Skip to content

You are viewing documentation for Immuta version 2021.4.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

cancel

Creating Azure File Storage Backup Volumes

Audience: System Administrators

Content Summary: This page details how to create Azure file storage backup volumes.

If using a Kubernetes namespace...

If deploying Immuta into a Kubernetes namespace other than the default, you must include the --namespace option into all helm and kubectl commands provided throughout this section.

Setup Azure File Storage Account

It is strongly advised to create an Azure Storage Account for Immuta Query Engine and Metadata Database backups.

  1. First create environment variables that will hold the Azure resource group and the location under which the Storage Account should be created.

    export AZ_SA_RESOURCE_GROUP=<resource group>  # e.g., "immuta"
export AZ_SA_LOCATION=<resource location>     # e.g., "eastus"

  2. To create a Storage Account in your resource group for Immuta backups, run

    az storage account create \
--name immutabackupstorage \
--resource-group ${AZ_SA_RESOURCE_GROUP} \
--kind StorageV2 \
--encryption-services file \
--sku Standard_LRS \
--location ${AZ_SA_LOCATION}

  3. After creating the Storage Account, you will need to switch to working in its context. To do so, first retrieve an account key and set it as an environment variable:

    az storage account keys list \
--resource-group ${AZ_SA_RESOURCE_GROUP} \
--account-name immutabackupstorage

  4. The following command will return a set of keys. Set one of these keys and the name of the new Storage Account in an environment variable.

    export AZURE_STORAGE_ACCESS_KEY=<value of one of the keys returned previously>
export AZURE_STORAGE_ACCOUNT=immutabackupstorage

  5. Finally, you will need to create Storage Shares for the Immuta backups:

    az storage share create --name immuta --quota 1000

Create Persistent Volume Secret

You will need to supply a secret to the backup persistent volumes so that they can access your Storage Account. You can create this secret by running the following command:

kubectl create secret generic immuta-backup-secret \
  --from-literal=azurestorageaccountname=${AZURE_STORAGE_ACCOUNT} \
  --from-literal=azurestorageaccountkey=${AZURE_STORAGE_ACCESS_KEY}

Create Persistent Volume Claims

  1. You will need to create two total resources with kubectl here. This can all be configured in a yaml file called immuta-backup-pvcs.yaml:

    ---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: immuta-backups
  namespace: immuta
  labels:
    app: immuta
    target: immuta-backup
spec:
  capacity:
    storage: 1Ti
  accessModes:
    - ReadWriteMany
  storageClassName: ''
  persistentVolumeReclaimPolicy: Retain
  azureFile:
    secretName: immuta-backup-secret
    shareName: immuta
    readOnly: false
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: immuta-backups
  namespace: immuta
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: ''
  resources:
    requests:
      storage: 1Ti
  selector:
    matchLabels:
      app: immuta
      target: immuta-backup

  2. Now run kubectl to create the resources:

    kubectl create -f immuta-backup-pvcs.yaml

Modify Backups Configuration in Values File

In order to enable database backups and point them to your newly created Storage Account, you need the backup section in your values.yaml file to read the following:

backup:
  enabled: true
  volume:
    claimName: immuta-backups
  restore:
    enabled: true

Immuta will now begin backing up to your Storage Account after you run helm update.