starlingx/docs
Code Issues Proposed changes
Files
10f84f422eb9fec2a2df73be202a543c1184a6b5
docs/doc/source/backup/kubernetes/running-ansible-backup-playbook-remotely.rst
Elisamara Aoki Goncalves e848b6b532 Added missing steps in Backup & Restore procedure 
Related to https://review.opendev.org/c/starlingx/nginx-ingress-controller-armada-app/+/788441

Partial-bug: 1923185

Change-Id: I0b5834d301e9ce2b20e2c2e90d85face63a3e425
Signed-off-by: Elisamara Aoki Goncalves <elisamaraaoki.goncalves@windriver.com>
2021-10-01 14:53:06 +00:00

2.9 KiB
Raw Blame History

Run Ansible Backup Playbook Remotely

In this method you can run Ansible Backup playbook on a remote workstation and target it at controller-0.

  • You need to have Ansible installed on your remote workstation, along with the Ansible Backup/Restore playbooks.
  • Your network has IPv6 connectivity before running Ansible Playbook, if the system configuration is IPv6.

  1. Log in to the remote workstation.

  2. Provide an Ansible hosts file, either, a customized one that is specified using the -i option, or the default one that resides in the Ansible configuration directory (that is, /etc/ansible/hosts). You must specify the floating IP of the controller host. For example, if the host name is _Cluster, the inventory file should have an entry _Cluster, for example:

    ---all:
    hosts:
    wc68:

    ansible_host: 128.222.100.02

    _Cluster:

    ansible_host: 128.224.141.74

  3. Create an ansible secrets file.

    ~(keystone_admin)]$ cat <<EOF > secrets.yml
vault_password_change_responses:
    yes/no: 'yes'
    sysadmin*: 'sysadmin'
    (current) UNIX password: 'sysadmin'
    New password: 'Li69nux*'
    Retype new password: 'Li69nux*'
admin_password: Li69nux*
ansible_become_pass: Li69nux*
ansible_ssh_pass: Li69nux*
EOF

  4. Run Ansible Backup playbook:

    ~(keystone_admin)]$ ansible-playbook <path-to-backup-playbook-entry-file> --limit host-name -i <inventory-file> -e "backup_user_local_registry=true"

    The generated backup tar file can be found in <host_backup_dir>, that is, /home/sysadmin, by default. You can overwrite it using the -e option on the command line or in an override file.

    Warning

    If a backup of the local registry images file is created, the file is not copied from the remote machine to the local machine. The inventory_hostname_docker_local_registry_backup_timestamp.tgz file needs to copied off the host machine to be used if a restore is needed.

  5. After the backup is complete, run the following:

    $ system helm-override-update nginx-ingress-controller ingress-nginx kube-system --set controller.admissionWebhooks.enabled=true

  6. Then, reapply the nginx app to restore the admissionWebhook:

    $ system application-apply nginx-ingress-controller