Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Backup and recovery for operator environments

Red Hat Ansible Automation Platform 2.5

Safeguard against data loss with backup and recovery of Ansible Automation Platform operator on OpenShift Container Platform

Red Hat Customer Content Services

Abstract

This guide provides procedures and reference information to backup and recover installations of the Red Hat Ansible Automation Platform operator on OpenShift Container Platform.

Preface
Copy link

Thank you for your interest in Red Hat Ansible Automation Platform. Ansible Automation Platform is a commercial offering that helps teams manage complex multi-tier deployments by adding control, knowledge, and delegation to Ansible-powered environments.

Use the procedures in this guide to create backup resources that can be used for recovering your Red Hat Ansible Automation Platform deployment in the event of a failure.

Providing feedback on Red Hat documentation
Copy link

If you have a suggestion to improve this documentation, or find an error, you can contact technical support at https://access.redhat.com to open a request.

To safeguard against unexpected data loss and application errors, it is critical that you perform periodic backups of your Red Hat Ansible Automation Platform deployment. In addition to data loss prevention, backups allow you to fall back to a different deployment state.

1.1. About backup and recovery
Copy link

Red Hat recommends backing up deployments of Red Hat Ansible Automation Platform in your Red Hat OpenShift Container Platform environment to prevent data loss.

A backup resource of your Red Hat Ansible Automation Platform deployment includes the following:

  • Custom deployment of specific values in the spec section of the Ansible Automation Platform custom resource object.
  • Back up of the postgresql database.
  • secret_key, admin_password, and broadcast_websocket secrets.
  • Database configuration.
Note

Be sure to secure your backup resources because they can include sensitive information.

1.1.1. Backup recommendations
Copy link

Recovering from data loss requires that you plan for and create backup resources of your Red Hat Ansible Automation Platform deployments on a regular basis. At a minimum, Red Hat recommends backing up deployments of Red Hat Ansible Automation Platform under the following circumstances:

  • Before upgrading your Red Hat Ansible Automation Platform deployments.
  • Before upgrading your OpenShift cluster.
  • Once per week. This is particularly important if your environment is configured for automatic upgrades.

Backing up your Red Hat Ansible Automation Platform deployment involves creating backup resources for your deployed instances.

Use the following procedures to create backup resources for your Red Hat Ansible Automation Platform deployment. We recommend taking backups before upgrading the Ansible Automation Platform Operator. Take a backup regularly in case you want to restore the platform to a previous state.

Regularly backing up your Ansible Automation Platform deployment is vital to protect against unexpected data loss and application errors. Ansible Automation Platform hosts any enabled components (such as, automation controller, automation hub, and Event-Driven Ansible), when you back up Ansible Automation Platform the operator will also back up these components.

Note

Ansible Automation Platform Operator creates a PersistentVolumeClaim (PVC) for your Ansible Automation Platform Backup automatically. You can use your own pre-created PVC by using the backup_pvc spec and specifying your PVC.

Prerequisites

  • You must be authenticated on OpenShift cluster.
  • You have installed Ansible Automation Platform Operator on the cluster.
  • You have deployed a Ansible Automation Platform instance using the Ansible Automation Platform Operator.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select your Ansible Automation Platform Operator deployment.
  4. Go to your All Instances tab, and click Create New.

  5. Select Ansible Automation Platform Backup from the list.

    Note

    When creating the Ansible Automation Platform Backup resource it also creates backup resources for each of the nested components that are enabled.

  6. In the Name field, enter a name for the backup.
  7. In the Deployment name field, enter the name of the deployed Ansible Automation Platform instance being backed up. For example if your Ansible Automation Platform deployment must be backed up and the deployment name is aap, enter 'aap' in the Deployment name field.

  8. Click Create. This results in an AnsibleAutomationPlatformBackup resource similar to the following: 

    apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatformBackup
metadata:
  name: backup
  namespace: aap
spec:
  no_log: true
  deployment_name: aap

    Verification

    To verify that your backup was successful you can:

  9. Log in to Red Hat OpenShift Container Platform.
  10. Navigate to OperatorsInstalled Operators.
  11. Select your Ansible Automation Platform Operator deployment.
  12. Click All Instances.

The All Instances page displays the main backup and the backups for each component with the name you specified when creating your backup resource. The status for the following instances must be either Running or Successful:

  • AnsibleAutomationPlatformBackup
  • AutomationControllerBackup
  • EDABackup
  • AutomationHubBackup

2.2. Define custom backup Persistent Volume Claims
Copy link

Define custom Persistent Volume Claims (PVCs) to control backup storage allocation for each Ansible Automation Platform component. Specify unique PVC names, storage classes, and volume sizes at both global and component levels to differentiate between backup runs.

Prerequisites

  • You have an active Red Hat Ansible Automation Platform deployment on OpenShift Container Platform.
  • You have the oc CLI tool installed and cluster administrator access.

Procedure

  1. Create a backup YAML file, for example custom-pvc-backup.yaml, that defines the backup_pvc and create_backup_pvc parameters for each component: 

    apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatformBackup
metadata:
  name: aapbackup
spec:
  backup_pvc: custom-aap-backup-pvc
    1 
    
  backup_storage_class: nfs-local-rwx
  backup_storage_requirements: 7Gi
  create_backup_pvc: true
    2 
    
  deployment_name: aap
  controller:
    3 
    
    backup_pvc: custom-controller-backup-pvc
    backup_resource_requirements:
      limits:
        cpu: "4"
        memory: 8Gi
      requests:
        cpu: "2"
        memory: 4Gi
    backup_storage_class: standard-csi
    backup_storage_requirements: 7Gi
    create_backup_pvc: true
  eda:
    backup_pvc: custom-eda-backup-pvc
    backup_storage_class: standard-csi
    backup_storage_requirements: 7Gi
    create_backup_pvc: true
  hub:
    backup_pvc: custom-hub-backup-pvc
    backup_storage_class: nfs-local-rwx
    backup_storage_requirements: 7Gi
    create_backup_pvc: true
    1
    Sets a custom PVC name for the platform gateway backup.
    2
    When set to true, the operator creates the PVC automatically if it does not already exist.
    3
    Component-level settings override the global values for backup_pvc, backup_storage_class, and backup_storage_requirements. Each component can define its own backup_pvc to create a uniquely named PVC.

  2. Apply the configuration: 

    $ oc apply -f custom-pvc-backup.yaml

Verification

  • Confirm that the PVCs were created: 

    $ oc get pvc -n <namespace>

    The output displays the custom PVCs for each component: 

    NAME                             STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS
custom-aap-backup-pvc            Bound    pv-aap       7Gi        RWX            nfs-local-rwx
custom-controller-backup-pvc     Bound    pv-ctrl      7Gi        RWO            standard-csi
custom-eda-backup-pvc            Bound    pv-eda       7Gi        RWO            standard-csi
custom-hub-backup-pvc            Bound    pv-hub       7Gi        RWX            nfs-local-rwx

You can override the global backup configuration for specific components, such as automation controller, private automation hub, or Event-Driven Ansible controller. This enables each component to use its own storage class, PVC name, storage size, or resource limits during the backup process.

Example: Overriding component backup settings

In this backup custom resource, each component has a unique PVC name and storage class: 

apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatformBackup
metadata:
  name: custom-backup
spec:
  deployment_name: myaap
  no_log: false
  backup_storage_class: rook-cephfs
1 

  hub:
    backup_pvc: custom-hub-backup-pvc
2 

    backup_storage_requirements: 25Gi
    backup_storage_class: rook-cephfs
    create_backup_pvc: true
    no_log: false
  controller:
    backup_pvc: custom-controller-backup-pvc
    backup_storage_requirements: 15Gi
    backup_storage_class: rook-block
3 

    create_backup_pvc: true
    no_log: false
  eda:
    backup_pvc: custom-eda-backup-pvc
    backup_storage_requirements: 7Gi
    backup_storage_class: rook-block
    create_backup_pvc: true
    no_log: false
1
The global backup_storage_class applies to the platform gateway. Components that do not specify their own backup_storage_class inherit this value.
2
Each component can define its own backup_pvc to create a uniquely named PVC. Set create_backup_pvc: true to have the operator create the PVC automatically.
3
Component-level values, such as backup_storage_class: rook-block, override the global setting for that component.

If you lose information on your system or experience issues with an upgrade, you can use the backup resources of your deployment instances. Use the following procedures to recover your Ansible Automation Platform deployment files.

Ansible Automation Platform manages any enabled components (such as, automation controller, automation hub, and Event-Driven Ansible), when you recover Ansible Automation Platform you also restore these components.

In previous versions of the Ansible Automation Platform Operator, it was necessary to create a restore object for each component of the platform. Now, you create a single AnsibleAutomationPlatformRestore resource, which creates and manages the other restore objects:

  • AutomationControllerRestore
  • AutomationHubRestore
  • EDARestore

Prerequisites

  • You must be authenticated with an OpenShift cluster.
  • You have installed the Ansible Automation Platform Operator on the cluster.
  • The AnsibleAutomationPlatformBackups deployment is available in your cluster.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select your Ansible Automation Platform Operator deployment.
  4. Go to your All Instances tab, and click Create New.
  5. Select Ansible Automation Platform Restore from the list.
  6. For Name enter the name for the recovery deployment.
  7. For New Ansible Automation Platform Name enter the new name for your Ansible Automation Platform instance.
  8. Backup Source defaults to CR.
  9. For Backup name enter the name you chose when creating the backup.
  10. Click Create.

Verification

Your backup restores under the AnsibleAutomationPlatformRestores tab.

Note

The recovery is not complete until all the resources are successfully restored. Depending on the size of your database this can take some time.

To verify that your recovery was successful you can:

  1. Go to WorkloadsPods.
  2. Confirm that all pods are in a Running or Completed state.

A persistent volume claim (PVC) is a storage volume that stores data for automation hub and automation controller applications.

These PVCs are independent of the applications and persist even if an application is deleted. You can restore data from a PVC as an alternative to recovering from an Ansible Automation Platform backup.

For more information see the Finding and deleting PVCs section of the Installing on OpenShift Container Platform guide.

Prerequisites

  • You have an existing PVC containing a backup.
  • You have installed the Ansible Automation Platform Operator on Red Hat OpenShift Container Platform.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select your Ansible Automation Platform Operator deployment.
  4. Go to your All Instances tab, and click Create New.
  5. Select Ansible Automation Platform Restore from the list.
  6. For Name enter the name for the recovery deployment.
  7. For New Ansible Automation Platform Name enter the new name for your Ansible Automation Platform instance.

  8. For Backup Source select PVC.

    1. Backup PVC: Enter the name of your PVC.
    2. Backup Directory: Enter the path to your backup directory on your PVC.
  9. For Backup name enter the name you chose when creating the backup.

  10. Under YAML view paste in the following example: 

    ---
apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatformRestore
metadata:
  name: aap
spec:
  deployment_name: aap
  backup_source: PVC
  backup_pvc: aap-backup-claim
  backup_dir: '/backups/aap-openshift-backup-2025-06-23-18:28:29'

  controller:
    backup_source: PVC
    backup_pvc: aap-controller-backup-claim
    backup_dir: '/backups/tower-openshift-backup-2025-06-23-182910'

  hub:
    backup_source: PVC
    backup_pvc: aap-hub-backup-claim
    backup_dir: '/backups/openshift-backup-2025-06-23-182853'
    storage_type: file

  eda:
    backup_source: PVC
    backup_pvc: aap-eda-backup-claim
    backup_dir: '/backups/eda-openshift-backup-2025-06-23-18:29:11'
  11. Click Create.

Verification

Your backup restores under the AnsibleAutomationPlatformRestores tab.

Note

The recovery is not complete until all the resources are successfully restored. Depending on the size of your database this can take some time.

  1. Go to WorkloadsPods.
  2. Confirm that all pods are in a Running or Completed state.

You can restore an external database on Red Hat OpenShift Container Platform using the Operator. Use the following procedure to restore from an external database.

Important

Restoring from an external database force drops the database, which overrides your existing external database.

Prerequisites

  • You have an external database.
  • You have installed the Ansible Automation Platform Operator on OpenShift Container Platform.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select your Ansible Automation Platform Operator deployment.
  4. Go to your All Instances tab, and click Create New.
  5. Select Ansible Automation Platform Restore from the list.
  6. For Name enter the name for the recovery deployment.

  7. For New Ansible Automation Platform Name enter the new name for your Ansible Automation Platform instance.

    • If restoring to the same name Ansible Automation Platform then you must add force_drop_db: true to drop the database on restore.
  8. Backup Source defaults to CR.

  9. For Backup name enter the name you chose when creating the backup. Under YAML view paste in the following example: 

    ---
apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatformRestore
metadata:
  name: aaprestore
spec:
  deployment_name: aap
  backup_name: aapbackup
  controller:
    force_drop_db: true
  10. Click Create.

Verification

Your backup restores under the AnsibleAutomationPlatformRestores tab.

Note

The recovery is not complete until all the resources are successfully restored. Depending on the size of your database this can take some time.

To verify that your recovery was successful you can:

  1. Go to WorkloadsPods.
  2. Confirm that all pods are in a Running or Completed state.

Chapter 4. Troubleshooting
Copy link

Use this information to diagnose and resolve issues during backup and recovery.

If your AutomationController customer resource matches an existing deployment, perform the following steps to resolve the issue.

The name specified for the new AutomationController custom resource must not match an existing deployment or the recovery process will fail. Persistent volume claims (PVCs) and Secrets remain after a deployment is deleted. If you want to reuse the same name you must delete previous PVCs and Secrets before creating a new custom resource.

Procedure

  1. Delete the existing AutomationController and the associated postgres PVC: 

    oc delete automationcontroller <YOUR_DEPLOYMENT_NAME> -n <YOUR_NAMESPACE>

oc delete pvc postgres-13-<YOUR_DEPLOYMENT_NAME>-13-0 -n <YOUR_NAMESPACE>

  2. Use AutomationControllerRestore with the same deployment_name in it: 

    oc apply -f restore.yaml

Legal Notice
Copy link

Copyright © Red Hat.
Except as otherwise noted below, the text of and illustrations in this documentation are licensed by Red Hat under the Creative Commons Attribution–Share Alike 3.0 Unported license . If you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, the Red Hat logo, JBoss, Hibernate, and RHCE are trademarks or registered trademarks of Red Hat, LLC. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
XFS is a trademark or registered trademark of Hewlett Packard Enterprise Development LP or its subsidiaries in the United States and other countries.
The OpenStack® Word Mark and OpenStack logo are trademarks or registered trademarks of the Linux Foundation, used under license.
All other trademarks are the property of their respective owners.
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Legal Notice

Theme

© 2026 Red HatBack to top