RDS PostgreSQL Backup
RDS PostgreSQL backup can be performed by taking RDS snapshot of the running DB instance.
Prerequisites
The access credentials associated with the location profile should have these permissions to perform RDS operations.
Create Secret and ConfigMap
To facilitate K10 to connect to the RDS instance, K10 needs RDS instance details and the username, password to login to the database created in RDS. This information is provided by creating ConfigMap and Secret Kubernetes resources.
Create a Kubernetes secret to store PostgreSQL credentials into
rds-app
namespace. If there are other RDS instances,
multiple ConfigMap/Secret pairs can be created to have the details
of those RDS instances.
apiVersion: v1
kind: Secret
metadata:
name: dbcreds
namespace: rds-app
type: Opaque
# Note: the keys below must be base64 encoded:
# printf "YOUR_KEY" | base64
data:
username: <base64-encoded-username>
password: <base64-encoded-password>
Create a ConfigMap in rds-app
namespace which contains
information to connect to the RDS DB instance
apiVersion: v1
kind: ConfigMap
metadata:
name: dbconfig
namespace: rds-app
data:
postgres.instanceid: test-rds-postgresql # instanceid of of the database created in RDS
postgres.host: test-rds-postgresql.example.ap-south-1.rds.amazonaws.com
postgres.databases: | # databases to take backup of
- postgres
- template1
postgres.secret: dbcreds # name of K8s secret in the same namespace
Annotate the ConfigMap
The ConfigMap containing connection info will need to be annotated with
an annotation of form kanister.kasten.io/rds: rds-postgres
to instruct K10
to perform backup and restore operations on this RDS PostgreSQL DB instance.
The following example demonstrates how to annotate
the dbconfig
ConfigMap with the RDS Annotation.
$ kubectl annotate configmap dbconfig kanister.kasten.io/rds=rds-postgres --namespace=rds-app
Finally, use K10 to backup and restore the RDS instance.
Warning
Here, RDS snapshots are created to perform backups. These operations are prone to fail if Manual snapshots quota is reached (which is 100 by default). Make sure that correct retention policies are set to avoid getting into this issue.