psql -U postgres +psql (11.11) +Type "help" for help. + +# verify that the "demo" database has been restored +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + demo | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(5 rows) + +# connect to the "demo" database +postgres=# \c demo +You are now connected to database "demo" as user "postgres". + +# verify that the sample table has been restored +demo=# \d + List of relations + Schema | Name | Type | Owner +--------+---------+-------+---------- + public | company | table | postgres +(1 row) + +# Verify that the sample data has been restored +demo=# SELECT * FROM COMPANY; + name | employee +-------------+---------- + TechCorp | 100 + InnovateInc | 150 + AlphaTech | 200 +(3 rows) + +# disconnect from the database +demo=# \q + +# exit from the pod +/ # exit +``` + +So, from the above output, we can see the `demo` database we had created in the original database `sample-postgres` has been restored successfully. + +## Cleanup + +To cleanup the Kubernetes resources created by this tutorial, run: + +```bash +kubectl delete backupconfigurations.core.kubestash.com -n demo sample-postgres-backup +kubectl delete retentionpolicies.storage.kubestash.com -n demo demo-retention +kubectl delete restoresessions.core.kubestash.com -n demo restore-sample-postgres +kubectl delete backupstorage -n demo gcs-storage +kubectl delete secret -n demo gcs-secret +kubectl delete secret -n demo encrypt-secret +kubectl delete postgres -n demo sample-postgres +kubectl delete postgres -n dev sample-postgres +``` diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/backupstorage.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/backupstorage.yaml new file mode 100644 index 0000000000..6ab3df02ac --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/backupstorage.yaml @@ -0,0 +1,17 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/customize-backupblueprint.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/customize-backupblueprint.yaml new file mode 100644 index 0000000000..fd729c3aba --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/customize-backupblueprint.yaml @@ -0,0 +1,40 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupBlueprint +metadata: + name: postgres-customize-backup-blueprint + namespace: demo +spec: + usagePolicy: + allowedNamespaces: + from: All + backupConfigurationTemplate: + deletionPolicy: OnDelete + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + sessionHistoryLimit: 3 + scheduler: + schedule: ${schedule} + jobTemplate: + backoffLimit: 1 + repositories: + - name: ${repoName} + backend: gcs-backend + directory: ${namespace}/${targetName} + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + backupCmd: pg_dump + args: ${targetedDatabase} \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/default-backupblueprint.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/default-backupblueprint.yaml new file mode 100644 index 0000000000..5fbafc0f08 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/default-backupblueprint.yaml @@ -0,0 +1,37 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupBlueprint +metadata: + name: postgres-default-backup-blueprint + namespace: demo +spec: + usagePolicy: + allowedNamespaces: + from: All + backupConfigurationTemplate: + deletionPolicy: OnDelete + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + sessionHistoryLimit: 3 + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: default-blueprint + backend: gcs-backend + directory: /default-blueprint + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/retentionpolicy.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/retentionpolicy.yaml new file mode 100644 index 0000000000..4591562860 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/retentionpolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres-2.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres-2.yaml new file mode 100644 index 0000000000..78e03bb22c --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres-2.yaml @@ -0,0 +1,26 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres-2 + namespace: demo + annotations: + blueprint.kubestash.com/name: postgres-customize-backup-blueprint + blueprint.kubestash.com/namespace: demo + variables.kubestash.com/schedule: "*/10 * * * *" + variables.kubestash.com/repoName: customize-blueprint + variables.kubestash.com/namespace: demo + variables.kubestash.com/targetName: sample-postgres-2 + variables.kubestash.com/targetedDatabase: postgres +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres.yaml b/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres.yaml new file mode 100644 index 0000000000..6783528d0f --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres.yaml @@ -0,0 +1,21 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo + annotations: + blueprint.kubestash.com/name: postgres-default-backup-blueprint + blueprint.kubestash.com/namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/auto-backup/index.md b/docs/guides/postgres/backup/kubestash/auto-backup/index.md new file mode 100644 index 0000000000..56861e80b2 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/auto-backup/index.md @@ -0,0 +1,852 @@ +--- +title: PostgreSQL Auto-Backup | KubeStash +description: Backup PostgreSQL using KubeStash Auto-Backup +menu: + docs_{{ .version }}: + identifier: guides-pg-auto-backup-stashv2 + name: Auto-Backup + parent: guides-pg-backup-stashv2 + weight: 30 +menu_name: docs_{{ .version }} +section_menu_id: guides +--- + +# Backup PostgreSQL using KubeStash Auto-Backup + +KubeStash can automatically be configured to backup any `PostgreSQL` databases in your cluster. KubeStash enables cluster administrators to deploy backup `blueprints` ahead of time so database owners can easily backup any `PostgreSQL` database with a few annotations. + +In this tutorial, we are going to show how you can configure a backup blueprint for `PostgreSQL` databases in your cluster and backup them with a few annotations. + +## Before You Begin + +- At first, you need to have a Kubernetes cluster, and the `kubectl` command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using `Minikube` or `Kind`. +- Install `KubeDB` in your cluster following the steps [here](/docs/setup/README.md). +- Install `KubeStash` in your cluster following the steps [here](https://kubestash.com/docs/latest/setup/install/kubestash). +- Install KubeStash `kubectl` plugin following the steps [here](https://kubestash.com/docs/latest/setup/install/kubectl-plugin/). +- If you are not familiar with how KubeStash backup and restore `PostgreSQL` databases, please check the following guide [here](/docs/guides/postgres/backup/kubestash/overview/index.md). + +You should be familiar with the following `KubeStash` concepts: + +- [BackupStorage](https://kubestash.com/docs/latest/concepts/crds/backupstorage/) +- [BackupConfiguration](https://kubestash.com/docs/latest/concepts/crds/backupconfiguration/) +- [BackupSession](https://kubestash.com/docs/latest/concepts/crds/backupsession/) +- [RestoreSession](https://kubestash.com/docs/latest/concepts/crds/restoresession/) +- [Addon](https://kubestash.com/docs/latest/concepts/crds/addon/) +- [Function](https://kubestash.com/docs/latest/concepts/crds/function/) +- [Task](https://kubestash.com/docs/latest/concepts/crds/addon/#task-specification) + +To keep everything isolated, we are going to use a separate namespace called `demo` throughout this tutorial. + +```bash +$ kubectl create ns demo +namespace/demo created +``` + +> **Note:** YAML files used in this tutorial are stored in [docs/guides/postgres/backup/kubestash/auto-backup/examples](https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples) directory of [kubedb/docs](https://github.com/kubedb/docs) repository. + +### Prepare Backend + +We are going to store our backed up data into a `GCS` bucket. We have to create a `Secret` with necessary credentials and a `BackupStorage` CR to use this backend. If you want to use a different backend, please read the respective backend configuration doc from [here](https://kubestash.com/docs/latest/guides/backends/overview/). + +**Create Secret:** + +Let's create a secret called `gcs-secret` with access credentials to our desired GCS bucket, + +```bash +$ echo -n '' > GOOGLE_PROJECT_ID +$ cat /path/to/downloaded-sa-key.json > GOOGLE_SERVICE_ACCOUNT_JSON_KEY +$ kubectl create secret generic -n demo gcs-secret \ + --from-file=./GOOGLE_PROJECT_ID \ + --from-file=./GOOGLE_SERVICE_ACCOUNT_JSON_KEY +secret/gcs-secret created +``` + +**Create BackupStorage:** + +Now, create a `BackupStorage` using this secret. Below is the YAML of `BackupStorage` CR we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: blueprint + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete +``` + +Let's create the BackupStorage we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/backupstorage.yaml +backupstorage.storage.kubestash.com/gcs-storage created +``` + +Now, we are ready to backup our database to our desired backend. + +**Create RetentionPolicy:** + +Now, let's create a `RetentionPolicy` to specify how the old Snapshots should be cleaned up. + +Below is the YAML of the `RetentionPolicy` object that we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All +``` + +Let’s create the above `RetentionPolicy`, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/retentionpolicy.yaml +retentionpolicy.storage.kubestash.com/demo-retention created +``` + +**Create Secret:** + +We also need to create a secret with a `Restic` password for backup data encryption. + +Let's create a secret called `encrypt-secret` with the Restic password, + +```bash +$ echo -n 'changeit' > RESTIC_PASSWORD +$ kubectl create secret generic -n demo encrypt-secret \ + --from-file=./RESTIC_PASSWORD \ +secret "encrypt-secret" created +``` + +## Auto-backup with default configurations + +In this section, we are going to backup a `PostgreSQL` database of `demo` namespace. We are going to use the default configurations which will be specified in the `BackupBlueprint` CR. + +**Prepare Backup Blueprint** + +A `BackupBlueprint` allows you to specify a template for the `Repository`,`Session` or `Variables` of `BackupConfiguration` in a Kubernetes native way. + +Now, we have to create a `BackupBlueprint` CR with a blueprint for `BackupConfiguration` object. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupBlueprint +metadata: + name: postgres-default-backup-blueprint + namespace: demo +spec: + usagePolicy: + allowedNamespaces: + from: All + backupConfigurationTemplate: + deletionPolicy: OnDelete + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + sessionHistoryLimit: 3 + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: default-blueprint + backend: gcs-backend + directory: /default-blueprint + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup +``` + +Here, + +- `.spec.backupConfigurationTemplate.backends[*].storageRef` refers our earlier created `gcs-storage` backupStorage. +- `.spec.backupConfigurationTemplate.sessions[*].schedule` specifies that we want to backup the database at `5 minutes` interval. + +Let's create the `BackupBlueprint` we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/default-backupblueprint.yaml +backupblueprint.core.kubestash.com/postgres-default-backup-blueprint created +``` + +Now, we are ready to backup our `PostgreSQL` databases using few annotations. + +**Create Database** + +Now, we are going to create an `PostgreSQL` CR in demo namespace. + +Below is the YAML of the `PostgreSQL` object that we are going to create, + +```yaml +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo + annotations: + blueprint.kubestash.com/name: postgres-default-backup-blueprint + blueprint.kubestash.com/namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut +``` + +Here, + +- `.spec.annotations.blueprint.kubestash.com/name: postgres-default-backup-blueprint` specifies the name of the `BackupBlueprint` that will use in backup. +- `.spec.annotations.blueprint.kubestash.com/namespace: demo` specifies the name of the `namespace` where the `BackupBlueprint` resides. + +Let's create the `PostgreSQL` we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres.yaml +postgres.kubedb.com/sample-postgres created +``` + +**Verify BackupConfiguration** + +If everything goes well, KubeStash should create a `BackupConfiguration` for our PostgreSQL in demo namespace and the phase of that `BackupConfiguration` should be `Ready`. Verify the `BackupConfiguration` object by the following command, + +```bash +$ kubectl get backupconfiguration -n demo +NAME PHASE PAUSED AGE +appbinding-sample-postgres Ready 2m50m +``` + +Now, let’s check the YAML of the `BackupConfiguration`. + +```bash +$ kubectl get backupconfiguration -n demo appbinding-sample-postgres -o yaml +``` + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + creationTimestamp: "2024-09-05T10:53:48Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + app.kubernetes.io/managed-by: kubestash.com + kubestash.com/invoker-name: postgres-default-backup-blueprint + kubestash.com/invoker-namespace: demo + name: appbinding-sample-postgres + namespace: demo + resourceVersion: "298502" + uid: b6537c60-051f-4348-9ca4-c28f3880dbc1 +spec: + backends: + - name: gcs-backend + retentionPolicy: + name: demo-retention + namespace: demo + storageRef: + name: gcs-storage + namespace: demo + sessions: + - addon: + name: postgres-addon + tasks: + - name: logical-backup + name: frequent-backup + repositories: + - backend: gcs-backend + directory: /default-blueprint + encryptionSecret: + name: encrypt-secret + namespace: demo + name: default-blueprint + scheduler: + jobTemplate: + backoffLimit: 1 + template: + controller: {} + metadata: {} + spec: + resources: {} + schedule: '*/5 * * * *' + sessionHistoryLimit: 3 + target: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo +status: + backends: + - name: gcs-backend + ready: true + retentionPolicy: + found: true + ref: + name: demo-retention + namespace: demo + storage: + phase: Ready + ref: + name: gcs-storage + namespace: demo + conditions: + - lastTransitionTime: "2024-09-05T10:53:48Z" + message: Validation has been passed successfully. + reason: ResourceValidationPassed + status: "True" + type: ValidationPassed + dependencies: + - found: true + kind: Addon + name: postgres-addon + phase: Ready + repositories: + - name: default-blueprint + phase: Ready + sessions: + - conditions: + - lastTransitionTime: "2024-09-05T10:53:59Z" + message: Scheduler has been ensured successfully. + reason: SchedulerEnsured + status: "True" + type: SchedulerEnsured + - lastTransitionTime: "2024-09-05T10:53:59Z" + message: Initial backup has been triggered successfully. + reason: SuccessfullyTriggeredInitialBackup + status: "True" + type: InitialBackupTriggered + name: frequent-backup + targetFound: true +``` + +Notice the `spec.backends`, `spec.sessions` and `spec.target` sections, KubeStash automatically resolved those info from the `BackupBluePrint` and created above `BackupConfiguration`. + +**Verify BackupSession:** + +KubeStash triggers an instant backup as soon as the `BackupConfiguration` is ready. After that, backups are scheduled according to the specified schedule. + +```bash +$ kubectl get backupsession -n demo -w +NAME INVOKER-TYPE INVOKER-NAME PHASE DURATION AGE +appbinding-sample-postgres-frequent-backup-1725533628 BackupConfiguration appbinding-sample-postgres Succeeded 23s 6m40s +``` + +We can see from the above output that the backup session has succeeded. Now, we are going to verify whether the backed up data has been stored in the backend. + +**Verify Backup:** + +Once a backup is complete, KubeStash will update the respective `Repository` CR to reflect the backup. Check that the repository `sample-postgres-backup` has been updated by the following command, + +```bash +$ kubectl get repository -n demo default-blueprint +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +default-blueprint true 3 1.559 KiB Ready 80s 7m32s +``` + +At this moment we have one `Snapshot`. Run the following command to check the respective `Snapshot` which represents the state of a backup run for an application. + +```bash +$ kubectl get snapshots -n demo -l=kubestash.com/repo-name=default-blueprint +NAME REPOSITORY SESSION SNAPSHOT-TIME DELETION-POLICY PHASE AGE +default-blueprint-appbinding-samgres-frequent-backup-1725533628 default-blueprint frequent-backup 2024-09-05T10:53:59Z Delete Succeeded 7m48s +``` + +> Note: KubeStash creates a `Snapshot` with the following labels: +> - `kubestash.com/app-ref-kind: ` +> - `kubestash.com/app-ref-name: ` +> - `kubestash.com/app-ref-namespace: ` +> - `kubestash.com/repo-name: ` +> +> These labels can be used to watch only the `Snapshot`s related to our target Database or `Repository`. + +If we check the YAML of the `Snapshot`, we can find the information about the backed up components of the Database. + +```bash +$ kubectl get snapshots -n demo default-blueprint-appbinding-samgres-frequent-backup-1725533628 -oyaml +``` + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: Snapshot +metadata: + creationTimestamp: "2024-09-05T10:53:59Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + kubestash.com/app-ref-kind: Postgres + kubestash.com/app-ref-name: sample-postgres + kubestash.com/app-ref-namespace: demo + kubestash.com/repo-name: default-blueprint + annotations: + kubedb.com/db-version: "16.1" + name: default-blueprint-appbinding-samgres-frequent-backup-1725533628 + namespace: demo + ownerReferences: + - apiVersion: storage.kubestash.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: Repository + name: default-blueprint + uid: 1125a82f-2bd8-4029-aae6-078ff5413383 + resourceVersion: "298559" + uid: c179b758-6ba4-4a32-81f1-fa41ba3dc527 +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo + backupSession: appbinding-sample-postgres-frequent-backup-1725533628 + deletionPolicy: Delete + repository: default-blueprint + session: frequent-backup + snapshotID: 01J70X3MGSYT4TJK77R8YXEV3T + type: FullBackup + version: v1 +status: + components: + dump: + driver: Restic + duration: 5.952466363s + integrity: true + path: repository/v1/frequent-backup/dump + phase: Succeeded + resticStats: + - hostPath: dumpfile.sql + id: a30f8ec138e24cbdbcce088a73e5b9d73a58750c38793ef05ff7d570148ddd2c + size: 3.345 KiB + uploaded: 3.637 KiB + size: 1.132 KiB + conditions: + - lastTransitionTime: "2024-09-05T10:53:59Z" + message: Recent snapshot list updated successfully + reason: SuccessfullyUpdatedRecentSnapshotList + status: "True" + type: RecentSnapshotListUpdated + - lastTransitionTime: "2024-09-05T10:54:20Z" + message: Metadata uploaded to backend successfully + reason: SuccessfullyUploadedSnapshotMetadata + status: "True" + type: SnapshotMetadataUploaded + integrity: true + phase: Succeeded + size: 1.132 KiB + snapshotTime: "2024-09-05T10:53:59Z" + totalComponents: 1 +``` + +> KubeStash uses `pg_dump` or `pg_dumpall` to perform backups of target `PostgreSQL` databases. Therefore, the component name for logical backups is set as `dump`. + +Now, if we navigate to the GCS bucket, we will see the backed up data stored in the `blueprint/default-blueprint/repository/v1/frequent-backup/dump` directory. KubeStash also keeps the backup for `Snapshot` YAMLs, which can be found in the `blueprint/default-blueprint/snapshots` directory. + +> Note: KubeStash stores all dumped data encrypted in the backup directory, meaning it remains unreadable until decrypted. + +## Auto-backup with custom configurations + +In this section, we are going to backup a `PostgreSQL` database of `demo` namespace. We are going to use the custom configurations which will be specified in the `BackupBlueprint` CR. + +**Prepare Backup Blueprint** + +A `BackupBlueprint` allows you to specify a template for the `Repository`,`Session` or `Variables` of `BackupConfiguration` in a Kubernetes native way. + +Now, we have to create a `BackupBlueprint` CR with a blueprint for `BackupConfiguration` object. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupBlueprint +metadata: + name: postgres-customize-backup-blueprint + namespace: demo +spec: + usagePolicy: + allowedNamespaces: + from: All + backupConfigurationTemplate: + deletionPolicy: OnDelete + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + sessionHistoryLimit: 3 + scheduler: + schedule: ${schedule} + jobTemplate: + backoffLimit: 1 + repositories: + - name: ${repoName} + backend: gcs-backend + directory: ${namespace}/${targetName} + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + backupCmd: pg_dump + args: ${targetedDatabase} +``` + +Note that we have used some variables (format: `${}`) in different fields. KubeStash will substitute these variables with values from the respective target’s annotations. You’re free to use any variables you like. + +Here, + +- `.spec.backupConfigurationTemplate.backends[*].storageRef` refers our earlier created `gcs-storage` backupStorage. +- `.spec.backupConfigurationTemplate.sessions[*]`: + - `.schedule` defines `${schedule}` variable, which determines the time interval for the backup. + - `.repositories[*].name` defines the `${repoName}` variable, which specifies the name of the backup `Repository`. + - `.repositories[*].directory` defines two variables, `${namespace}` and `${targetName}`, which are used to determine the path where the backup will be stored. + - `.addon.tasks[*].params.args` defines `${targetedDatabase}` variable, which identifies a single database to backup. + +Let's create the `BackupBlueprint` we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/customize-backupblueprint.yaml +backupblueprint.core.kubestash.com/postgres-customize-backup-blueprint created +``` + +Now, we are ready to backup our `PostgreSQL` databases using few annotations. You can check available auto-backup annotations for a databases from [here](https://kubestash.com/docs/latest/concepts/crds/backupblueprint/). + +**Create Database** + +Now, we are going to create an `PostgreSQL` CR in demo namespace. + +Below is the YAML of the `PostgreSQL` object that we are going to create, + +```yaml +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres-2 + namespace: demo + annotations: + blueprint.kubestash.com/name: postgres-customize-backup-blueprint + blueprint.kubestash.com/namespace: demo + variables.kubestash.com/schedule: "*/10 * * * *" + variables.kubestash.com/repoName: customize-blueprint + variables.kubestash.com/namespace: demo + variables.kubestash.com/targetName: sample-postgres-2 + variables.kubestash.com/targetedDatabase: postgres +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut +``` + +Notice the `metadata.annotations` field, where we have defined the annotations related to the automatic backup configuration. Specifically, we've set the `BackupBlueprint` name as `postgres-customize-backup-blueprint` and the namespace as `demo`. We have also provided values for the blueprint template variables, such as the backup `schedule`, `repositoryName`, `namespace`, `targetName`, and `targetedDatabase`. These annotations will be used to create a `BackupConfiguration` for this `postgreSQL` database. + +Let's create the `PostgreSQL` we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/auto-backup/examples/sample-postgres-2.yaml +postgres.kubedb.com/sample-postgres-2 created +``` + +**Verify BackupConfiguration** + +If everything goes well, KubeStash should create a `BackupConfiguration` for our PostgreSQL in demo namespace and the phase of that `BackupConfiguration` should be `Ready`. Verify the `BackupConfiguration` object by the following command, + +```bash +$ kubectl get backupconfiguration -n demo +NAME PHASE PAUSED AGE +appbinding-sample-postgres-2 Ready 2m50m +``` + +Now, let’s check the YAML of the `BackupConfiguration`. + +```bash +$ kubectl get backupconfiguration -n demo appbinding-sample-postgres-2 -o yaml +``` + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + creationTimestamp: "2024-09-05T12:39:37Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + app.kubernetes.io/managed-by: kubestash.com + kubestash.com/invoker-name: postgres-customize-backup-blueprint + kubestash.com/invoker-namespace: demo + name: appbinding-sample-postgres-2 + namespace: demo + resourceVersion: "309511" + uid: b4091166-2813-4183-acda-e2c80eaedbb5 +spec: + backends: + - name: gcs-backend + retentionPolicy: + name: demo-retention + namespace: demo + storageRef: + name: gcs-storage + namespace: demo + sessions: + - addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + args: postgres + backupCmd: pg_dump + name: frequent-backup + repositories: + - backend: gcs-backend + directory: demo/sample-postgres-2 + encryptionSecret: + name: encrypt-secret + namespace: demo + name: customize-blueprint + scheduler: + jobTemplate: + backoffLimit: 1 + template: + controller: {} + metadata: {} + spec: + resources: {} + schedule: '*/10 * * * *' + sessionHistoryLimit: 3 + target: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres-2 + namespace: demo +status: + backends: + - name: gcs-backend + ready: true + retentionPolicy: + found: true + ref: + name: demo-retention + namespace: demo + storage: + phase: Ready + ref: + name: gcs-storage + namespace: demo + conditions: + - lastTransitionTime: "2024-09-05T12:39:37Z" + message: Validation has been passed successfully. + reason: ResourceValidationPassed + status: "True" + type: ValidationPassed + dependencies: + - found: true + kind: Addon + name: postgres-addon + phase: Ready + repositories: + - name: customize-blueprint + phase: Ready + sessions: + - conditions: + - lastTransitionTime: "2024-09-05T12:39:37Z" + message: Scheduler has been ensured successfully. + reason: SchedulerEnsured + status: "True" + type: SchedulerEnsured + - lastTransitionTime: "2024-09-05T12:39:37Z" + message: Initial backup has been triggered successfully. + reason: SuccessfullyTriggeredInitialBackup + status: "True" + type: InitialBackupTriggered + name: frequent-backup + targetFound: true +``` + +Notice the `spec.backends`, `spec.sessions` and `spec.target` sections, KubeStash automatically resolved those info from the `BackupBluePrint` and created above `BackupConfiguration`. + +**Verify BackupSession:** + +KubeStash triggers an instant backup as soon as the `BackupConfiguration` is ready. After that, backups are scheduled according to the specified schedule. + +```bash +$ kubectl get backupsession -n demo -w +NAME INVOKER-TYPE INVOKER-NAME PHASE DURATION AGE +appbinding-sample-postgres-frequent-backup-1725597000 BackupConfiguration appbinding-sample-postgres Succeeded 58s 112s +``` + +We can see from the above output that the backup session has succeeded. Now, we are going to verify whether the backed up data has been stored in the backend. + +**Verify Backup:** + +Once a backup is complete, KubeStash will update the respective `Repository` CR to reflect the backup. Check that the repository `customize-blueprint` has been updated by the following command, + +```bash +$ kubectl get repository -n demo customize-blueprint +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +customize-blueprint true 1 806 B Ready 8m27s 9m18s +``` + +At this moment we have one `Snapshot`. Run the following command to check the respective `Snapshot` which represents the state of a backup run for an application. + +```bash +$ kubectl get snapshots -n demo -l=kubestash.com/repo-name=customize-blueprint +NAME REPOSITORY SESSION SNAPSHOT-TIME DELETION-POLICY PHASE AGE +customize-blueprint-appbinding-ses-2-frequent-backup-1725597000 customize-blueprint frequent-backup 2024-09-06T04:30:00Z Delete Succeeded 6m19s +``` + +> Note: KubeStash creates a `Snapshot` with the following labels: +> - `kubedb.com/db-version: ` +> - `kubestash.com/app-ref-kind: ` +> - `kubestash.com/app-ref-name: ` +> - `kubestash.com/app-ref-namespace: ` +> - `kubestash.com/repo-name: ` +> +> These labels can be used to watch only the `Snapshot`s related to our target Database or `Repository`. + +If we check the YAML of the `Snapshot`, we can find the information about the backed up components of the Database. + +```bash +$ kubectl get snapshots -n demo customize-blueprint-appbinding-sql-2-frequent-backup-1725597000 -oyaml +``` + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: Snapshot +metadata: + creationTimestamp: "2024-09-06T04:30:00Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + kubedb.com/db-version: "16.1" + kubestash.com/app-ref-kind: Postgres + kubestash.com/app-ref-name: sample-postgres-2 + kubestash.com/app-ref-namespace: demo + kubestash.com/repo-name: customize-blueprint + name: customize-blueprint-appbinding-ses-2-frequent-backup-1725597000 + namespace: demo + ownerReferences: + - apiVersion: storage.kubestash.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: Repository + name: customize-blueprint + uid: 5d4618c5-c28a-456a-9854-f6447161d3d1 + resourceVersion: "315624" + uid: 7e02a18c-c8a7-40be-bd22-e7312678d6f7 +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres-2 + namespace: demo + backupSession: appbinding-sample-postgres-2-frequent-backup-1725597000 + deletionPolicy: Delete + repository: customize-blueprint + session: frequent-backup + snapshotID: 01J72SH8XPEHB6SYNXFE00V5PB + type: FullBackup + version: v1 +status: + components: + dump: + driver: Restic + duration: 7.060169632s + integrity: true + path: repository/v1/frequent-backup/dump + phase: Succeeded + resticStats: + - hostPath: dumpfile.sql + id: 74d82943e0d676321e989edb503f5e2d6fe5cf4f4be72d386e492ec533358c26 + size: 1.220 KiB + uploaded: 296 B + size: 1.873 KiB + conditions: + - lastTransitionTime: "2024-09-06T04:30:00Z" + message: Recent snapshot list updated successfully + reason: SuccessfullyUpdatedRecentSnapshotList + status: "True" + type: RecentSnapshotListUpdated + - lastTransitionTime: "2024-09-06T04:30:38Z" + message: Metadata uploaded to backend successfully + reason: SuccessfullyUploadedSnapshotMetadata + status: "True" + type: SnapshotMetadataUploaded + integrity: true + phase: Succeeded + size: 1.872 KiB + snapshotTime: "2024-09-06T04:30:00Z" + totalComponents: 1 +``` + +> KubeStash uses `pg_dump` or `pg_dumpall` to perform backups of target `PostgreSQL` databases. Therefore, the component name for logical backups is set as `dump`. + +Now, if we navigate to the GCS bucket, we will see the backed up data stored in the `blueprint/demo/sample-postgres-2/repository/v1/frequent-backup/dump` directory. KubeStash also keeps the backup for `Snapshot` YAMLs, which can be found in the `blueprint/demo/sample-postgres-2/snapshots` directory. + +> Note: KubeStash stores all dumped data encrypted in the backup directory, meaning it remains unreadable until decrypted. + +## Cleanup + +To cleanup the resources crated by this tutorial, run the following commands, + +```bash +kubectl delete backupblueprints.core.kubestash.com -n demo postgres-default-backup-blueprint +kubectl delete backupblueprints.core.kubestash.com -n demo postgres-customize-backup-blueprint +kubectl delete retentionpolicies.storage.kubestash.com -n demo demo-retention +kubectl delete backupstorage -n demo gcs-storage +kubectl delete secret -n demo gcs-secret +kubectl delete secret -n demo encrypt-secret +kubectl delete postgres -n demo sample-postgres +kubectl delete postgres -n demo sample-postgres-2 +``` \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/backup/multiple-backends.yaml b/docs/guides/postgres/backup/kubestash/customization/backup/multiple-backends.yaml new file mode 100644 index 0000000000..422754ccf5 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/backup/multiple-backends.yaml @@ -0,0 +1,49 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + - name: s3-backend + storageRef: + namespace: demo + name: s3-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + - name: s3-postgres-repo + backend: s3-backend + directory: /postgres-copy + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/backup/passing-args.yaml b/docs/guides/postgres/backup/kubestash/customization/backup/passing-args.yaml new file mode 100644 index 0000000000..5803c51a7e --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/backup/passing-args.yaml @@ -0,0 +1,38 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + args: --clean \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/backup/passing-database.yaml b/docs/guides/postgres/backup/kubestash/customization/backup/passing-database.yaml new file mode 100644 index 0000000000..6a6ceaf6cf --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/backup/passing-database.yaml @@ -0,0 +1,39 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + backupCmd: pg_dump + args: testdb \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/backup/resources-limit.yaml b/docs/guides/postgres/backup/kubestash/customization/backup/resources-limit.yaml new file mode 100644 index 0000000000..baadf69c50 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/backup/resources-limit.yaml @@ -0,0 +1,45 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + resources: + requests: + cpu: "200m" + memory: "1Gi" + limits: + cpu: "200m" + memory: "1Gi" + tasks: + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/backup/specific-user.yaml b/docs/guides/postgres/backup/kubestash/customization/backup/specific-user.yaml new file mode 100644 index 0000000000..712b2cb4b0 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/backup/specific-user.yaml @@ -0,0 +1,41 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + securityContext: + runAsUser: 0 + runAsGroup: 0 + tasks: + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/common/gcs-backupstorage.yaml b/docs/guides/postgres/backup/kubestash/customization/common/gcs-backupstorage.yaml new file mode 100644 index 0000000000..5972fd3a31 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/common/gcs-backupstorage.yaml @@ -0,0 +1,17 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: false + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/common/retentionpolicy.yaml b/docs/guides/postgres/backup/kubestash/customization/common/retentionpolicy.yaml new file mode 100644 index 0000000000..4591562860 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/common/retentionpolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/common/s3-backupstorage.yaml b/docs/guides/postgres/backup/kubestash/customization/common/s3-backupstorage.yaml new file mode 100644 index 0000000000..c87d26f7ec --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/common/s3-backupstorage.yaml @@ -0,0 +1,19 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: s3-storage + namespace: demo +spec: + storage: + provider: s3 + s3: + bucket: kubestash + region: us-east-1 + endpoint: us-east-1.linodeobjects.com + secretName: s3-secret + prefix: sunny + usagePolicy: + allowedNamespaces: + from: All + default: false + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/common/sample-postgres.yaml b/docs/guides/postgres/backup/kubestash/customization/common/sample-postgres.yaml new file mode 100644 index 0000000000..4a1abc9f9a --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/common/sample-postgres.yaml @@ -0,0 +1,18 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/index.md b/docs/guides/postgres/backup/kubestash/customization/index.md new file mode 100644 index 0000000000..40cc2a3ddf --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/index.md @@ -0,0 +1,421 @@ +--- +title: PostgreSQL Backup Customization | KubeStash +description: Customizing PostgreSQL Backup and Restore process with KubeStash +menu: + docs_{{ .version }}: + identifier: guides-pg-backup-customization-stashv2 + name: Customizing Backup & Restore Process + parent: guides-pg-backup-stashv2 + weight: 50 +menu_name: docs_{{ .version }} +section_menu_id: guides +--- + +# Customizing Backup and Restore Process + +KubeStash provides rich customization supports for the backup and restore process to meet the requirements of various cluster configurations. This guide will show you some examples of these customizations. + +## Customizing Backup Process + +In this section, we are going to show you how to customize the backup process. Here, we are going to show some examples of providing arguments to the backup process, running the backup process as a specific user, etc. + +### Passing arguments to the backup process + +KubeStash PostgreSQL addon uses the [pg_dumpall](https://www.postgresql.org/docs/current/app-pg-dumpall.html) command by default for backups. However, you can change the dump command to [pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html) by setting the `backupCmd` parameter under the `addon.tasks[*].params` section. You can pass supported options for either `pg_dumpall` or `pg_dump` through the `args` parameter in the same section. + +The below example shows how you can pass the `--clean` to include SQL commands to clean (drop) databases before recreating them. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + args: --clean +``` + + +### Passing a target database to the backup process + +KubeStash PostgreSQL addon uses the [pg_dumpall](https://www.postgresql.org/docs/current/app-pg-dumpall.html) command by default for backups. If you want to back up a single database, you’ll need to switch the command to [pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html). You can do this by setting `backupCmd` to `pg_dump` under the `addon.tasks[*].params` section and specifying the database name using the `args` parameter in the same section. + +The below example shows how you can set `pg_dump` and pass target database name during backup. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup + params: + backupCmd: pg_dump + args: testdb +``` + +> **WARNING**: Make sure that your provided database has been created before taking backup. + +### Using multiple backends + +You can configure multiple backends within a single `backupConfiguration`. To back up the same data to different backends, such as S3 and GCS, declare each backend in the `.spe.backends` section. Then, reference these backends in the `.spec.sessions[*].repositories` section. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + - name: s3-backend + storageRef: + namespace: demo + name: s3-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + - name: s3-postgres-repo + backend: s3-backend + directory: /postgres-copy + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup +``` + +### Running backup job as a specific user + +If your cluster requires running the backup job as a specific user, you can provide `securityContext` under `addon.jobTemplate.spec.securityContext` section. The below example shows how you can run the backup job as the `root` user. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + securityContext: + runAsUser: 0 + runAsGroup: 0 + tasks: + - name: logical-backup +``` + +### Specifying Memory/CPU limit/request for the backup job + +If you want to specify the Memory/CPU limit/request for your backup job, you can specify `resources` field under `addon.jobTemplate.spec` section. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + resources: + requests: + cpu: "200m" + memory: "1Gi" + limits: + cpu: "200m" + memory: "1Gi" + tasks: + - name: logical-backup +``` + +> You can configure additional runtime settings for backup jobs within the `addon.jobTemplate.spec` sections. For further details, please refer to the [reference](https://kubestash.com/docs/latest/concepts/crds/backupconfiguration/#podtemplate-spec). + +## Customizing Restore Process + +`KubeStash` uses [psql](https://www.postgresql.org/docs/current/app-psql.html) during the restore process. In this section, we are going to show how you can pass arguments to the restore process, restore a specific snapshot, run restore job as a specific user, etc. + +### Passing arguments to the restore process + +You can pass any supported `psql` arguments to the restore process using the `args` field within the `addon.tasks[*].params` section. This example demonstrates how to specify a database `testdb` to connect to during the restore process. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore + params: + args: --dbname=testdb +``` + +### Restore specific snapshot + +You can also restore a specific snapshot. At first, list the available snapshot as bellow, + +```bash +$ kubectl get snapshots.storage.kubestash.com -n demo -l=kubestash.com/repo-name=gcs-postgres-repo +NAME REPOSITORY SESSION SNAPSHOT-TIME DELETION-POLICY PHASE AGE +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725257849 gcs-postgres-repo frequent-backup 2024-09-02T06:18:01Z Delete Succeeded 15m +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725258000 gcs-postgres-repo frequent-backup 2024-09-02T06:20:00Z Delete Succeeded 13m +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725258300 gcs-postgres-repo frequent-backup 2024-09-02T06:25:00Z Delete Succeeded 8m34s +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725258600 gcs-postgres-repo frequent-backup 2024-09-02T06:30:00Z Delete Succeeded 3m34s +``` + +The below example shows how you can pass a specific snapshot name in `.spec.dataSource` section. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725258000 + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore +``` + +### Running restore job as a specific user + +Similar to the backup process under the `addon.jobTemplate.spec.` you can provide `securityContext` to run the restore job as a specific user. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + securityContext: + runAsUser: 0 + runAsGroup: 0 + tasks: + - name: logical-backup-restore +``` + +### Specifying Memory/CPU limit/request for the restore job + +Similar to the backup process, you can also provide `resources` field under the `addon.jobTemplate.spec.resources` section to limit the Memory/CPU for your restore job. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + resources: + requests: + cpu: "200m" + memory: "1Gi" + limits: + cpu: "200m" + memory: "1Gi" + tasks: + - name: logical-backup-restore +``` + +> You can configure additional runtime settings for restore jobs within the `addon.jobTemplate.spec` sections. For further details, please refer to the [reference](https://kubestash.com/docs/latest/concepts/crds/restoresession/#podtemplate-spec). \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/restore/passing-args.yaml b/docs/guides/postgres/backup/kubestash/customization/restore/passing-args.yaml new file mode 100644 index 0000000000..71cd9f9ebd --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/restore/passing-args.yaml @@ -0,0 +1,23 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore + params: + args: --dbname=testdb \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/restore/resources-limit.yaml b/docs/guides/postgres/backup/kubestash/customization/restore/resources-limit.yaml new file mode 100644 index 0000000000..f14e0c295b --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/restore/resources-limit.yaml @@ -0,0 +1,30 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + resources: + requests: + cpu: "200m" + memory: "1Gi" + limits: + cpu: "200m" + memory: "1Gi" + tasks: + - name: logical-backup-restore \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/restore/specific-snapshot.yaml b/docs/guides/postgres/backup/kubestash/customization/restore/specific-snapshot.yaml new file mode 100644 index 0000000000..f77a99b0fd --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/restore/specific-snapshot.yaml @@ -0,0 +1,21 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725258000 + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/customization/restore/specific-user.yaml b/docs/guides/postgres/backup/kubestash/customization/restore/specific-user.yaml new file mode 100644 index 0000000000..c712466b5f --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/customization/restore/specific-user.yaml @@ -0,0 +1,26 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + jobTemplate: + spec: + securityContext: + runAsUser: 0 + runAsGroup: 0 + tasks: + - name: logical-backup-restore \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/backupconfiguration.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/backupconfiguration.yaml new file mode 100644 index 0000000000..ddc74e3a7e --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/backupconfiguration.yaml @@ -0,0 +1,36 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/backupstorage.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/backupstorage.yaml new file mode 100644 index 0000000000..6ab3df02ac --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/backupstorage.yaml @@ -0,0 +1,17 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/restored-postgres.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/restored-postgres.yaml new file mode 100644 index 0000000000..7837574e49 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/restored-postgres.yaml @@ -0,0 +1,20 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: restored-postgres + namespace: demo +spec: + init: + waitForInitialRestore: true + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/restoresession.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/restoresession.yaml new file mode 100644 index 0000000000..1bcb3e5a8c --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/restoresession.yaml @@ -0,0 +1,21 @@ +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/retentionpolicy.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/retentionpolicy.yaml new file mode 100644 index 0000000000..4591562860 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/retentionpolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/examples/sample-postgres.yaml b/docs/guides/postgres/backup/kubestash/logical/examples/sample-postgres.yaml new file mode 100644 index 0000000000..4a1abc9f9a --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/examples/sample-postgres.yaml @@ -0,0 +1,18 @@ +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/logical/index.md b/docs/guides/postgres/backup/kubestash/logical/index.md new file mode 100644 index 0000000000..0d49283310 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/logical/index.md @@ -0,0 +1,780 @@ +--- +title: Backup & Restore PostgreSQL | KubeStash +description: Backup ans Restore PostgreSQL database using KubeStash +menu: + docs_{{ .version }}: + identifier: guides-pg-logical-backup-stashv2 + name: Logical Backup + parent: guides-pg-backup-stashv2 + weight: 20 +menu_name: docs_{{ .version }} +section_menu_id: guides +--- + +# Backup and Restore MariaDB database using KubeStash + +KubeStash allows you to backup and restore `PostgreSQL` databases. It supports backups for `PostgreSQL` instances running in Standalone, and HA cluster configurations. KubeStash makes managing your `PostgreSQL` backups and restorations more straightforward and efficient. + +This guide will give you an overview how you can take backup and restore your `PostgreSQL` databases using `Kubestash`. + + +## Before You Begin + +- At first, you need to have a Kubernetes cluster, and the `kubectl` command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using `Minikube` or `Kind`. +- Install `KubeDB` in your cluster following the steps [here](/docs/setup/README.md). +- Install `KubeStash` in your cluster following the steps [here](https://kubestash.com/docs/latest/setup/install/kubestash). +- Install KubeStash `kubectl` plugin following the steps [here](https://kubestash.com/docs/latest/setup/install/kubectl-plugin/). +- If you are not familiar with how KubeStash backup and restore PostgreSQL databases, please check the following guide [here](/docs/guides/postgres/backup/kubestash/overview/index.md). + +You should be familiar with the following `KubeStash` concepts: + +- [BackupStorage](https://kubestash.com/docs/latest/concepts/crds/backupstorage/) +- [BackupConfiguration](https://kubestash.com/docs/latest/concepts/crds/backupconfiguration/) +- [BackupSession](https://kubestash.com/docs/latest/concepts/crds/backupsession/) +- [RestoreSession](https://kubestash.com/docs/latest/concepts/crds/restoresession/) +- [Addon](https://kubestash.com/docs/latest/concepts/crds/addon/) +- [Function](https://kubestash.com/docs/latest/concepts/crds/function/) +- [Task](https://kubestash.com/docs/latest/concepts/crds/addon/#task-specification) + +To keep everything isolated, we are going to use a separate namespace called `demo` throughout this tutorial. + +```bash +$ kubectl create ns demo +namespace/demo created +``` + +> **Note:** YAML files used in this tutorial are stored in [docs/guides/postgres/backup/kubestash/logical/examples](https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples) directory of [kubedb/docs](https://github.com/kubedb/docs) repository. + + +## Backup PostgreSQL + +KubeStash supports backups for `PostgreSQL` instances across different configurations, including Standalone and HA Cluster setups. In this demonstration, we'll focus on a `PostgreSQL` database using HA cluster configuration. The backup and restore process is similar for Standalone configuration. + +This section will demonstrate how to backup a `PostgreSQL` database. Here, we are going to deploy a `PostgreSQL` database using KubeDB. Then, we are going to backup this database into a `GCS` bucket. Finally, we are going to restore the backup up data into another `PostgreSQL` database. + + +### Deploy Sample PostgreSQL Database + +Let's deploy a sample `PostgreSQL` database and insert some data into it. + +**Create PostgreSQL CR:** + +Below is the YAML of a sample `PostgreSQL` CR that we are going to create for this tutorial: + +```yaml +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: sample-postgres + namespace: demo +spec: + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut +``` + +Create the above `PostgreSQL` CR, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/sample-postgres.yaml +postgres.kubedb.com/sample-postgres created +``` + +KubeDB will deploy a `PostgreSQL` database according to the above specification. It will also create the necessary `Secrets` and `Services` to access the database. + +Let's check if the database is ready to use, + +```bash +$ kubectl get pg -n demo sample-postgres +NAME VERSION STATUS AGE +sample-postgres 16.1 Ready 5m1s +``` + +The database is `Ready`. Verify that KubeDB has created a `Secret` and a `Service` for this database using the following commands, + +```bash +$ kubectl get secret -n demo +NAME TYPE DATA AGE +sample-postgres-auth kubernetes.io/basic-auth 2 5m20s + +$ kubectl get service -n demo -l=app.kubernetes.io/instance=sample-postgres +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +sample-postgres ClusterIP 10.96.23.177 5432/TCP,2379/TCP 5m55s +sample-postgres-pods ClusterIP None 5432/TCP,2380/TCP,2379/TCP 5m55s +sample-postgres-standby ClusterIP 10.96.26.118 5432/TCP 5m55s +``` + +Here, we have to use service `sample-postgres` and secret `sample-postgres-auth` to connect with the database. `KubeDB` creates an [AppBinding](/docs/guides/postgres/concepts/appbinding.md) CR that holds the necessary information to connect with the database. + + +**Verify AppBinding:** + +Verify that the `AppBinding` has been created successfully using the following command, + +```bash +$ kubectl get appbindings -n demo +NAME TYPE VERSION AGE +sample-postgres kubedb.com/postgres 16.1 9m30s +``` + +Let's check the YAML of the above `AppBinding`, + +```bash +$ kubectl get appbindings -n demo sample-postgres -o yaml +``` + +```yaml +apiVersion: appcatalog.appscode.com/v1alpha1 +kind: AppBinding +metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"kubedb.com/v1","kind":"Postgres","metadata":{"annotations":{},"name":"sample-postgres","namespace":"demo"},"spec":{"deletionPolicy":"DoNotTerminate","replicas":3,"standbyMode":"Hot","storage":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"1Gi"}}},"storageType":"Durable","streamingMode":"Synchronous","version":"16.1"}} + creationTimestamp: "2024-09-04T10:07:04Z" + generation: 1 + labels: + app.kubernetes.io/component: database + app.kubernetes.io/instance: sample-postgres + app.kubernetes.io/managed-by: kubedb.com + app.kubernetes.io/name: postgreses.kubedb.com + name: sample-postgres + namespace: demo + ownerReferences: + - apiVersion: kubedb.com/v1 + blockOwnerDeletion: true + controller: true + kind: Postgres + name: sample-postgres + uid: 0810a96c-a2b6-4e8a-a70a-51753660450c + resourceVersion: "245972" + uid: 73bdba85-c932-464b-93a8-7f1ba8dfff1b +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo + clientConfig: + service: + name: sample-postgres + path: / + port: 5432 + query: sslmode=disable + scheme: postgresql + parameters: + apiVersion: appcatalog.appscode.com/v1alpha1 + kind: StashAddon + stash: + addon: + backupTask: + name: postgres-backup-16.1 + restoreTask: + name: postgres-restore-16.1 + secret: + name: sample-postgres-auth + type: kubedb.com/postgres + version: "16.1" +``` + +KubeStash uses the `AppBinding` CR to connect with the target database. It requires the following two fields to set in AppBinding's `.spec` section. + +Here, + +- `.spec.clientConfig.service.name` specifies the name of the Service that connects to the database. +- `.spec.secret` specifies the name of the Secret that holds necessary credentials to access the database. +- `.spec.type` specifies the types of the app that this AppBinding is pointing to. KubeDB generated AppBinding follows the following format: `/`. + + +**Insert Sample Data:** + +Now, we are going to exec into one of the database pod and create some sample data. At first, find out the database `Pod` using the following command, + +```bash +$ kubectl get pods -n demo --selector="app.kubernetes.io/instance=sample-postgres" +NAME READY STATUS RESTARTS AGE +sample-postgres-0 2/2 Running 0 16m +sample-postgres-1 2/2 Running 0 13m +sample-postgres-2 2/2 Running 0 13m +``` + +Now, let’s exec into the pod and create a table, + +```bash +$ kubectl exec -it -n demo sample-postgres-0 -- sh + +# login as "postgres" superuser. +/ $ psql -U postgres +psql (16.1) +Type "help" for help. + +# list available databases +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(4 rows) + +# create a database named "demo" +postgres=# create database demo; +CREATE DATABASE + +# verify that the "demo" database has been created +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + demo | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(5 rows) + +# connect to the "demo" database +postgres=# \c demo +You are now connected to database "demo" as user "postgres". + +# create a sample table +demo=# CREATE TABLE COMPANY( NAME TEXT NOT NULL, EMPLOYEE INT NOT NULL); +CREATE TABLE + +# verify that the table has been created +demo=# \d + List of relations + Schema | Name | Type | Owner +--------+---------+-------+---------- + public | company | table | postgres +(1 row) + +# insert multiple rows of data into the table +demo=# INSERT INTO COMPANY (NAME, EMPLOYEE) VALUES ('TechCorp', 100), ('InnovateInc', 150), ('AlphaTech', 200); +INSERT 0 3 + +# verify the data insertion +demo=# SELECT * FROM COMPANY; + name | employee +-------------+---------- + TechCorp | 100 + InnovateInc | 150 + AlphaTech | 200 +(3 rows) + +# quit from the database +demo=# \q + +# exit from the pod +/ $ exit +``` + +Now, we are ready to backup the database. + +### Prepare Backend + +We are going to store our backed up data into a `GCS` bucket. We have to create a `Secret` with necessary credentials and a `BackupStorage` CR to use this backend. If you want to use a different backend, please read the respective backend configuration doc from [here](https://kubestash.com/docs/latest/guides/backends/overview/). + +**Create Secret:** + +Let's create a secret called `gcs-secret` with access credentials to our desired GCS bucket, + +```bash +$ echo -n '' > GOOGLE_PROJECT_ID +$ cat /path/to/downloaded-sa-key.json > GOOGLE_SERVICE_ACCOUNT_JSON_KEY +$ kubectl create secret generic -n demo gcs-secret \ + --from-file=./GOOGLE_PROJECT_ID \ + --from-file=./GOOGLE_SERVICE_ACCOUNT_JSON_KEY +secret/gcs-secret created +``` + +**Create BackupStorage:** + +Now, create a `BackupStorage` using this secret. Below is the YAML of `BackupStorage` CR we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: BackupStorage +metadata: + name: gcs-storage + namespace: demo +spec: + storage: + provider: gcs + gcs: + bucket: kubestash-qa + prefix: demo + secretName: gcs-secret + usagePolicy: + allowedNamespaces: + from: All + default: true + deletionPolicy: Delete +``` + +Let's create the BackupStorage we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/backupstorage.yaml +backupstorage.storage.kubestash.com/gcs-storage created +``` + +Now, we are ready to backup our database to our desired backend. + +**Create RetentionPolicy:** + +Now, let's create a `RetentionPolicy` to specify how the old Snapshots should be cleaned up. + +Below is the YAML of the `RetentionPolicy` object that we are going to create, + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: RetentionPolicy +metadata: + name: demo-retention + namespace: demo +spec: + default: true + failedSnapshots: + last: 2 + maxRetentionPeriod: 2mo + successfulSnapshots: + last: 5 + usagePolicy: + allowedNamespaces: + from: All +``` + +Let’s create the above `RetentionPolicy`, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/retentionpolicy.yaml +retentionpolicy.storage.kubestash.com/demo-retention created +``` + +### Backup + +We have to create a `BackupConfiguration` targeting respective `sample-postgres` PostgreSQL database. Then, KubeStash will create a `CronJob` for each session to take periodic backup of that database. + +At first, we need to create a secret with a Restic password for backup data encryption. + +**Create Secret:** + +Let's create a secret called `encrypt-secret` with the Restic password, + +```bash +$ echo -n 'changeit' > RESTIC_PASSWORD +$ kubectl create secret generic -n demo encrypt-secret \ + --from-file=./RESTIC_PASSWORD \ +secret "encrypt-secret" created +``` + +Below is the YAML for `BackupConfiguration` CR to backup the `sample-postgres` database that we have deployed earlier, + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: BackupConfiguration +metadata: + name: sample-postgres-backup + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: sample-postgres + backends: + - name: gcs-backend + storageRef: + namespace: demo + name: gcs-storage + retentionPolicy: + name: demo-retention + namespace: demo + sessions: + - name: frequent-backup + scheduler: + schedule: "*/5 * * * *" + jobTemplate: + backoffLimit: 1 + repositories: + - name: gcs-postgres-repo + backend: gcs-backend + directory: /postgres + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup +``` + +- `.spec.sessions[*].schedule` specifies that we want to backup the database at `5 minutes` interval. +- `.spec.target` refers to the targeted `sample-postgres` PostgreSQL database that we created earlier. + +Let's create the `BackupConfiguration` CR that we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/kubestash/logical/examples/backupconfiguration.yaml +backupconfiguration.core.kubestash.com/sample-postgres-backup created +``` + +**Verify Backup Setup Successful** + +If everything goes well, the phase of the `BackupConfiguration` should be `Ready`. The `Ready` phase indicates that the backup setup is successful. Let's verify the `Phase` of the BackupConfiguration, + +```bash +$ kubectl get backupconfiguration -n demo +NAME PHASE PAUSED AGE +sample-postgres-backup Ready 2m50s +``` + +Additionally, we can verify that the `Repository` specified in the `BackupConfiguration` has been created using the following command, + +```bash +$ kubectl get repo -n demo +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +gcs-postgres-repo 0 0 B Ready 3m +``` + +KubeStash keeps the backup for `Repository` YAMLs. If we navigate to the GCS bucket, we will see the `Repository` YAML stored in the `demo/postgres` directory. + +**Verify CronJob:** + +It will also create a `CronJob` with the schedule specified in `spec.sessions[*].scheduler.schedule` field of `BackupConfiguration` CR. + +Verify that the `CronJob` has been created using the following command, + +```bash +$ kubectl get cronjob -n demo +NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE +trigger-sample-postgres-backup-frequent-backup */5 * * * * 0 2m45s 3m25s +``` + +**Verify BackupSession:** + +KubeStash triggers an instant backup as soon as the `BackupConfiguration` is ready. After that, backups are scheduled according to the specified schedule. + +```bash +$ kubectl get backupsession -n demo -w +NAME INVOKER-TYPE INVOKER-NAME PHASE DURATION AGE +sample-postgres-backup-frequent-backup-1725449400 BackupConfiguration sample-postgres-backup Succeeded 7m22s +``` + +We can see from the above output that the backup session has succeeded. Now, we are going to verify whether the backed up data has been stored in the backend. + +**Verify Backup:** + +Once a backup is complete, KubeStash will update the respective `Repository` CR to reflect the backup. Check that the repository `sample-postgres-backup` has been updated by the following command, + +```bash +$ kubectl get repository -n demo sample-postgres-backup +NAME INTEGRITY SNAPSHOT-COUNT SIZE PHASE LAST-SUCCESSFUL-BACKUP AGE +sample-postgres-backup true 1 806 B Ready 8m27s 9m18s +``` + +At this moment we have one `Snapshot`. Run the following command to check the respective `Snapshot` which represents the state of a backup run for an application. + +```bash +$ kubectl get snapshots -n demo -l=kubestash.com/repo-name=gcs-postgres-repo +NAME REPOSITORY SESSION SNAPSHOT-TIME DELETION-POLICY PHASE AGE +gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 gcs-postgres-repo frequent-backup 2024-01-23T13:10:54Z Delete Succeeded 16h +``` + +> Note: KubeStash creates a `Snapshot` with the following labels: +> - `kubestash.com/app-ref-kind: ` +> - `kubestash.com/app-ref-name: ` +> - `kubestash.com/app-ref-namespace: ` +> - `kubestash.com/repo-name: ` +> +> These labels can be used to watch only the `Snapshot`s related to our target Database or `Repository`. + +If we check the YAML of the `Snapshot`, we can find the information about the backed up components of the Database. + +```bash +$ kubectl get snapshots -n demo gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 -oyaml +``` + +```yaml +apiVersion: storage.kubestash.com/v1alpha1 +kind: Snapshot +metadata: + creationTimestamp: "2024-09-04T11:30:00Z" + finalizers: + - kubestash.com/cleanup + generation: 1 + labels: + kubestash.com/app-ref-kind: Postgres + kubestash.com/app-ref-name: sample-postgres + kubestash.com/app-ref-namespace: demo + kubestash.com/repo-name: gcs-postgres-repo + annotations: + kubedb.com/db-version: "16.1" + name: gcs-postgres-repo-sample-postgres-backup-frequent-backup-1725449400 + namespace: demo + ownerReferences: + - apiVersion: storage.kubestash.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: Repository + name: gcs-postgres-repo + uid: 1009bd4a-b211-49f1-a64c-3c979c699a81 + resourceVersion: "253523" + uid: c6757c49-e13b-4a36-9f7d-64eae350423f +spec: + appRef: + apiGroup: kubedb.com + kind: Postgres + name: sample-postgres + namespace: demo + backupSession: sample-postgres-backup-frequent-backup-1725449400 + deletionPolicy: Delete + repository: gcs-postgres-repo + session: frequent-backup + snapshotID: 01J6YCRWEWAKACMGZYR2R7YJ5C + type: FullBackup + version: v1 +status: + components: + dump: + driver: Restic + duration: 11.526138009s + integrity: true + path: repository/v1/frequent-backup/dump + phase: Succeeded + resticStats: + - hostPath: dumpfile.sql + id: 008eb87193e7db112e9ad8f42c9302c851a1fbacb7165a5cb3aa2d27dd210764 + size: 3.345 KiB + uploaded: 299 B + size: 2.202 KiB + conditions: + - lastTransitionTime: "2024-09-04T11:30:00Z" + message: Recent snapshot list updated successfully + reason: SuccessfullyUpdatedRecentSnapshotList + status: "True" + type: RecentSnapshotListUpdated + - lastTransitionTime: "2024-09-04T11:30:32Z" + message: Metadata uploaded to backend successfully + reason: SuccessfullyUploadedSnapshotMetadata + status: "True" + type: SnapshotMetadataUploaded + integrity: true + phase: Succeeded + size: 2.201 KiB + snapshotTime: "2024-09-04T11:30:00Z" + totalComponents: 1 +``` + +> KubeStash uses `pg_dump` or `pg_dumpall` to perform backups of target `PostgreSQL` databases. Therefore, the component name for logical backups is set as `dump`. + +Now, if we navigate to the GCS bucket, we will see the backed up data stored in the `demo/popstgres/repository/v1/frequent-backup/dump` directory. KubeStash also keeps the backup for `Snapshot` YAMLs, which can be found in the `demo/postgres/snapshots` directory. + +> Note: KubeStash stores all dumped data encrypted in the backup directory, meaning it remains unreadable until decrypted. + +## Restore + +In this section, we are going to restore the database from the backup we have taken in the previous section. We are going to deploy a new database and initialize it from the backup. + +Now, we have to deploy the restored database similarly as we have deployed the original `sample-postgres` database. However, this time there will be the following differences: + +- We are going to specify `.spec.init.waitForInitialRestore` field that tells KubeDB to wait for first restore to complete before marking this database is ready to use. + +Below is the YAML for `PostgreSQL` CR we are going deploy to initialize from backup, + +```yaml +apiVersion: kubedb.com/v1 +kind: Postgres +metadata: + name: restored-postgres + namespace: demo +spec: + init: + waitForInitialRestore: true + version: "16.1" + replicas: 3 + standbyMode: Hot + streamingMode: Synchronous + storageType: Durable + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + deletionPolicy: WipeOut +``` + +Let's create the above database, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/restored-postgres.yaml +postgres.kubedb.com/restore-postgres created +``` + +If you check the database status, you will see it is stuck in **`Provisioning`** state. + +```bash +$ kubectl get postgres -n demo restored-postgres +NAME VERSION STATUS AGE +restored-postgres 8.2.0 Provisioning 61s +``` + +#### Create RestoreSession: + +Now, we need to create a `RestoreSession` CR pointing to targeted `PostgreSQL` database. + +Below, is the contents of YAML file of the `RestoreSession` object that we are going to create to restore backed up data into the newly created `PostgreSQL` database named `restored-postgres`. + +```yaml +apiVersion: core.kubestash.com/v1alpha1 +kind: RestoreSession +metadata: + name: sample-postgres-restore + namespace: demo +spec: + target: + apiGroup: kubedb.com + kind: Postgres + namespace: demo + name: restored-postgres + dataSource: + repository: gcs-postgres-repo + snapshot: latest + encryptionSecret: + name: encrypt-secret + namespace: demo + addon: + name: postgres-addon + tasks: + - name: logical-backup-restore +``` + +Here, + +- `.spec.target` refers to the newly created `restored-postgres` PostgreSQL object to where we want to restore backup data. +- `.spec.dataSource.repository` specifies the Repository object that holds the backed up data. +- `.spec.dataSource.snapshot` specifies to restore from latest `Snapshot`. + +Let's create the RestoreSession CRD object we have shown above, + +```bash +$ kubectl apply -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/postgres/backup/kubestash/logical/examples/restoresession.yaml +restoresession.core.kubestash.com/sample-postgres-restore created +``` + +Once, you have created the `RestoreSession` object, KubeStash will create restore Job. Run the following command to watch the phase of the `RestoreSession` object, + +```bash +$ watch kubectl get restoresession -n demo +Every 2.0s: kubectl get restores... AppsCode-PC-03: Wed Aug 21 10:44:05 2024 +NAME REPOSITORY FAILURE-POLICY PHASE DURATION AGE +sample-postgres-restore gcs-postgres-repo Succeeded 7s 116s +``` + +The `Succeeded` phase means that the restore process has been completed successfully. + +#### Verify Restored Data: + +In this section, we are going to verify whether the desired data has been restored successfully. We are going to connect to the database server and check whether the database and the table we created earlier in the original database are restored. + +At first, check if the database has gone into **`Ready`** state by the following command, + +```bash +$ kubectl get postgres -n demo restored-postgres +NAME VERSION STATUS AGE +restored-postgres 16.1 Ready 6m31s +``` + +Now, find out the database `Pod` by the following command, + +```bash +$ kubectl get pods -n demo --selector="app.kubernetes.io/instance=restored-postgres" +NAME READY STATUS RESTARTS AGE +restored-postgres-0 2/2 Running 0 6m7s +restored-postgres-1 2/2 Running 0 6m1s +restored-postgres-2 2/2 Running 0 5m55s +``` + +Now, lets exec one of the `Pod` and verify restored data. + +```bash +$ kubectl exec -it -n demo restored-postgres-0 -- /bin/sh +# login as "postgres" superuser. +/ # psql -U postgres +psql (11.11) +Type "help" for help. + +# verify that the "demo" database has been restored +postgres=# \l + List of databases + Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges +---------------+----------+----------+-----------------+------------+------------+------------+-----------+----------------------- + demo | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + kubedb_system | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + postgres | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | + template0 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres + template1 | postgres | UTF8 | libc | en_US.utf8 | en_US.utf8 | | | =c/postgres + + | | | | | | | | postgres=CTc/postgres +(5 rows) + +# connect to the "demo" database +postgres=# \c demo +You are now connected to database "demo" as user "postgres". + +# verify that the sample table has been restored +demo=# \d + List of relations + Schema | Name | Type | Owner +--------+---------+-------+---------- + public | company | table | postgres +(1 row) + +# Verify that the sample data has been restored +demo=# SELECT * FROM COMPANY; + name | employee +-------------+---------- + TechCorp | 100 + InnovateInc | 150 + AlphaTech | 200 +(3 rows) + +# disconnect from the database +demo=# \q + +# exit from the pod +/ # exit +``` + +So, from the above output, we can see the `demo` database we had created in the original database `sample-postgres` has been restored in the `restored-postgres` database. + +## Cleanup + +To cleanup the Kubernetes resources created by this tutorial, run: + +```bash +kubectl delete backupconfigurations.core.kubestash.com -n demo sample-postgres-backup +kubectl delete restoresessions.core.kubestash.com -n demo restore-sample-postgres +kubectl delete retentionpolicies.storage.kubestash.com -n demo demo-retention +kubectl delete backupstorage -n demo gcs-storage +kubectl delete secret -n demo gcs-secret +kubectl delete secret -n demo encrypt-secret +kubectl delete postgres -n demo restored-postgres +kubectl delete postgres -n demo sample-postgres +``` \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/overview/images/backup_overview.svg b/docs/guides/postgres/backup/kubestash/overview/images/backup_overview.svg new file mode 100644 index 0000000000..9d245e0dcd --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/overview/images/backup_overview.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/overview/images/kubedb_plus_kubestash.svg b/docs/guides/postgres/backup/kubestash/overview/images/kubedb_plus_kubestash.svg new file mode 100644 index 0000000000..380d92d969 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/overview/images/kubedb_plus_kubestash.svg @@ -0,0 +1,21 @@ + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/guides/postgres/backup/kubestash/overview/images/restore_overview.svg b/docs/guides/postgres/backup/kubestash/overview/images/restore_overview.svg new file mode 100644 index 0000000000..f2c2488962 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/overview/images/restore_overview.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/docs/guides/postgres/backup/kubestash/overview/index.md b/docs/guides/postgres/backup/kubestash/overview/index.md new file mode 100644 index 0000000000..4ed7970d59 --- /dev/null +++ b/docs/guides/postgres/backup/kubestash/overview/index.md @@ -0,0 +1,98 @@ +--- +title: Backup & Restore PostgreSQL Using KubeStash +menu: + docs_{{ .version }}: + identifier: guides-pg-backup-overview-stashv2 + name: Overview + parent: guides-pg-backup-stashv2 + weight: 10 +menu_name: docs_{{ .version }} +section_menu_id: guides +--- + +> New to KubeDB? Please start [here](/docs/README.md). + +{{< notice type="warning" message="Please install [KubeStash](https://kubestash.com/docs/latest/setup/install/kubestash/) to try this feature. Database backup with KubeStash is already included in the KubeDB license. So, you don't need a separate license for KubeStash." >}} + +# PostgreSQL Backup & Restore Overview + +KubeDB also uses [KubeStash](https://kubestash.com) to backup and restore databases. KubeStash by AppsCode is a cloud native data backup and recovery solution for Kubernetes workloads and databases. KubeStash utilizes [restic](https://github.com/restic/restic) to securely backup stateful applications to any cloud or on-prem storage backends (for example, S3, GCS, Azure Blob storage, Minio, NetApp, Dell EMC etc.). + +
+  KubeDB + KubeStash +
Fig: Backup KubeDB Databases Using KubeStash
+
+ +## How Backup Works + +The following diagram shows how KubeStash takes backup of a `PostgreSQL` database. Open the image in a new tab to see the enlarged version. + +
+  PostgreSQL Backup Overview +
Fig: PostgreSQL Backup Overview
+
+ +The backup process consists of the following steps: + +1. At first, a user creates a `Secret`. This secret holds the credentials to access the backend where the backed up data will be stored. + +2. Then, she creates a `BackupStorage` custom resource that specifies the backend information, along with the `Secret` containing the credentials needed to access the backend. + +3. KubeStash operator watches for `BackupStorage` custom resources. When it finds a `BackupStorage` object, it initializes the `BackupStorage` by uploading the `metadata.yaml` file to the specified backend. + +4. Next, she creates a `BackupConfiguration` custom resource that specifies the target database, addon information (including backup tasks), backup schedules, storage backends for storing the backup data, and other additional settings. + +5. KubeStash operator watches for `BackupConfiguration` objects. + +6. Once the KubeStash operator finds a `BackupConfiguration` object, it creates `Repository` with the information specified in the `BackupConfiguration`. + +7. KubeStash operator watches for `Repository` custom resources. When it finds the `Repository` object, it Initializes `Repository` by uploading `repository.yaml` file into the `spec.sessions[*].repositories[*].directory` path specified in `BackupConfiguration`. + +8. Then, it creates a `CronJob` for each session with the schedule specified in `BackupConfiguration` to trigger backup periodically. + +9. KubeStash operator triggers an instant backup as soon as the `BackupConfiguration` is ready. Backups are otherwise triggered by the `CronJob` based on the specified schedule. + +10. KubeStash operator watches for `BackupSession` custom resources. + +11. When it finds a `BackupSession` object, it creates a `Snapshot` custom resource for each `Repository` specified in the `BackupConfiguration`. + +12. Then it resolves the respective `Addon` and `Function` and prepares backup `Job` definition. + +13. Then, it creates the `Job` to backup the targeted `PostgreSQL` database. + +14. The backup `Job` reads necessary information (e.g. auth secret, port) to connect with the database from the `AppBinding` CR. It also reads backend information and access credentials from `BackupStorage` CR, Storage Secret and `Repository` path respectively. + +15. Then, the `Job` dumps the targeted `PostgreSQL` database and uploads the output to the backend. KubeStash pipes the output of dump command to uploading process. Hence, backup `Job` does not require a large volume to hold the entire dump output. + +16. After the backup process is completed, the backup `Job` updates the `status.components[dump]` field of the `Snapshot` resources with backup information of the target `PostgreSQL` database. + +## How Restore Process Works + +The following diagram shows how KubeStash restores backed up data into a `PostgreSQL` database. Open the image in a new tab to see the enlarged version. + +
+  Database Restore Overview +
Fig: PostgreSQL Restore Process Overview
+
+ +The restore process consists of the following steps: + +1. At first, a user creates a `PostgreSQL` database where the data will be restored or the user can use the same `PostgreSQL` database. + +2. Then, she creates a `RestoreSession` custom resource that specifies the target database where the backed-up data will be restored, addon information (including restore tasks), the target snapshot to be restored, the Repository containing that snapshot, and other additional settings. + +3. KubeStash operator watches for `RestoreSession` custom resources. + +4. When it finds a `RestoreSession` custom resource, it resolves the respective `Addon` and `Function` and prepares a restore `Job` definition. + +5. Then, it creates the `Job` to restore the target. + +6. The `Job` reads necessary information to connect with the database from respective `AppBinding` CR. It also reads backend information and access credentials from `Repository` CR and storage `Secret` respectively. + +7. Then, the `Job` downloads the backed up data from the backend and injects into the desired database. KubeStash pipes the downloaded data to the respective database tool to inject into the database. Hence, restore `Job` does not require a large volume to download entire backup data inside it. + +8. Finally, when the restore process is completed, the `Job` updates the `status.components[*]` field of the `RestoreSession` with restore information of the target database. + +## Next Steps + +- Backup a `PostgreSQL` database using KubeStash by the following guides from [here](/docs/guides/postgres/backup/kubestash/logical/index.md). \ No newline at end of file diff --git a/docs/guides/postgres/backup/auto-backup/examples/backupblueprint.yaml b/docs/guides/postgres/backup/stash/auto-backup/examples/backupblueprint.yaml similarity index 100% rename from docs/guides/postgres/backup/auto-backup/examples/backupblueprint.yaml rename to docs/guides/postgres/backup/stash/auto-backup/examples/backupblueprint.yaml diff --git a/docs/guides/postgres/backup/auto-backup/examples/sample-pg-1.yaml b/docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-1.yaml similarity index 100% rename from docs/guides/postgres/backup/auto-backup/examples/sample-pg-1.yaml rename to docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-1.yaml diff --git a/docs/guides/postgres/backup/auto-backup/examples/sample-pg-2.yaml b/docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-2.yaml similarity index 100% rename from docs/guides/postgres/backup/auto-backup/examples/sample-pg-2.yaml rename to docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-2.yaml diff --git a/docs/guides/postgres/backup/auto-backup/examples/sample-pg-3.yaml b/docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-3.yaml similarity index 100% rename from docs/guides/postgres/backup/auto-backup/examples/sample-pg-3.yaml rename to docs/guides/postgres/backup/stash/auto-backup/examples/sample-pg-3.yaml diff --git a/docs/guides/postgres/backup/auto-backup/images/sample-postgres-1.png b/docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-1.png similarity index 100% rename from docs/guides/postgres/backup/auto-backup/images/sample-postgres-1.png rename to docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-1.png diff --git a/docs/guides/postgres/backup/auto-backup/images/sample-postgres-2.png b/docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-2.png similarity index 100% rename from docs/guides/postgres/backup/auto-backup/images/sample-postgres-2.png rename to docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-2.png diff --git a/docs/guides/postgres/backup/auto-backup/images/sample-postgres-3.png b/docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-3.png similarity index 100% rename from docs/guides/postgres/backup/auto-backup/images/sample-postgres-3.png rename to docs/guides/postgres/backup/stash/auto-backup/images/sample-postgres-3.png diff --git a/docs/guides/postgres/backup/auto-backup/index.md b/docs/guides/postgres/backup/stash/auto-backup/index.md similarity index 100% rename from docs/guides/postgres/backup/auto-backup/index.md rename to docs/guides/postgres/backup/stash/auto-backup/index.md diff --git a/docs/guides/postgres/backup/customization/examples/backup/multi-retention-policy.yaml b/docs/guides/postgres/backup/stash/customization/examples/backup/multi-retention-policy.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/backup/multi-retention-policy.yaml rename to docs/guides/postgres/backup/stash/customization/examples/backup/multi-retention-policy.yaml diff --git a/docs/guides/postgres/backup/customization/examples/backup/resource-limit.yaml b/docs/guides/postgres/backup/stash/customization/examples/backup/resource-limit.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/backup/resource-limit.yaml rename to docs/guides/postgres/backup/stash/customization/examples/backup/resource-limit.yaml diff --git a/docs/guides/postgres/backup/customization/examples/backup/specific-database-user.yaml b/docs/guides/postgres/backup/stash/customization/examples/backup/specific-database-user.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/backup/specific-database-user.yaml rename to docs/guides/postgres/backup/stash/customization/examples/backup/specific-database-user.yaml diff --git a/docs/guides/postgres/backup/customization/examples/backup/specific-user.yaml b/docs/guides/postgres/backup/stash/customization/examples/backup/specific-user.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/backup/specific-user.yaml rename to docs/guides/postgres/backup/stash/customization/examples/backup/specific-user.yaml diff --git a/docs/guides/postgres/backup/customization/examples/repository.yaml b/docs/guides/postgres/backup/stash/customization/examples/repository.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/repository.yaml rename to docs/guides/postgres/backup/stash/customization/examples/repository.yaml diff --git a/docs/guides/postgres/backup/customization/examples/restore/passing-args.yaml b/docs/guides/postgres/backup/stash/customization/examples/restore/passing-args.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/restore/passing-args.yaml rename to docs/guides/postgres/backup/stash/customization/examples/restore/passing-args.yaml diff --git a/docs/guides/postgres/backup/customization/examples/restore/resource-limit.yaml b/docs/guides/postgres/backup/stash/customization/examples/restore/resource-limit.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/restore/resource-limit.yaml rename to docs/guides/postgres/backup/stash/customization/examples/restore/resource-limit.yaml diff --git a/docs/guides/postgres/backup/customization/examples/restore/specific-database-user.yaml b/docs/guides/postgres/backup/stash/customization/examples/restore/specific-database-user.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/restore/specific-database-user.yaml rename to docs/guides/postgres/backup/stash/customization/examples/restore/specific-database-user.yaml diff --git a/docs/guides/postgres/backup/customization/examples/restore/specific-snapshot.yaml b/docs/guides/postgres/backup/stash/customization/examples/restore/specific-snapshot.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/restore/specific-snapshot.yaml rename to docs/guides/postgres/backup/stash/customization/examples/restore/specific-snapshot.yaml diff --git a/docs/guides/postgres/backup/customization/examples/restore/specific-user.yaml b/docs/guides/postgres/backup/stash/customization/examples/restore/specific-user.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/restore/specific-user.yaml rename to docs/guides/postgres/backup/stash/customization/examples/restore/specific-user.yaml diff --git a/docs/guides/postgres/backup/customization/examples/sample-postgres.yaml b/docs/guides/postgres/backup/stash/customization/examples/sample-postgres.yaml similarity index 100% rename from docs/guides/postgres/backup/customization/examples/sample-postgres.yaml rename to docs/guides/postgres/backup/stash/customization/examples/sample-postgres.yaml diff --git a/docs/guides/postgres/backup/customization/index.md b/docs/guides/postgres/backup/stash/customization/index.md similarity index 100% rename from docs/guides/postgres/backup/customization/index.md rename to docs/guides/postgres/backup/stash/customization/index.md diff --git a/docs/guides/postgres/backup/overview/images/backup_overview.svg b/docs/guides/postgres/backup/stash/overview/images/backup_overview.svg similarity index 100% rename from docs/guides/postgres/backup/overview/images/backup_overview.svg rename to docs/guides/postgres/backup/stash/overview/images/backup_overview.svg diff --git a/docs/guides/postgres/backup/overview/images/restore_overview.svg b/docs/guides/postgres/backup/stash/overview/images/restore_overview.svg similarity index 100% rename from docs/guides/postgres/backup/overview/images/restore_overview.svg rename to docs/guides/postgres/backup/stash/overview/images/restore_overview.svg diff --git a/docs/guides/postgres/backup/overview/index.md b/docs/guides/postgres/backup/stash/overview/index.md similarity index 100% rename from docs/guides/postgres/backup/overview/index.md rename to docs/guides/postgres/backup/stash/overview/index.md diff --git a/docs/guides/postgres/backup/standalone/examples/appbinding.yaml b/docs/guides/postgres/backup/stash/standalone/examples/appbinding.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/appbinding.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/appbinding.yaml diff --git a/docs/guides/postgres/backup/standalone/examples/backupconfiguration.yaml b/docs/guides/postgres/backup/stash/standalone/examples/backupconfiguration.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/backupconfiguration.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/backupconfiguration.yaml diff --git a/docs/guides/postgres/backup/standalone/examples/postgres.yaml b/docs/guides/postgres/backup/stash/standalone/examples/postgres.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/postgres.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/postgres.yaml diff --git a/docs/guides/postgres/backup/standalone/examples/repository.yaml b/docs/guides/postgres/backup/stash/standalone/examples/repository.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/repository.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/repository.yaml diff --git a/docs/guides/postgres/backup/standalone/examples/restored-postgres.yaml b/docs/guides/postgres/backup/stash/standalone/examples/restored-postgres.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/restored-postgres.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/restored-postgres.yaml diff --git a/docs/guides/postgres/backup/standalone/examples/restoresession.yaml b/docs/guides/postgres/backup/stash/standalone/examples/restoresession.yaml similarity index 100% rename from docs/guides/postgres/backup/standalone/examples/restoresession.yaml rename to docs/guides/postgres/backup/stash/standalone/examples/restoresession.yaml diff --git a/docs/guides/postgres/backup/standalone/images/sample-postgres-backup.png b/docs/guides/postgres/backup/stash/standalone/images/sample-postgres-backup.png similarity index 100% rename from docs/guides/postgres/backup/standalone/images/sample-postgres-backup.png rename to docs/guides/postgres/backup/stash/standalone/images/sample-postgres-backup.png diff --git a/docs/guides/postgres/backup/standalone/index.md b/docs/guides/postgres/backup/stash/standalone/index.md similarity index 100% rename from docs/guides/postgres/backup/standalone/index.md rename to docs/guides/postgres/backup/stash/standalone/index.md