Introduction
In the previous blog, we explored a few approaches for identifying the resources of an application. Now that we've gained insights into application resources, let’s learn how to specify the resources that we want to protect using the Fusion Backup and Restore Recipe. In this article, we will explore methods to precisely specify these resources within Recipe groups to streamline the creation of backup and restore workflows.
Background
Fusion Recipe is a custom resource (CR) that encapsulates one or more application resources within groups. Having multiple groups in the Recipe offers several advantages, such as - providing fine-grained control over the application, arranging resources in a logical order, and facilitating the execution of similar operations together, among other benefits. Therefore, the creation of appropriate groups holds significant importance in preserving the application details within the Fusion Recipe.
Let's create Recipe groups
Before jumping upon the creation of Recipe groups, we should know what are the Recipe groups? These are one of the basic specification elements of Recipe CR, which allows us to define a set of resources or PVCs that can be processed together within a backup or restore workflows. For example, a group can be a subset of specific resources that are specified with an exclude statement or an include statement.
There are two group types, i.e. ‘volume’ and ‘resource’. The ‘volume’ group encompasses PersistentVolumeClaims (PVCs), while the ‘resource’ group includes various resource types, including Pods, replicaSets, statefulSets, deployments, custom resources, and more. To illustrate the versatility of groups, the following section will showcase group creation covering specific scenarios.
Scenario 1. Volume group to include all volumes in the mysql-operator
namespace.
To achieve this, we can look at the Recipe CR specification and fill group details as below:
groups:
- name: mysql-volumes
type: volume
includedNamespaces:
- mysql-operator
By specifying resource type as ‘volume’ and adding namespace ‘mysql-operator’ entry in includedNamespaces list, we have included all volumes in the namespace mysql-operator with the name ‘mysql-volumes’.
2. Volume group containing all PVCs in the mysql-operator
namespace but excluding certain PVCs that match a label selector:
- name: mysql-key-volumes
type: volume
includedNamespaces:
- mysql-operator
labelSelector: 'key1!=value1,key2!=value2'
Here, label selectors are used with negation, causing exclusion of volumes that match these labels. Another thing to note is that - we can have multiple labels for resource selection separated by a comma ‘,’.
3. An example of a resource group that includes all resources in the mysql-operator
namespace.
- name: mysql-resources
type: resource
includedNamespaces:
- mysql-operator
It's notable that the type ‘resource’ used here leads to the selection of all namespace resources, excluding PVCs, within the specified ‘mysql-operator’ namespace.
4. An example of a resource group to include all resources in the mysql-operator
namespace and all its cluster-scoped resources as well.
- name: mysql-operator-resources
type: resource
includedNamespaces:
- mysql-operator
includeClusterResources: true
This will be useful in cases where we want to create group that includes cluster resources such as customresourcedefinitions (CRDs), clusterroles, clusterrolebindings and other cluster resources along with the application namespace resources. Basically, what it does is creates a group of type ‘resource’ to include all namespace and cluster resources.
5. Resource group to include only certain resources with the help of labelSelectors. Let’s say - we want to include resources such as serviceaccounts, roles, and rolebindings that share a common label “manual=example-redis” in the namespace aiops
.
- name: redis-resources
type: resource
includedNamespaces:
- aiops
includedResourceTypes:
- serviceaccounts
- roles
- rolebindings
labelSelector: manual=example-redis
From this, it’s clear that by using labelSelectors, we can effectively narrow down and group together only those resources that match a specific label, thereby streamlining the management and organization of relevant resources in a group.
6. Exclude certain resources in a group and include all other resources. For example, Exclude resource serviceaccount, roles and rolebindings having label “manual=example-redis” in aiops
namespace.
- name: redis-resources
type: resource
includedNamespaces:
- aiops
excludedResourceTypes:
- serviceaccounts
- roles
- rolebindings
labelSelector: manual=example-redis
Note: This is different than scenario (5) as using ‘excludedResourceTypes’ field.
7. Consider a scenario where application operator reconciles during recovery and has overwritten a particular resource, but we want to restore the old backup resource.
For example, take MySQL case where operator on restore has reconciled and overwritten the secret, but we need the old secret back to connect with the database. This can be achieved in the recipe with the help of two groups.
- name: mysql-operator-secrets
type: resource
includedNamespaces:
- mysql-operator
includedResourceTypes:
- secrets
labelSelector: key1=value1
- name: restore-mysql-operator-secrets
backupRef: mysql-operator-secrets
restoreOverwriteResources: true
type: resource
In the first group, a backup of the secret resource is created.
The second group is specifically tailored for the restoration process. During the restoration process, the second group is utilized, where the backup group is referenced using the 'backupRef' field, along with the 'restoreOverwriteResources' flag set to true. This setting allows the specific resource to be overwritten during the restoration process. If we don’t set the overwrite flag to true, resource on restore will be skipped, stating that the resource is already present.
Conclusion
Depending on the situation, different recipe groups can be created, allowing smooth backup and recovery of applications. To fully leverage all its capabilities, refer to the "Specifying a group" section in the Recipe documentation. In the next blog, we will explore usage of Recipe hooks, offering insights into achieving application-consistent backups and recovery scenarios.
#Featured-area-2#Featured-area-2-home