Searching 71340 files for "oadp" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_architecture/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/backing-up-applications.adoc: 7 toc::[] 8 9: You can employ OpenShift API for Data Protection (OADP) with Red Hat OpenShift Service on AWS (ROSA) clusters to backup and restore application data. A ROSA deployment of OpenShift is configured specifically for AWS services. 10 11: include::modules/oadp-installing-oadp-rosa-sts.adoc[leveloffset=+1] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_backing_up_and_restoring_applications/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cli/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_cluster_admin/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_getting_started/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_glossary/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_hcp/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_install_access_delete_clusters/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_planning/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_quick_start/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_release_notes/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/_attributes/common-attributes.adoc: 43 :hybrid-console: Red Hat Hybrid Cloud Console 44 :hybrid-console-second: Hybrid Cloud Console 45: :oadp-first: OpenShift API for Data Protection (OADP) 46: :oadp-full: OpenShift API for Data Protection 47 :oc-first: pass:quotes[OpenShift CLI (`oc`)] 48 :product-registry: OpenShift image registry /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/about-installing-oadp-on-multiple-namespaces.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-installing-oadp-on-multiple-namespaces_{context}"] 8: = Installation of OADP on multiple namespaces 9 10: You can install OADP into multiple namespaces on the same cluster so that multiple project owners can manage their own OADP instance. This use case has been validated with Restic and CSI. 11 12: You install each instance of OADP as specified by the per-platform procedures contained in this document with the following additional requirements: 13 14: * All deployments of OADP on the same cluster must be the same version, for example, 1.1.4. Installing different versions of OADP on the same cluster is *not* supported. 15: * Each individual deployment of OADP must have a unique set of credentials and a unique `BackupStorageLocation` configuration. 16: * By default, each OADP deployment has cluster-level access across namespaces. {product-title} administrators need to review security and RBAC settings carefully and make any necessary changes to them to ensure that each OADP instance has the correct permissions. 17 18 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/about-oadp-update-channels.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/installing/about-installing-oadp.adoc 4 5 6 :_content-type: CONCEPT 7: [id="about-oadp-update-channels_{context}"] 8: = About OADP update channels 9 10: When you install an OADP Operator, you choose an _update channel_. This channel determines which upgrades to the OADP Operator and to Velero you receive. You can switch channels at any time. 11 12 The following update channels are available: 13 14: * The *stable* channel is now deprecated. The *stable* channel contains the patches (z-stream updates) of OADP `ClusterServiceVersion` for `oadp.v1.1.z` and older versions from `oadp.v1.0.z`. 15 16: * The *stable-1.0* channel contains `oadp.v1.0._z_`, the most recent OADP 1.0 `ClusterServiceVersion`. 17 18: * The *stable-1.1* channel contains `oadp.v1.1._z_`, the most recent OADP 1.1 `ClusterServiceVersion`. 19 20: * The *stable-1.2* channel contains `oadp.v1.2._z_`, the most recent OADP 1.2 `ClusterServiceVersion`. 21 22 *Which update channel is right for you?* 23 24: * The *stable* channel is now deprecated. If you are already using the stable channel, you will continue to get updates from `oadp.v1.1._z_`. 25 26: * Choose the *stable-1._y_* update channel to install OADP 1._y_ and to continue receiving patches for it. If you choose this channel, you will receive all z-stream patches for version 1._y_._z_. 27 28 *When must you switch update channels?* 29 30: * If you have OADP 1._y_ installed, and you want to receive patches only for that y-stream, you must switch from the *stable* update channel to the *stable-1._y_* update channel. You will then receive all z-stream patches for version 1._y_._z_. 31 32: * If you have OADP 1.0 installed, want to upgrade to OADP 1.1, and then receive patches only for OADP 1.1, you must switch from the *stable-1.0* update channel to the *stable-1.1* update channel. You will then receive all z-stream patches for version 1.1._z_. 33 34: * If you have OADP 1._y_ installed, with _y_ greater than 0, and want to switch to OADP 1.0, you must _uninstall_ your OADP Operator and then reinstall it using the *stable-1.0* update channel. You will then receive all z-stream patches for version 1.0._z_. 35 36 [NOTE] 37 ==== 38: You cannot switch from OADP 1._y_ to OADP 1.0 by switching update channels. You must uninstall the Operator and then reinstall it. 39 ==== 40 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/metering-store-data-in-s3.adoc: 92 "s3:HeadBucket", 93 "s3:ListBucket", 94: "s3:ListMultipartUploadParts", 95 "s3:PutObject" 96 ], .. 123 "s3:CreateBucket", 124 "s3:DeleteBucket", 125: "s3:ListMultipartUploadParts", 126 "s3:PutObject" 127 ], /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-configuring-aws-s3.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 6 7 :_content-type: PROCEDURE . 12 You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-aws[] 15: You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 90 "s3:PutObject", 91 "s3:AbortMultipartUpload", 92: "s3:ListMultipartUploadParts" 93 ], 94 "Resource": [ .. 147 Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository. 148 endif::[] 149: ifdef::installing-oadp-aws[] 150 . Create a `credentials-velero` file: 151 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-configuring-azure.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-azure[] 15: You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 118 You use the `credentials-velero` file to add Azure as a replication repository. 119 endif::[] 120: ifdef::installing-oadp-azure[] 121 . Obtain the storage account access key: 122 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-configuring-gcp.adoc: 3 // * migrating_from_ocp_3_to_4/installing-3-4.adoc 4 // * migration_toolkit_for_containers/installing-mtc.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6 7 :_content-type: PROCEDURE . 12 You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}). 13 endif::[] 14: ifdef::installing-oadp-gcp[] 15: You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP). 16 endif::[] 17 .. 141 You use the `credentials-velero` file to add GCP as a replication repository. 142 endif::[] 143: ifdef::installing-oadp-gcp[] 144 + 145 You use the `credentials-velero` file to create a `Secret` object for GCP before you install the Data Protection Application. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-configuring-mcg.adoc: 5 // * migration_toolkit_for_containers/installing-mtc.adoc 6 // * migration_toolkit_for_containers/installing-mtc-restricted.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 8 9 :_content-type: PROCEDURE .. 14 You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}). 15 endif::[] 16: You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP). 17: //ifdef::installing-oadp-mcg[] 18 //endif::[] 19 .. 35 You use these credentials to add MCG as a replication repository. 36 endif::[] 37: ifdef::installing-oadp-mcg[] 38 . Create a `credentials-velero` file: 39 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-mtc-release-notes-1-7.adoc: 12 This release has the following new features and enhancements: 13 14: * The {mtc-full} ({mtc-short}) Operator now depends upon the OpenShift API for Data Protection (OADP) Operator. When you install the {mtc-short} Operator, the Operator Lifecycle Manager (OLM) automatically installs the OADP Operator in the same namespace. 15 16 * You can migrate from a source cluster that is behind a firewall to a cloud-based destination cluster by establishing a network tunnel between the two clusters by using the `crane tunnel-api` command. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/migration-using-must-gather.adoc: 16 You can collect data for a one-hour or a 24-hour period and view the data with the Prometheus console. 17 endif::[] 18: ifdef::oadp-troubleshooting[] 19 You can run the `must-gather` tool with the following data collection options: 20 21: * Full `must-gather` data collection collects Prometheus metrics, pod logs, and Velero CR information for all namespaces where the OADP Operator is installed. 22 * Essential `must-gather` data collection collects pod logs and Velero CR information for a specific duration of time, for example, one hour or 24 hours. Prometheus metrics and duplicate logs are not included. 23 * `must-gather` data collection with timeout. Data collection can take a long time if there are many failed `Backup` CRs. You can improve performance by setting a timeout value. .. 38 * To collect data for the past hour: 39 endif::[] 40: ifdef::oadp-troubleshooting[] 41 * Full `must-gather` data collection, including Prometheus metrics: 42 endif::[] .. 49 The data is saved as `must-gather/must-gather.tar.gz`. You can upload this file to a support case on the link:https://access.redhat.com/[Red Hat Customer Portal]. 50 51: ifdef::oadp-troubleshooting[] 52 * Essential `must-gather` data collection, without Prometheus metrics, for a specific time duration: 53 + .. 71 * To collect data for the past 24 hours: 72 endif::[] 73: ifdef::oadp-troubleshooting[] 74 * Prometheus metrics data dump: 75 endif::[] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/nw-enforcing-hsts-per-domain.adoc: 58 smallestMaxAge: 1 59 largestMaxAge: 31536000 60: preloadPolicy: RequirePreload <5> 61 includeSubDomainsPolicy: RequireIncludeSubDomains <6> 62 - domainPatterns: <2> .. 66 matchLabels: {} 67 maxAge: {} 68: preloadPolicy: NoOpinion 69 includeSubDomainsPolicy: RequireNoIncludeSubDomains 70 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-about-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = About backing up data from one cluster and restoring it on another cluster 9 10: {oadp-first} is designed to back up and restore application data in the same {product-title} cluster. {mtc-full} ({mtc-short}) is designed to migrate containers, including application data, from one {product-title} cluster to another cluster. 11 12: You can use OADP to back up application data from one {product-title} cluster and restore it on another cluster. However, doing so is more complicated than using {mtc-short} or using OADP to back up and restore on the same cluster. 13 14: To successfully use OADP to back up data from one cluster and restore it to another cluster, you must take into account the following factors, in addition to the prerequisites and procedures that apply to using OADP to back up and restore data on the same cluster: 15 16 * Operators .. 18 * UID and GID ranges 19 20: [id="oadp-cluster-to-cluster-operators_{context}"] 21 == Operators 22 You must exclude Operators from the backup of an application for backup and restore to succeed. 23 24: [id="oadp-cluster-to-cluster-velero_{context}"] 25 == Use of Velero 26 27: Velero, which OADP is built upon, does not natively support migrating persistent volume snapshots across cloud providers. To migrate volume snapshot data between cloud platforms, you must _either_ enable the Velero Restic file system backup option, which backs up volume contents at the filesystem level, _or_ use the OADP Data Mover for CSI snapshots. 28 29 [NOTE] 30 ==== 31: In OADP 1.1 and earlier, the Velero Restic file system backup option is called `restic`. 32: In OADP 1.2 and later, the Velero Restic file system backup option is called `file-system-backup`. 33 ==== 34 35 [NOTE] 36 ==== 37: Velero's file system backup feature supports both Kopia and Restic, but currently OADP supports only Restic. 38 ==== 39 .. 42 * It is theoretically possible to migrate workloads to a destination with a _later_ Kubernetes version than the source, but you must consider the compatibility of API groups between clusters for each custom resource. If a Kubernetes version upgrade breaks the compatibility of core or native API groups, you must first update the impacted custom resources. 43 44: [id="oadp-cluster-to-cluster-uid-and-gid-ranges_{context}"] 45 == UID and GID ranges 46 .. 48 49 Summary of issues:: 50: The UID and GID ranges of the namespace might change on the destination cluster. OADP does not back up and restore OpenShift UID range metadata. If the backed application requires a specific UID, ensure the range is available when restored. For more information about OpenShift's UID and GID ranges, see link:https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids[A Guide to OpenShift and UIDs]. 51 52 Detailed description of issues:: .. 58 59 + 60: When you use OADP to restore the namespace, it automatically uses the information in `metadata.annotations` without resetting it for the destination cluster. As a result, the workload might not have access to the backed up data if one of the following is true: 61 62: * There is a pre-existing namespace with different SCC annotations, for example, on a different cluster. In this case, at backup time, OADP reuses the pre-existing namespace instead of the namespace you are trying to restore. 63: * The backup used a label selector, but the namespace where workloads run on does not have the label on it. In this case, OADP does not back up the namespace, but instead creates a new namespace during restore that does not include the annotations of the namespace you backed up. This causes a new UID range to be assigned to the namespace. 64 + 65 This might be an issue for customer workloads if {product-title} assigns a pod a `securityContext` UID based on namespace annotations that have changed from the time the persistent volume data was backed up. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-about-backup-snapshot-locations-secrets.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: CONCEPT 10: [id="oadp-about-backup-snapshot-locations_{context}"] 11 = About backup and snapshot locations and their secrets 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-about-enable-api-group-versions.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-about-enable-api-group-versions_{context}"] 8 = About Enable API Group Versions 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-backing-and-restoring-from-cluster-to-cluster.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-backing-and-restoring-from-cluster-to-cluster_{context}"] 8 = Backing up data from one cluster and restoring it to another cluster 9 .. 20 ** Ensure that the backup store location (BSL) and volume snapshot location have the same names and paths to restore resources to another cluster. 21 ** Share the same object storage location credentials across the clusters. 22: ** For best results, use OADP to create the namespace on the destination cluster. 23 ** If you use the Velero `file-system-backup` option, enable the `--default-volumes-to-fs-backup` flag for use during backup by running the following command: 24 + .. 30 [NOTE] 31 ==== 32: In OADP 1.2 and later, the Velero Restic option is called `file-system-backup`. 33 ==== 34 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-backing-up-applications-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-applications-restic_{context}"] 7 = Backing up applications with Restic 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * You must not disable the default Restic installation by setting `spec.configuration.restic.enable` to `false` in the `DataProtectionApplication` CR. 22 * The `DataProtectionApplication` CR must be in a `Ready` state. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-backing-up-pvs-csi.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-backing-up-pvs-csi_{context}"] 7 = Backing up persistent volumes with CSI snapshots 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-backup-restore-cr-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-backup-restore-cr-issues_{context}"] 7 = Backup and Restore CR issues 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-cephfs-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-cephfs-back-up-dba_{context}"] 7 = Creating a DPA for use with CephFS storage 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using CephFS storage. 10 11 .Procedure .. 38 [source,yaml] 39 ---- 40: apiVersion: oadp.openshift.io/v1alpha1 41 kind: DataProtectionApplication 42 metadata: .. 79 ---- 80 <1> There is no default value for the `enable` field. Valid values are `true` or `false`. 81: <2> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not use your Restic `Secret`, the CR uses the default value `dm-credential` for this parameter. 82 <3> There is no default value for the `enable` field. Valid values are `true` or `false`. 83 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-cephfs-back-up.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-back-up_{context}"] 14 15 ifdef::cephfs[] 16: = Backing up data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data using CephFS storage by enabling the shallow copy feature of CephFS storage. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Backing up data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up data in an environment that has split volumes. 23 endif::split[] 24 .. 58 59 . Wait several minutes until the `VolumeSnapshotBackup` CR has the status `Completed`. 60: . Verify that there is at least one snapshot in the object store that is given in the Restic `Secret`. You can check for this snapshot in your targeted `BackupStorageLocation` storage provider that has a prefix of `/`. 61 62 ifeval::["{context}" == "cephfs"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-cephfs-restore.adoc: 11 12 :_content-type: PROCEDURE 13: [id="oadp-ceph-cephfs-restore_{context}"] 14 15 ifdef::cephfs[] 16: = Restoring data using OADP 1.2 Data Mover and CephFS storage 17: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data using CephFS storage if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 18 endif::cephfs[] 19 20 ifdef::split[] 21: = Restoring data using OADP 1.2 Data Mover and split volumes 22: You can use OpenShift API for Data Protection (OADP) 1.2 Data Mover to restore data in an environment that has split volumes, if the shallow copy feature of CephFS storage was enabled for the back up procedure. The shallow copy feature is not used in the restore procedure. 23 endif::split[] 24 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-preparing-cephfs-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephfs-crs_{context}"] 7: = Defining CephFS custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephFS `StorageClass` custom resource (CR) and a default CephFS `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-preparing-cephrbd-crs.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-cephrbd-crs_{context}"] 7: = Defining CephRBD custom resources for use with OADP 1.2 Data Mover 8 9: When you install {rh-storage-first}, it automatically creates a default CephRBD `StorageClass` custom resource (CR) and a default CephRBD `VolumeSnapshotClass` CR. You can define these CRs for use with OpenShift API for Data Protection (OADP) 1.2 Data Mover. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-preparing-crs-additional.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-preparing-crs-additional_{context}"] 7: = Defining additional custom resources for use with OADP 1.2 Data Mover 8 9 After you redefine the default `StorageClass` and CephRBD `VolumeSnapshotClass` custom resources (CRs), you must create the following CRs: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-prerequisites.adoc: 5 6 :_content-type: CONCEPT 7: [id="oadp-ceph-prerequisites_{context}"] 8: = Prerequisites for using OADP 1.2 Data Mover with Ceph storage 9 10: The following prerequisites apply to all back up and restore operations of data using {oadp-first} 1.2 Data Mover in a cluster that uses Ceph storage: 11 12 * You have installed {product-title} 4.12 or later. 13: * You have installed the OADP Operator. 14 * You have created a secret `cloud-credentials` in the namespace `openshift-adp.` 15 * You have installed {rh-storage-first}. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ceph-split-back-up-dba.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-ceph-split-back-up-dba_{context}"] 7 = Creating a DPA for use with split volumes 8 9: You must create a Data Protection Application (DPA) CR before you use the OpenShift API for Data Protection (OADP) 1.2 Data Mover to back up and restore data using split volumes. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 metadata: .. 64 cacheStorageClassName: ocs-storagecluster-ceph-rbd 65 ---- 66: <1> Use the Restic `Secret` that you created when you prepared your environment for working with OADP 1.2 Data Mover and Ceph. If you do not, then the CR will use the default value `dm-credential` for this parameter. 67 <2> A different set of `VolumeOptionsForStorageClass` labels can be defined for each `storageClass` volume, thus allowing a backup to volumes with different providers. 68 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-checking-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-checking-api-group-versions_{context}"] 8 = Listing the Kubernetes API group versions on a cluster 9 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-cleaning-up-after-data-mover-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-cleaning-up-after-data-mover-snapshots_{context}"] 7 = Deleting snapshots in a bucket 8 9: OADP 1.1 Data Mover might leave one or more snapshots in a bucket after a backup. You can either delete all the snapshots or delete individual snapshots. 10 11 .Procedure /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-configuring-noobaa-for-dr.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-configuring-noobaa-for-dr_{context}"] 7 = Configuring NooBaa for disaster recovery on {rh-storage} 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-configuring-velero-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-configuring-velero-plugins_{context}"] 7: = About OADP Velero plugins 8 9 You can configure two types of plugins when you install Velero: .. 16 == Default Velero cloud provider plugins 17 18: You can install any of the following default Velero cloud provider plugins when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment: 19 20 * `aws` (Amazon Web Services) .. 25 * `kubevirt` (KubeVirt) 26 27: You specify the desired default plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 28 29 .Example file .. 33 [source,yaml] 34 ---- 35: apiVersion: oadp.openshift.io/v1alpha1 36 kind: DataProtectionApplication 37 metadata: .. 49 == Custom Velero plugins 50 51: You can install a custom Velero plugin by specifying the plugin `image` and `name` when you configure the `oadp_v1alpha1_dpa.yaml` file during deployment. 52 53: You specify the desired custom plugins in the `oadp_v1alpha1_dpa.yaml` file during deployment. 54 55 .Example file .. 59 [source,yaml] 60 ---- 61: apiVersion: oadp.openshift.io/v1alpha1 62 kind: DataProtectionApplication 63 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-creating-backup-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-cr_{context}"] 7 = Creating a Backup CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * Backup location prerequisites: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-creating-backup-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-backup-hooks_{context}"] 7 = Creating backup hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-creating-default-secret.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-creating-default-secret_{context}"] 11 = Creating a default Secret 12 13 You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location. 14 15: ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[] 16 The default name of the `Secret` is `{credentials}`. 17 endif::[] 18: ifdef::installing-oadp-ocs[] 19: The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure. 20 endif::[] 21 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-creating-restore-cr.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-cr_{context}"] 7 = Creating a Restore CR 8 . 11 .Prerequisites 12 13: * You must install the OpenShift API for Data Protection (OADP) Operator. 14 * The `DataProtectionApplication` CR must be in a `Ready` state. 15 * You must have a Velero `Backup` CR. .. 67 [NOTE] 68 ==== 69: In the course of the restore process, the OADP Velero plug-ins scale down the `DeploymentConfig` objects and restore the pods as standalone pods to prevent the cluster from deleting the restored `DeploymentConfig` pods immediately on restore and to allow Restic and post-restore hooks to complete their actions on the restored pods. The cleanup script removes these disconnected pods and scale any `DeploymentConfig` objects back up to the appropriate number of replicas. 70 ==== 71 + .. 94 } 95 96: OADP_NAMESPACE=${OADP_NAMESPACE:=openshift-adp} 97 98 if [[ $# -ne 1 ]]; then .. 101 fi 102 103: echo using OADP Namespace $OADP_NAMESPACE 104 echo restore: $1 105 ... 108 109 echo Deleting disconnected restore pods 110: oc delete pods -l oadp.openshift.io/disconnected-from-dc=$label 111 112: for dc in $(oc get dc --all-namespaces -l oadp.openshift.io/replicas-modified=$label -o jsonpath='{range .items[*]}{.metadata.namespace}{","}{.metadata.name}{","}{.metadata.annotations.oadp\.openshift\.io/original-replicas}{","}{.metadata.annotations.oadp\.openshift\.io/original-paused}{"\n"}') 113 do 114 IFS=',' read -ra dc_arr <<< "$dc" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-creating-restore-hooks.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-creating-restore-hooks_{context}"] 7 = Creating restore hooks 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-debugging-oc-cli.adoc: 4 5 :_content-type: REFERENCE 6: [id="oadp-debugging-oc-cli_{context}"] 7 = Debugging Velero resources with the OpenShift CLI tool 8 . 39 [NOTE] 40 ==== 41: This option is available starting from OADP 1.0.3. 42 ==== 43 44 [source,yaml] 45 ---- 46: apiVersion: oadp.openshift.io/v1alpha1 47 kind: DataProtectionApplication 48 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-deleting-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-backups_{context}"] 7 = Deleting backups 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-deleting-cluster-resources-following-failure.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-failure_{context}"] 7 = Deleting cluster resources following a partially successful or a failed backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-deleting-cluster-resources-following-success.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-deleting-cluster-resources-following-success_{context}"] 7 = Deleting cluster resources following a successful backup and restore that used Data Mover 8 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-enabling-csi-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-enabling-csi-dpa_{context}"] 11 = Enabling CSI in the DataProtectionApplication CR 12 .. 23 [source,yaml] 24 ---- 25: apiVersion: oadp.openshift.io/v1alpha1 26 kind: DataProtectionApplication 27 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-features.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-features_{context}"] 7: = OADP features 8 9: OpenShift API for Data Protection (OADP) supports the following features: 10 11 Backup:: 12: You can use OADP to back up all applications on the OpenShift Platform, or you can filter the resources by type, namespace, or label. 13 + 14: OADP backs up Kubernetes objects and internal images by saving them as an archive file on object storage. OADP backs up persistent volumes (PVs) by creating snapshots with the native cloud snapshot API or with the Container Storage Interface (CSI). For cloud providers that do not support snapshots, OADP backs up resources and PV data with Restic. 15 16 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ibm-power-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-power-test-matrix_{context}"] 7: = OADP support for target backup locations using IBM Power 8 9: IBM Power running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running IBM Power with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-ibm-z-test-support.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-ibm-z-test-support_{context}"] 7: = OADP testing and support for target backup locations using {ibmzProductName} 8 9: {ibmzProductName} running with {product-title} 4.11 and 4.12, and OpenShift API for Data Protection (OADP) 1.1.2 was tested successfully against an AWS S3 backup location target. Although the test involved only an AWS S3 target, Red Hat supports running {ibmzProductName} with {product-title} 4.11 and 4.12, and OADP 1.1.2 against all non-AWS S3 backup location targets as well. 10 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-installation-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-installation-issues_{context}"] 7 = Installation issues 8 9 You might encounter issues caused by using invalid directories or incorrect credentials when you install the Data Protection Application. 10 11: [id="oadp-backup-location-contains-invalid-directories_{context}"] 12 == Backup storage contains invalid directories 13 .. 22 If the object storage is not dedicated to Velero, you must specify a prefix for the bucket by setting the `spec.backupLocations.velero.objectStorage.prefix` parameter in the `DataProtectionApplication` manifest. 23 24: [id="oadp-incorrect-aws-credentials_{context}"] 25 == Incorrect AWS credentials 26 27: The `oadp-aws-registry` pod log displays the error message, `InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.` 28 29 The `Velero` pod log displays the error message, `NoCredentialProviders: no valid providers in chain`. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-installing-dpa.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-dpa_{context}"] 11 = Installing the Data Protection Application 12 .. 15 .Prerequisites 16 17: * You must install the OADP Operator. 18 * You must configure object storage as a backup location. 19 * If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Storage Interface (CSI) snapshots. 20 * If the backup and snapshot locations use the same credentials, you must create a `Secret` with the default name, `{credentials}`. 21: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg,installing-oadp-ocs,virt-installing-configuring-oadp[] 22 * If the backup and snapshot locations use different credentials, you must create two `Secrets`: 23 .. 25 ** `Secret` with the default name, `{credentials}`, for the snapshot location. This `Secret` is not referenced in the `DataProtectionApplication` CR. 26 endif::[] 27: ifdef::installing-oadp-aws[] 28 * If the backup and snapshot locations use different credentials, you must create a `Secret` with the default name, `{credentials}`, which contains separate profiles for the backup and snapshot location credentials. 29 endif::[] .. 36 .Procedure 37 38: . Click *Operators* -> *Installed Operators* and select the OADP Operator. 39 . Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box. 40 41 . Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest: 42: ifdef::installing-oadp-aws[] 43 + 44 [source,yaml,subs="attributes+"] 45 ---- 46: apiVersion: oadp.openshift.io/v1beta1 47 kind: DataProtectionApplication 48 metadata: .. 92 <9> The snapshot location must be in the same region as the PVs. 93 endif::[] 94: ifdef::installing-oadp-azure[] 95 + 96 [source,yaml,subs="attributes+"] 97 ---- 98: apiVersion: oadp.openshift.io/v1beta1 99 kind: DataProtectionApplication 100 metadata: ... 148 <11> You do not need to specify a snapshot location if you use CSI snapshots or Restic to back up PVs. 149 endif::[] 150: ifdef::installing-oadp-gcp[] 151 + 152 [source,yaml,subs="attributes+"] 153 ---- 154: apiVersion: oadp.openshift.io/v1beta1 155 kind: DataProtectionApplication 156 metadata: ... 196 <9> The snapshot location must be in the same region as the PVs. 197 endif::[] 198: ifdef::installing-oadp-mcg[] 199 + 200 [source,yaml,subs="attributes+"] 201 ---- 202: apiVersion: oadp.openshift.io/v1beta1 203 kind: DataProtectionApplication 204 metadata: ... 242 <8> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 243 endif::[] 244: ifdef::installing-oadp-ocs[] 245 + 246 [source,yaml,subs="attributes+"] 247 ---- 248: apiVersion: oadp.openshift.io/v1beta1 249 kind: DataProtectionApplication 250 metadata: ... 287 <11> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes. 288 endif::[] 289: ifdef::virt-installing-configuring-oadp[] 290 + 291 [source,yaml,subs="attributes+"] 292 ---- 293: apiVersion: oadp.openshift.io/v1beta1 294 kind: DataProtectionApplication 295 metadata: ... 334 335 . Click *Create*. 336: . Verify the installation by viewing the OADP resources: 337 + 338 [source,terminal] ... 345 ---- 346 NAME READY STATUS RESTARTS AGE 347: pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s 348 pod/restic-9cq4q 1/1 Running 0 94s 349 pod/restic-m4lts 1/1 Running 0 94s ... 352 353 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 354: service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 8443/TCP 2m8s 355 356 NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE ... 358 359 NAME READY UP-TO-DATE AVAILABLE AGE 360: deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s 361 deployment.apps/velero 1/1 1 1 96s 362 363 NAME DESIRED CURRENT READY AGE 364: replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s 365 replicaset.apps/velero-588db7f655 1 1 1 96s 366 ---- /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-installing-oadp-rosa-sts.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-installing-oadp-rosa-sts_{context}"] 7: = Installing OADP on {product-title} with AWS STS 8 9: AWS Security Token Service (AWS STS) is a global web service that provides short-term credentials for IAM or federated users. {product-title} (ROSA) with STS is the recommended credential mode for ROSA clusters. This document describes how to install OpenShift API for Data Protection (OADP) on (ROSA) with AWS STS. 10 11 [IMPORTANT] 12 ==== 13: Restic is not supported in the OADP on ROSA with AWS STS environment. Ensure the Restic service is disabled. Use native snapshots to backup volumes. See _Known Issues_ for more information. 14 ==== 15 .. 17 18 * A ROSA OpenShift Cluster with the required access and tokens. 19: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.html#oadp-creating-default-secret_installing-oadp-aws[A default Secret], if your backup and snapshot locations use the same credentials, or if you do not require a snapshot location. 20 21 .Procedure .. 42 ---- 43 44: . Install the OADP Operator. 45 .. In the {product-title} web console, navigate to Operators *->* OperatorHub. 46: .. Search for the OADP Operator, then click *Install*. 47 48 . Create AWS cloud storage using your AWS credentials: .. 51 ---- 52 $ cat << EOF | oc create -f - 53: apiVersion: oadp.openshift.io/v1alpha1 54 kind: CloudStorage 55 metadata: 56: name: ${CLUSTER_NAME}-oadp 57 namespace: openshift-adp 58 spec: .. 61 name: cloud-credentials 62 enableSharedConfig: true 63: name: ${CLUSTER_NAME}-oadp 64 provider: aws 65 region: $REGION .. 72 ---- 73 $ cat << EOF | oc create -f - 74: apiVersion: oadp.openshift.io/v1alpha1 75 kind: DataProtectionApplication 76 metadata: .. 81 - bucket: 82 cloudStorageRef: 83: name: ${CLUSTER_NAME}-oadp 84 credential: 85 key: credentials .. 105 [NOTE] 106 ==== 107: The `enable` parameter of `restic` is set to `false` in this configuration because OADP does not support Restic in ROSA environments. 108 ==== 109 + 110: You are now ready to backup and restore OpenShift applications, as described in the link:https://docs.openshift.com/container-platform/4.11/backup_and_restore/application_backup_and_restore/backing_up_and_restoring/backing-up-applications.html[OADP documentation]. 111 112 == Known Issues 113 .Restic is not supported or recommended 114 115: * link:https://issues.redhat.com/browse/OADP-1054[CloudStorage: openshift-adp-controller-manager crashloop seg fault with Restic enabled] 116: * link:https://issues.redhat.com/browse/OADP-1057[Cloudstorage API: CSI Backup of an app with internal images partially fails with plugin panicked error] 117: * (Affects OADP 1.1.x_ only): link:https://issues.redhat.com/browse/OADP-1055[CloudStorage: bucket is removed on CS CR delete, although it doesn't have "oadp.openshift.io/cloudstorage-delete": "true"] 118 119 [role="_additional-resources"] ... 123 * link:https://docs.openshift.com/rosa/rosa_getting_started/rosa-sts-getting-started-workflow.html[Getting started with ROSA STS] 124 * link:https://docs.openshift.com/rosa/rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-quickly.html[Creating a ROSA cluster with STS] 125: * link:https://docs.openshift.com/container-platform/4.13/backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.html[About installing OADP] 126 * link:https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/persistent-storage-csi.html[Configuring CSI volumes] 127 * link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-storage_rosa-service-definition[ROSA storage options] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-installing-operator.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-installing-operator_{context}"] 11: = Installing the OADP Operator 12 13: You install the OpenShift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM). 14 15: The OADP Operator installs link:https://{velero-domain}/docs/v{velero-version}/[Velero {velero-version}]. 16 17 .Prerequisites .. 22 23 . In the {product-title} web console, click *Operators* -> *OperatorHub*. 24: . Use the *Filter by keyword* field to find the *OADP Operator*. 25: . Select the *OADP Operator* and click *Install*. 26 . Click *Install* to install the Operator in the `openshift-adp` project. 27 . Click *Operators* -> *Installed Operators* to verify the installation. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-plugins.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/oadp-features-plugins.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-plugins_{context}"] 7: = OADP plugins 8 9: The OpenShift API for Data Protection (OADP) provides default Velero plugins that are integrated with storage providers to support backup and snapshot operations. You can create link:https://{velero-domain}/docs/v{velero-version}/custom-plugins/[custom plugins] based on the Velero plugins. 10 11: OADP also provides plugins for {product-title} resource backups, OpenShift Virtualization resource backups, and Container Storage Interface (CSI) snapshots. 12 13 [cols="3", options="header"] 14: .OADP plugins 15 |=== 16: |OADP plugin |Function |Storage location 17 18 .2+|`aws` |Backs up and restores Kubernetes objects. |AWS S3 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-pod-crash-set-resource-request-restic.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-retics_{context}"] 7 = Setting resource requests for a Restic pod 8 . 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-pod-crash-set-resource-request-velero.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-pod-crash-resource-request-velero_{context}"] 7 = Setting resource requests for a Velero pod 8 9: You can use the `configuration.velero.podConfig.resourceAllocations` specification field in the `oadp_v1alpha1_dpa.yaml` file to set specific resource requests for a `Velero` pod. 10 11 .Procedure .. 17 [source,yaml] 18 ---- 19: apiVersion: oadp.openshift.io/v1alpha1 20 kind: DataProtectionApplication 21 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-release-notes-1-1-1.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 :_content-type: REFERENCE 5: [id="migration-oadp-release-notes-1-1-1_{context}"] 6: = OADP 1.1.1 release notes 7 8: The OADP 1.1.1 release notes include product recommendations and descriptions of known issues. 9 10 == Product recommendations 11 12: Before you install OADP 1.1.1, it is recommended to either install VolSync 0.5.1 or to upgrade to it. 13 14 == Known issues .. 16 This release has the following known issues: 17 18: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 19 20 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 23 + 24 ** For CephFS, you can create up to 100 snapshots per PVC. 25: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) and (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 26 + 27 For more information, see https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.11/html/managing_and_allocating_storage_resources/volume-snapshots_rhodf[Volume Snapshots]. /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-release-notes-1-1-2.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-2_{context}"] 7: = OADP 1.1.2 release notes 8 9: The OADP 1.1.2 release notes include product recommendations, a list of fixed bugs and descriptions of known issues. 10 11 [id="product-recommendations_{context}"] .. 34 The following bugs have been fixed in this release: 35 36: * link:https://issues.redhat.com/browse/OADP-1150[OADP-1150] 37: * link:https://issues.redhat.com/browse/OADP-290[OADP-290] 38: * link:https://issues.redhat.com/browse/OADP-1056[OADP-1056] 39 40 [id="known-issues_{context}"] .. 43 This release has the following known issues: 44 45: * OADP currently does not support backup and restore of AWS EFS volumes using restic in Velero (link:https://issues.redhat.com/browse/OADP-778[*OADP-778*]). 46 47 * CSI backups might fail due to a Ceph limitation of `VolumeSnapshotContent` snapshots per PVC. .. 50 + 51 -- 52: ** For CephFS, you can create up to 100 snapshots per PVC. (link:https://issues.redhat.com/browse/OADP-804[*OADP-804*]) 53: ** For RADOS Block Device (RBD), you can create up to 512 snapshots for each PVC. (link:https://issues.redhat.com/browse/OADP-975[*OADP-975*]) 54 -- 55 + /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-release-notes-1-1-4.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-1-4_{context}"] 7: = OADP 1.1.4 release notes 8 9: The OADP 1.1.4 release notes lists any new features, resolved issues and bugs, and known issues. 10 11 [id="new-features1.1.4_{context}"] 12 == New features 13 14: This version of OADP is a service release. No new features are added to this version. 15 16 [id="resolved-issues1.1.4_{context}"] .. 19 The following bugs have been fixed in this release: 20 21: * link:https://issues.redhat.com/browse/OADP-1557[OADP-1557] 22: * link:https://issues.redhat.com/browse/OADP-1822[OADP-1822] 23: * link:https://issues.redhat.com/browse/OADP-1511[OADP-1511] 24: * link:https://issues.redhat.com/browse/OADP-1642[OADP-1642] 25: * link:https://issues.redhat.com/browse/OADP-1398[OADP-1398] 26: * link:https://issues.redhat.com/browse/OADP-1267[OADP-1267] 27: * link:https://issues.redhat.com/browse/OADP-1390[OADP-1390] 28: * link:https://issues.redhat.com/browse/OADP-1650[OADP-1650] 29: * link:https://issues.redhat.com/browse/OADP-1487[OADP-1487] 30 31 .. 35 This release has the following known issues: 36 37: * OADP backups might fail because a UID/GID range might have changed on the cluster where the application has been restored, with the result that OADP does not back up and restore {product-title} UID/GID range metadata. To avoid the issue, if the backed application requires a specific UUID, ensure the range is available when restored. An additional workaround is to allow OADP to create the namespace in the restore operation. 38 39: * A restoration might fail if ArgoCD is used during the process due to a label used by ArgoCD, `app.kubernetes.io/instance`. This label identifies which resources ArgoCD needs to manage, which can create a conflict with OADP's procedure for managing resources on restoration. To work around this issue, set `.spec.resourceTrackingMethod` on the ArgoCD YAML to `annotation+label` or `annotation`. If the issue continues to persist, then disable ArgoCD before beginning to restore, and enable it again when restoration is finished. 40 41 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-release-notes-1-2-0.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/oadp-release-notes.adoc 4 5 :_content-type: REFERENCE 6: [id="migration-oadp-release-notes-1-2-0_{context}"] 7: = OADP 1.2.0 release notes 8 9: The OADP 1.2.0 release notes include information about new features, bug fixes, and known issues. 10 11 [id="new-features_{context}"] 12 == New features 13 14: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/backup_and_restore/application-backup-and-restore#installing-oadp-aws[Resource timeouts] 15 The new `resourceTimeout` option specifies the timeout duration in minutes for waiting on various Velero resources. This option applies to resources such as Velero CRD availability, `volumeSnapshot` deletion, and backup repository availability. The default duration is ten minutes. 16 17: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/backup_and_restore/application-backup-and-restore#oadp-s3-compatible-backup-storage-providers_about-installing-oadp[AWS S3 compatible backup storage providers] 18 You can back up objects and snapshots on AWS S3 compatible providers. 19 .. 21 === Technical preview features 22 23: .link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/backup_and_restore/application-backup-and-restore#installing-and-configuring-oadp[Data Mover] 24: The OADP Data Mover enables you to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When you enable Data Mover, you can restore stateful applications using CSI volume snapshots pulled from the object store in case of accidental cluster deletion, cluster failure, or data corruption. 25 26: :FeatureName: OADP Data Mover 27 include::snippets/technology-preview.adoc[] 28 .. 32 The following bugs have been fixed in this release: 33 34: * link:https://issues.redhat.com/browse/OADP-144[OADP-144] 35: * link:https://issues.redhat.com/browse/OADP-639[OADP-639] 36: * link:https://issues.redhat.com/browse/OADP-1741[OADP-1741] 37: * link:https://issues.redhat.com/browse/OADP-1152[OADP-1152] 38: * link:https://issues.redhat.com/browse/OADP-1143[OADP-1143] 39: * link:https://issues.redhat.com/browse/OADP-1931[OADP-1931] 40: * link:https://issues.redhat.com/browse/OADP-148[OADP-148] 41: * link:https://issues.redhat.com/browse/OADP-1067[OADP-1067] 42: * link:https://issues.redhat.com/browse/OADP-1332[OADP-1332] 43: * link:https://issues.redhat.com/browse/OADP-1164[OADP-1164] 44: * link:https://issues.redhat.com/browse/OADP-1105[OADP-1105] 45: * link:https://issues.redhat.com/browse/OADP-2009[OADP-2009] 46: * link:https://issues.redhat.com/browse/OADP-1370[OADP-1370] 47: * link:https://issues.redhat.com/browse/OADP-969[OADP-969] 48: * link:https://issues.redhat.com/browse/OADP-1672[OADP-1672] 49: * link:https://issues.redhat.com/browse/OADP-1151[OADP-1151] 50: * link:https://issues.redhat.com/browse/OADP-988[OADP-988] 51: * link:https://issues.redhat.com/browse/OADP-1941[OADP-1941] 52: * link:https://issues.redhat.com/browse/OADP-1830[OADP-1830] 53: * link:https://issues.redhat.com/browse/OADP-1821[OADP-1821] 54: * link:https://issues.redhat.com/browse/OADP-1783[OADP-1783] 55: * link:https://issues.redhat.com/browse/OADP-1719[OADP-1719] 56: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1833] 57: * link:https://issues.redhat.com/browse/OADP-1872[OADP-1872] 58: * link:https://issues.redhat.com/browse/OADP-2047[OADP-2047] 59: * link:https://issues.redhat.com/browse/OADP-1932[OADP-1932] 60: * link:https://issues.redhat.com/browse/OADP-1844[OADP-1844] 61: * link:https://issues.redhat.com/browse/OADP-1182[OADP-1182] 62: * link:https://issues.redhat.com/browse/OADP-1183[OADP-1183] 63: * link:https://issues.redhat.com/browse/OADP-1798[OADP-1798] 64: * link:https://issues.redhat.com/browse/OADP-1726[OADP-1726] 65: * link:https://issues.redhat.com/browse/OADP-821[OADP-821] 66: * link:https://issues.redhat.com/browse/OADP-1833[OADP-1781] 67: * link:https://issues.redhat.com/browse/OADP-697[OADP-697] 68: * link:https://issues.redhat.com/browse/OADP-1281[OADP-1281] 69: * link:https://issues.redhat.com/browse/OADP-1077[OADP-1077] 70: * link:https://issues.redhat.com/browse/OADP-1076[OADP-1076] 71: * link:https://issues.redhat.com/browse/OADP-1670[OADP-1670] 72: * link:https://issues.redhat.com/browse/OADP-1307[OADP-1307] 73: * link:https://issues.redhat.com/browse/OADP-1640[OADP-1640] 74: * link:https://issues.redhat.com/browse/OADP-1987[OADP-1987] 75: * link:https://issues.redhat.com/browse/OADP-1934[OADP-1934] 76 77 [id="known-issues-1-2-0_{context}"] /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-restic-issues.adoc: 4 5 :_content-type: CONCEPT 6: [id="oadp-restic-issues_{context}"] 7 = Restic issues 8 . 71 restic backup, stderr=Fatal: unable to open config file: Stat: The 72 specified key does not exist.\nIs there a repository at the following 73: location?\ns3:http://minio-minio.apps.mayap-oadp- 74: veleo-1234.qe.devcluster.openshift.com/mayapvelerooadp2/velero1/ 75 restic/_mysql-persistent_\n: exit status 1" error.file="/remote-source/ 76 src/github.com/vmware-tanzu/velero/pkg/restic/backupper.go:184" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-s3-compatible-backup-storage-providers.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 4 5 :_content-type: CONCEPT 6: [id="oadp-s3-compatible-backup-storage-providers_{context}"] 7 = AWS S3 compatible backup storage providers 8 9: OADP is compatible with many object storage providers for use with different backup and snapshot operations. Several object storage providers are fully supported, several are unsupported but known to work, and some have known limitations. 10 11: [id="oadp-s3-compatible-backup-storage-providers-supported"] 12 == Supported backup storage providers 13 14: The following AWS S3 compatible object storage providers, are fully supported by OADP through the AWS plugin for use as backup storage locations: 15 16 * MinIO .. 26 ==== 27 28: [id="oadp-s3-compatible-backup-storage-providers-unsupported"] 29 == Unsupported backup storage providers 30 .. 40 * Cloudian HyperStore 41 42: [id="oadp-s3-compatible-backup-storage-providers-known-limitations"] 43 == Backup storage providers with known limitations 44 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-scheduling-backups.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-scheduling-backups_{context}"] 7 = Scheduling backups 8 . 18 .Prerequisites 19 20: * You must install the OpenShift API for Data Protection (OADP) Operator. 21 * The `DataProtectionApplication` CR must be in a `Ready` state. 22 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-secrets-for-different-credentials.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc 5: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc 6: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc 7: // * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc 8 9 :_content-type: PROCEDURE 10: [id="oadp-secrets-for-different-credentials_{context}"] 11: ifdef::installing-oadp-aws[] 12 = Creating profiles for different credentials 13 .. 42 [source,yaml,subs="attributes+"] 43 ---- 44: apiVersion: oadp.openshift.io/v1alpha1 45 kind: DataProtectionApplication 46 metadata: .. 72 ---- 73 endif::[] 74: ifdef::installing-oadp-azure,installing-oadp-gcp,installing-oadp-ocs,installing-oadp-mcg[] 75 = Creating secrets for different credentials 76 .. 100 . Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example: 101 endif::[] 102: ifdef::installing-oadp-azure[] 103 + 104 [source,yaml,subs="attributes+"] 105 ---- 106: apiVersion: oadp.openshift.io/v1alpha1 107 kind: DataProtectionApplication 108 metadata: ... 137 <1> Backup location `Secret` with custom name. 138 endif::[] 139: ifdef::installing-oadp-gcp[] 140 + 141 [source,yaml,subs="attributes+"] 142 ---- 143: apiVersion: oadp.openshift.io/v1alpha1 144 kind: DataProtectionApplication 145 metadata: ... 168 <1> Backup location `Secret` with custom name. 169 endif::[] 170: ifdef::installing-oadp-mcg[] 171 + 172 [source,yaml,subs="attributes+"] 173 ---- 174: apiVersion: oadp.openshift.io/v1alpha1 175 kind: DataProtectionApplication 176 metadata: ... 198 <1> Backup location `Secret` with custom name. 199 endif::[] 200: ifdef::installing-oadp-ocs[] 201 + 202 [source,yaml,subs="attributes+"] 203 ---- 204: apiVersion: oadp.openshift.io/v1alpha1 205 kind: DataProtectionApplication 206 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-self-signed-certificate.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4 5 :_content-type: PROCEDURE 6: [id="oadp-self-signed-certificate_{context}"] 7 = Enabling self-signed CA certificates 8 . 11 .Prerequisites 12 13: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 14 15 .Procedure .. 19 [source,yaml] 20 ---- 21: apiVersion: oadp.openshift.io/v1beta1 22 kind: DataProtectionApplication 23 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-setting-resource-limits-and-requests.adoc: 1 // Module included in the following assemblies: 2 // 3: // * backup_and_restore/application_backup_and_restore/configuring-oadp.adoc 4: // * virt/backup_restore/virt-installing-configuring-oadp.adoc 5 6 :_content-type: PROCEDURE 7: [id="oadp-setting-resource-limits-and-requests_{context}"] 8 = Setting Velero CPU and memory resource allocations 9 .. 12 .Prerequisites 13 14: * You must have the OpenShift API for Data Protection (OADP) Operator installed. 15 16 .Procedure .. 20 [source,yaml] 21 ---- 22: apiVersion: oadp.openshift.io/v1beta1 23 kind: DataProtectionApplication 24 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-using-data-mover-for-csi-snapshots.adoc: 4 5 :_content-type: PROCEDURE 6: [id="oadp-using-data-mover-for-csi-snapshots_{context}"] 7 = Using Data Mover for CSI snapshots 8 9 :FeatureName: Data Mover for CSI snapshots 10 11: The OADP Data Mover enables customers to back up Container Storage Interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications, using CSI volume snapshots pulled from the object store if a failure, accidental deletion, or corruption of the cluster occurs. 12 13 The Data Mover solution uses the Restic option of VolSync. .. 15 Data Mover supports backup and restore of CSI volume snapshots only. 16 17: In OADP 1.2 Data Mover `VolumeSnapshotBackups` (VSBs) and `VolumeSnapshotRestores` (VSRs) are queued using the VolumeSnapshotMover (VSM). The VSM's performance is improved by specifying a concurrent number of VSBs and VSRs simultaneously `InProgress`. After all async plugin operations are complete, the backup is marked as complete. 18 19 20 [NOTE] 21 ==== 22: The OADP 1.1 Data Mover is a Technology Preview feature. 23 24: The OADP 1.2 Data Mover has significantly improved features and performances, but is still a Technology Preview feature. 25 ==== 26: :FeatureName: The OADP Data Mover 27 include::snippets/technology-preview.adoc[leveloffset=+1] 28 29 [NOTE] 30 ==== 31: Red Hat recommends that customers who use OADP 1.2 Data Mover in order to back up and restore ODF CephFS volumes, upgrade or install {product-title} version 4.12 or later for improved performance. OADP Data Mover can leverage CephFS shallow volumes in {product-title} version 4.12 or later, which based on our testing, can improve the performance of backup times. 32 33 * https://issues.redhat.com/browse/RHSTOR-4287[CephFS ROX details] .. 35 36 37: //For more information about OADP 1.2 with CephS [name of topic], see ___. 38 39 ==== .. 56 * You have included the label `{velero-domain}/csi-volumesnapshot-class: 'true'` in your `VolumeSnapshotClass` CR. 57 58: * You have verified that the `OADP namespace` has the annotation `oc annotate --overwrite namespace/openshift-adp volsync.backube/privileged-movers='true'`. 59 + 60 [NOTE] 61 ==== 62: In OADP 1.1 the above setting is mandatory. 63 64: In OADP 1.2 the `privileged-movers` setting is not required in most scenarios. The restoring container permissions should be adequate for the Volsync copy. In some user scenarios, there may be permission errors that the `privileged-mover`= `true` setting should resolve. 65 ==== 66 .. 69 [NOTE] 70 ==== 71: The VolSync Operator is required for using OADP Data Mover. 72 ==== 73 74: * You have installed the OADP operator by using OLM. 75 76 .Procedure .. 100 [source,yaml] 101 ---- 102: apiVersion: oadp.openshift.io/v1alpha1 103 kind: DataProtectionApplication 104 metadata: ... 152 153 ---- 154: <1> OADP 1.2 only. 155: <2> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for backup. The default value is 10. 156: <3> OADP 1.2 only. Optional: Specify the upper limit of the number of snapshots allowed to be queued for restore. The default value is 10. 157: <4> OADP 1.2 only. Optional: Specify the number of days, between running Restic pruning on the repository. The prune operation repacks the data to free space, but it can also generate significant I/O traffic as a part of the process. Setting this option allows a trade-off between storage consumption, from no longer referenced data, and access costs. 158: <5> OADP 1.2 only. Optional: Specify VolumeSync volume options for backup and restore. 159 160 + 161: The OADP Operator installs two custom resource definitions (CRDs), `VolumeSnapshotBackup` and `VolumeSnapshotRestore`. 162 + 163 .Example `VolumeSnapshotBackup` CRD 164 [source,yaml] 165 ---- 166: apiVersion: datamover.oadp.openshift.io/v1alpha1 167 kind: VolumeSnapshotBackup 168 metadata: ... 181 [source,yaml] 182 ---- 183: apiVersion: datamover.oadp.openshift.io/v1alpha1 184 kind: VolumeSnapshotRestore 185 metadata: /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/oadp-using-enable-api-group-versions.adoc: 5 6 :_content-type: PROCEDURE 7: [id="oadp-using-enable-api-group-versions_{context}"] 8 = Using Enable API Group Versions 9 .. 21 [source,yaml] 22 ---- 23: apiVersion: oadp.openshift.io/vialpha1 24 kind: DataProtectionApplication 25 ... /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/olm-deleting-operators-from-a-cluster-using-web-console.adoc: 2 // 3 // * operators/admin/olm-deleting-operators-from-a-cluster.adoc 4: // * backup_and_restore/application_backup_and_restore/installing/uninstalling-oadp.adoc 5 // * serverless/install/removing-openshift-serverless.adoc 6 // * virt/install/uninstalling-virt.adoc /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/rosa-sts-account-wide-roles-and-policies.adoc: 868 "s3:ListBucketMultipartUploads", 869 "s3:AbortMultipartUpload", 870: "s3:ListMultipartUploadParts" 871 ], 872 "Resource": "*" /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/velero-obtaining-by-downloading.adoc: 24 . Open a browser and navigate to link:https://{velero-domain}/docs/v{velero-version}/basic-install/#install-the-cli["Install the CLI" on the Velero website]. 25 . Follow the appropriate procedure for macOS, GitHub, or Windows. 26: . Download the Velero version appropriate for your version of OADP and {product-title} according to the table that follows: 27 + 28: .OADP-Velero-{product-title} version relationship 29 [cols="3", options="header"] 30 |=== 31: |OADP version |Velero version |{product-title} version 32 |1.0.0 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later 33 |1.0.1 |link:https://{velero-domain}/docs/v1.7/[1.7] |4.6 and later /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/modules/virt-about-cdi-operator.adoc: 19 |Manages the authorization to upload VM disks into PVCs by issuing secure upload tokens. 20 21: |`deployment/cdi-uploadproxy` 22 |Directs external disk upload traffic to the appropriate upload server pod so that it can be written to the correct PVC. Requires a valid upload token. 23 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/snippets/oadp-ceph-cr-prerequisites.adoc: 8 9 * A stateful application is running in a separate namespace with persistent volume claims (PVCs) using CephFS as the provisioner. 10: * The `StorageClass` and `VolumeSnapshotClass` custom resources (CRs) are defined for CephFS and OADP 1.2 Data Mover. 11 * There is a secret `cloud-credentials` in the `openshift-adp` namespace. 12 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/snippets/oadp-mtc-operator.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-aws.adoc 6: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-azure.adoc 7: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-gcp.adoc 8: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-mcg.adoc 9: // * .../backup_and_restore/backing_up_and_restoring/installing/installing-oadp-ocs.adoc 10 11 :_content-type: SNIPPET 12 [NOTE] 13 ==== 14: Starting from OADP 1.0.4, all OADP 1.0._z_ versions can only be used as a dependency of the MTC Operator and are not available as a standalone Operator. 15 ==== 16 /home/anarnold/Documents/SublimeMerge/openshift-docs/rosa_support/snippets/oadp-ocp-compat.adoc: 2 //This snippet appears in the following assemblies: 3 // 4: // * .../backup_and_restore/backing_up_and_restoring/installing/about-installing-oadp.adoc 5 // * .../backup_and_restore/index.adoc 6 . 8 [NOTE] 9 ==== 10: If you want to use CSI backup on OCP 4.11 and later, install OADP 1.1._x_. 11 12: OADP 1.0._x_ does not support CSI backup on OCP 4.11 and later. OADP 1.0._x_ includes Velero 1.7._x_ and expects the API group `snapshot.storage.k8s.io/v1beta1`, which is not present on OCP 4.11 and later. 13 ==== 14 6228 matches across 828 files