Skip to content

Commit

Permalink
Merge pull request #4203 from EnterpriseDB/Tech-Partner-Veeam-Kasten-…
Browse files Browse the repository at this point in the history
…Guide

Tech Partner Veeam Kasten Guide
  • Loading branch information
drothery-edb authored Sep 8, 2023
2 parents 3ee32d8 + 81c0b89 commit 6026ebb
Show file tree
Hide file tree
Showing 14 changed files with 415 additions and 0 deletions.
12 changes: 12 additions & 0 deletions advocacy_docs/partner_docs/KastenbyVeeam/02-PartnerInformation.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
title: 'Partner Information'
description: 'Details of the Partner'

---
|   |   |
| ----------- | ----------- |
| **Partner Name** | Kasten by Veeam |
| **Web Site** | https://www.kasten.io/ |
| **Partner Product** | Kasten K10 |
| **Version** | Kasten 6.0 |
| **Product Description** | Kasten K10 is a Cloud Native data management platform for Day 2 operations. Purpose built for Kubernetes, Kasten backups and restores your applications, handles disaster recovery and manages application migration. Kasten can be implemented with EDB Postgres for Kubernetes to create fast backups and restores. |
10 changes: 10 additions & 0 deletions advocacy_docs/partner_docs/KastenbyVeeam/03-SolutionSummary.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
title: 'Solution Summary'
description: 'Explanation of the solution and its purpose'
---

Kasten by Veeam is a data management platform built for Kubernetes that can provide enterprise operations teams with an easy-to-use and secure system for backup and restore of Kubernetes applications. Kasten can be used in conjunction with EDB Postgres for Kubernetes and the EDB external backup adapter to successfully backup and restore data.

The EDB Postgres for Kubernetes [external backup adapter](https://www.enterprisedb.com/docs/postgres_for_kubernetes/latest/addons/#external-backup-adapter) allows for a third party tool, such as Kasten by Veeam, to discover an API that is needed in order to create a successful backup.

![Kasten K10 Architecture](Images/KastenSolutionSummaryImagenew.png)
273 changes: 273 additions & 0 deletions advocacy_docs/partner_docs/KastenbyVeeam/04-ConfiguringVeeamKasten.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,273 @@
---
title: 'Configuration'
description: 'Walkthrough on configuring the integration'
---

Implementing EDB Postgres for Kubernetes with Kasten by Veeam requires the following components:

- [EDB Postgres for Kubernetes](https://www.enterprisedb.com/docs/postgres_for_kubernetes/latest/)
- [EDB Postgres for Kubernetes external backup adapter](https://www.enterprisedb.com/docs/postgres_for_kubernetes/latest/addons/#external-backup-adapter)
- [Kasten K10](https://docs.kasten.io/latest/index.html)

## Prerequisites

- EDB Postgres for Kubernetes configured and running
- EDB Postgres for Kubernetes external backup adapter configured per your system requirements
- Kasten K10 installed on your system

!!! Note
For this integration, use the **example.yaml** files provided in each section for the appropriate Kasten configuration pieces, and change any environment variables per your specific needs.

The **Add the Backup Decorator Annotations to the Cluster** section is the important section for the Kasten addon integration.

Refer to the [EDB Postgres for Kubernetes external backup adapter](https://www.enterprisedb.com/docs/postgres_for_kubernetes/latest/addons/#external-backup-adapter) docs to view more detailed information on the EDB Postgres for Kubernetes backup adaptor addon functionality and additional details on its configuraton parameters.

## Install the Operator

1. Install the EDB Postgres for Kubernetes operator.

```bash
kubectl apply -f https://get.enterprisedb.io/cnp/postgresql-operator-1.20.2.yaml
```

Running this command will create the operator namespace where the controller will be running.

## Create an EDB Cluster, Client and Add Data

1. Initiate the below lines of code in your Kubernetes environment to create a specific namespace and apply your `.yaml` file.

```bash
kubctl create ns edb
kubectl apply -f cluster-example.yaml -n edb
```

### Example **cluster-example.yaml** file:

```bash
# Example of PostgreSQL cluster
apiVersion: postgresql.k8s.enterprisedb.io/v1
kind: Cluster
metadata:
name: cluster-example
annotations:
"k8s.enterprisedb.io/addons": '["kasten"]'
spec:
instances: 3
# Example of rolling update strategy:
# - unsupervised: automated update of the primary once all
# replicas have been upgraded (default)
# - supervised: requires manual supervision to perform
# the switchover of the primary
primaryUpdateStrategy: unsupervised
# Require 1Gi of space
storage:
size: 1Gi
```

2. Wait until the cluster is completely ready.

```bash
kubectl get clusters.postgresql.k8s.enterprisedb.io -n edb
NAME AGE INSTANCES READY STATUS PRIMARY
cluster-example 19m 3 3 Cluster in healthy state cluster-example-1
```

3. Install the cnp plugin.

```bash
curl -sSfL \
https://github.com/EnterpriseDB/kubectl-cnp/raw/main/install.sh | \
sudo sh -s -- -b /usr/local/bin
```

4. Create a client certificate to the database.

```bash
kubectl cnp certificate cluster-app \
--cnp-cluster cluster-example \
--cnp-user app \
-n edb
```

5. Create the client.

```bash
kubectl create -f client.yaml -n edb
```
### Example **client.yaml** file:
```bash
apiVersion: apps/v1
kind: Deployment
metadata:
name: cert-test
spec:
replicas: 1
selector:
matchLabels:
app: webtest
template:
metadata:
labels:
app: webtest
spec:
containers:
- image: ghcr.io/cloudnative-pg/webtest:1.6.0
name: cert-test
volumeMounts:
- name: secret-volume-root-ca
mountPath: /etc/secrets/ca
- name: secret-volume-app
mountPath: /etc/secrets/app
ports:
- containerPort: 8080
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: cluster-example-app
key: password
- name: DATABASE_URL
value: >
sslkey=/etc/secrets/app/tls.key
sslcert=/etc/secrets/app/tls.crt
sslrootcert=/etc/secrets/ca/ca.crt
host=cluster-example-rw.default.svc
dbname=app
user=app
sslmode=verify-full
- name: SQL_QUERY
value: SELECT 1
volumes:
- name: secret-volume-root-ca
secret:
secretName: cluster-example-ca
defaultMode: 0600
- name: secret-volume-app
secret:
secretName: cluster-app
defaultMode: 0600
```

6. Add some data into the cluster to test the backup and restore, the following is sample data that was used for this example.

```bash
kubectl exec -it deploy/cert-test -- bash
psql 'sslkey=/etc/secrets/app/tls.key sslcert=/etc/secrets/app/tls.crt sslrootcert=/etc/secrets/ca/ca.crt host=cluster-example-rw dbname=app user=app sslmode=verify-full'
\c app
DROP TABLE IF EXISTS links;
CREATE TABLE links (
id SERIAL PRIMARY KEY,
url VARCHAR(255) NOT NULL,
name VARCHAR(255) NOT NULL,
description VARCHAR (255),
last_update DATE
);
INSERT INTO links (url, name, description, last_update) VALUES('https://kasten.io','Kasten','Backup on kubernetes',NOW());
select * from links;
\q
exit
```
## Add the Backup Decorator Annotations to the Cluster
If you create the cluster from the previous section the **cluster-example.yaml** already includes the Kasten addon therefore you can skip this part. If you are working with your own cluster you will need to add the Kasten addon.
1. Add the following annotations to your cluster, in the above **cluster-example.yaml** there is an example of where to add the annotation.
```bash
"k8s.enterprisedb.io/addons": '["kasten"]'
```
## Install the EDB blueprint
1. Enter the following command in your environment:
```bash
kubectl create -f edb-hooks.yaml
```
### Example **edb-hooks.yaml** file:
```bash
apiVersion: cr.kanister.io/v1alpha1
kind: Blueprint
metadata:
name: edb-hooks
namespace: kasten-io
actions:
backupPrehook:
phases:
- func: KubeTask
name: edbPreBackupHook
args:
image: ghcr.io/kanisterio/kanister-kubectl-1.18:0.91.0
command:
- bash
- -x
- -o
- errexit
- -o
- pipefail
- -c
- |
namespace={{ .Namespace.Name }}
selector='kasten-enterprisedb.io/hasHooks=true'
for pod in $(kubectl get po --no-headers -n $namespace -l $selector|awk '{print $1}')
do
preCommand=$(kubectl get po -n $namespace $pod -o jsonpath='{.metadata.annotations.kasten-enterprisedb\.io/pre-backup-command}')
preOnErrorCommand=$(kubectl get po -n $namespace $pod -o jsonpath='{.metadata.annotations.kasten-enterprisedb\.io/pre-backup-on-error}')
container=$(kubectl get po -n $namespace $pod -o jsonpath='{.metadata.annotations.kasten-enterprisedb\.io/pre-backup-container}')
command=${preCommand//[\[\]\"\,]/' '}
result=$(kubectl exec -it $pod -c $container -n $namespace $pod -- bash -c "if $command; then echo success; else echo failure; fi" | tail -1)
if [[ $result == "failure" ]]
then
echo "Error after running $preCommand in $pod/$container"
echo "Executing $preOnErrorCommand"
command=${preOnErrorCommand//[\[\]\"\,]/' '}
kubectl exec -it $pod -c $container -n $namespace $pod -- bash -c $command
exit 1
fi
done
exit 0
backupPosthook:
phases:
- func: KubeTask
name: edbPostBackupHook
args:
image: ghcr.io/kanisterio/kanister-kubectl-1.18:0.91.0
command:
- bash
- -x
- -o
- errexit
- -o
- pipefail
- -c
- |
namespace={{ .Namespace.Name }}
selector='kasten-enterprisedb.io/hasHooks=true'
for pod in $(kubectl get po --no-headers -n $namespace -l $selector|awk '{print $1}')
do
postCommand=$(kubectl get po -n $namespace $pod -o jsonpath='{.metadata.annotations.kasten-enterprisedb\.io/post-backup-command}')
container=$(kubectl get po -n $namespace $pod -o jsonpath='{.metadata.annotations.kasten-enterprisedb\.io/post-backup-container}')
command=${postCommand//[\[\]\"\,]/' '}
result=$(kubectl exec -it $pod -c $container -n $namespace $pod -- bash -c "if $command; then echo success; else echo failure; fi" | tail -1)
if [[ $result == "failure" ]]
then
echo "Error after running $postCommand in $pod/$container"
exit 1
fi
done
exit 0
```
## Create a Backup Policy with the EDB hooks
1. Launch your Kasten K10 interface.
2. Create a policy for the EDB namespace, you will need to set up a location profile for the export and kanister actions.
Add the hooks example:
![Kasten Backup Policy with EDB Hooks](Images/KastenBackupPolicywithHooks.png)
45 changes: 45 additions & 0 deletions advocacy_docs/partner_docs/KastenbyVeeam/05-UsingVeeamKasten.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
---
title: 'Using'
description: 'Walkthrough of example usage scenarios'
---

When you have configured your Kubernetes environment per the `Configuring` section you will then be able to start taking backups and completing restores.

## Launch a Backup

1. Launch your Kasten K10 interface.

2. Use Kasten K10 to launch a backup that creates two restore points, a local and a remote.

3. You now have a backup we can use to validate a restore in the next section.

![Launch a Backup](Images/LaunchaBackup.png)

!!! Note
The Kasten by Veeam backup process is explained below:
1. EDB elects a replica for the backup.
2. Kasten will discover the replica.
3. Kasten calls the EDB pre-backup command on the discovered replica.
4. The replica becomes ready for the backup.
5. Kasten takes the backup.
6. Kasten calls the EDB post backup command on the replica.
7. The replica leaves the backup mode.
8. The backup is then over and is consistent for a restore.


## Restore Database

1. To get ready for Kasten K10 to complete a restore, we will remove the EDB namespace in this example.

```bash
kubectl delete ns edb
```

2. In the Kasten K10 interface go to your remote restore point.

3. On the remote restore point select `restore`.

4. After the restore is complete, all of your data will be present.
![Kasten Data Restore Point](Images/KastenRestorePoint.png)


Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
title: 'Certification Environment'
description: 'Overview of the certification environment'
---

|   |   |
| ----------- | ----------- |
| **Certification Test Date** | August 28, 2023 |
| **EDB Postgres for Kubernetes** | 1.20.2 |
| **EDB Postgres for Kubernetes External Backup Adapter** |
| **Kasten by Veeam Kasten K10** | 6.0 |
29 changes: 29 additions & 0 deletions advocacy_docs/partner_docs/KastenbyVeeam/07-SupportandLogging.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
---
title: 'Support and Logging Details'
description: 'Details of the support process and logging information'
---

## Support

Technical support for the use of these products is provided by both EDB and Veeam. A proper support contract is required to be in place at both EDB and Veeam. A support ticket can be opened on either side to start the process. If it is determined through the support ticket that resources from the other vendor is required, the customer should open a support ticket with that vendor through normal support channels. This will allow both companies to work together to help the customer as needed.

## Logging

**EDB Postgres Advanced Server Logs**

Navigate to the `Data` directory in your chosen EDB Postgres Advanced Server instance and from here you can navigate to `log`, `current_logfiles` or you can navigate to the `postgresql.conf` file where you can customize logging options or enable `edb_audit` logs. An example of the full path to view EDB Postgres Advanced Server logs: `/var/lib/edb/as15/data/log`.

**PostgreSQL Server Logs**

The default log directories for PostgreSQL logs vary depending on the operating system:

- Debian-based system: `/var/log/postgresql/postgresql-x.x.main.log. X.x.`

- Red Hat-based system: `/var/lib/pgsql/data/pg_log`

- Windows: `C:\Program Files\PostgreSQL\9.3\data\pg_log`

**Kasten by Veeam Logs**

On the Kasten K10 UI navigate to `Settings` then `Support` then click `Download Logs`.
![Veeam Kasten Logs](Images/VeeamKastenLogging.png)
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

1 comment on commit 6026ebb

@github-actions
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.