search

rancher / backup-restore-operator

Apache License 2.0
94 stars 62 forks source link

Rancher restore fails with FleetWorkspaces #482

Open Daemonslayer2048 opened 3 weeks ago

Daemonslayer2048 commented 3 weeks ago

Rancher Server Setup

Describe the bug When using FleetWorkspaces in Rancher this will create a new namespace for said workspace. Due to this if a user attempts to restore on a new cluster the restore process will fail as it will not create said namespace.

To Reproduce Steps to reproduce the behavior:

  1. Create a fresh cluster
  2. Create FleetWorkspaces (See additional context below)
  3. Install backup operator and take a backup
  4. Delete cluster
  5. Restore Rancher on totally new cluster
  6. Observe restore failure

Expected behavior I would expect one of two things to happen:

  1. Rancher restore should create the namespace as needed to allow the FleetWorkspace to be repopulated
  2. Rancher restore will skip creating FleetWorkspaces as to not prevent the restore from completing Option one is preferable but two will at leas prevent end users from getting stuck.

Screenshots Not needed

Additional context Sample Fleet config

---
apiVersion: management.cattle.io/v3
kind: FleetWorkspace
metadata:
  name: enterprise

---
apiVersion: management.cattle.io/v3
kind: FleetWorkspace
metadata:
  name: edge

---
apiVersion: fleet.cattle.io/v1alpha1
kind: ClusterGroup
metadata:
  name: infra
  namespace: enterprise
spec:
  selector:
    matchExpressions: []
    matchLabels:
      infra: "true"
---
apiVersion: fleet.cattle.io/v1alpha1
kind: ClusterGroup
metadata:
  name: apps
  namespace: edge
spec:
  selector:
    matchExpressions: []
    matchLabels:
      apps: "true"
ericpromislow commented 2 weeks ago

Is this a dup of the other recent failure to save fleet secrets?

Daemonslayer2048 commented 2 weeks ago

Do you happen to know what issue number that would be?

ericpromislow commented 1 week ago

https://github.com/rancher/rancher/issues/44033

dsmithbauer commented 1 week ago

@ericpromislow I do not believe so. This ticket specifically addresses the problem where restoring a Rancher backup from the Backup Operator fails if additional Fleet workspaces are used (besides fleet-default) because the Fleet workspace namespaces are not recreated/stored in the backup. However, in the ticket you mention, we may want to also consider backing up secrets in any Fleet namespace (not just fleet-default). Otherwise, using the Rancher Backup Operator to restore a Rancher MCM cluster backup where Fleet is utilized to deploy services to downstream clusters does not work well and will fail without manual intervention (will not create Fleet workspaces and secrets).