Search…
2.9.X
Installation and Operation
How To Guides
Examples
This section provides examples of TrilioVault Custom Resources.
End-to-end examples are also available in the Getting Started Section

Backup Target

The Backup Target CRD specifies the backup storage media. TrilioVault supports either AWS S3 compatible object storage or NFS. A user can configure multiple backup targets and choose the target when an Application CR is created by providing target name and the name of the namespace where it resides. The target credentials can be saved as a secret and refer to the target CR for better security reasons. All backups that are created for that Application will be saved on the backup target specified in Application CR spec. Once a backup target is chosen for an Application, it cannot be changed.

Example 1 - S3 Target: AWS

Sample YAML file for AWS based S3 bucket and credentialSecret
1
apiVersion: v1
2
kind: Secret
3
metadata:
4
name: sample-secret
5
type: Opaque
6
stringData:
7
accessKey: AKIAS5B35DGFSTY7T55D
8
secretKey: xWBupfGvkgkhaH8ansJU1wRhFoGoWFPmhXD6/vVD
Copied!
1
apiVersion: triliovault.trilio.io/v1
2
kind: Target
3
metadata:
4
name: demo-s3-target
5
spec:
6
type: ObjectStore
7
vendor: AWS
8
objectStoreCredentials:
9
region: us-east-1
10
bucketName: trilio-browser-test
11
credentialSecret:
12
name: sample-secret
13
namespace: TARGET_NAMESPACE
14
thresholdCapacity: 5Gi
Copied!

Example 2 - S3 Target: Non-AWS

Sample YAML file for non-AWS S3 compatible bucket. The only difference between this spec and AWS S3 spec is the explicit specification on URL.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Target
3
metadata:
4
name: sample-target
5
spec:
6
type: ObjectStore
7
vendor: Ceph
8
objectStoreCredentials:
9
url: "http://bucket.s3.dualstack.region.acme.com/key"
10
accessKey: "XXXXXXXXXXXXXXXXXXXX"
11
secretKey: "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
12
bucketName: "datahub-dev"
13
region: "us-west-1"
Copied!

Example 3 - OVH Object Storage as Target using Swift S3 API

Sample YAML for OVH Object Storage. This is S3 compatible storage can be accessed using Swift S3 APIs and can be configured as a Target.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Target
3
metadata:
4
name: demo-ovh-s3-target
5
spec:
6
type: ObjectStore
7
vendor: other
8
objectStoreCredentials:
9
url: "https://s3.bhs.cloud.ovh.net"
10
bucketName: demo-ovh-s3-bucket
11
region: bhs
12
credentialSecret:
13
name: sample-ovh-s3-secret
14
namespace: TARGET_NAMESPACE
15
thresholdCapacity: 5Gi
Copied!
To configure the OVH S3 Object Storage to use as a Target and to create access key, secret key follow the Configure OVH Object Storage as a Target section.

Example 4 - NFS Target Example

Sample YAML for NFS share.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Target
3
metadata:
4
name: sample-target
5
spec:
6
type: NFS
7
vendor: Other
8
nfsCredentials:
9
nfsExport: 192.168.1.1:/src/nfs/kubedata
10
nfsOptions: nfsvers=4
11
thresholdCapacity: 1000Gi
Copied!
Additional values for the nfsOptions field can be found here

Policy

TrilioVault provides a Policy Custom Resource Definition through which policies for scheduling, retention, and cleanup can be created.

Scheduling Policy

A scheduling policy can be created to automate the capture of applications within a Kubernetes system on a periodic basis. TVK enables users to create a scheduling policy with multiple cron strings defined within it. Each Cron string creates an associated cron job within the Kubernetes system and as a result daily, weekly, yearly, etc. policies can be created independently of each other within the same policy CR.
Below is an example of a scheduling policy CR:
1
kind: "Policy"
2
apiVersion: "triliovault.trilio.io/v1"
3
metadata:
4
name: "test-all-sch"
5
spec:
6
type: "Schedule"
7
scheduleConfig:
8
schedule:
9
- "0 0 * * *"
10
- "0 */1 * * *"
11
- "0 0 * * 0"
12
- "0 0 1 * *"
13
- "0 0 1 1 *"
Copied!

Retention Policy

The retention policy enables users to define the number of backups to retain and the cadence to delete backups as per compliance requirements. The retention policy CR provides a simple YAML specification to define the number of backups to retain in terms of days, weeks, months, years, latest etc.
Retention Polices are referenced within a BackupPlan and can be added to any of the example YAML files provided below

Example - Retention Policy

1
apiVersion: triliovault.trilio.io/v1
2
kind: Policy
3
metadata:
4
name: sample-policy
5
spec:
6
type: Retention
7
default: false
8
retentionConfig:
9
latest: 2
10
weekly: 1
11
dayOfWeek: Wednesday
12
monthly: 1
13
dateOfMonth: 15
14
monthOfYear: March
15
yearly: 1
Copied!

Cleanup Policy

Trilio provides a cleanup policy that deletes failed backups after a user-specified time period from the Kubernetes system. The cleanup policy must be defined in the TVK install namespace. A cron job is created that runs every 30 mins and deletes failed backups based on the value specified for backupdays within the spec field
An example cleanup policy that cleans up failed backups after 5 days is provided below.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Policy
3
metadata:
4
name: sample-cleanup-policy
5
spec:
6
type: Cleanup
7
default: true
8
cleanupConfig:
9
backupDays: 5
Copied!

Immutability

Trilio provides the ability to create immutable backups at the application level. Once the backup is taken and stored on an immutable target, it can not be altered (overwritten/deleted) until the retention period set through TVK is up.

Immutable Target

To create immutable backups, user needs to create an immutable target as shown in the sample below. The immutable targets work only on object storage targets.
1
kind: Target
2
apiVersion: triliovault.trilio.io/v1
3
metadata:
4
name: sample-immutable-target
5
spec:
6
type: ObjectStore
7
vendor: AWS
8
objectStoreCredentials:
9
# immutable targets works only on object store targets
10
region: us-east-1
11
bucketName: trilio-browser-test
12
credentialSecret:
13
name: sample-secret
14
namespace: TARGET_NAMESPACE
15
objectLockingEnabled: true
16
thresholdCapacity: 5Gi
Copied!

Retention Policy for immutable backup

After immutable target, user needs to create a retention policy. This sets up the retention period for the backup. Refer the sample here .

Immutable Backup

After immutable target and retention policy are set, user needs to create a backup. Once the backup is taken and stored on an immutable target, it can not be altered (overwritten/deleted) until the retention period set through TVK is up. Refer the BackupPlan and Backup samples below.

Example - BackupPlan with Retention Period

Sample for BackupPlan with Retention period
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-immutable-backupplan
5
spec:
6
backupConfig:
7
target:
8
name: sample-immutable-target
9
namespace: TARGET_NAMESPACE
10
retentionPolicy:
11
name: sample-retention-policy
12
namespace: POLICY_NAMESPACE
13
schedulePolicy:
14
fullBackupPolicy:
15
name: sample-schedule-policy
16
namespace: POLICY_NAMESPACE
17
backupPlanComponents:
18
customSelector:
19
selectResources:
20
labelSelector:
21
- matchLabels:
22
app: gcp-compute-persistent-disk-csi-driver
Copied!

Example - Immutable Backup

1
apiVersion: triliovault.trilio.io/v1
2
kind: Backup
3
metadata:
4
name: sample-immutable-backup
5
spec:
6
type: Full
7
backupPlan:
8
name: sample-immutable-backupplan
9
namespace: BACKUP_NAMESPACE
Copied!

Hooks

Hooks enable injecting commands into pods/containers before and after a backup via pre/post commands. Hooks enable taking application consistent backups and extending backup workflows.
Note: Hook should be created in the same namespace as that of BackupPlan referencing it resides.

Hook for MySQL

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: mysql-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "mysql --user=root --password=$MYSQL_ROOT_PASSWORD -Bse 'FLUSH TABLES WITH READ LOCK;system ${WAIT_CMD};'"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "mysql --user=root --password=$MYSQL_ROOT_PASSWORD -Bse 'FLUSH LOGS; UNLOCK TABLES;'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating MySQL Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: mysql-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: mysql-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app: mysql-qa
21
regex: mysql-qa*
22
containerRegex: mysql-qa*
Copied!

Hook for Cassandra

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: cassandra-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "nodetool flush -- demodb;"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "nodetool verify -- demodb;"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating Cassandra Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: cassandra-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: cassandra-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app: my-release-cassandra
21
regex: my-release-cassandra*
22
containerRegex: my-release-cassandra*
Copied!

Hook for MongoDB

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: mongo-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "/bin/bash"
10
- "-c"
11
- "/opt/bitnami/mongodb/bin/mongo --eval 'printjson(db.fsyncLock())' --host 'mongotest-mongodb' --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD"
12
ignoreFailure: false
13
maxRetryCount: 2
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "/bin/bash"
19
- "-c"
20
- "/opt/bitnami/mongodb/bin/mongo --eval 'printjson(db.fsyncUnlock())' --host 'mongotest-mongodb' --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD"
21
ignoreFailure: false
22
maxRetryCount: 2
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating MongoDB Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: mongo-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: mongo-hook
17
podSelector:
18
regex: mongotest-mongodb*
19
containerRegex: mongodb*
Copied!

Hook for MariaDB

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: mariadb-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "mysql --user=root --password=$MARIADB_ROOT_PASSWORD -Bse 'FLUSH TABLES WITH READ LOCK;system ${WAIT_CMD};'"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "mysql --user=root --password=$MARIADB_ROOT_PASSWORD -Bse 'FLUSH LOGS; UNLOCK TABLES;'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating MariaDB Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: mariadb-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: mariadb-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app.kubernetes.io/name: mariadb
21
regex: mariadb*
22
containerRegex: mariadb*
Copied!

Hook for Redis

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: redis-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "echo 'SAVE' | redis-cli -h my-release-redis-master -a $REDIS_PASSWORD --no-auth-warning"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "echo 'post hook action completed'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating Redis Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: redis-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: redis-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app: redis
21
role: master
22
regex: my-release-redis-master*
Copied!

Hook for PostgreSQL

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: postgres-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "PGPASSWORD=$POSTGRES_PASSWORD; psql -U '$POSTGRES_USER' -c 'CHECKPOINT';"
10
ignoreFailure: false
11
maxRetryCount: 1
12
timeoutSeconds: 10
13
post:
14
execAction:
15
command:
16
- "bash"
17
- "-c"
18
- "echo 'post hook action completed'"
19
Ignore Failure: false
20
Max Retry Count: 1
21
Timeout Seconds: 10
Copied!

BackupPlan illustrating PostgreSQL Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: postgres-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: postgres-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app.kubernetes.io/name: postgresql
21
regex: postgres-postgresql*
22
containerRegex: postgres-postgresql*
Copied!

Hook for InfluxDB

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: influxdb-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "bkpfile=/tmp/snap`date +%Y%m%dT%H%M`; influxd backup $bkpfile"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "echo 'post hook action completed'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating InfluxDB Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: influxdb-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
backupPlanComponents:
13
custom:
14
- matchLabels:
15
app: influxdb
16
hookConfig:
17
mode: Sequential
18
hooks:
19
- hook:
20
name: influxdb-hook
21
podSelector:
22
labels:
23
- matchLabels:
24
app: influxdb
25
regex: influxdb*
Copied!

Hook for Elasticsearch

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: es-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "curl -XPOST 'http://localhost:9200/test/_flush?pretty=true'; curl -H'Content-Type: application/json' -XPUT localhost:9200/test/_settings?pretty -d'{\"index\": {\"blocks.read_only\": true} }'"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "curl -H'Content-Type: application/json' -XPUT localhost:9200/test/_settings?pretty -d'{\"index\": {\"blocks.read_only\": false} }'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating Elasticsearch Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: es-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: es-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app: master
21
app.kubernetes.io/name: elasticsearch
22
regex: my-release-elasticsearch-master*
23
containerRegex: elasticsearch*
Copied!

Hook for Kafka

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: kafka-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "/opt/bitnami/kafka/bin/kafka-server-stop.sh -daemon /opt/bitnami/kafka/config/server.properties"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "/opt/bitnami/kafka/bin/kafka-server-start.sh -daemon /opt/bitnami/kafka/config/server.properties"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating Kafka Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: kafka-backupplan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: kafka-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app.kubernetes.io/name: kafka
21
regex: my-release-kafka*
22
containerRegex: kafka*
Copied!

Hook for CockroachDB

1
apiVersion: triliovault.trilio.io/v1
2
kind: Hook
3
metadata:
4
name: cockroachdb-hook
5
spec:
6
pre:
7
execAction:
8
command:
9
- "bash"
10
- "-c"
11
- "bkpfile=/tmp/snap`date +%Y%m%dT%H%M`.sql;cockroach dump --dump-all --insecure > $bkpfile"
12
ignoreFailure: false
13
maxRetryCount: 1
14
timeoutSeconds: 10
15
post:
16
execAction:
17
command:
18
- "bash"
19
- "-c"
20
- "echo 'post hook action completed'"
21
ignoreFailure: false
22
maxRetryCount: 1
23
timeoutSeconds: 10
Copied!

BackupPlan illustrating CockroachDB Hook

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: cockroach-helm-backup-plan
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
retentionPolicy:
11
name: sample-policy
12
hookConfig:
13
mode: Sequential
14
hooks:
15
- hook:
16
name: cockroachdb-hook
17
podSelector:
18
labels:
19
- matchLabels:
20
app.kubernetes.io/name: cockroachdb
21
app.kubernetes.io/component: cockroachdb
22
regex: my-release-cockroachdb-0*
Copied!

BackupPlan

The BackupPlan CRD specifies the backup job. The specification includes the backup schedule, backup target and the resources to backup. TrilioVault supports three types of resources to backup and an BackupPlan CR may include combination of these resources.
This BackupPlan CR defines a set of resources to backup. Resources can be defined in the form of Helm release, Operators or just bare k8s api resources.
In this release, TrilioVault supports backup of the following:
  1. 1.
    Helm releases
  2. 2.
    Operator-based application instances
  3. 3.
    Label-based selection of resources
  4. 4.
    Namespaces

Type: Custom Label - Example 1

The following sample BackupPlan CR specifies a Label-based selection of resources. In this example any resource has a label app with valuegcp-compute-persistent-disk-csi-driver will be backed up.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: sample-target
10
schedulePolicy:
11
fullBackupCron:
12
schedule: "* 0 1 * *"
13
incrementalCron:
14
schedule: "* 0 * * *"
15
backupPlanComponents:
16
custom:
17
- matchLabels:
18
app: gcp-compute-persistent-disk-csi-driver
Copied!

Type: Custom Label - Example 2 - Multiple Labels

The example below explains how a backupPlan CR can be used to protect data using multiple labels.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: sample-target
10
backupPlanComponents:
11
custom:
12
- matchLabels:
13
app: frontend
14
- matchLabels:
15
app: backend
Copied!

Type: Helm - Example 1 - Single Helm Release

The following sample BackupPlan CR that specifies Helm release based resources to backup. TrilioVault automatically discovers the resources that belong to the release and backups the helm chart as whole. The release that this example backups is mysql-releasename.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
schedulePolicy:
11
fullBackupCron:
12
schedule: "* 0 1 * *"
13
incrementalCron:
14
schedule: "* 0 * * *"
15
backupPlanComponents:
16
helmReleases:
17
- mysql-releasename
Copied!

Type: Helm - Example 2 - Multiple Helm Releases

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
backupPlanComponents:
11
helmReleases:
12
- sample-release
13
- sample-release1
Copied!

Type Operator - Example 1

Another type of resource that TrilioVault supports is an Operator-based applications and the following YAML snippet describes the BackupPlan CR that includes the operator based application.

Example 1a

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
backupPlanComponents:
11
operators:
12
- operatorId: sample-mysqlcluster
13
customResources:
14
- groupVersionKind:
15
group: "mysql.presslabs.org"
16
version: "v1alpha1"
17
kind: "MysqlCluster"
18
objects:
19
- sample-mysqlcluster
20
- groupVersionKind:
21
group: "mysql.presslabs.org"
22
version: "v1alpha1"
23
kind: "MysqlBackup"
24
operatorResourceSelector:
25
- matchLabels:
26
app: mysql-operator
27
release: sample-release
28
applicationResourceSelector:
29
- matchLabels:
30
app.kubernetes.io/managed-by: mysql.presslabs.org
31
app.kubernetes.io/name: mysql
Copied!

Example 1b

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
backupPlanComponents:
11
operators:
12
- operatorId: etcd-cluster
13
customResources:
14
- groupVersionKind:
15
group: "etcd.database.coreos.com"
16
version: "v1beta2"
17
kind: "EtcdCluster"
18
objects:
19
- etcd-cluster
20
operatorResourceSelector: # sa, clusterrole, clusterrolebinding, deployment
21
- matchLabels:
22
app: etcd-operator
23
release: sample-release
24
applicationResourceSelector: # svc: etcd-cluster, etcd-cluster-client
25
- matchLabels:
26
app: etcd
27
etcd_cluster: etcd-cluster
Copied!

Type Operator - Example 2 - Multiple Operators

The YAML definition below provides an example of how multiple helm apps can be protected through the BackupPlan CR.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
backupPlanComponents:
11
operators:
12
- operatorId: sample-mysqlcluster
13
customResources:
14
- groupVersionKind:
15
group: "mysql.presslabs.org"
16
version: "v1alpha1"
17
kind: "MysqlCluster"
18
objects:
19
- sample-mysqlcluster
20
- groupVersionKind:
21
group: "mysql.presslabs.org"
22
version: "v1alpha1"
23
kind: "MysqlBackup"
24
operatorResourceSelector:
25
- matchLabels:
26
app: mysql-operator
27
release: sample-release
28
applicationResourceSelector:
29
- matchLabels:
30
app.kubernetes.io/managed-by: mysql.presslabs.org
31
app.kubernetes.io/name: mysql
32
- operatorId: sample-fluxcd-helm-release
33
customResources:
34
- groupVersionKind:
35
group: "helm.fluxcd.io"
36
kind: "HelmRelease"
37
version: "v1"
38
objects:
39
- redis
40
operatorResourceSelector:
41
- matchLabels:
42
app: helm-operator
43
release: helm-operator
44
applicationResourceSelector:
45
- matchLabels:
46
app: redis
47
release: redis
Copied!

Type: Operator - Example 3 - Helm based operator

Operator based applications can also be protected by providing the helm release name for the Operator resources.

Example 3a

1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
name: sample-application
5
spec:
6
backupConfig:
7
target:
8
namespace: default
9
name: demo-s3-target
10
backupPlanComponents:
11
operators:
12
- operatorId: sample-mysqlcluster
13
customResources:
14
- groupVersionKind:
15
group: "mysql.presslabs.org"
16
version: "v1alpha1"
17
kind: "MysqlCluster"
18
objects:
19
- sample-mysqlcluster
20
- groupVersionKind:
21
group: "mysql.presslabs.org"
22
version: "v1alpha1"
23
kind: "MysqlBackup"