5.11.3 Disaster Recovery Using Velero

This section describes disaster recovery using Velero.

Prepare for the following in production environment and disaster recovery environment. Before enabling this feature in a production environment, and before restoring using this feature in a disaster recovery environment, you must prepare the following:

Installing VeleroCLI
Installing Velero
Installing FEPOperator
StorageClass, namespace, CRD, and other resources needed to build the system

If you plan to use a static PV with FEPCluster, prepare the PV before restoring to a disaster recovery environment. If you use a storage class or certificate that is different from the production environment, provide a storage class or certificate with the same name as the production environment in your disaster recovery environment. However, if the object storage certificate or secret where the database backup data is stored differs between the production environment and the disaster response environment, set a different name. For more information, refer to "FEPCluster Parameters" in the Reference.

This feature only supports x86.

Provides step-by-step instructions on how to enable this feature to perform disaster recovery from a production environment to a disaster recovery environment. It also describes how to perform disaster recovery again from a disaster recovery environment to a production environment.

FEPCluster and FEPPool2 LOG volumes cannot be restored. Before using this feature, be sure to test and validate in both production and disaster recovery environments.

To use this feature, in addition to the normal configuration of FEPCluster custom resources in your production environment, configure the following to deploy on Kubernetes. For more information, refer to "FEPCluster Parameters" in the Reference.

fep.velero.enable
fep.velero.labels
fep.velero.backup
fep.velero.restore
fepChildCrVal.backup

Example) FEPCluster Custom Resource Definition Example

spec:
  fep:
    velero:
      enable: true
      labels: 
        backup-dev: my-backup1
        backup-dep: my-backup2
      backup:
        pgbackrestParams: |
          [global]
           repo1-retention-full=5
           repo1-retention-full-type=count
           repo2-retention-full=5
           repo2-retention-full-type=count
           log-path=/database/log/backup
           log-level-file=debug
           repo2-path=/ velero-backup/ velero-backup-for-dr2
           repo2-s3-bucket=my-s3-backet
           repo2-s3-endpoint=s3.ap-northeast-1.amazonaws.com
           repo2-s3-region=ap-northeast-1
           repo2-type=s3
         pgbackrestKeyParams: |
           repo2-s3-key=XXXXXXXXXX
           repo2-s3-key-secret=YYYYYYYYYY
         caName: DR-objectstorage-cert
         repoKeySecretName: XXX

resotre:
         image:
           image: "XXX-amd64"
           pullPolicy: IfNotPresent
         mcSpec:
           limit:
             cpu: 200m
             memory: 300Mi
           request:
             cpu: 100m
             memory: 200Mi
         restoreTargetRepo: 2
  fepChildCrVal:
      backup:
        pgbackrestParams: |
        [global]
         repo1-retention-full=5
         repo1-retention-full-type=count
         repo2-retention-full=5
         repo2-retention-full-type=count
         log-path=/database/log/backup
         log-level-file=debug
         repo2-path=/ velero-backup/ velero-backup-for-dr1
         repo2-s3-bucket=my-s3-backet
         repo2-s3-endpoint=s3.ap-northeast-1.amazonaws.com
         repo2-s3-region=ap-northeast-1
         repo2-type=s3
       pgbackrestKeyParams: |
         repo2-s3-key=XXXXXXXXXX
         repo2-s3-key-secret=YYYYYYYYYY 
       caName: objectstorage-cert
       repoKeySecretName: ZZZ

       schedule:
         num: 1
         schedule1:
           schedule: "0-59/3 * * * *" #schedule1.schedule
         type: "full" #schedule1.type
         repo: 2

After building FEPCluster in this environment or modifying FEPCluster custom resources, use the following command to back up the resources on kubernetes, including FEPCluster custom resources, to object storage.

Example)

velero backup create ＜Bavkup name＞ --selector <Backup target label>

This feature supports only Velero backup commands that specify the labels described in fep.velero.labels for FEPCluster custom resources and back up only those resources to which the labels are attached. Other commands may back up and restore unnecessary resources, resulting in build and data recovery failures. When specifying labels, do not specify the following keys to avoid confusion with existing labels.

app
control-plane
name
pod-template-hash
vendor
app.kubernetes.io/component
app.kubernetes.io/instance
app.kubernetes.io/managed-by
app.kubernetes.io/name
app.kubernetes.io/part-of
control-plane
controller-revision-hash
fepclustername
feprole
statefulset.kubernetes.io/pod-name
controller-uid
job-name
pod-template-hash
release

This feature labels the following resources:

FEPCluster Custom Resources
Secrets required to build FEPCluster

When backing up the following resources using Velero, assign the labels specified in spec.fep.velero.labels (If spec.fep.velero.labels is omitted, the default backup-group: fep-backup) to the ConfigMap and Secret specified for the various custom and custom resources.

FEPPgpool2
FEPExporter
FEPLogging

You can also back up manually created resources (Application system, ConfigMap, Secret, etc.) by assigning them the labels specified in spec.fep.velero.labels (If spec.fep.velero.labels is omitted, the default backup-group: fep-backu) and making them eligible for Velero backups.

For more information about using the Velero command, refer to the official documentation.

Note

Each time you modify a custom resource, such as FEPCluster, a Velero backup is required. The database is brought up to date with object storage. If a custom resource is in a pre-change state, it may be inconsistent with the database, causing data loss, performance degradation, security, and other issues.

Perform regular database backups.

If business cannot continue in a production environment due to a disaster, use the following command to restore the resources on kubernetes, including the FEPClueter custom resources stored in object storage. The database data is restored to the latest archived WAL state stored in object storage.

Example)

velero restore create ＜Reatore name＞ --from-backup ＜Backup name＞

For more information about using the Velero command, refer to the official documentation.

When restoring from a disaster recovery environment to a production environment again using Velero, the FEPCluster custom resources deployed in the disaster recovery environment must be modified. The FEPClsuter custom resource after disaster recovery, fep.velero.backup, fep.velero.restore, defines pre-disaster recovery information. Update the information to the object storage used in the production environment. Then back up with Velero in a disaster recovery environment and restore with Velero in a production environment.

5.11.3 Disaster Recovery Using Velero

5.11.3.1 Disaster Recovery Prerequisites

5.11.3.2 Performing Disaster Recovery

5.11.3.2.1 Configuring FEPCluster Custom Resources

5.11.3.2.2 Velero Backup

5.11.3.2.3 Database Backup

5.11.3.2.4 Velero Restore

5.11.3.2.5 Return from Disaster Recovery Environment to Production Environment