Trilio APIs

Overview
In order to get started with TrilioVault for Kubernetes in your environment, the following steps will be performed:
Operating the Product
1.Install Test CSI Driver - Leverage the test hostpath driver, if your environment doesn't support one with Snapshot capability today.
2.Create a TVK Target - Location where backups will be stored.
3.Create a retention policy (Optional) - To specify how long to keep the backups for.
4.Run Example
1.Label Example
2.Helm Example
3.Operator Example
4.Namespace Example
Step 1: Install Test CSI Driver
Skip this step if your environment already has a CSI driver installed with snapshot capability.
Follow the instructions provided in Appendix HostPath for TVK __ to install the Hostpath CSI driver. The proper functioning of the software will be determined by running an example with the hostpath driver.
Step 2: Create a Target
Create a secret containing the credentials for data stores to store backups. An example is provided below.
1
apiVersion: v1
2
kind: Secret
3
metadata:
4
  name: sample-secret
5
type: Opaque
6
stringData:
7
  accessKey: AKIAS5B35DGFSTY7T55D
8
  secretKey: xWBupfGvkgkhaH8ansJU1wRhFoGoWFPmhXD6/vVD
Copied!
Please use one of the Target examples provided in the Custom Resource Definition section as a template for creating a NFS, Amazon S3, or any S3 compatible storage target.
Supported values for S3 vendors include:
1
"AWS", "RedhatCeph", "Ceph", "IBMCleversafe", "Cloudian", "Scality", "NetApp", "Cohesity", "SwiftStack", "Wassabi", "MinIO", "DellEMC", "Other"
Copied!
An Amazon S3 target example is provided below:
1
apiVersion: triliovault.trilio.io/v1
2
kind: Target
3
metadata:
4
  name: demo-s3-target
5
spec:
6
  type: ObjectStore
7
  vendor: AWS
8
  objectStoreCredentials:
9
    region: us-east-1
10
    bucketName: trilio-browser-test
11
    url: "https://s3.amazonaws.com"
12
    credentialSecret:
13
      name: sample-secret
14
      namespace: TARGET_NAMESPACE
15
  thresholdCapacity: 1000Gi
Copied!
1
kubectl create -f tv-backup-target.yaml
Copied!
Note: With the above configuration, target would get created in current user namespace unless specified. Also, additional information on Bucket permissions can be found in the Appendix Section: AWS S3 Target Permissions****
Step 3: Create a Retention Policy (Optional)
While the example backup custom resources created by following this Getting Started page can be deleted manually via kubectl commands, Trilio also provides backup retention capability - to automatically delete the backups based on defined time boundaries.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Policy
3
metadata:
4
  name: demo-policy
5
spec:
6
  type: Retention
7
  default: false
8
  retentionConfig:
9
    latest: 2
10
    weekly: 1
11
    dayOfWeek: Wednesday
12
    monthly: 1
13
    dateOfMonth: 15
14
    monthOfYear: March
15
    yearly: 1
Copied!
More information on the Retention Policy spec can be found in the application CRD reference section. A retention policy is referenced in the backupPlan CR .
Note: With the above configuration, policy would get created in default namespace unless specified.
Step 4: Run Example
This section covers backup and restore examples based on Labels, Helm charts, Operators and Namespaces
More details around CRDs and their usage/explanation can be found in the Custom Resource Definition Section.
Note:
1.Backup and BackupPlan should be in the same namespace.
2.For restore operation, the resources will get restored in the namespace where restore CR is created.
3.Specifying backupPlan information in restore manifest, will automatically select the latest successful backup for that backupPlan.
Step 4.1: Label Example
The following sections will create a sample application (tagged it with labels), backup the application via labels and then restore the application.
The following steps will be performed.
1.Create a sample MySQL application
2.Create a BackupPlan CR that specifies the mysql application to protect via labels
3.Create a Backup CR with a reference to the BackupPlan CR
4.Create a Restore CR with a reference to the Backup CR.
Create a Sample Application
Create the following file as mysql.yaml. Note the labels used to tag the different components of the application.
1
## Secret for mysql password
2
apiVersion: v1
3
kind: Secret
4
metadata:
5
  name: mysql-pass
6
  labels:
7
    app: k8s-demo-app
8
    tier: frontend
9
type: Opaque
10
data:
11
  password: dHJpbGlvcGFzcw==
12
## password base64 encoded, plain text: triliopass
13
## "echo -n triliopass | base64" -> to get the encoded password
14
---
15
## PVC for mysql PV
16
apiVersion: v1
17
kind: PersistentVolumeClaim
18
metadata:
19
  name: mysql-pv-claim
20
  labels:
21
    app: k8s-demo-app
22
    tier: mysql
23
spec:
24
  storageClassName: "csi-hostpath-sc"
25
  accessModes:
26
    - ReadWriteOnce
27
  resources:
28
    requests:
29
      storage: 5Gi
30
---
31
## Mysql app deployment
32
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
33
kind: Deployment
34
metadata:
35
  name: k8s-demo-app-mysql
36
  labels:
37
    app: k8s-demo-app
38
    tier: mysql
39
spec:
40
  selector:
41
    matchLabels:
42
      app: k8s-demo-app
43
      tier: mysql
44
  strategy:
45
    type: Recreate
46
  template:
47
    metadata:
48
      labels:
49
        app: k8s-demo-app
50
        tier: mysql
51
    spec:
52
      containers:
53
      - image: mysql:5.6
54
        name: mysql
55
        env:
56
        - name: MYSQL_ROOT_PASSWORD
57
          valueFrom:
58
            secretKeyRef:
59
              name: mysql-pass
60
              key: password
61
        ports:
62
        - containerPort: 3306
63
          name: mysql
64
        volumeMounts:
65
        - name: mysql-persistent-storage
66
          mountPath: /var/lib/mysql
67
      volumes:
68
      - name: mysql-persistent-storage
69
        persistentVolumeClaim:
70
          claimName: mysql-pv-claim
71
---
72
## Service for mysql app
73
apiVersion: v1
74
kind: Service
75
metadata:
76
  name: k8s-demo-app-mysql
77
  labels:
78
    app: k8s-demo-app
79
    tier: mysql
80
spec:
81
  type: ClusterIP
82
  ports:
83
    - port: 3306
84
  selector:
85
    app: k8s-demo-app
86
    tier: mysql
87
---
88
## Deployment for frontend webserver
89
apiVersion: apps/v1
90
kind: Deployment
91
metadata:
92
  name: k8s-demo-app-frontend
93
  labels:
94
    app: k8s-demo-app
95
    tier: frontend
96
spec:
97
  replicas: 3
98
  selector:
99
    matchLabels:
100
      app: k8s-demo-app
101
      tier: frontend
102
  template:
103
    metadata:
104
      labels:
105
        app: k8s-demo-app
106
        tier: frontend
107
    spec:
108
      containers:
109
      - name: demoapp-frontend
110
        image: docker.io/trilio/k8s-demo-app:v1
111
        imagePullPolicy: IfNotPresent
112
        ports:
113
        - containerPort: 80
114
---
115
## Service for frontend
116
apiVersion: v1
117
kind: Service
118
metadata:
119
  name: k8s-demo-app-frontend
120
  labels:
121
    app: k8s-demo-app
122
    tier: frontend
123
spec:
124
  ports:
125
  - name: web
126
    port: 80
127
  selector:
128
    app: k8s-demo-app
129
    tier: frontend
Copied!
Run below command to access the mysql DB using a mysql client from the host. This command works for "default" namespace. Please change the namespace context or use "-n <namespace>" if the demo app is installed in some other namespace.
1
kubectl port-forward --address 0.0.0.0 service/k8s-demo-app-mysql 3306:3306 &>/dev/null &
2
​
3
## To connect to mysql DB using a mysql client
4
mysql -h 127.0.0.1 -u root -p
5
Enter password:
6
Welcome to the MySQL monitor.  Commands end with ; or \g.
7
Your MySQL connection id is 7
8
Server version: 5.6.51 MySQL Community Server (GPL)
9
​
10
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
11
​
12
Oracle is a registered trademark of Oracle Corporation and/or its
13
affiliates. Other names may be trademarks of their respective
14
owners.
15
​
16
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
17
​
18
mysql>
Copied!
Create a BackupPlan
Create a BackupPlan CR that references the application created in the previous step via matching labels in the same namespace where application resides.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
  name: mysql-label-backupplan
5
spec:
6
  backupConfig:
7
    target:
8
      namespace: default
9
      name: demo-s3-target
10
    retentionPolicy:
11
      namespace: default
12
      name: demo-policy
13
  backupPlanComponents:
14
    custom:
15
      - matchLabels:
16
          app: k8s-demo-app
Copied!
Create a Backup
Create a Backup CR to protect the BackupPlan. Type of the backup can be either full or incremental.
Note: The first backup into a target location will always be a Full backup.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Backup
3
metadata:
4
  name: mysql-label-backup
5
spec:
6
  type: Full
7
  backupPlan:
8
    name: mysql-label-backupplan
9
    namespace: default
Copied!
Restore the Backup/Application
Finally create the Restore CR to restore the Backup, in the same namespace where Backup CR is created. In the example provided below, mysql-label-backup is being restored into the "default" namespace.
Note: If restoring into the same namespace, ensure that the original application components have been removed.
Note: If restoring to another cluster (migration scenario), ensure that TrilioVault for Kubernetes is running in the remote namespace/cluster as well. To restore into a new cluster (where the Backup CR does not exist), source.type must be set to location. Please refer to the Custom Resource Definition Restore Section to view a restore by location example.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Restore
3
metadata:
4
  name: demo-restore
5
spec:
6
  source:
7
    type: Backup
8
    backup:
9
      name: mysql-label-backup
10
      namespace: default
11
  skipIfAlreadyExists: true
Copied!
Note: If restoring into another namespace in a same cluster, ensure that the resources which cannot be shared like ports should be freed or transformation should be used to avoid conflict. More information about transformation can be found at Restore Transformation.
Step 4.2: Helm Example
The following sections will create a sample application via Helm, backup the application via Helm selector fields and then restore the application.
The following steps will be performed.
1.Create a cockroachdb instance using Helm
2.Create a BackupPlan CR that specifies the cockroachdb application to protect.
3.Create a Backup CR with a reference to the BackupPlan CR
4.Create a Restore CR with a reference to the Backup CR.
Create a sample application via Helm
In this example, we will use Helm Tooling to create a "cockroachdb" application.
Run the following commands against a Kubernetes cluster. Use the attached cockroachdb_-values.yaml_ file for the installation by copying it to your local directory.
cockroachdb-values.yaml
144B
Code
1
helm repo add stable https://charts.helm.sh/stable
2
helm repo update
Copied!
1
helm install cockroachdb-app --values cockroachdb-values.yaml stable/cockroachdb
Copied!
After running helm install, confirm the installation was successful by running helm ls
1
helm ls
Copied!
1
NAME            NAMESPACE       REVISION        UPDATED                                 STATUS          CHART           APP VERSION
2
cockroachdb-app  default         1               2020-07-08 05:04:17.498739741 +0000 UTC deployed        cockroachdb-3.0.19.2.5
Copied!
Create a BackupPlan
Use the following to create a BackupPlan. Ensure the name of the release you specify matches the output from the helm ls command in the previous step.
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
  name: cockroachdb-backup-plan
5
spec:
6
  backupConfig:
7
    target:
8
      namespace: default
9
      name: demo-s3-target
10
  backupPlanComponents:
11
    helmReleases:
12
      - cockroachdb-app
Copied!
Create a Backup
Use the following content to create a backup CR.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Backup
3
metadata:
4
  name: cockroachdb-full-backup
5
spec:
6
  type: Full
7
  scheduleType: Periodic
8
  backupPlan:
9
    name: cockroachdb-backup-plan
10
    namespace: default
Copied!
Restore Backup/Application
After the backup has completed successfully, create a Restore CR to restore the application in the same namespace where BackupPlan and Backup CRs are created.
Before restoring the app, we need to clean the existing app. This is required cluster level resources of the app can create conflict during restore operation.
1
helm delete cockroachdb-app
Copied!
Similar to the Label example above:
Note: If restoring into the same namespace, ensure that the original application components have been removed. Especially the PVC of application are deleted.
Note: If restoring to another cluster (migration scenario), ensure that TrilioVault for Kubernetes is running in the remote namespace/cluster as well. To restore into a new cluster (where the Backup CR does not exist), source.type must be set to location. Please refer to the Custom Resource Definition Restore Section to view a restore by location example.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Restore
3
metadata:
4
  name: cockroachdb-restore
5
spec:
6
  source:
7
    type: Backup
8
    backup:
9
      name: cockroachdb-full-backup
10
      namespace: default
11
  skipIfAlreadyExists: true
Copied!
Step 4.3: Operator Example
The following steps will be performed.
1.Install a sample etcd Operator
2.Create a etcd cluster
3.Create a BackupPlan CR that specifies the etcd application to protect.
4.Create a Backup CR with a reference to the BackupPlan CR
5.Create a Restore CR with a reference to the Backup CR.
We are demonstrating standard 'etcd-operator' here. First we need to deploy the operator using it's helm chart. Then we need to deploy etcd cluster.
Following are the commands for it.
Install etcd-operator
1
helm install demo-etcd-operator stable/etcd-operator
Copied!
Create an etcd cluster using following yaml definition
1
apiVersion: etcd.database.coreos.com/v1beta2
2
kind: EtcdCluster
3
metadata:
4
  name: demo-etcd-cluster
5
  namespace: default
6
  labels:
7
    app: demo-app 
8
spec:
9
  size: 3
10
  version: 3.2.13
11
  pod:
12
    persistentVolumeClaimSpec:
13
      storageClassName: csi-hostpath-sc
14
      accessModes:
15
      - ReadWriteOnce
16
      resources:
17
        requests:
18
          storage: 2Gi
Copied!
Create a BackupPlan
Create 'BackupPlan' resource to protect 'etcd-operator' and it's clusters. Use the following yaml definition.
'operatorResourceName': This field holds the name of the operator whose backup we are going to take. In this case our operator name is "demo-etcd-cluster"
'operatorResourceSelector': This field selects the operator resources (whose backup we are going to take) using labels. In this case, operator is 'etcd-operator' and all it's resources like pods, services, deployments have a unique label - "release: trilio-demo-etcd-operator"
'applicationResourceSelector': This field selects the resources of the application launched using the operator. In this case, etcd-cluster is the application launched using etcd-operator.
All the resources of this application have a unique label - "app: etcd"
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
  name: backup-job-k8s-demo-app
5
spec:
6
  backupConfig:
7
    target:
8
      namespace: default
9
      name: demo-s3-target
10
  backupPlanComponents:
11
    operators:
12
      - operatorId: demo-etcd-cluster
13
        customResources:
14
          - groupVersionKind:
15
              group: "etcd.database.coreos.com"
16
              version: "v1beta2"
17
              kind: "EtcdCluster"
18
            objects:
19
            - demo-etcd-cluster
20
        operatorResourceSelector:
21
        - matchLabels:
22
            release: demo-etcd-operator
23
        applicationResourceSelector:
24
        - matchLabels:
25
            app: etcd
Copied!
Create a Backup
Take a backup of above 'BackupPlan'. Use following YAML definition to create a 'Backup' resource.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Backup
3
metadata:
4
  name: demo-full-backup
5
spec:
6
  type: Full
7
  scheduleType: Periodic
8
  backupPlan:
9
    name: backup-job-k8s-demo-app
10
    namespace: default
Copied!
Restore the Backup/Application
After the backup completes successfully, you can perform the Restore of it.
To restore the etcd-operator and it's clusters from the above backup, use the following YAML definition.
Note: If restoring into the same namespace, ensure that the original application components have been removed.
Note: If restoring to another cluster (migration scenario), ensure that TrilioVault for Kubernetes is running in the remote namespace/cluster as well. To restore into a new cluster (where the Backup CR does not exist), source.type must be set to location. Please refer to the Custom Resource Definition Restore Section to view a restore by location example.
1
apiVersion: triliovault.trilio.io/v1
2
kind: Restore
3
metadata:
4
  name: demo-restore
5
spec:
6
  source:
7
    type: Backup
8
    backup:
9
      name: demo-full-backup
10
      namespace: default
11
  skipIfAlreadyExists: true
Copied!
Step 4.4: Namespace Example
1.Create a namespace called 'wordpress'
2.Use helm to deploy a wordpress application into the namespace.
3.Perform a backup of the namespace
4.Delete the namespace/application
5.Create a new namespace 'wordpress-restore'
6.Perform a Restore of the namespace
Create a namespace and application
Create the namespace called 'wordpress'
1
kubectl create ns wordpress
Copied!
Install the wordpress Helm Chart
1
helm repo add bitnami https://charts.bitnami.com/bitnami
Copied!
1
helm install my-release bitnami/wordpress -n wordpress
Copied!
You can launch the wordpress app via a browser and make changes to the sample page to ensure changes are captured when you restore.
Create a BackupPlan
Create a backupPlan to backup the namespace
1
apiVersion: triliovault.trilio.io/v1
2
kind: BackupPlan
3
metadata:
4
  name: ns-backupplan-1
5
  namespace: wordpress
6
spec:
7
  backupConfig:
8
    target:
9
      namespace: wordpress
10
      name: demo-s3-target
Copied!
Backup the Namespace
Use the following YAML to build the Backup CR
1
apiVersion: triliovault.trilio.io/v1
2
kind: Backup
3
metadata:
4
  name: wordpress-ns-backup-1
5
  namespace: wordpress
6
spec:
7
  type: Full
8
  scheduleType: OneTime
9
  backupPlan:
10
    name: ns-backupplan-1
11
    namespace: wordpress
Copied!
Restore the Backup/Namespace
Perform restore of the namespace backup
1
apiVersion: triliovault.trilio.io/v1
2
kind: Restore
3
metadata:
4
  name: ns-restore
5
  namespace: wordpress
6
spec:
7
  source:
8
    type: Backup
9
    backup:
10
      name: wordpress-ns-backup-1
11
      namespace: wordpress
12
  restoreNamespace: wordpress-restore
Copied!
Validate the pods are up and running after restore completes.
Validate Restore
1
kubectl get restore -n wordpress-restore
Copied!
1
$ kubectl get restore -n wordpress-restore
2
NAME         BACKUP                  STATUS      DATA SIZE   START TIME             END TIME               PERCENTAGE COMPLETED
3
ns-restore   wordpress-ns-backup-1   Completed   188312911   2020-11-13T18:47:33Z   2020-11-13T18:49:58Z   100
Copied!
Validate Application Pods
1
kubectl get pods -n wordpress-restore
Copied!
1
$ kubectl get pods -n wordpress-restore
2
NAME                              READY   STATUS    RESTARTS   AGE
3
wordy-mariadb-0                   1/1     Running   0          4m21s
4
wordy-wordpress-5cc764564-mngrm   1/1     Running   0          4m21s
Copied!
Finally, confirm the changes on the WordPress launch pages that were made earlier.
Getting Started - Previous
Management Console (UI)
Next - Getting Started
Uninstall Options
Last modified 20d ago