Red Hat SummitChapter 18. Backup and Restore
18.1. Overview
In OpenShift Enterprise, you can back up (saving state to separate storage) and restore (recreating state from separate storage) at the cluster level. There is also some preliminary support for per-project backup. The full state of a cluster installation includes:
- etcd data on each master
- API objects
- registry storage
- volume storage
This topic does not cover how to back up and restore persistent storage, as those topics are left to the underlying storage provider.
18.2. Prerequisites
Because the restore procedure involves a complete reinstallation, save all the files used in the initial installation. This may include:
- ~/.config/openshift/installer.cfg.yml (from the Quick Installation method)
- Ansible playbooks and inventory files (from the Advanced Installation method)
- /etc/yum.repos.d/ose.repo (from the Disconnected Installation method)
Install packages that provide various utility commands:
# yum install etcd
Note the location of the etcd data directory (or $ETCD_DATA_DIR in the following sections), which depends on how etcd is deployed.
| Deployment Type | Description | Data Directory |
|---|---|---|
| separate etcd | etcd runs as a separate service, either co-located on master nodes or on separate nodes. | /var/lib/etcd |
| embedded etcd | etcd runs as part of the master service. | /var/lib/origin/openshift.local.etcd |
18.3. Cluster Backup
Save all the certificates and keys, on each master:
# cd /etc/origin/master # tar cf /tmp/certs-and-keys-$(hostname).tar \ master.proxy-client.crt \ master.proxy-client.key \ proxyca.crt \ proxyca.key \ master.server.crt \ master.server.key \ ca.crt \ ca.key \ master.etcd-client.crt \ master.etcd-client.key \ master.etcd-ca.crtIf etcd is running on more than one host, stop it on each host:
# sudo systemctl stop etcd
Although this step is not strictly necessary, doing so ensures that the etcd data is fully synchronized.
Create an etcd backup:
# etcdctl backup \ --data-dir $ETCD_DATA_DIR \ --backup-dir $ETCD_DATA_DIR.bakNoteIf etcd is running on more than one host, the various instances regularly synchronize their data, so creating a backup for one of them is sufficient.
Create a template for all cluster API objects:
$ oc export all \ --exact \1 --all-namespaces \ --as-template=mycluster \2 > mycluster.template.yamlThe object types included in
oc export allare:- BuildConfig
- Build
- DeploymentConfig
- ImageStream
- Pod
- ReplicationController
- Route
- Service
18.4. Cluster Restore
Reinstall OpenShift Enterprise.
This should be done in the same way that OpenShift Enterprise was previously installed.
Restore the certificates and keys, on each master:
# cd /etc/origin/master # tar xvf /tmp/certs-and-keys-$(hostname).tar
Restore from the etcd backup:
# mv $ETCD_DATA_DIR $ETCD_DATA_DIR.orig # cp -Rp $ETCD_DATA_DIR.bak $ETCD_DATA_DIR # chcon -R --reference $ETCD_DATA_DIR.orig $ETCD_DATA_DIR # chown -R etcd:etcd $ETCD_DATA_DIR
Create the API objects for the cluster:
$ oc create -f mycluster.template.yaml
18.5. Project Backup
A future release of OpenShift Enterprise will feature specific support for per-project back up and restore.
For now, to back up API objects at the project level, use oc export for each object to be saved. For example, to save the deployment configuration frontend in YAML format:
$ oc export dc frontend -o yaml > dc-frontend.yaml
To back up all of the project (with the exception of cluster objects like namespaces and projects):
$ oc export all -o yaml > project.yaml
