Backup and Disaster Recovery
VSHN Managed OpenShift doesn’t provide automatic application backup and recovery. In disaster recovery cases [1], VSHN will spin up a new OpenShift cluster.
Backups
Applications
|
Application backup — including application data — is the customer’s responsibility. VSHN Managed OpenShift provides a K8up instance which can be used to orchestrate scheduled backups of application data stored on Kubernetes persistent volumes. |
Due to the application-agnostic nature of VSHN Managed OpenShift, and the complex nature of software, VSHN Managed OpenShift is currently unable to offer a generic solution for full application backup. Therefore, backing up applications is the responsibility of the customer or application operator.
VSHN Managed OpenShift provides a K8up instance which can be used to orchestrate scheduled backups of application data stored on Kubernetes persistent volumes.
Additionally, on a case by case basis, VSHN can assist the customer or application operator by restoring individual application Kubernetes manifests from the cluster-wide Kubernetes manifest backup.
Kubernetes manifests
A backup containing a dump of all Kubernetes resources in JSON format is made every hour. This allows single objects to be restored on request. The backup data is encrypted before it is stored in an object storage backend, usually in a different zone on the same cloud as the cluster is running.
Additionally, a full backup of the etcd database is made every 24 hours.
This backup is also encrypted and stored in the same object storage backend as the hourly dump of all Kubernetes resources.
|
Unfortunately, restoring an OpenShift |
Metrics and logs
VSHN doesn’t backup metrics or logs (including audit logs) which are collected by the OpenShift monitoring and logging stacks. Metrics are stored on block storage volumes and logs are stored in object storage. By default, the logs will be stored in the object storage backend associated with the cloud provider zone where the cluster is running.
Generally, metrics and logs will only be lost if there’s a full zone loss at the cloud provider.
| Please reach out if you have specific requirements for metrics or logs which are durable in the face of a complete cloud provider zone loss. |
OpenShift image registry
|
The OpenShift image registry backup is currently in development. Please reach out if you’re interested in being an early adopter of this backup. |
VSHN Managed OpenShift offers the option to enable backups of the OpenShift integrated image registry. If you’re actively using (or plan to actively use) the integrated OpenShift image registry as the primary storage for your applications' container images, please reach out to ensure that the integrated image registry backup is enabled for your clusters.
Disaster recovery
|
VSHN Managed OpenShift disaster recovery doesn’t include applications. |
Unfortunately, an OpenShift etcd backup isn’t suitable for disaster recovery, since restoring such a backup requires that at least one control plane node of the backed up cluster still exists and is accessible.
Therefore, VSHN will spin up a new OpenShift cluster in disaster recovery cases [1].
VSHN will re-apply the cluster-level infrastructure configurations of the failed cluster to the new cluster.
| There are no stability guarantee for public-facing IPs of a recovered OpenShift cluster. |
In disaster recovery cases, VSHN can assist the customer or application provider by extracting individual manifests from the failed cluster’s Kubernetes manifests backup.