Storage Fusion

 View Only

Fusion Recipe Tips - Specify resources for backup and restore workflows

By Sandeep Prajapati posted Wed February 14, 2024 09:20 AM

  

Introduction 

In the previous blog, we explored a few approaches for identifying the resources of an application. Now that we've gained insights into application resources, let’s learn how to specify the resources that we want to protect using the Fusion Backup and Restore Recipe. In this article, we will explore methods to precisely specify these resources within Recipe groups to streamline the creation of backup and restore workflows.

Background

Fusion Recipe is a custom resource (CR) that encapsulates one or more application resources within groups. Having multiple groups in the Recipe offers several advantages, such as - providing fine-grained control over the application, arranging resources in a logical order, and facilitating the execution of similar operations together, among other benefits. Therefore, the creation of appropriate groups holds significant importance in preserving the application details within the Fusion Recipe.

Let's create Recipe groups

Before jumping upon the creation of Recipe groups, we should know what are the Recipe groups? These are one of the basic specification elements of Recipe CR, which allows us to define a set of resources or PVCs that can be processed together within a backup or restore workflows. For example, a group can be a subset of specific resources that are specified with an exclude statement or an include statement.

There are two group types, i.e. ‘volume’ and ‘resource’. The ‘volume’ group encompasses PersistentVolumeClaims (PVCs), while the ‘resource’ group includes various resource types, including Pods, replicaSets, statefulSets, deployments, custom resources, and more. To illustrate the versatility of groups, the following section will showcase group creation covering specific scenarios.

Scenario 1. Volume group to include all volumes in the mysql-operator namespace.

To achieve this, we can look at the Recipe CR specification and fill group details as below:

  groups:
    - name: mysql-volumes
      type: volume
      includedNamespaces:
        - mysql-operator

By specifying resource type as ‘volume’ and adding namespace ‘mysql-operator’ entry in includedNamespaces list, we have included all volumes in the namespace mysql-operator with the name ‘mysql-volumes’.

2. Volume group containing all PVCs in the mysql-operator namespace but excluding certain PVCs that match a label selector:

    - name: mysql-key-volumes
      type: volume
      includedNamespaces:
        - mysql-operator
      labelSelector: 'key1!=value1,key2!=value2'

Here, label selectors are used with negation, causing exclusion of volumes that match these labels. Another thing to note is that - we can have multiple labels for resource selection separated by a comma ‘,’.

3. An example of a resource group that includes all resources in the mysql-operator namespace.

    - name: mysql-resources
      type: resource
      includedNamespaces:
        - mysql-operator

It's notable that the type ‘resource’ used here leads to the selection of all namespace resources, excluding PVCs, within the specified ‘mysql-operator’ namespace.

4. An example of a resource group to include all resources in the mysql-operator namespace and all its cluster-scoped resources as well.

    - name: mysql-operator-resources
      type: resource
      includedNamespaces:
        - mysql-operator
      includeClusterResources: true

This will be useful in cases where we want to create group that includes cluster resources such as customresourcedefinitions (CRDs), clusterroles, clusterrolebindings and other cluster resources along with the application namespace resources. Basically, what it does is creates a group of type ‘resource’ to include all namespace and cluster resources.

5. Resource group to include only certain resources with the help of labelSelectors. Let’s say - we want to include resources such as serviceaccounts, roles, and rolebindings that share a common label “manual=example-redis” in the namespace aiops.

    - name: redis-resources
      type: resource
      includedNamespaces:
        - aiops
      includedResourceTypes:
        - serviceaccounts
        - roles
        - rolebindings
      labelSelector: manual=example-redis

From this, it’s clear that by using labelSelectors, we can effectively narrow down and group together only those resources that match a specific label, thereby streamlining the management and organization of relevant resources in a group.

6. Exclude certain resources in a group and include all other resources. For example, Exclude resource serviceaccount, roles and rolebindings having label “manual=example-redis” in aiops namespace.

    - name: redis-resources
      type: resource
      includedNamespaces:
        - aiops
      excludedResourceTypes:
        - serviceaccounts
        - roles
        - rolebindings
      labelSelector: manual=example-redis

Note: This is different than scenario (5) as using ‘excludedResourceTypes’ field.

7. Consider a scenario where application operator reconciles during recovery and has overwritten a particular resource, but we want to restore the old backup resource. 

For example, take MySQL case where operator on restore has reconciled and overwritten the secret, but we need the old secret back to connect with the database. This can be achieved in the recipe with the help of two groups. 

    - name: mysql-operator-secrets
      type: resource
      includedNamespaces:
        - mysql-operator
      includedResourceTypes:
        - secrets
      labelSelector: key1=value1
    - name: restore-mysql-operator-secrets
      backupRef: mysql-operator-secrets
      restoreOverwriteResources: true
      type: resource

In the first group, a backup of the secret resource is created.

The second group is specifically tailored for the restoration process. During the restoration process, the second group is utilized, where the backup group is referenced using the 'backupRef' field, along with the 'restoreOverwriteResources' flag set to true. This setting allows the specific resource to be overwritten during the restoration process. If we don’t set the overwrite flag to true, resource on restore will be skipped, stating that the resource is already present.

Conclusion

Depending on the situation, different recipe groups can be created, allowing smooth backup and recovery of applications. To fully leverage all its capabilities, refer to the "Specifying a group" section in the Recipe documentation. In the next blog, we will explore usage of Recipe hooks, offering insights into achieving application-consistent backups and recovery scenarios.


#Featured-area-2
#Featured-area-2-home
0 comments
20 views

Permalink