Preparing the Cloud Pak for Data volume backup and restore utility
This information shows you how to plan and prepare to use the IBM Cloud Pak® for Data volume backup and restore utility.
Ensure that you source the environment variables before you run the commands in this task.
To do the following tasks, run the following command to log in to the cluster:
${OC_LOGIN}
OC_LOGIN
is an alias for the oc login
command.Backup and restore utility PVC
The Cloud Pak for Data volume backup and restore
utility requires a shared volume PersistentVolumeClaim (PVC) to be created and bounded for use in
its initialization command. You can create a PVC from a PersistentVolume (PV) or
from a storage class. Ensure that the PV is a shared volume with the ReadWriteMany
access mode.
- Creating a PVC from a PV on an NFS file system
-
The following example creates a yaml file that is named pv.yaml on an external NFS server where /exports is the shared NFS drive. You use this yaml file to create a PV that is named pv0001.
cat <<EOF > pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: pv0001 spec: capacity: storage: 50Gi accessModes: - ReadWriteMany nfs: path: /exports server: <IP address> persistentVolumeReclaimPolicy: Retain EOF
Then, create a yaml file that is named cpdbr-pvc.yaml. You use this yaml file to create a PVC that is named cpdbr-pvc. The PVC is bound to the pv0001 PV.
cat <<EOF > cpdbr-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: cpdbr-pvc spec: accessModes: - ReadWriteMany resources: requests: storage: 20Gi volumeName: "pv0001" EOF
Run the following commands to create the PV and PVC.
oc apply -f pv.yaml oc apply -f ./cpdbr-pvc.yaml -n ${PROJECT_CPD_INST_OPERANDS}
Note: Make sure that the shared NFS drive and the file system backup and restore utility PVC have sufficient space to back up all PVCs that are bound to your services. - Creating a PVC from a storage class
-
The following example creates yaml file that is named cpdbr-pvc.yaml. You use this yaml file to create an NFS volume that is named cpdbr-pvc. The PVC is created by using the storage class
managed-nfs-storage
.cat <<EOF > cpdbr-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: cpdbr-pvc spec: storageClassName: managed-nfs-storage accessModes: - ReadWriteMany resources: requests: storage: 200Gi EOF
For more information about storage classes that Cloud Pak for Data supports, see Storage considerations.
Run the following command to create the NFS volume.
oc apply -f cpdbr-pvc.yaml -n ${PROJECT_CPD_INST_OPERANDS}
Repository secret
If you are backing up and restoring volumes to and from a separate PVC or object store, you must create a repository secret that is named cpdbr-repo-secret before you can initialize the utility.
For a PVC, provide the following credential for the secret:
- RESTIC_PASSWORD
- The restic password to use to create the repository.
For example,
# setup the repository secret for PVC
echo -n 'restic' > RESTIC_PASSWORD
oc create secret generic -n zen cpdbr-repo-secret \
--from-file=./RESTIC_PASSWORD
For S3 object storage, provide the following credentials for the secret:
- RESTIC_PASSWORD
- The restic password to use to create the repository.
- AWS_ACCESS_KEY_ID
- Amazon Web Services access key ID.
- AWS_SECRET_ACCESS_KEY
- Amazon Web Services secret access key.
- CA_CERT_DATA
- Object storage's Certificate Authority (CA) certificate bundle (PEM format).
Provide this information if the object storage uses a custom CA bundle (for example, a self-signed certificate).
For example,
# setup the repository secret for S3
echo -n 'restic' > RESTIC_PASSWORD
echo -n 'minio' > AWS_ACCESS_KEY_ID
echo -n 'minio123' > AWS_SECRET_ACCESS_KEY
cat /path/to/public.crt > CA_CERT_DATA
oc create secret generic -n Project cpdbr-repo-secret \
--from-file=./RESTIC_PASSWORD \
--from-file=./AWS_ACCESS_KEY_ID \
--from-file=./AWS_SECRET_ACCESS_KEY \
--from-file=./CA_CERT_DATA
cpdbr
image
The Cloud Pak for Data volume backup and restore
utility requires the cpdbr
image. The image is available
for x86_64 and ppc64le clusters.
The Cloud Pak for Data volume backup and restore utility is not supported on IBM Z®, Linux®, and LinuxONE systems.
If your cluster pulls images from a private container registry or if your cluster is in a
restricted network, the image must be pushed to the private container registry so that users can run
backup and restore commands against the cluster. The image is automatically mirrored when you mirror
the Cloud Pak for Data (cpd_platform
) images. For more information, see Moving images for cpd-cli plug-ins to a private container registry.
What to do next
Install the cpd-cli utility, which includes the Cloud Pak for Data volume backup and restore utility. For details, see Installing the IBM Cloud Pak for Data command-line interface.