Importing Backups from an Existing Immuta Instance
Audience: System Administrators
Content Summary: You can import backups from your existing Immuta instance into Kubernetes. Deployment types that can be imported include Kubernetes, Single Node Docker, and RPM. This page outlines how to import backups from an Immuta instance into Kubernetes.
If using a Kubernetes namespace...
If deploying Immuta into a Kubernetes namespace other than the default, you must include the
--namespace
option into all helm
and kubectl
commands provided throughout this section.
Backing up your Existing Instance
Backup the database roles for your existing Immuta instance separately. If you have a combined database instance both of these commands will be run from that database instance.
-
Backup the Immuta role:
backup-immuta.sh \ -r immuta \ -d /var/lib/pgsql/11/backups \ -f immuta-00000000000000.tar.gz
-
Backup the Metadata role:
backup-immuta.sh \ -r bometadata \ -d /var/lib/pgsql/11/backups \ -f metadata-00000000000000.tar.gz
-
Copy these output files from the existing instance to a location that has
kubectl
access to the new cluster. The remainder of this guide will assume that it is being run from a directory containing these two backup files.
Create PersistentVolumeClaims
Create two PersistentVolumeClaims using the aws-efs
storage class. One
claim will be used by the immuta
database role, the other for the
metadata
database role.
-
Create a file,
immuta-backup-pvc.yaml
, with the following contents.apiVersion: v1 kind: PersistentVolumeClaim metadata: name: immuta-backups labels: app: immuta volume-use: backup spec: accessModes: - ReadWriteMany storageClassName: aws-efs resources: requests: storage: 100Gi
-
Create the PersistentVolumeClaims by running the following command:
kubectl create -f immuta-backup-pvc.yaml
-
Verify that both claims are successfully bound:
kubectl get persistentvolumeclaims -l app=immuta,volume-use=backup
Both volume claims should be present and report status "Bound".
Populating PersistentVolumeClaims with Backups
The easiest way to populate existing backups into the PersistentVolumeClaims is
to create a temporary deployment that mounts the PersistentVolumeClaims, and
copy the backups in using kubectl cp
.
-
Create a file,
immuta-backup-importer-deployment.yaml
, with the following contents.apiVersion: apps/v1 kind: Deployment metadata: name: immuta-backup-importer labels: app: immuta component: backup-importer spec: replicas: 1 selector: matchLabels: app: immuta component: backup-importer template: metadata: labels: app: immuta component: backup-importer spec: containers: - name: importer image: registry.immuta.com/immuta/immuta-service:2.8.3 tty: true stdin: true command: ["/bin/bash"] volumeMounts: - mountPath: "/var/run/immuta/backup/database" name: immuta-backup subPath: database - mountPath: "/var/run/immuta/backup/query-engine" name: immuta-backup subPath: query-engine volumes: - name: immuta-backup persistentVolumeClaim: claimName: immuta-backups imagePullSecrets: - name: immuta-registry
-
Create the Deployment by running
kubectl create -f immuta-backup-importer-deployment.yaml
Once the immuta-backup-importer
Pod has successfully started running, you
can copy the backups into the appropriate locations.
-
First, get the pod name, and save it into a variable. Next copy the backups you took above into the volume paths specified in the Deployment.
backup_importer_pod_name=$(kubectl get pod \ -l app=immuta,component=backup-importer \ -o go-template='{{(index .items 0).metadata.name}}') kubectl cp \ immuta-00000000000000.tar.gz \ ${backup_importer_pod_name}:/var/run/immuta/backup/query-engine/ kubectl cp \ metadata-00000000000000.tar.gz \ ${backup_importer_pod_name}:/var/run/immuta/backup/database/immuta-00000000000000.tar.gz
Once this has completed successfully, you can safely delete the deployment. The PersistentVolumeClaims will be re-used for the Immuta deployment.
kubectl delete -f immuta-backup-importer-deployment.yaml
Importing Backups from AWS and Azure
For importing backups from bucket or blob storage, refer to the backup sections of the below documentation for more information.