Creating Azure File Storage Backup Volumes
Audience: System Administrators
Content Summary: This page details how to create Azure file storage backup volumes.
If using a Kubernetes namespace...
If deploying Immuta into a Kubernetes namespace other than the default, you must include the
--namespace
option into all helm
and kubectl
commands provided throughout this section.
Setup Azure File Storage Account
It is strongly advised to create an Azure Storage Account for Immuta Query Engine and Metadata Database backups.
-
First create environment variables that will hold the Azure resource group and the location under which the Storage Account should be created.
export AZ_SA_RESOURCE_GROUP=<resource group> # e.g., "immuta" export AZ_SA_LOCATION=<resource location> # e.g., "eastus"
-
To create a Storage Account in your resource group for Immuta backups, run
az storage account create \ --name immutabackupstorage \ --resource-group ${AZ_SA_RESOURCE_GROUP} \ --kind StorageV2 \ --encryption-services file \ --sku Standard_LRS \ --location ${AZ_SA_LOCATION}
-
After creating the Storage Account, you will need to switch to working in its context. To do so, first retrieve an account key and set it as an environment variable:
az storage account keys list \ --resource-group ${AZ_SA_RESOURCE_GROUP} \ --account-name immutabackupstorage
-
The following command will return a set of keys. Set one of these keys and the name of the new Storage Account in an environment variable.
export AZURE_STORAGE_ACCESS_KEY=<value of one of the keys returned previously> export AZURE_STORAGE_ACCOUNT=immutabackupstorage
-
Finally, you will need to create Storage Shares for the Immuta backups:
az storage share create --name immuta --quota 1000
Create Persistent Volume Secret
You will need to supply a secret to the backup persistent volumes so that they can access your Storage Account. You can create this secret by running the following command:
kubectl create secret generic immuta-backup-secret \
--from-literal=azurestorageaccountname=${AZURE_STORAGE_ACCOUNT} \
--from-literal=azurestorageaccountkey=${AZURE_STORAGE_ACCESS_KEY}
Create Persistent Volume Claims
-
You will need to create two total resources with
kubectl
here. This can all be configured in a yaml file calledimmuta-backup-pvcs.yaml
:--- apiVersion: v1 kind: PersistentVolume metadata: name: immuta-backups namespace: immuta labels: app: immuta target: immuta-backup spec: capacity: storage: 1Ti accessModes: - ReadWriteMany storageClassName: '' persistentVolumeReclaimPolicy: Retain azureFile: secretName: immuta-backup-secret shareName: immuta readOnly: false --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: immuta-backups namespace: immuta spec: accessModes: - ReadWriteMany storageClassName: '' resources: requests: storage: 1Ti selector: matchLabels: app: immuta target: immuta-backup
-
Now run
kubectl
to create the resources:kubectl create -f immuta-backup-pvcs.yaml
Modify Backups Configuration in Values File
In order to enable database backups and point them to your newly created Storage Account,
you need the backup
section in your values.yaml
file to read the following:
backup:
enabled: true
volume:
claimName: immuta-backups
restore:
enabled: true
Immuta will now begin backing up to your Storage Account after you run helm update
.