From 129271bccb1bb885531e9cdfa88813498ecbd348 Mon Sep 17 00:00:00 2001 From: Shane Lovern Date: Fri, 31 Jan 2025 16:57:02 +0000 Subject: [PATCH] TELCODOCS-1975 - ZTP Configuring the hub cluster for backup and restore --- .../ztp-preparing-the-hub-cluster.adoc | 11 ++ ...he-hub-cluster-for-backup-and-restore.adoc | 177 ++++++++++++++++++ 2 files changed, 188 insertions(+) create mode 100644 modules/ztp-configuring-the-hub-cluster-for-backup-and-restore.adoc diff --git a/edge_computing/ztp-preparing-the-hub-cluster.adoc b/edge_computing/ztp-preparing-the-hub-cluster.adoc index 7a93e3f191..6d757bce67 100644 --- a/edge_computing/ztp-preparing-the-hub-cluster.adoc +++ b/edge_computing/ztp-preparing-the-hub-cluster.adoc @@ -62,3 +62,14 @@ include::snippets/pgt-deprecation-notice.adoc[] * xref:../edge_computing/policygenerator_for_ztp/ztp-configuring-managed-clusters-policygenerator.adoc#ztp-comparing-pgt-and-rhacm-pg-patching-strategies_ztp-configuring-managed-clusters-policygenerator[Comparing {rh-rhacm} PolicyGenerator and PolicyGenTemplate resource patching] include::modules/ztp-preparing-the-ztp-git-repository-ver-ind.adoc[leveloffset=+1] + +include::modules/ztp-configuring-the-hub-cluster-for-backup-and-restore.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/latest/html/business_continuity/business-cont-overview#managed-cluster-activation-data[Restoring managed cluster activation data] + +* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/latest/html/business_continuity/business-cont-overview#active-passive-config[Active-passive configuration] + +* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/latest/html/business_continuity/business-cont-overview#restore-activation-resources[Restoring activation resources] diff --git a/modules/ztp-configuring-the-hub-cluster-for-backup-and-restore.adoc b/modules/ztp-configuring-the-hub-cluster-for-backup-and-restore.adoc new file mode 100644 index 0000000000..8a89a5da96 --- /dev/null +++ b/modules/ztp-configuring-the-hub-cluster-for-backup-and-restore.adoc @@ -0,0 +1,177 @@ +// Module included in the following assemblies: +// +// * scalability_and_performance/ztp_far_edge/ztp-preparing-the-hub-cluster.adoc + +:_mod-docs-content-type: PROCEDURE +[id="ztp-configuring-the-hub-cluster-for-backup-and-restore_{context}"] += Configuring the hub cluster for backup and restore + +You can use {ztp} to configure a set of policies to backup `BareMetalHost` resources. +This allows you to recover data from a failed hub cluster and deploy a replacement cluster using {rh-rhacm-first}. + +.Prerequisites + +* You have installed the OpenShift CLI (`oc`). + +* You have logged in as a user with `cluster-admin` privileges. + +.Procedure + +. Create a policy to add the `cluster.open-cluster-management.io/backup=cluster-activation` label to all `BareMetalHost` resources that have the `infraenvs.agent-install.openshift.io` label. +Save the policy as `BareMetalHostBackupPolicy.yaml`. ++ +The following example adds the `cluster.open-cluster-management.io/backup` label to all `BareMetalHost` resources that have the `infraenvs.agent-install.openshift.io` label: ++ +.Example Policy +[source,yaml] +---- +apiVersion: policy.open-cluster-management.io/v1 +kind: Policy +metadata: + name: bmh-cluster-activation-label + annotations: + policy.open-cluster-management.io/description: Policy used to add the cluster.open-cluster-management.io/backup=cluster-activation label to all BareMetalHost resources +spec: + disabled: false + policy-templates: + - objectDefinition: + apiVersion: policy.open-cluster-management.io/v1 + kind: ConfigurationPolicy + metadata: + name: set-bmh-backup-label + spec: + object-templates-raw: | + {{- /* Set cluster-activation label on all BMH resources */ -}} + {{- $infra_label := "infraenvs.agent-install.openshift.io" }} + {{- range $bmh := (lookup "metal3.io/v1alpha1" "BareMetalHost" "" "" $infra_label).items }} + - complianceType: musthave + objectDefinition: + kind: BareMetalHost + apiVersion: metal3.io/v1alpha1 + metadata: + name: {{ $bmh.metadata.name }} + namespace: {{ $bmh.metadata.namespace }} + labels: + cluster.open-cluster-management.io/backup: cluster-activation <1> + {{- end }} + remediationAction: enforce + severity: high +--- +apiVersion: cluster.open-cluster-management.io/v1beta1 +kind: Placement +metadata: + name: bmh-cluster-activation-label-pr +spec: + predicates: + - requiredClusterSelector: + labelSelector: + matchExpressions: + - key: name + operator: In + values: + - local-cluster +--- +apiVersion: policy.open-cluster-management.io/v1 +kind: PlacementBinding +metadata: + name: bmh-cluster-activation-label-binding +placementRef: + name: bmh-cluster-activation-label-pr + apiGroup: cluster.open-cluster-management.io + kind: Placement +subjects: + - name: bmh-cluster-activation-label + apiGroup: policy.open-cluster-management.io + kind: Policy +--- +apiVersion: cluster.open-cluster-management.io/v1beta2 +kind: ManagedClusterSetBinding +metadata: + name: default + namespace: default +spec: + clusterSet: default +---- +<1> If you apply the `cluster.open-cluster-management.io/backup: cluster-activation` label to `BareMetalHost` resources, the {rh-rhacm} cluster backs up those resources. +You can restore the `BareMetalHost` resources if the active cluster becomes unavailable, when restoring the hub activation resources. + +. Apply the policy by running the following command: ++ +[source,terminal] +---- +$ oc apply -f BareMetalHostBackupPolicy.yaml +---- + +.Verification + +. Find all `BareMetalHost` resources with the label `infraenvs.agent-install.openshift.io` by running the following command: ++ +[source,terminal] +---- +$ oc get BareMetalHost -A -l infraenvs.agent-install.openshift.io +---- ++ +.Example output +[source,yaml] +---- +NAMESPACE NAME STATE CONSUMER ONLINE ERROR AGE +baremetal-ns baremetal-name false 50s +---- + +. Verify that the policy has applied the label `cluster.open-cluster-management.io/backup=cluster-activation` to all these resources, by runing the following command: ++ +[source,terminal] +---- +$ oc get BareMetalHost -A -l infraenvs.agent-install.openshift.io,cluster.open-cluster-management.io/backup=cluster-activation +---- ++ +.Example output +[source,yaml] +---- +NAMESPACE NAME STATE CONSUMER ONLINE ERROR AGE +baremetal-ns baremetal-name false 50s +---- ++ +The output must show the same list as in the previous step, which listed all `BareMetalHost` resources with the label `infraenvs.agent-install.openshift.io`. +This confirms that that all the `BareMetalHost` resources with the `infraenvs.agent-install.openshift.io` label also have the `cluster.open-cluster-management.io/backup: cluster-activation` label. ++ +The following example shows a `BareMetalHost` resource with the `infraenvs.agent-install.openshift.io` label. +The resource must also have the `cluster.open-cluster-management.io/backup: cluster-activation` label, which was added by the policy created in step 1. ++ +[source,yaml] +---- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: + cluster.open-cluster-management.io/backup: cluster-activation + infraenvs.agent-install.openshift.io: value + name: baremetal-name + namespace: baremetal-ns +---- + +You can now use {rh-rhacm-title} to restore a managed cluster. + +[IMPORTANT] +==== +When you restore `BareMetalHosts` resources as part of restoring the cluster activation data, you must restore the `BareMetalHosts` status. +The following {rh-rhacm} `Restore` resource example restores activation resources, including `BareMetalHosts`, and also restores the status for the `BareMetalHosts` resources: +[source,yaml] +---- + apiVersion: cluster.open-cluster-management.io/v1beta1 +kind: Restore +metadata: + name: restore-acm-bmh + namespace: open-cluster-management-backup +spec: + cleanupBeforeRestore: CleanupRestored + veleroManagedClustersBackupName: latest <1> + veleroCredentialsBackupName: latest + veleroResourcesBackupName: latest + restoreStatus: + includedResources: + - BareMetalHosts<2> +---- +==== +<1> Set `veleroManagedClustersBackupName: latest` to restore activation resources. +<2> Restores the status for `BareMetalHosts` resources. \ No newline at end of file