红帽全球峰会此内容没有您所选择的语言版本。
Chapter 7. Backup and disaster recovery
This section describes aspects of the CodeReady Workspaces backup and disaster recovery.
7.1. External database setup
The PostgreSQL database is used by the CodeReady Workspaces server for persisting data about the state of CodeReady Workspaces. It contains information about user accounts, workspaces, preferences, and other details.
By default, the CodeReady Workspaces Operator creates and manages the database deployment.
However, the CodeReady Workspaces Operator does not support full life-cycle capabilities, such as backups and recovery.
For a business-critical setup, configure an external database with the following recommended disaster-recovery options:
- High Availability (HA)
- Point In Time Recovery (PITR)
Configure an external PostgreSQL instance on-premises or use a cloud service, such as Amazon Relational Database Service (Amazon RDS). With Amazon RDS, it is possible to deploy production databases in a Multi-Availability Zone configuration for a resilient disaster recovery strategy with daily and on-demand snapshots.
The recommended configuration of the example database is:
| Parameter | Value |
|---|---|
| Instance class | db.t2.small |
| vCPU | 1 |
| RAM | 2 GB |
| Multi-az | true, 2 replicas |
| Engine version | 9.6.11 |
| TLS | enabled |
| Automated backups | enabled (30 days) |
7.1.1. Configuring external PostgreSQL
Procedure
Use the following SQL script to create user and database for the CodeReady Workspaces server to persist workspaces metadata etc:
CREATE USER <database-user> WITH PASSWORD '<database-password>' CREATE DATABASE <database> GRANT ALL PRIVILEGES ON DATABASE <database> TO <database-user> ALTER USER <database-user> WITH SUPERUSER
CREATE USER <database-user> WITH PASSWORD '<database-password>'1 2 CREATE DATABASE <database>3 GRANT ALL PRIVILEGES ON DATABASE <database> TO <database-user> ALTER USER <database-user> WITH SUPERUSERCopy to Clipboard Copied! Toggle word wrap Toggle overflow Use the following SQL script to create database for RH-SSO back end to persist user information:
CREATE USER keycloak WITH PASSWORD '<identity-database-password>' CREATE DATABASE keycloak GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak
CREATE USER keycloak WITH PASSWORD '<identity-database-password>'1 CREATE DATABASE keycloak GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloakCopy to Clipboard Copied! Toggle word wrap Toggle overflow - 1
- RH-SSO database password
Prerequisites
-
The
octool is available.
Procedure
Pre-create a project for CodeReady Workspaces:
oc create namespace openshift-workspaces
$ oc create namespace openshift-workspacesCopy to Clipboard Copied! Toggle word wrap Toggle overflow Create a secret to store CodeReady Workspaces server database credentials:
oc create secret generic <server-database-credentials> \ --from-literal=user=<database-user> \ --from-literal=password=<database-password> \ -n openshift-workspaces
$ oc create secret generic <server-database-credentials> \1 --from-literal=user=<database-user> \2 --from-literal=password=<database-password> \3 -n openshift-workspacesCopy to Clipboard Copied! Toggle word wrap Toggle overflow Create a secret to store RH-SSO database credentials:
oc create secret generic <identity-database-credentials> \ --from-literal=password=<identity-database-password> \ -n openshift-workspaces
$ oc create secret generic <identity-database-credentials> \1 --from-literal=password=<identity-database-password> \2 -n openshift-workspacesCopy to Clipboard Copied! Toggle word wrap Toggle overflow Deploy Red Hat CodeReady Workspaces by executing the
crwctlcommand with applying a patch. For example:crwctl server:deploy --che-operator-cr-patch-yaml=patch.yaml ...
$ crwctl server:deploy --che-operator-cr-patch-yaml=patch.yaml ...Copy to Clipboard Copied! Toggle word wrap Toggle overflow
patch.yaml should contain the following to make the Operator skip deploying a database and pass connection details of an existing database to a CodeReady Workspaces server:
Additional resources
7.2. Persistent Volumes backups
Persistent Volumes (PVs) store the CodeReady Workspaces workspace data similarly to how workspace data is stored for desktop IDEs on the local hard disk drive.
To prevent data loss, back up PVs periodically. The recommended approach is to use storage-agnostic tools for backing up and restoring OpenShift resources, including PVs.
7.2.1. Recommended backup tool: Velero
Velero is an open-source tool for backing up OpenShift applications and their PVs. Velero allows you to:
- Deploy in the cloud or on premises.
- Back up the cluster and restore in case of data loss.
- Migrate cluster resources to other clusters.
- Replicate a production cluster to development and testing clusters.
Alternatively, you can use backup solutions dependent on the underlying storage system. For example, solutions that are Gluster or Ceph-specific.
Additional resources
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}