Search…
2.10.X
Backup and Restore Details
Details and specifics on how TrilioVault for Kubernetes handles backup and restore processes are discussed in this section.

Backup Details

The following few sections provide details about overall backup process and handling of metadata and data objects.

High-Level backup process

  1. 1.
    Backup Controller
    1. 1.
      Reconciles on Backup CRD
    2. 2.
      Spawns Metamover job
      1. 1.
        Identifies data components (persistent volumes) to backup
      2. 2.
        Snapshots metadata
      3. 3.
        Uploads metadata to target
      4. 4.
        Uploads containers images to the backup target
    3. 3.
      Creates data snapshot of each Persistent Volume
    4. 4.
      Creates PV from snapshot
    5. 5.
      Spawns Datamover pod
      1. 1.
        PV attached to Datamover pod
      2. 2.
        Converts PV data to a QCOW2 image
      3. 3.
        Calculate the delta between backups
      4. 4.
        Uploads delta to target
      5. 5.
        PV detached and deleted

Full Backup Process - Animation

Full Backup Animation

Incremental Backup Process - Animation

Incremental Backup Animation

Container Storage Interface (CSI)

TrilioVault relies on CSI snapshot functionality to capture a point-in-time copy of the volume data. CSI snapshots generate storage back-end volume snapshots. These snapshots are internal to a storage back-end and cannot be accessed from the Kubernetes cluster. It needs a volume construct to read and write from CSI snapshots. CSI supports volumes from the snapshot functionality to create volume from a snapshot, and TrilioVault converts the data from a snapshot volume to a QCOW2 image.

Applications Backup - Metadata and Data

TrilioVault's unit of backup is one or more Kubernetes applications. A TrilioVault backup job can either be Helm release, Operator instance, label-based selectors, or any combination. The TrilioVault backup process parses each application's metadata and discovers the persistent volumes defined for each application. Application metadata backup is a straightforward process that involves copying application YAML files to a backup media. However, persistent volumes require special handling for the following reasons:
  1. 1.
    Persistent volumes are actively accessed by the applications, and data is continuously changing.
  2. 2.
    Persistent volumes can be sparsely written. A 1TB volume may only have 10GB of application data.
  3. 3.
    Persistent volumes can be large, and changes between two backups can be very small compared to the size of PV.
Any backup solution must handle data backup from persistent volumes very efficiently without impacting the performance and scale of Kubernetes clusters. Trilio's approach has been proven in other cloud environments, including OpenStack and Red Hat Virtualization (RHV). It includes leveraging the CSI Snapshot feature to capture point-in-time copies of data and then uses a QCOW2 image format to store backup images. The following diagram describes TrilioVault's backup processes in detail.
Back processes

Backup Image Format

TrilioVault backup images are QCOW2 images. QCOW2 images have the following properties that make them ideal for storing backup data of persistent volumes.
  1. 1.
    QCOW2 images are sparsely friendly. Even if the volume size is 1TB and the actual data is 10G, the backup image of the persistent volume is only 10GB.
  2. 2.
    QCOW2 images can be linked together. The bottom image is called a "base image," and all other images are called "overlay files". The latest data is usually positioned on the top level of the overlay file. Overlay files usually represent changed data. However, each overlay file can be accessed as a full volume with the data.
qemu-img is a Linux tool to manage QCOW2 images. TrilioVault uses a modified qemu-img to generate QCOW2 images. The full backup of the QCOW2 image is the base image. Subsequent backups are incremental and are overlay files each point to its previous backup.

Restore Details

High-level Restore Process

  1. 1.
    Restore Controller
    1. 1.
      Reconciles on Restore CRD
    2. 2.
      Validates, if restore operation can be performed
    3. 3.
      Creates PVs
    4. 4.
      Spawns Data Mover job
      1. 1.
        Converts QCOW2 to PV data (directly from a backup image, no staging)
    5. 5.
      Spawns meta processor job
      1. 1.
        Restores metadata from backup images

Restore Process - Animation

Restore Process Animation

Restore Operation

TrilioVault's restore process involves recreating the application artifacts from the backup images. These artifacts include PODs, PVs, Config Maps, secrets, and others. Once the application is restored, TrilioVault spawns data mover Pods to copy data from the backup media to restored application PVs.
Each QCOW2 image, either an overlay file or a base image, is a fully formed image. Even if your overlay file only contains delta changes at the time of backup, theqemu-img convert command traverses the backup chain and "hydrates" the entire volume contents to PV. It does not require any staging area. The data goes directly from backup media to PV.
Trilio provides a plethora of flags to control/mutate the objects restored as part of the restore plan.
Restore Process

Container Images Backup and Restore

For any application in Kubernetes, the container images are an essential building block on which the entire application comes into a running state. Kubernetes pulls those images from a registry for the containers to use. Starting from 2.10.x, we added support for the backup and restoration of the container images, which addresses the scenario where an image is either deprecated or deleted from the registry. Image backup and restore feature enables us to have self-reliant backups that TVK can restore in any environment without depending upon the registries of the backup.

InnerWorkings of Image Backup and Restore

This feature introduces backing up the application's container images and storing those with the backup data. TVK stores these images on target as QCOW2 images. Users can restore the images if any images get deleted, or the registry becomes inaccessible.

Backup

  1. 1.
    Image backup is enabled by default for all the backups. Whenever the user triggers the backup, if the application contains the images, all these images will be backed up and stored on the target.
  2. 2.
    Users can also take incremental backups for the images.
  3. 3.
    Users can disable the image backup at the backup plan level by enabling the skipImageBackup flag.

Restore

  1. 1.
    Image restore is not enabled by default. The user has to enable it by providing actionFlags.imageRestore as true.
  2. 2.
    The user also has to provide the restore registry, which should contain the following input:
  • registry: registry to restore the backup container images
  • repository: repository in which the restored images should go.
  • registryAuthSecret: authentication secret of type kubernetes.io/dockerconfigjson to push the images to the restore registry.
  1. 1.
    Even when the user has enabled the image restore, the image restore will only happen when the original image is not accessible.
  2. 2.
    If the user already has the images in the restore registry with the same name, but the image is different. We, by default, generate a new tag for the restored image. If the user wants to override the existing image, he can enable restoreFlags.overrideImageIfExist.
  3. 3.
    All the backup images that are not accessible will be restored to the registry that the user provided in the restore CR.
  4. 4.
    The restored application will point to the new registry to pull the images.
Copy link
Outline
Backup Details
High-Level backup process
Full Backup Process - Animation
Incremental Backup Process - Animation
Container Storage Interface (CSI)
Applications Backup - Metadata and Data
Backup Image Format
Restore Details
High-level Restore Process
Restore Process - Animation
Restore Operation
Container Images Backup and Restore