Installing and configuring OpenShift API for Data Protection for use with NetApp Trident Protect by using the IBM Software Hub command-line interface

You can use the IBM Software Hub command-line interface (cpd-cli) to install and configure the OpenShift API for Data Protection (OADP) operator. The OADP operator works with NetApp Trident Protect to back up your IBM Software Hub installation.

Installation phase
  • You are not here. Setting up a client workstation
  • You are not here. Setting up a cluster
  • You are not here. Collecting required information
  • You are not here. Preparing to run installs in a restricted network
  • You are not here. Preparing to run installs from a private container registry
  • You are here icon. Preparing the cluster for IBM Software Hub
  • You are not here. Preparing to install an instance of IBM Software Hub
  • You are not here. Installing an instance of IBM Software Hub
  • You are not here. Setting up the control plane
  • You are not here. Installing solutions and services
Who needs to complete this task?

Cluster administrator A cluster administrator must complete this task.

When do you need to complete this task?

Complete this task if you plan to use NetApp Trident Protect to backup and restore IBM Software Hub.

Icon representing back up and restore Restore If you plan to restore IBM Software Hub to a different cluster, you must also complete this task on the target cluster.

Before you begin

Best practice: You can run the commands in this task exactly as written if you set up environment variables. For instructions, see Setting up installation environment variables.

Ensure that you source the environment variables before you run the commands in this task.

About this task

If you plan to use the NetApp Trident Protect, you must install the OADP operator and configure a Data Protection Application to connect to your S3-compatible object storage.

Procedure

  1. Log in to Red Hat® OpenShift Container Platform as a cluster administrator. 
    ${OC_LOGIN}
    Remember: OC_LOGIN is an alias for the oc login command.
  2. Install NetApp Trident Protect.
    For more information, see Install and configure Trident Protect in the NetApp Trident documentation:
  3. Check the version of the following NetApp software is the same:
    1. To check the version of NetApp Trident, run: 
      oc get deploy trident-controller \
-n trident \
-o yaml | grep "image:" | grep "trident"
    2. To check the version of NetApp Trident Protect, run: 
      oc get cm trident-protect-env-config \
-n ${PROJECT_NETAPP_TRIDENT_PROTECT} \
-o jsonpath='{.data.TRIDENT_PROTECT_TAG}{"\n"}'
    3. To check the version of the NetApp Trident Protect CLI plug-in, run: 
      tridentctl-protect version
  4. Create a NetApp Trident Protect AppVault.
    (An AppVault is a bucket custom resource for NetApp Trident Protect.) For more information on creating an App Vault, see Use Trident Protect AppVault objects to manage buckets in the NetApp Trident documentation:
    Remember: Ensure that the AppVault name matches the value that you set for the NETAPP_TRIDENT_PROTECT_APP_VAULT environment variable in your installation environment variables script.
  5. Create the project where you want to install the OADP operator. 
    oc new-project ${OADP_PROJECT}
  6. Annotate the OADP project: 
    oc annotate namespace ${OADP_PROJECT} openshift.io/node-selector=""

    The annotation ensure that Kopia pods can be scheduled on all nodes

  7. Run the following command to install the OADP operator and configure the Data Protection Application (DPA): 
    cpd-cli oadp install \
--component=oadp-operator \
--namespace=${OADP_PROJECT} \
--oadp-version=${OADP_VERSION} \
--velero-cpu-limit=${KOPIA_POD_CPU_LIMIT} \
--velero-cpu-request=500m \
--velero-mem-limit=4Gi \
--velero-mem-request=256Mi \
--node-agent-pod-cpu-limit=${NODE_AGENT_POD_CPU_LIMIT} \
--node-agent-pod-cpu-request=500m \
--node-agent-pod-mem-limit=32Gi \
--node-agent-pod-mem-request=256Mi \
--uploader-type=kopia \
--bucket-name=${BUCKET_NAME} \
--prefix=${BUCKET_PREFIX} \
--access-key-id=${ACCESS_KEY_ID} \
--secret-access-key=${SECRET_ACCESS_KEY} \
--region=${REGION} \
--s3force-path-style=true \
--s3url=${S3_URL} \
--verbose
  8. Confirm that the velero and node-agent pods are running in the ${OADP_PROJECT} project: 
    oc get pods \
-n ${OADP_PROJECT}

    The node-agent DaemonSet creates one node-agent pod for each worker node in the cluster. For example, on a cluster with 9 nodes, ensure that there are 9 node-agent pods:

    NAME                                                    READY   STATUS    RESTARTS   AGE
openshift-adp-controller-manager-678f6998bf-fnv8p       2/2     Running   0          55m
node-agent-455wd                                        1/1     Running   0          49m
node-agent-5g4n8                                        1/1     Running   0          49m
node-agent-6z9v2                                        1/1     Running   0          49m
node-agent-722x8                                        1/1     Running   0          49m
node-agent-c8qh4                                        1/1     Running   0          49m
node-agent-lcqqg                                        1/1     Running   0          49m
node-agent-v6gbj                                        1/1     Running   0          49m
node-agent-xb9j8                                        1/1     Running   0          49m
node-agent-zjngp                                        1/1     Running   0          49m
velero-7d847d5bb7-zm6vd                                 1/1     Running   0          49m
  9. Verify that the backup storage location PHASE is Available: 
    cpd-cli oadp backup-location list \
--namespace=${OADP_PROJECT}

    For example:

    NAME           PROVIDER    BUCKET             PREFIX              PHASE        LAST VALIDATED      ACCESS MODE
dpa-sample-1   aws         ${BUCKET_NAME}     ${BUCKET_PREFIX}    Available    <timestamp>

What to do next