Taking a portal infrastructure configuration backup

Create YAML backup files of your portal subsystem's Kubernetes configuration.

About this task

A portal infrastructure configuration backup is essential for disaster recovery. Take an infrastructure configuration backup after installation, and whenever you make an update to your portal's Kubernetes configuration.

If you have multiple portal clusters in the same namespace, include the portal CR name in all kubectl get PortalCluster commands provided in this topic. For example:
kubectl -n <portal namespace> get PortalCluster <portal CR name>
Note: For OpenShift® users: The steps that are detailed in this topic use the Kubernetes kubectl command. On OpenShift, use the equivalent oc command in its place.

Procedure

  1. Export the portal CR to a file called portal_cr_backup.yaml: 
    kubectl -n <portal namespace> get PortalCluster -o yaml > portal_cr_backup.yaml
  2. Export the portal database encryption secret to a file called portal_enc_key_backup.yaml:
    1. Get the name of the encryption secret: 
      kubectl -n <portal namespace> get ptl -o yaml | grep encryption
    2. Take note of the encryptionSecret name returned: 
      encryptionSecret: <portal enc key>
    3. Backup the encryption secret to a YAML file: 
      kubectl -n <portal namespace> get secret <portal enc key> -o yaml > portal_enc_key_backup.yaml
  3. Export your portal database backup secret: 
    kubectl -n <portal namespace> get secret <portal backup secret> -o yaml > ptl-backup-secret_backup.yaml
    The backup secret is created when you configure portal database backups. If database backups are not yet configured, remember to backup this secret when they are configured.
  4. If used, export your remote portal backup server's CA secret: 
    kubectl -n <portal namespace> get secret <portal custom server ca> -o yaml > portal-custom-server-ca_backup.yaml
    The S3 CA secret is created when you configure database backups: Create backup server CA secret. If database backups are not yet configured, remember to backup this secret when they are configured.
  5. Export any other certificates that you customized. For example, if you customized the portalWeb endpoint certificate, save the certificate by copying the corresponding secret to a YAML file: 
    kubectl -n <portal namespace> get secret <portalWeb secret> -o yaml > portalWeb_secret_backup.yaml

What to do next

Configure scheduled database portal backups: Configuring portal database backups.
Important: If you update your portal subsystem's Kubernetes configuration, remember to update your infrastructure configuration backup.