Skip to content

Managing peristent data backup with SnapshotSchedules

In Kubernetes, most of the persistent data storage resources are handled through PersistentVolumes (PV) and PersistentVolumeClaims (PVC). As a user, you only deal with PVCs and the system tries to deal with those requests to provide you with actual PVs.

Usually, PVCs leverage the automatic storage provisionning capabilities of StorageClasses. This topic is broadly covered in the persistent storage documentation.

The storage resources available on the WoK clusters comes with inherent data reliability and security: your data is safe from platform failures. However it is not safe from user errors, unless your application implements appropriate safeguards. When it is not possible to implement those features on the application level it may come in handy to set up scheduled snapshots of the PVs that store critical data.

This is the purpose of the SnapshotSchedules.

Default namespace configuration

When new projects are created, they come with default SnapshotSchedules.

You can list them in your project with the following command:

$ oc get snapshotschedules.snapscheduler.backube
NAME                                SCHEDULE          MAX AGE   MAX NUM   DISABLED   NEXT SNAPSHOT
cephfs-journalized-daily            0 0 * * 1-6       1440h     6         false      2024-04-27T00:00:00Z
cephfs-journalized-monthly          0 0 1 * *         12960h    12        false      2024-05-01T00:00:00Z
cephfs-journalized-threetimesaday   0 6,12,18 * * *   720h      21        false      2024-04-26T12:00:00Z
cephfs-journalized-weekly           0 0 * * 0         4320h     4         false      2024-04-28T00:00:00Z
rbd-journalized-daily               0 0 * * 1-6       1440h     6         false      2024-04-27T00:00:00Z
rbd-journalized-monthly             0 0 1 * *         12960h    12        false      2024-05-01T00:00:00Z
rbd-journalized-threetimesaday      0 6,12,18 * * *   720h      21        false      2024-04-26T12:00:00Z
rbd-journalized-weekly              0 0 * * 0         4320h     4         false      2024-04-28T00:00:00Z

If you've already worked with cronjobs before you might realise quickly that the schedule definition uses the classic crontab notation. Our default policies implement several backup strategies, identical for each available StorageClass (Ceph RBD and CephFS):

  • threetimesaday: Creates 3 snapshots of the PV, at 06:00, 12:00 and 18:00, every day for a week.
  • daily: Creates a daily snapshot of the targeted PV at 00:00, except on sundays, for a week.
  • weekly: Creates a weekly snapshot of the targeted PV at 00:00 on sundays, for a month.
  • monthly: Creates a monthly snapshot of the targeted PV at 00:00 on the first day of the month, for a year.
  • journalized: Aggregates all the strategies above.

Danger

All times are UTC/Zulu times.

The recommanded procedure is to use the journalized strategy on PVs that store important data so that snapshots will allow to reach up to one year back in time with decreasing snapshot frequency over the year, for a total of 42 snapshots per PV.

Help

In the event where such SnapshotSchedules are not available in your project, please reach our support team.

Managing snapshots schedules

When snapshotschedules are properly defined in a project, you can set specific labels on a PVC in order to enable the snapshots scheduling for this volume:

  • wok.in2p3.fr/backup-snapshotPolicy
  • wok.in2p3.fr/backup-snapshotClass

The following table describe the possible values of these two labels:

Label Possible Values Meaning
wok.in2p3.fr/backup-snapshotPolicy threetimesaday daily weekly monthly journalized Enable the respective policy
wok.in2p3.fr/backup-snapshotClass csi-cephfs-sc csi-rbd-sc Specify the appropriate snapshot class, corresponding to the underlying StorageClass

Display the current status with the following command:

$ oc get pvc --label-columns wok.in2p3.fr/backup-snapshotPolicy,wok.in2p3.fr/backup-snapshotClass
NAME         STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE     BACKUP-SNAPSHOTPOLICY   BACKUP-SNAPSHOTCLASS
web-volume   Bound    pvc-3ff797a5-6235-4a64-a387-c3e177a9e006   10Gi       RWX            csi-cephfs-sc   3d21h

You can enable the snapshots schedule on a PVC as such:

$ oc label pvc/web-volume wok.in2p3.fr/backup-snapshotPolicy="journalized" wok.in2p3.fr/backup-snapshotClass="csi-cephfs-sc"
persistentvolumeclaim/web-volume labeled

Then check the results:

$ oc get pvc --label-columns wok.in2p3.fr/backup-snapshotPolicy,wok.in2p3.fr/backup-snapshotClass
NAME         STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE     BACKUP-SNAPSHOTPOLICY   BACKUP-SNAPSHOTCLASS
web-volume   Bound    pvc-3ff797a5-6235-4a64-a387-c3e177a9e006   10Gi       RWX            csi-cephfs-sc   3d21h   journalized             csi-cephfs-sc