RDS PostgreSQL Backup
RDS PostgreSQL backup can be performed by taking RDS snapshot of the running DB instance.
The access credentials associated with the location profile should have these permissions to perform RDS operations.
Create Secret and ConfigMap
To facilitate K10 to connect to the RDS instance, K10 needs RDS instance details and the username, password to login to the database created in RDS. This information is provided by creating ConfigMap and Secret Kubernetes resources.
Create a Kubernetes secret to store PostgreSQL credentials into
rds-app namespace. If there are other RDS instances,
multiple ConfigMap/Secret pairs can be created to have the details
of those RDS instances.
apiVersion: v1 kind: Secret metadata: name: dbcreds namespace: rds-app type: Opaque # Note: the keys below must be base64 encoded: # printf "YOUR_KEY" | base64 data: username: <base64-encoded-username> password: <base64-encoded-password>
Create a ConfigMap in
rds-app namespace which contains
information to connect to the RDS DB instance
apiVersion: v1 kind: ConfigMap metadata: name: dbconfig namespace: rds-app data: postgres.instanceid: test-rds-postgresql # instanceid of of the database created in RDS postgres.host: test-rds-postgresql.example.ap-south-1.rds.amazonaws.com postgres.databases: | # databases to take backup of - postgres - template1 postgres.secret: dbcreds # name of K8s secret in the same namespace
Annotate the ConfigMap
The ConfigMap containing connection info will need to be annotated with
an annotation of form
kanister.kasten.io/rds: rds-postgres to instruct K10
to perform backup and restore operations on this RDS PostgreSQL DB instance.
The following example demonstrates how to annotate
dbconfig ConfigMap with the RDS Annotation.
$ kubectl annotate configmap dbconfig kanister.kasten.io/rds=rds-postgres --namespace=rds-app
Finally, use K10 to backup and restore the RDS instance.
Here, RDS snapshots are created to perform backups. These operations are prone to fail if Manual snapshots quota is reached (which is 100 by default). Make sure that correct retention policies are set to avoid getting into this issue.