You can configure your deployment to be automatically backed up on a regular schedule. By default, the cluster have a scheduled backup which is configured to run at 23 hours every day.

Procedure

  1. Connect to the deployer VM and execute the below command:
    export KUBECONFIG=/root/.kube/<KubeConfig File>
  2. In a text editor, create the configuration file for the scheduled backup in YAML format.

    The example file is located in the tcx-deployer/examples/backup-and-restore/scheduledback.yaml.example.

    Use the following template for the component backup:
    apiVersion: tcx.vmware.com/v1
    kind: ScheduledBackup
    metadata:
      name: scheduled-group-backup-tps
      namespace: tcsa-system
    spec:
      backup:
        pauseIntegrityCheck: true
        retentionPolicy:
          numberOfDaysToKeep: 45
        acrossClusters:
          enabled: true
        storage:
          minio:
            bucket: vmware-tcsa-backup
            endpoint: minio.tcsa-system.svc.cluster.local:9000
            secretRef:
              name: minio-secrets
              namespace: tcsa-system
              accessKey:
                key: root-user
              secretKey:
                key: root-password
        components:
          postgres:
            timeout: 10m
            config:
              endpoint:
                host: postgres-cluster.tps-system.svc.cluster.local
                port: 5432
              adminSecret:
                name: postgres-db-secret
                namespace: tps-system
            dbs:
              - adminservice
              - airflow
              - alarmservice
              - analyticsservice
              - collector
              - grafana
              - keycloak
              - kpiservice
              - remediation
              - spe
              - svix_server
              - dm_upgrade
              - enrichment
    #  only uncomment if you have Grafana scheduled export feature
    #          - grafana_scheduler
      backupSchedule: "0 23 * * *"
      successfulBackupsToKeep: 10
      failedBackupsToKeep: 5
    
    ---
    apiVersion: tcx.vmware.com/v1
    kind: ScheduledBackup
    metadata:
      name: scheduled-group-backup-tcsa
      namespace: tcsa-system
    spec:
      backup:
        storage:
          minio:
            bucket: vmware-tcsa-backup
            endpoint: minio.tcsa-system.svc.cluster.local:9000
            secretRef:
              name: minio-secrets
              namespace: tcsa-system
              accessKey:
                key: root-user
              secretKey:
                key: root-password
        acrossClusters:
          enabled: true
        pauseIntegrityCheck: true
        retentionPolicy:
          numberOfDaysToKeep: 45
        components:
          collectors:
            timeout: 10m
            config:
              endpoint:
                scheme: http
                host: collector-manager.tcsa-system.svc.cluster.local
                port: 12375
                basePath: /dcc/v1/
              authenticationSecret:
                name: collectors-secrets
                namespace: tcsa-system
                usernameKey:
                  key: COLLECTORS_USERNAME
                passwordKey:
                  key: COLLECTORS_PASSWORD
          elastic:
            timeout: 30m
            config:
              endpoint:
                host: elasticsearch.tcsa-system.svc.cluster.local
                port: 9200
                scheme: https
              region: ap-south-1
            tls:
              secretName: elasticsearch-cert
              namespace: tcsa-system
              tlsCrt: 
                key: tls.crt
              caCrt:
                key: ca.crt
            authentication:
              name: elasticsearch-secret-credentials
              namespace: tcsa-system
              usernameKey:
                key: ES_USER_NAME
              passwordKey:
                key: ES_PASSWORD
            indexList:
              - vsa_chaining_history-*
              - vsa_events_history-*
              - vsa_audit-*
              - audit-*
              - vsarole,policy,userpreference,vsa_catalog
    # Uncomment these indexes if you want to take backups
    #          - vsametrics-*
    #          - gateway-mappings
    #          - mapping-metadata,mnr-metadata
    #    set 'removeAndAddRepository: true' when doing Backup/Restore, to cleanup the respository.
    #        removeAndAddRepository: true
          zookeeper:
            timeout: 10m
            endpoint:
              host: zookeeper.tcsa-system.svc.cluster.local
              port: 2181
            paths:
              - path: /vmware/vsa/gateway
              - path: /vmware/vsa/smarts
      backupSchedule: "0 23 * * *"
      successfulBackupsToKeep: 10
      failedBackupsToKeep: 5
    Note:
    • If you enable the Schedule Export Report feature, you must add or uncomment - grafana_scheduler in the backup configuration file. So that Schedule Export Report configurations are backed up as part of backup restore.
    • Add "/vmware/vsa/ncm" to take backup of NCM reports.
    Option Description
    name Enter a prefix for the backup files. The alphanumeric string can include special characters (-) and (_). Uppercase letters are not supported for the backup name. This is a mandatory field.
    bucket This specifies the destination location for storing backup data, which may include NFS File Server or similar storage solutions such as Minio.
    acrossClusters The 'acrossClusters' parameter facilitates making the backup accessible across the cluster. It can be enabled after the backup creation process. Set this parameter to 'true' if you intend to restore the data to another cluster.
    backupSchedule Specify the backup schedule as a five-field cron expression. For example, enter "5 0 *** *** *" to back up every day at 00:05. This is a mandatory field.
    numberOfDaysToKeep The maximum number of days to retain the backup. Enter an integer greater than 0. This is a mandatory field.
    successfulBackupsToKeep The maximum number of days to retain successful backups. Enter an integer greater than 0. This is a mandatory field.
    Note: successfulBackupsToKeep takes precedence over the numberOfDaysToKeep field, If the number of backups exceeds the limit, the oldest backup is removed based on the value set in successfulBackupsToKeep
    failedBackupsToKeep The maximum number of days to retain failed backups. Enter an integer greater than 0. This is a mandatory field.
    indexList The available elastic search indices are listed here:
    ElasticSearch-Events Indices: vsa_chaining_history-*, vsa_events_history-*, vsa_audit-*, audit-*
    ElasticSearch-Config Indices: vsarole,policy,userpreference,mapping-metadata,mnr-metadata,vsa_catalog
    ElasticSearch-Kafka-Mapper Indices:  gateway-mappings
    ElasticSearch Metrics Indices: vsametrics-*
    timeout The 'Timeout' parameter, a mandatory requirement for every backup component, must be specified. It serves the purpose of defining the maximum duration allowed for the backup operation to complete before being considered unsuccessful.
    preAction/ postAction The 'preAction' and 'postAction' parameters are customizable bash actions that users can define to be executed before or after triggering the backup process.
    cluster The 'cluster' parameter serves as an identifier denoting the location from which the backup is taken.

    The backupSchedule in the YAML configuration provided with ScheduledBackup is "0 23 * * *". The ScheduledBackup gets triggered based on the Kubernetes node time zone, and the default Kubernetes node time zone is UTC zone unless you want to change it. Therefore, it is recommended that you create backups based on the UTC zone (Kubernetes node time zone) rather than the local time zone.

    The backupSchedule uses a standard Cron expression to define the backup frequency. The fields are as follows:
    • Field 1: Minute (0 - 59)
    • Field 2: Hour (0 - 23)
    • Field 3: Day of the Month (1 - 31)
    • Field 4: Month (1 - 12)
    • Field 5: Day of the Week (0 - 6) (Sunday to Saturday)

    In the backupSchedule: "0 23 * * ", the first field is set to 0, which means the backup can start at the beginning of the hour. The second field is set to 23, which means the backup can start at 11 PM UTC. The third, fourth, and fifth fields are set to "", which means the backup can run every day of every month of every week.

  3. To create the scheduled backup, run the following command:
    kubectl apply -f <configuration YAML file>
    The output is:
    scheduledbackup.tcx.vmware.com/scheduledbackup-name created
    Note: Once the ScheduledBackup is created, it cannot be changed. If you want to update the ScheduledBackup, delete the old ScheduledBackup and create a new one. Default scheduled backup is not available for the demo footprint.