Open loheagn opened 2 years ago
Let's discuss a typical restore
scenario.
Assume that we have a configuration.yaml
like the following, and we use the default Terraform kubernetes backend (the state.json
will be sotred in the same cluster as the Configuration Object).
apiVersion: terraform.core.oam.dev/v1beta1
kind: Configuration
metadata:
name: alibaba-oss-bucket-hcl
spec:
hcl: |
resource "alicloud_oss_bucket" "bucket-acl" {
bucket = var.bucket
acl = var.acl
}
output "BUCKET_NAME" {
value = "${alicloud_oss_bucket.bucket-acl.bucket}.${alicloud_oss_bucket.bucket-acl.extranet_endpoint}"
}
variable "bucket" {
description = "OSS bucket name"
default = "vela-website"
type = string
}
variable "acl" {
description = "OSS bucket ACL, supported 'private', 'public-read', 'public-read-write'"
default = "private"
type = string
}
backend:
secretSuffix: oss
inClusterConfig: true
variable:
bucket: "vela-website-20211130-1900-51"
acl: "private"
writeConnectionSecretToRef:
name: oss-conn
namespace: default
After we apply the configuration.yaml
, the cloud resource (the oss bucket named vela-website-20211130-1900-51
) will be created, and we can check the status of the cofiguration:
$ kubectl get configuration.terraform.core.oam.dev
NAME STATE AGE
alibaba-oss-bucket-hcl Available 13s
Now, we can backup
the configuration alibaba-oss-bucket-hcl
and the terraform state to the local file system, and their filenames are configuration.back.yaml
and state.back.json
.
Next, we assume that the kubernetes cluster has a disaster and is no longer avaialbe. We need to restore the configuration to a new kuberentes and don't recreate the cloud resource (the oss bucket is this scenario).
First, we should rebuild the Terraform backend. we can read the Terraform state from the state.back.json
and write the data to a secret (whose name and namespace should be detectd by the configuration) in the new kubernetes cluster.
Second, we should restore the configuration object. We can just apply the configuration.back.yaml
.
@loheagn What are the exact procedures for restoring the state?
First, we should rebuild the Terraform backend. we can read the Terraform state from the state.back.json and write the data to a secret (whose name and namespace should be detectd by the configuration) in the new kubernetes cluster.
@loheagn What are the exact procedures for restoring the state?
First, we should rebuild the Terraform backend. we can read the Terraform state from the state.back.json and write the data to a secret (whose name and namespace should be detectd by the configuration) in the new kubernetes cluster.
Read the cofiguration.back.yaml
and get the meta (namespace and name) of the backend secret which should be created.
Read the state.back.json
and use the content (the Terraform state) to build the backend secret. The data
should have a key tfstate
and the value is the encoded Terraform state string.
@loheagn What are the exact procedures for restoring the state?
First, we should rebuild the Terraform backend. we can read the Terraform state from the state.back.json and write the data to a secret (whose name and namespace should be detectd by the configuration) in the new kubernetes cluster.
- Read the
cofiguration.back.yaml
and get the meta (namespace and name) of the backend secret which should be created.- Read the
state.back.json
and use the content (the Terraform state) to build the backend secret. Thedata
should have a keytfstate
and the value is the encoded Terraform state string.
Any executable commands for step 1 and 2. And how do you verify your restore is successful? Append any evidence for it please.
Hi, @zzxwill , I created a command tool to show how to resotre the state. You can review the code here.
You can just run go run main.go resotre -h
for help. And I will add examples and the README later.
@loheagn Please also take a look at this requirement.
And how do you verify your restore is successful? Append any evidence for it please.
We can build a command line tool to
backeup
andrestore
the Configuration Object and the Terraform state. The command line tool may have two subcommands:backup
andrestore
.The usage of the
backup
subcommand may like this:The
restore
subcommand can be used to restore the Configuration Object and it will also restore the Terraform state if the configuration uses the default Terraform kubernetes backend.When the
retore
subcommand works, it will accept a yaml file or dir. It fetches the configuration definations from the yaml file or the dir, and check if the configurations use the default kubernetes backend, if the configuration does, therestore
subcommand will read thestate.json
file and restore the bakcend secret before resotring the configuration objects.The usage of the
restore
subcommand may like this: