******************************* Backup and Restore Applications ******************************* Robin Platform can: * Backup applications and data to an external storage repository such as S3 Object Store, Google Cloud Storage, etc. * Make applications and data portable across Kubernetes clusters spanning on-prem, public and hybrid cloud environments. .. .. note:: Add backup summary **Topics covered in this chapter:** =============================== ==================================================== ``robin backup create`` Backup an application snapshot to repository ``robin backup delete`` Delete backup of an application snapshot ``robin backup list`` List all backups of an application ``robin backup info`` Show information about a specific backup ``robin backup status`` Show transfer status of backup to repository ``robin backup tenant-share`` Share a backup with one or more tenants ``robin backup tenant-unshare`` Stop sharing a backup with one or more tenants ``robin backup user-share`` Share a backup with one or more users ``robin backup user-unshare`` Stop sharing a backup with one or more users ``robin backup list-shares`` List information about users a backup has been shared with ``robin backup export`` Generate a token for use when importing an application backup into another cluster ``robin backup import`` Import an application backup from another cluster =============================== ==================================================== ---------------------------- Create an application backup ---------------------------- .. tabs:: .. tab:: CLI In order to create a backup of an application, issue the following command: .. Note:: When backing up a Helm app on a cluster running Robin CNP v5.3.x and restoring the app from the backup on a cluster running Robin CNP v5.4.x, you must use a custom namespace. .. code-block:: text # robin backup create --snapshotid --backupname --purge-snapshot =============================== ============================================================ ``app_name`` Name of the application being backed up ``reponame`` Name of the repo where the backup will be pushed ``--snapshotid `` Unique ID of snapshot to be backed up. If not provided a snapshot will be created implicitly ``--backupname `` Name to assign to backup ``--purge-snapshot`` Delete the snapshot pushed to the repo after successfully creating the backup. This option is only valid when a snapshot ID is not provided =============================== ============================================================ **Example:** .. code-block:: text # robin backup create mysql1 app-repofpom --wait Creating app backup 'mysql1_backup-1581809777' Job: 213 Name: K8SApplicationBackup State: PROCESSED Error: 0 Job: 213 Name: K8SApplicationBackup State: WAITING Error: 0 Job: 213 Name: K8SApplicationBackup State: AGENT_WAIT Error: 0 Job: 213 Name: K8SApplicationBackup State: COMPLETED Error: 0 # robin backup list +----------------------------------+--------------------------+----------+----------------------------+--------+ | Backup ID | Backup Name | Repo | Snapshot Name | State | +----------------------------------+--------------------------+----------+----------------------------+--------+ | fcc2d538504b11ea821e5d26d9bcf8ac | mysql1_backup-1581809777 | testrepo | mysql1_snapshot-1581809777 | Pushed | +----------------------------------+--------------------------+----------+----------------------------+--------+ .. note:: The ability to create a backup is subject to Robin Role Based Access Control (RBAC). By default, all Cluster Users (users having the user role) have permission to create backups, provided they can access the underlying App snapshot. Cluster Administrators (users having the **superadmin** role) have permission to create backups from all App snapshots. See the section on :ref:`UserManagement` for details on how Robin RBAC works. Before creating a backup, the underlying app must be attached to the target repo. .. tab:: API Creates an application backup. **End Point:** /api/v3/robin_server/apps **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: backup`` - This mandatory field within the payload specifies the backup operation is to be performed. - ``app_name: `` - This mandatory field within the payload specifies the name of the application to be backed up. - ``repo: `` - This mandatory field within the payload specifies the name of the repo in which the backup should be stored. - ``backupname: `` - This mandatory field within the payload specifies the name of the backup to be created. - ``snapshotid: `` - Utilizing this parameter, by specifying a snapshot ID, results in the associated snapshot being backed up. - ``purge_snapshot: true`` - Utilizing this parameter results in the snapshot being deleted once it has successfully been pushed to the repo. This option is only valid when a snapshot ID is not provided. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error), 409 (Duplicate Resource Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":663, "plan":{ "kind":"k8s", "action":"backup", "namespace":"t001-u000003", "current_user":{ "user_contexts":[ "robin", "robin-k8s-cluster" ], "user_capabilities":[ "AllSuperAdminCapabilities" ], "tenant":"Administrators", "username":"robin", "user_permissions":{ }, "user_id":3, "tenant_id":1, "ip_addr":"172.17.0.1", "tenants":[ "Administrators" ], "session_expires":"2020-09-10T21:28:38", "tenant_role":"superadmin", "namespace":"t001-u000003", "user_context":"robin" }, "backup_name":"demo", "opcode":null, "repo":"app-repoihos", "app_name":"ma-appbd", "name":"ma-appbd" } } .. raw:: html
---------------------------- Delete an application backup ---------------------------- .. tabs:: .. tab:: CLI Run this command to delete an application backup: .. code-block:: text # robin backup delete --repo-purge =================== ========================================================= ``backupid`` Unique ID of the backup ``--repo-purge`` In addition to removing the backup from the cluster's repo catalog, purge the backup from the external storage repo. Note that once the backup is purged from the repo, it cannot be recovered. In addition this option is only valid for backups that are owned/managed by the local cluster =================== ========================================================= **Example 1: Delete a backup, but leave it on the external repo** Delete the local copy of a backup, but leave it in the external storage repo: .. code-block:: text # robin backup delete fcc2d538504b11ea821e5d26d9bcf8ac --wait Job: 218 Name: StorageRepoPurge State: VALIDATED Error: 0 Job: 218 Name: StorageRepoPurge State: COMPLETED Error: 0 # robin backup list +-----------+-------------+------+---------------+-------+ | Backup ID | Backup Name | Repo | Snapshot Name | State | +-----------+-------------+------+---------------+-------+ +-----------+-------------+------+---------------+-------+ **Example 2: Delete a backup and purge it from the external storage repo** .. code-block:: text # robin backup delete ebc453b45a6611e99876835407ddf3c4 --repo-purge --wait Job: 218 Name: StorageRepoPurge State: VALIDATED Error: 0 Job: 218 Name: StorageRepoPurge State: COMPLETED Error: 0 .. note:: The ability to delete a backup is subject to Robin Role Based Access Control (RBAC). By default, all Cluster Users (users having the user role) have permission to delete from local storage any backups they have created. They do not have permission, however, to purge backups from the repo. Cluster Administrators (users having the **superadmin** role), on the other hand, have permission to delete all backups as well as purge backups from a repo catalog and the external repo. All backups that have been pushed to a repo (which is to say, all backups), can be viewed using the ``robin backup list`` command. The ``robin repo contents`` command also provides information about backups that have been pushed to a specific repo. But this command can only be invoked by Cluster Administrators (users having the **superadmin** role). .. tab:: API Deletes an application backup. **End Point:** /api/v3/robin_server/backups **Method:** DELETE **URL Parameters:** None **Data Parameters:** - ``action: purge`` - This mandatory field within the payload specifies the purge operation is to be performed. - ``backupid: `` - This mandatory field within the payload specifies the ID of the backup to be deleted. - ``repo_purge: true`` - Utilizing this parameter in the payload results in the backup specified being removed from the external storage repo as well as the local catalog. This option is only valid for backups that are owned/managed by the local cluster. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":711 } .. raw:: html
------------------------ List application backups ------------------------ .. tabs:: .. tab:: CLI Run this command to list application backups: .. code-block:: text # robin backup list --app --app-namespace --wide ============================== ========================================================= ``--app `` Only show backups for the specified application ``--app-namespace `` If there are multiple applications of the same name but in different namespaces this option can be used to distinguish them. Note this option is only valid when ``--app`` is specified ``--wide`` Provide additional information about each backup ============================== ========================================================= **Example 1: List backups of a specific app** .. code-block:: text # robin backup list --app mydb +----------------------------------+-------------+----------------+--------+ | Backup ID | Backup Name | Snapshot Name | State | +----------------------------------+-------------+----------------+--------+ | ebc453b45a6611e99876835407ddf3c4 | backup-init | mydb_snap-init | Pushed | +----------------------------------+-------------+----------------+--------+ **Example 2: List all backups with extra details** .. code-block:: text # robin backup list --wide +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ | Backup ID | Backup Name | Repo | Snapshot Name | State | Managed | App Name | App Type | Owner/Tenant | Description | +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ | fe7d6f7a504f11ea92f977d7085a249d | mysql1_backup-1581811498 | testrepo | mysql1_snapshot-1581811498 | Pushed | True | mysql1 | helm | admin1/t1 | | +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ Tenant Shares: ALL_TENANTS User Shares: .. note:: The ability to view backups is subject to Robin Role Based Access Control (RBAC). By default, Cluster Users (users having the **user** role) are able to view all backups they have created, plus any that have been shared with them (see :ref:`ShareAppBackup` for details). See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Lists all application backups. **End Point:** /api/v3/robin_server/backups **Method:** GET **URL Parameters:** - ``appname=`` : Utilizing this parameter filters the results such that only backups of the specified application are returned. - ``namespace=`` : Utilizing this parameter filters the results such that only backups of the specified application in the given namespace are returned. Note this option is only valid with the ``appname`` parameter is utilized. **Data Parameters:** None **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 200 **Error Response Code:** 500 (Internal Server Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "items":[ { "description":"", "tenant":"Administrators", "managed":true, "username":"robin", "user_shares":{ }, "tenant_shares":{ }, "name":"my-backup1yx", "kind":"helm", "snapshot":"my-appcw_my-s1po", "state":"Pushed", "id":"b419d8a2f30611eab3c98b46a91f9934", "repo":"app-repoxqek", "share_with_all_tenants":false, "app":"my-appcw" }, { "description":"", "tenant":"Administrators", "managed":true, "username":"robin", "user_shares":{ }, "tenant_shares":{ }, "name":"mysql1backup", "kind":"helm", "snapshot":"mysql1_snapmysql1", "state":"Pushed", "id":"1c344900f30911eaa97a51af70aa8d37", "repo":"app-repoxqek", "share_with_all_tenants":false, "app":"mysql1" }, { "description":"", "tenant":"Administrators", "managed":true, "username":"robin", "user_shares":{ }, "tenant_shares":{ }, "name":"mysql2backup", "kind":"helm", "snapshot":"mysql2_snapmysql2", "state":"Pushed", "id":"387a9d46f30911eaae760514a59458bd", "repo":"app-repoxqek", "share_with_all_tenants":false, "app":"mysql2" }, { "description":"", "tenant":"Administrators", "managed":true, "username":"robin", "user_shares":{ }, "tenant_shares":{ }, "name":"my-backup1wc", "kind":"helm", "snapshot":"my-apptn_my-s1tc", "state":"Pushed", "id":"4ba16f22f30911eab74d45afeffd38d2", "repo":"app-repodujv", "share_with_all_tenants":false, "app":"my-apptn" }, { "description":"", "tenant":"Administrators", "managed":true, "username":"robin", "user_shares":{ }, "tenant_shares":{ }, "name":"ma-backup1qg", "kind":"helm", "snapshot":"ma-appbd_ma-s1dk", "state":"Pushed", "id":"d079f9d0f30a11ea85298d04093a1b78", "repo":"app-repoihos", "share_with_all_tenants":false, "app":"ma-appbd" } ] } .. raw:: html
--------------------------------------------------- Get information about a specific application backup --------------------------------------------------- .. tabs:: .. tab:: CLI Details of a specific backup can be obtained using the following command: .. code-block:: text # robin backup info --specs ==================== =================================================================================== ``backupid`` Unique ID of the backup (obtained from the output of ``robin backup list``) ``--specs`` Output the spec file associated with the backup ==================== =================================================================================== **Example:** .. code-block:: text # robin backup info ebc453b45a6611e99876835407ddf3c4 Name : backup-init Id : ebc453b45a6611e99876835407ddf3c4 Snapshot Name : mydb_snap-init Application Name : mydb Application Kind : helm State : Pushed Repo : datadump Description : - Start Time : 08 Apr 2019 18:29:30 End Time : 08 Apr 2019 18:29:37 Trigger Details ------- Operation : MANUAL User : robin Tenant : Administrators Data Details ------- Transferred : 96.0 MB Skipped : 0.0 MB Total : 96.0 MB Time Taken : 7s .. note:: The ability to view information about a backup is subject to Robin Role Based Access Control (RBAC). By default, Cluster Users (users having the **user** role) are able to view info for all backups they have created, plus any that have been shared with them (see :ref:`ShareAppBackup` for details). See the section on :ref:`UserManagement` for details on how Robin RBAC works. Information about the local application will only be included in the output if the application still exists. This information will never be displayed for backups which are imported from another Robin cluster. .. tab:: API Returns details about a specific backup such as its kind, the objects which are associated with it and its creation time, **End Point:** /api/v3/robin_server/k8s_app/?action=info&otype=backup **Method:** GET **URL Parameters:** None **Data Parameters:** None **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 200 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "tenant":"Administrators", "creation_end_time":1599774729, "tenant_shares":{ }, "snap_exists":true, "spec":"{\"roles\":[{\"volume_groups\":[],\"vnodes\":[{\"status\":\"OFFLINE\",\"ctime\":1597834265,\"vnodeid\":2,\"gpu\":{\"type\":\"\",\"count\":0,\"max\":0},\"restart_on_qoscfg\":true,\"sidecar_info\":{\"cpu\":0,\"hugepages_1g\":0,\"mem\":0,\"containers\":[],\"hugepages_2m\":0},\"engine\":\"docker\",\"utime\":1597834265,\"allocated\":{\"zoneid\":1595331866,\"zonename\":\"default\",\"nodename\":\"cscale-82-236\",\"nodeid\":1},\"image\":{\"registry_port\":\"\",\"entrypoint\":\"custom-entrypoint.sh\",\"engine\":\"docker\",\"version\":\"5.7\",\"name\":\"mysql\",\"registry_hostname\":\"\",\"registry_name\":\"Docker Hub\"},\"service_uids\":[\"9d236991-3a39-42cf-ad36-710988c7e40c\"],\"rpoolid\":1,\"allocated_host_type\":\"physical\",\"vnodehooks\":{\"prestop\":\"bash vnode_sample opr=prestop\",\"poststop\":\"bash vnode_sample opr=poststop\",\"presnapshot\":\"bash quiesce.sh\",\"postclone\":\"bash check_mysql\",\"prestart\":\"bash vnode_sample opr=prestart\",\"preclone\":\"bash vnode_sample opr=preclone\",\"pregrow\":\"bash vnode_sample opr=pregrow\",\"predestroy\":\"bash vnode_sample opr=predestroy\",\"postrollback\":\"bash check_mysql\",\"postdestroy\":\"bash vnode_sample opr=postdestroy\",\"postcreate\":\"bash check_mysql\",\"postgrow\":\"bash check_mysql\",\"postsnapshot\":\"bash unquiesce.sh\",\"poststart\":\"bash check_mysql\",\"prerollback\":\"bash vnode_sample opr=prerollback\",\"precreate\":\"bash vnode_sample opr=precreate\"},\"allocated_host_public_hostname\":\"cscale-82-236.robinsystems.com\",\"k8s_provider\":\"robin\",\"cmdlineargs\":\"-W\",\"pod_ns\":\"t001-u000003\",\"disable_vnodehooks\":false,\"id\":2,\"bundle_path\":\"\\\/usr\\\/local\\\/robin\\\/collections\\\/file-collection-1595307896158\\\/1595307917814\\\/mysql-5.7\",\"hostname\":\"mysql-hplt-mysql-01.t001-u000003.svc.cluster.local\",\"volume_groups\":[{\"replicas\":1,\"rpoolid\":1,\"media\":\"HDD\",\"volumes\":[\"mysql-hplt.mysql.01.data.1.83d81ffd-ab8a-4eed-bab8-f717a438f955\"],\"stormgr_id\":4,\"layout\":\"round-robin\",\"name\":\"mysql-hplt.mysql.01.72.1.de10bed7-ac03-4f51-839c-460173c8c848\",\"device_sets\":[{\"name\":\"mysql-hplt.mysql.01.72.1.de10bed7-ac03-4f51-839c-460173c8c848.0.a5a90abd-c13c-42e3-82b3-23c39bf5806b\",\"devices\":[{\"hostname\":\"cscale-82-236.robinsystems.com\",\"tags\":{},\"score\":94,\"state\":\"READY\",\"pused\":436207616,\"type\":\"HDD\",\"max_throughput_intensive_vols_per_disk\":1,\"max_volumes_per_disk\":40,\"write_unit\":4096,\"psize\":107374182400,\"wwn\":\"0x600224807574ecfb25c7ae75503dcde0\",\"reattachable\":0,\"stormgr_id\":4,\"workloads\":{\"1\":[],\"2\":[],\"0\":[\"nfs-yske.nfs.01.root_fs.1.1f1aaa61-7172-450a-8449-4c347a1d17bf\",\"nfs-yske.nfs.01.data.1.598239fe-6fae-4a88-8d04-cf86171ad30b\"],\"3\":[]},\"devpath\":\"\\\/dev\\\/disk\\\/by-id\\\/scsi-3600224807574ecfb25c7ae75503dcde0\",\"aslices\":9,\"protected\":0,\"role\":\"Storage\",\"allocated_slices\":2,\"slices\":77,\"capacity\":107374182400,\"host\":\"cscale-82-236.robinsystems.com\",\"max_latency_sensitive_vols_per_disk\":2}],\"stormgr_id\":7}]},{\"replicas\":1,\"rpoolid\":1,\"media\":\"HDD\",\"volumes\":[\"mysql-hplt.mysql.01.root_fs.1.b30d51e4-00e8-45b0-8315-18c98ab82f15\"],\"stormgr_id\":5,\"layout\":\"round-robin\",\"name\":\"mysql-hplt.mysql.01.72.1.4c94ebe4-9329-450b-8b53-89d643b965a6\",\"device_sets\":[{\"name\":\"mysql-hplt.mysql.01.72.1.4c94ebe4-9329-450b-8b53-89d643b965a6.0.ffc704c8-c78c-4f45-ba40-48fe66b2ea48\",\"devices\":[{\"hostname\":\"cscale-82-236.robinsystems.com\",\"tags\":{},\"score\":94,\"state\":\"READY\",\"pused\":436207616,\"type\":\"HDD\",\"max_throughput_intensive_vols_per_disk\":1,\"max_volumes_per_disk\":40,\"write_unit\":4096,\"psize\":107374182400,\"wwn\":\"0x600224807574ecfb25c7ae75503dcde0\",\"reattachable\":0,\"stormgr_id\":4,\"workloads\":{\"1\":[],\"2\":[],\"0\":[\"nfs-yske.nfs.01.root_fs.1.1f1aaa61-7172-450a-8449-4c347a1d17bf\",\"nfs-yske.nfs.01.data.1.598239fe-6fae-4a88-8d04-cf86171ad30b\"],\"3\":[]},\"devpath\":\"\\\/dev\\\/disk\\\/by-id\\\/scsi-3600224807574ecfb25c7ae75503dcde0\",\"aslices\":9,\"protected\":0,\"role\":\"Storage\",\"allocated_slices\":12,\"slices\":77,\"capacity\":107374182400,\"host\":\"cscale-82-236.robinsystems.com\",\"max_latency_sensitive_vols_per_disk\":2}],\"stormgr_id\":8}]}],\"bundleid\":\"4\",\"network\":[{\"allocated_names\":[\"eth0\"],\"allocated_ip\":\"172.21.19.114\",\"interfaces\":1,\"subnet\":\"172.21.0.0\",\"driver\":\"calico\",\"name\":\"robin-default\",\"allocated_prefix\":16,\"ippool\":\"robin-default\",\"allocated_netmask\":\"255.255.0.0\",\"allocated_by\":\"system\"}],\"host_ip\":\"172.21.19.114\",\"state\":\"STARTED\",\"storage\":[{\"fstype\":\"ext4\",\"replication\":1,\"device\":\"\\\/dev\\\/sde\",\"compression\":\"0\",\"type\":\"data\",\"stordriver\":{\"protection\":\"0\",\"type\":\"das\",\"media\":\"HDD\",\"faultdomain\":\"nofd\"},\"lvm_type\":\"None\",\"protection\":1,\"encryption\":\"none\",\"lvm_vol_count\":\"0\",\"volgrp_name\":\"mysql-hplt.mysql.01.72.1.de10bed7-ac03-4f51-839c-460173c8c848\",\"layout\":\"round-robin\",\"name\":\"mysql-hplt.mysql.01.data.1.83d81ffd-ab8a-4eed-bab8-f717a438f955\",\"allocated\":{\"multinode_mounting\":false,\"block_size\":4096,\"replication\":1,\"compression\":0,\"stordriver\":{\"protection\":\"0\",\"type\":\"das\",\"media\":\"HDD\",\"faultdomain\":\"nofd\"},\"protection\":0,\"next_backupid\":1,\"volumeid\":\"4\",\"grpid\":4,\"partitions\":0,\"resource_poolid\":1,\"slice_size\":1073741824,\"params\":{},\"current_snapshot\":\"active_snap\",\"genkey\":1597834225148619,\"vtype\":0,\"name\":\"mysql-hplt.mysql.01.data.1.83d81ffd-ab8a-4eed-bab8-f717a438f955\",\"priority\":2,\"appname\":\"default\",\"next_snapshotid\":2,\"current_snapshotid\":1,\"snapshot_space_limit\":214748364,\"media\":72,\"snapname\":\"snapmysql-hplt\",\"qgroupid\":5,\"size\":1073741824,\"appid\":1},\"blocksize\":4096,\"pvcpolicy\":\"create\",\"k8s_name\":\"mysql-hplt-mysql-01-data-1-83d81ffd\",\"snap_reserved\":100,\"disk_tags\":{},\"snapname\":\"snapmysql-hplt\",\"path\":\"\\\/var\\\/lib\\\/mysql\",\"snapshot_space_limit\":214748364,\"vol_ns\":\"t001-u000003\",\"workload\":0,\"size\":1073741824,\"media\":\"HDD\",\"faultdomain\":\"host\"},{\"fstype\":\"xfs\",\"replication\":1,\"device\":\"\\\/dev\\\/sdf\",\"compression\":\"0\",\"type\":\"root_fs\",\"stordriver\":{\"protection\":\"0\",\"type\":\"das\",\"media\":\"HDD\",\"faultdomain\":\"nofd\"},\"lvm_type\":\"None\",\"protection\":1,\"encryption\":\"none\",\"lvm_vol_count\":\"0\",\"volgrp_name\":\"mysql-hplt.mysql.01.72.1.4c94ebe4-9329-450b-8b53-89d643b965a6\",\"layout\":\"round-robin\",\"name\":\"mysql-hplt.mysql.01.root_fs.1.b30d51e4-00e8-45b0-8315-18c98ab82f15\",\"allocated\":{\"multinode_mounting\":false,\"block_size\":4096,\"replication\":1,\"compression\":0,\"stordriver\":{\"protection\":\"0\",\"type\":\"das\",\"media\":\"HDD\",\"faultdomain\":\"nofd\"},\"protection\":0,\"next_backupid\":1,\"volumeid\":\"5\",\"grpid\":5,\"partitions\":0,\"resource_poolid\":1,\"slice_size\":1073741824,\"params\":{},\"current_snapshot\":\"active_snap\",\"genkey\":1597834225173874,\"vtype\":0,\"name\":\"mysql-hplt.mysql.01.root_fs.1.b30d51e4-00e8-45b0-8315-18c98ab82f15\",\"priority\":2,\"appname\":\"default\",\"next_snapshotid\":2,\"current_snapshotid\":1,\"snapshot_space_limit\":2147483648,\"media\":72,\"snapname\":\"snapmysql-hplt\",\"qgroupid\":4,\"size\":10737418240,\"appid\":1},\"blocksize\":4096,\"pvcpolicy\":\"create\",\"k8s_name\":\"mysql-hplt-mysql-01-root-fs-1-b30d51e4\",\"snap_reserved\":100,\"disk_tags\":{},\"snapname\":\"snapmysql-hplt\",\"path\":\"\\\/\",\"snapshot_space_limit\":2147483648,\"vol_ns\":\"t001-u000003\",\"workload\":0,\"size\":10737418240,\"media\":\"HDD\",\"faultdomain\":\"host\"}],\"role_name\":\"mysql\",\"mem\":{\"hugepages_1g\":0,\"size\":1073741824,\"hugepages_2m\":0},\"cpu\":{\"min\":0,\"nonisol\":true,\"reserve\":false,\"max\":1},\"bundle_object_id\":\"7be85809d7ecf1544e461df868f163ad\",\"commandline\":\"-W\",\"restart_num\":15,\"name\":\"mysql-hplt.mysql.01\",\"enable_metrics\":true,\"enable_portmapping\":true,\"desired_status\":\"ONLINE\",\"env\":{\"MYSQL_USER\":{\"type\":\"text\",\"value\":\"robin\"},\"MYSQL_PASSWORD\":{\"type\":\"password\",\"value\":\"robin123\"},\"allocated\":{\"ROBINHOST\":\"cscale-82-236.robinsystems.com\",\"ROBINHOST_TAG_KUBERNETES.IO-ARCH\":\"amd64\",\"MYSQL_USER\":\"robin\",\"POD_NS\":\"t001-u000003\",\"ROBINHOST_TAG_ROBINRPOOL\":\"default\",\"ROBINHOST_TAG_ROBINHOST\":\"cscale-82-236\",\"POD_NAME\":\"mysql-hplt-mysql-01\",\"ROBINHOST_TAG_DOMAIN\":\"ROBIN\",\"MYSQL_PASSWORD\":\"robin123\",\"K8S_NODE\":\"cscale-82-236\",\"MYSQL_ROOT_PASSWORD\":\"robin123\",\"ROBINHOST_TAG_KUBERNETES.IO-OS\":\"linux\",\"ROBINHOST_TAG_NODETYPE\":\"robin-node\",\"ROBINHOST_TAG_RNODETYPE\":\"robin-master-node\",\"MYSQL_DATABASE\":\"robin\"},\"MYSQL_ROOT_PASSWORD\":{\"type\":\"password\",\"value\":\"robin123\"},\"MYSQL_DATABASE\":{\"type\":\"text\",\"value\":\"robin\"}},\"allocated_host_public_ip\":\"10.9.82.236\",\"root_fs\":\"\\\/usr\\\/local\\\/robin\\\/instances\\\/mysql-hplt-mysql-01.t001-u000003.svc.cluster.local\",\"role\":\"mysql\",\"jobid\":310,\"calico_inuse\":true,\"vnodehookargs\":{\"prestop\":[\"opr=prestop\"],\"poststop\":[\"opr=poststop\"],\"presnapshot\":[],\"prestart\":[\"opr=prestart\"],\"postclone\":[],\"preclone\":[\"opr=preclone\"],\"pregrow\":[\"opr=pregrow\"],\"predestroy\":[\"opr=predestroy\"],\"postrollback\":[],\"postcreate\":[],\"postgrow\":[],\"postsnapshot\":[],\"precreate\":[\"opr=precreate\"],\"poststart\":[],\"prerollback\":[\"opr=prerollback\"],\"postdestroy\":[\"opr=postdestroy\"]},\"pod_name\":\"mysql-hplt-mysql-01\",\"appname\":\"mysql-hplt\",\"numa_allocations\":{\"0\":{\"isol_shared_cores_used\":0,\"hugepages_2m_used\":0,\"non_isol_cores_used\":1,\"hugepages_1g_used\":0,\"isol_dedicated_cores_used\":0,\"gpu_used\":0,\"mem_used\":1073741824}},\"allocated_host\":\"cscale-82-236.robinsystems.com\",\"hosttags\":{\"robinrpool\":[\"default\"],\"rnodetype\":[\"robin-master-node\"],\"nodetype\":[\"robin-node\"],\"kubernetes.io\\\/arch\":[\"amd64\"],\"kubernetes.io\\\/os\":[\"linux\"],\"robinhost\":[\"cscale-82-236\"],\"robin.io\\\/robinrpool\":[\"default\"],\"domain\":[\"ROBIN\"]},\"cm_keys\":[\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKS44FJBT75q64OPV8s1WL\\\/lFbMogtnSm9wk6i+uQArrteNI6DhMYnBV8GC+Dttr2sxurxm\\\/QEW3Pa9OKhtCtT\\\/CQ0h+w7u8f8Mu77zAtAd4rhFAtuK86wiZPp8vSRp3Q2l7TMC31VV08wa7fulk\\\/SSF6maJRQxxmH2lNOsHYOHZve4TSZ+FuGT5h0KMAtGjy7jDSfdt4nBFb\\\/EzVuUE70y8x8q7SmObQGCDBoQlC\\\/QwcmBJ+T25l7fDfVTSXSjCRb2wN2DIxUA7Cr1hNRoZNPAAFahq+jWYYS+aKaXVe6cR6GEtgQ66ey7Zn8ZHOrmW9n9LEnYT\\\/CmzV6l4gwfyIp root@cscale-82-236\",\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxdMba+MjIxpx8IzmIodVTs13BJj3BAsRaeOpIC3g07eKcb\\\/WCJ3E9kFvOyJzqX1KmOpYqwtYG0zTwd+xPlc9fudEoORLM2jAt5JZQliT8IDGLyRYqhsOaL+HPKeO8VU9u0sd8938OXGKEJQ1Qt0DQcXuXTSDYGefS24TaWxJ6r\\\/bbM0WXYrJiFc83LemUHGq\\\/vdNpXNbGiAMPCTF3\\\/ZkHsIQTJd8dmBXn3VsEcRbvSGnHIXvQjRZRJp5hBVl\\\/zFZtGFuT7Rs1IVpZtsO81hFCkgAX\\\/jonSglX193+A5oCFPeTsfOD01A3r9x3qdcgtSwxkU5ElmksR6BNt0pXenO7 root@cscale-82-238\",\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwaDQ4NFtH5X1NVdUW\\\/trWG0W3LaLOQdz0LIwTMiYo707zpW5STz6R4qRCyonqA5DGx9KicnDvbLYXrDtEFczf68j3N9mgm4QKQ5NAUsKgCrXD\\\/musfl7T0kwmADh4tWI1pbnEJNAfY+xOvKqd1MQIoXNY3jDHlZghb0un+ZnCkxlEwLNUEZySdVhuUitK6fH0abpbLDSWAqqWvzBQMeTYVD91KJPqQXPyejQcjw31dmFYQJ+Ru7Nm0+iifXIZ4poyGZuxNZL9K0F4j+mS+LQav+dAnQGfL62HyAZhHmFoqF9l1GQs6qwrWU6UaZPLAt3XaghtDJwXTks6vEkjibNN root@cscale-82-237\"],\"services\":[{\"vnodename\":\"mysql-hplt-mysql-01\",\"appname\":\"mysql-hplt\",\"ports\":[{\"target_port\":3306,\"name\":\"tcp-port3306\",\"protocol\":\"TCP\",\"port\":3306,\"node_port\":30670}],\"k8s_name\":\"mysql-hplt-mysql-01-np-0\",\"type\":\"NodePort\",\"cluster_ip\":\"172.19.225.200\",\"labels\":{\"tenant\":\"Administrators\",\"user_id\":\"3\",\"tenant_id\":\"1\",\"username\":\"robin\"},\"selectors\":{\"vnode\":\"mysql-hplt-mysql-01\"}}],\"enable_hooklogs\":true,\"appid\":2}],\"display_name\":\"mysql\",\"multinode_max\":256,\"scaleout\":\"disabled\",\"multinode_min\":1,\"restart_on_qoscfg\":true,\"qgroups\":{\"data\":{\"wr_min_window\":500,\"rd_weight\":1,\"rd_min_iops\":0,\"rd_min_window\":500,\"wr_max_iops\":2000000,\"priority\":1,\"wr_weight\":1,\"enabled\":false,\"wr_min_iops\":0,\"rd_max_iops\":2000000},\"root_fs\":{\"wr_min_window\":500,\"rd_weight\":1,\"rd_min_iops\":0,\"rd_min_window\":500,\"wr_max_iops\":2000000,\"priority\":1,\"wr_weight\":1,\"enabled\":false,\"wr_min_iops\":0,\"rd_max_iops\":2000000}},\"elastic_ip_enabled\":false,\"name\":\"mysql\",\"multinode\":false,\"image\":{\"registry_port\":\"\",\"entrypoint\":\"custom-entrypoint.sh\",\"engine\":\"docker\",\"version\":\"5.7\",\"name\":\"mysql\",\"registry_hostname\":\"\",\"registry_name\":\"Docker Hub\"}}],\"bundleid\":\"4\",\"snapshot\":\"enabled\",\"autopilot\":true,\"num_apps\":1,\"start_num\":0,\"kind\":\"ROBIN\",\"stordriver\":\"das\",\"clone\":\"enabled\",\"bundle_object_id\":\"7be85809d7ecf1544e461df868f163ad\",\"bundle_path\":\"\\\/usr\\\/local\\\/robin\\\/collections\\\/file-collection-1595307896158\\\/1595307917814\\\/mysql-5.7\",\"apphooks\":{\"prestop\":\"bash app_sample prestop\",\"poststop\":\"bash app_sample poststop\",\"presnapshot\":\"bash app_sample presnapshot\",\"precreate\":\"bash app_sample precreate\",\"postclone\":\"bash app_sample postclone\",\"preclone\":\"bash app_sample preclone\",\"pregrow\":\"bash app_sample pregrow\",\"prestart\":\"bash app_sample prestart\",\"predestroy\":\"bash app_sample predestroy\",\"validate\":\"python3.4 validate_template.py\",\"postrollback\":\"bash app_sample postrollback\",\"postcreate\":\"bash app_sample postcreate\",\"postgrow\":\"bash app_sample postgrow\",\"postsnapshot\":\"bash app_sample postsnapshot\",\"poststart\":\"bash app_sample poststart\",\"prerollback\":\"bash app_sample prerollback\",\"allocated\":{\"prestop\":\"bash app_sample prestop\",\"poststop\":\"bash app_sample poststop\",\"presnapshot\":\"bash app_sample presnapshot\",\"precreate\":\"bash app_sample precreate\",\"postclone\":\"bash app_sample postclone\",\"preclone\":\"bash app_sample preclone\",\"pregrow\":\"bash app_sample pregrow\",\"prestart\":\"bash app_sample prestart\",\"predestroy\":\"bash app_sample predestroy\",\"validate\":\"python3.4 validate_template.py\",\"postrollback\":\"bash app_sample postrollback\",\"postcreate\":\"bash app_sample postcreate\",\"postgrow\":\"bash app_sample postgrow\",\"postsnapshot\":\"bash app_sample postsnapshot\",\"poststart\":\"bash app_sample poststart\",\"prerollback\":\"bash app_sample prerollback\",\"health\":\"python3.4 health.py\",\"postdestroy\":\"bash app_sample postdestroy\"},\"health\":\"python3.4 health.py\",\"postdestroy\":\"bash app_sample postdestroy\"},\"auto_relocate\":true,\"zoneid\":1595331866,\"restart_num\":15,\"name\":\"mysql-hplt_snapmysql-hplt\",\"appcfg_autopilot\":true,\"username\":\"robin\",\"enable_metrics\":true,\"tenant\":\"Administrators\",\"rpoolid\":1,\"clonemode\":\"unfenced\",\"pvcpolicy\":\"create\",\"app_ns\":\"t001-u000003\",\"planid\":2,\"snapname\":\"snapmysql-hplt\",\"desc\":\"\",\"parent_last_known_state\":6,\"from_template\":null,\"id\":2,\"bundle_name\":\"mysql\",\"bundle_version\":\"5.7\",\"enable_hooklogs\":true,\"parentid\":2,\"master_name\":\"mysql-hplt\",\"content_id\":\"20017bd0c59254f4803c18d01d08cfc8\",\"rpool\":\"default\"}", "snapshot":"mysql-hplt_snapmysql-hplt", "bytes_transferred":973078528, "backup_entry":true, "share_with_all_tenants":false, "app":"mysql-hplt", "bytes_count":973078528, "description":"", "appid":2, "username":"robin", "managed":true, "user_shares":{ }, "op_trigger":"MANUAL", "name":"mysql-hplt_backup-1599774713", "kind":"robin", "bytes_skipped":0, "state":"Pushed", "creation_time":1599774714, "vol_data":true, "id":"d6af2552f3af11ea947e73e1ccd6ad68", "repo":"app-repodujv", "app_exists":true } .. raw:: html
------------------------------------------------------ Configuring backup schedules and retention policies ------------------------------------------------------ This is covered under the :ref:`BackupSchedules` section of Applications chapter. See details of the command ``robin app backup-schedule``. --------------------------------------- Monitor Status of an application backup --------------------------------------- .. tabs:: .. tab:: CLI The status of transfers of in progress backups to their respective repositories can be viewed using the following command: .. code-block:: text # robin backup status --appname --backupid --all ============================= ========================================================= ``--appname `` Filter by app name ``--backupid `` Filter by backup id ``--all`` Include all backups in result ============================= ========================================================= **Example:** .. code-block:: text # robin backup status --backupid fe7d6f7a504f11ea92f977d7085a249d +----------------------------------+-------------------------------------+-----------------+ | Name | TransferStatus | Schedule/Manual | +----------------------------------+-------------------------------------+-----------------+ | fe7d6f7a504f11ea92f977d7085a249d | 100% [####################] 736.0MB | MANUAL | +----------------------------------+-------------------------------------+-----------------+ .. tab:: API Returns the transfer status of backups to a particular repo. **End Point:** /api/v3/robin_server/k8s_app/ **Method:** GET **URL Parameters:** None **Data Parameters:** - ``action: get_k8s_backup_ops`` - This mandatory field within the payload specifies that the status of backups should be returned. - ``all: [true|false]`` - This mandatory field within the payload specifies whether or not the status of all backups (both in progress and completed) should be returned. - ``backupid: `` - Utilizing this parameter within the payload, by specifying a backup ID, results in only the transfer status of the aformentioned backup being returned. - ``appname: `` - Utilizing this parameter within the payload, by specifying an application name, results in only the transfer status of the backups associated with the aforementioned application being returned. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 200 **Error Response Code:** 500 (Internal Server Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "items":{ "bc8e3a58f3b611eaa93d0b3c9c4e5962":{ "bytes_skipped":0, "snap_name":"mysql-hplt_snapmysql-hplt", "bytes_transferred":134217728, "state":"Push in progress", "op_trigger":"MANUAL", "bytes_count":973078528 }, "4ba16f22f30911eab74d45afeffd38d2":{ "bytes_skipped":0, "snap_name":"my-apptn_my-s1tc", "bytes_transferred":369098752, "state":"Pushed", "op_trigger":"MANUAL", "bytes_count":369098752 }, "387a9d46f30911eaae760514a59458bd":{ "bytes_skipped":0, "snap_name":"mysql2_snapmysql2", "bytes_transferred":369098752, "state":"Pushed", "op_trigger":"MANUAL", "bytes_count":369098752 }, "1c344900f30911eaa97a51af70aa8d37":{ "bytes_skipped":0, "snap_name":"mysql1_snapmysql1", "bytes_transferred":369098752, "state":"Pushed", "op_trigger":"MANUAL", "bytes_count":369098752 }, "d079f9d0f30a11ea85298d04093a1b78":{ "bytes_skipped":0, "snap_name":"ma-appbd_ma-s1dk", "bytes_transferred":100663296, "state":"Pushed", "op_trigger":"MANUAL", "bytes_count":100663296 }, "b419d8a2f30611eab3c98b46a91f9934":{ "bytes_skipped":0, "snap_name":"my-appcw_my-s1po", "bytes_transferred":369098752, "state":"Pushed", "op_trigger":"MANUAL", "bytes_count":369098752 } } } .. raw:: html
.. _ShareAppBackup: ---------------------------------------- Share an application backup with tenants ---------------------------------------- .. tabs:: .. tab:: CLI Run this command to share an application backup with one or more tenants: .. code-block:: text # robin backup tenant-share [] --operations --all-tenants ============================= ========================================================= ``backupid`` ID of the backup to share ``tenant_list`` An optional comma separated list of tenants to share an application backup with ``--operations `` Comma separated list of operations that can be performed on an application backup shared with tenants. To allow all valid operations to be performed, enter 'ALL_OPERATIONS' on the command line (default value is 'view') ``--all-tenants`` Share a backup with all tenants ============================= ========================================================= .. Note:: At least one of the following options, ``tenant_list`` or ``--all-tenants``, must be used in order to specify the tenants to share the backup with. **Example 1: Share a backup with a tenant** .. code-block:: text # robin backup tenant-share fe7d6f7a504f11ea92f977d7085a249d t1 --wait Job: 229 Name: K8sBackupShare State: PROCESSED Error: 0 Job: 229 Name: K8sBackupShare State: COMPLETED Error: 0 **Example 2: Share a backup with all tenants** .. code-block:: text # robin backup tenant-share fe7d6f7a504f11ea92f977d7085a249d --all-tenants --wait Job: 229 Name: K8sBackupShare State: PROCESSED Error: 0 Job: 229 Name: K8sBackupShare State: COMPLETED Error: 0 .. note:: The ability share a backup with tenants is subject to Robin Role Based Access Control (RBAC). Only Cluster Administrators (users having the **superadmin** role) have permission to do so. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Shares a backup with a set of tenants whilst also assigning the operations the aforementioned tenants are allowed to perform on the backup. **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: tenant_share`` - This mandatory field within the payload specifies that the tenant share operation is to be performed. - ``backupid: `` - This mandatory field within the payload specifies the UUID of the backup that needs to be shared. - ``tenant_list: `` - Utilizing this parameter within the payload, by specifiying a comma seperated list of tenant names, results in the backup being shared with the respective tenants. - ``operation_list: `` - Utilizing this parameter within the payload, by specifying a comma seperated list of operations, results in the aforementioned tenants being able to perform the given operations on the target backup. If not specified, the 'view' operation is assigned by default. To allow all valid operations to be performed specify a list containing 'ALL_OPERATIONS'. - ``all_tenants: true`` - Utilizing this parameter within the payload results in the backup being shared with all tenants in the cluster. The default value is false. Note this field overrides any tenants passed via the ``tenant_list`` parameter. .. note:: At least one of the following options, ``tenant_list`` or ``all_tenants``, must be used in order to specify the tenants to share the backup with. In addition to view a list of operations that can be shared for the backup object, review the section detailed `here `_. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":779 } .. raw:: html
----------------------------------------------- Stop sharing an application backup with tenants ----------------------------------------------- .. tabs:: .. tab:: CLI Stop sharing a storage repo with one or more tenants: .. code-block:: text # robin repo unshare [tenant_list] --operations --all-tenants ============================= ========================================================= ``backupid`` ID of the backup to stop sharing ``tenant_list`` List of tenants to stop sharing the backup with ``--operations `` Comma separated list of operations to stop allowing on an application backup shared with specified tenants. If no operations are specified, then stop sharing the backup with all specified tenants. ``--all-tenants`` Stop sharing the backup with all tenants ============================= ========================================================= .. Note:: At least one of the following options, ``tenant_list`` or ``--all-tenants``, must be used in order to specify the tenants to unshare the backup with. **Example 1: Stop sharing a backup with a tenant** .. code-block:: text # robin backup tenant-unshare fe7d6f7a504f11ea92f977d7085a249d t1 --wait Job: 229 Name: K8sBackupUnshare State: PROCESSED Error: 0 Job: 229 Name: K8sBackupUnshare State: COMPLETED Error: 0 **Example 2: Stop sharing a backup with all tenants** .. code-block:: text # robin backup tenant-unshare fe7d6f7a504f11ea92f977d7085a249d --all-tenants --wait Job: 229 Name: K8sBackupUnshare State: PROCESSED Error: 0 Job: 229 Name: K8sBackupUnshare State: COMPLETED Error: 0 .. note:: The ability stop sharing a backup with tenants is subject to Robin Role Based Access Control (RBAC). Only Cluster Administrators (users having the **superadmin** role) have permission to do so. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Unshares a backup with a set of tenants and/or unassigns operations the aforementioned tenants are allowed to perform on the backup. **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: tenant_unshare`` - This mandatory field within the payload specifies that the tenant unshare operation is to be performed. - ``backupid: `` - This mandatory field within the payload specifies the UUID of the backup that needs to be unshared. - ``tenant_list: `` - Utilizing this parameter within the payload, by specifiying a comma seperated list of tenant names, results in the backup being unshared with the respective tenants. - ``operation_list: `` - Utilizing this parameter within the payload, by specifying a comma seperated list of operations, results in the aforementioned tenants not being able to perform the given operations on the target backup. To disallow all valid operations to be performed specify a list containing 'ALL_OPERATIONS'. - ``all_tenants: true`` - Utilizing this parameter within the payload results in the backup being unshared with all tenants in the cluster. The default value is false. Note this field overrides any tenants passed via the ``tenant_list`` parameter. .. note:: At least one of the following options, ``tenant_list`` or ``all_tenants``, must be used in order to specify the tenants to unshare the backup with. In addition to view a list of operations that can be unshared for the backup object, review the section detailed `here `_. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":821 } .. raw:: html
-------------------------------------- Share an application backup with users -------------------------------------- .. tabs:: .. tab:: CLI Run this command to share an application backup with one or more users: .. code-block:: text # robin backup user-share [] --operations --all-tenant-users ============================= ========================================================= ``backupid`` ID of the backup to share ``tenant`` Tenant user share should be added to ``user_list`` List of users to share the backup with ``--operations `` List of operations the user will be allowed to perform. To allow all valid operations to be performed, specify 'ALL_OPERATIONS' on the command line (default value is 'view') ``--all-tenant-users`` Share a backup with all users ============================= ========================================================= .. Note:: At least one of the following options, ``user_list`` or ``--all-tenant-users``, must be used in order to specify the users to share the backup with. **Example:** .. code-block:: text # robin backup user-share fe7d6f7a504f11ea92f977d7085a249d t1 user1 --wait Job: 236 Name: K8sBackupShare State: PROCESSED Error: 0 Job: 236 Name: K8sBackupShare State: COMPLETED Error: 0 # robin backup list --full +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ | Backup ID | Backup Name | Repo | Snapshot Name | State | Managed | App Name | App Type | Owner/Tenant | Description | +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ | fe7d6f7a504f11ea92f977d7085a249d | mysql1_backup-1581811498 | testrepo | mysql1_snapshot-1581811498 | Pushed | True | mysql1 | helm | admin1/t1 | | +----------------------------------+--------------------------+----------+----------------------------+--------+---------+----------+----------+--------------+-------------+ Tenant Shares: ALL_TENANTS User Shares: t1:user1: view .. note:: The ability share a backup with users is subject to Robin Role Based Access Control (RBAC). By default, only Cluster Administrators (users having the **superadmin** role) and Tenant Administrators (users having the **tenantadmin** role) have permission to do so. Tenant Administrators are only allowed to stop sharing a backup with users from their tenant. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Shares a backup with a set of users within a tenant whilst also assigning the operations the aforementioned users are allowed to perform on the backup. **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: user_share`` - This mandatory field within the payload specifies that the user share operation is to be performed. - ``backupid: `` - This mandatory field within the payload specifies the UUID of the backup that needs to be shared. - ``tenant: `` - This mandatory field within the payload specifies the name of the tenant the user share should be added to. - ``user_list: `` - Utilizing this parameter within the payload, by specifiying a comma seperated list of usernames, results in the backup being shared with the respective users. - ``operation_list: `` - Utilizing this parameter within the payload, by specifying a comma seperated list of operations, results in the aforementioned users being able to perform the given operations on the target backup. If not specified, the 'view' operation is assigned by default. To allow all valid operations to be performed specify a list containing 'ALL_OPERATIONS'. - ``all_tenant_users: true`` - Utilizing this parameter within the payload results in the backup being shared with all users of the specified tenant. The default value is false. Note this field overrides any users passed via the ``user_list`` parameter. .. note:: At least one of the following options, ``user_list`` or ``all_tenant_users``, must be used in order to specify the users to share the backup with. In addition to view a list of operations that can be shared for the backup object, review the section detailed `here `_. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":732 } .. raw:: html
--------------------------------------------- Stop sharing an application backup with users --------------------------------------------- .. tabs:: .. tab:: CLI Stop sharing an application backup with one or more users: .. code-block:: text # robin backup user-unshare [] --operations --all-tenant-users ============================= ========================================================= ``backupid`` ID of the backup to stop sharing ``tenant`` Tenant user share should be removed from ``user_list`` List of users to stop sharing the backup with ``--operations `` List of operations to stop allowing users to invoke on the shared backup. To block all valid operations to be performed, specify 'ALL_OPERATIONS' on the command line (default value is 'view') ``--all-tenant-users`` Stop sharing a backup with all users (overrides user_list) ============================= ========================================================= .. Note:: At least one of the following options, ``user_list`` or ``--all-tenant-users``, must be used in order to specify the users to unshare the backup with. **Example:** .. code-block:: text # robin backup user-unshare fe7d6f7a504f11ea92f977d7085a249d t1 user1 --wait Job: 237 Name: K8sBackupUnshare State: PROCESSED Error: 0 Job: 237 Name: K8sBackupUnshare State: COMPLETED Error: 0 .. note:: The ability to stop sharing a backup is subject to Robin Role Based Access Control (RBAC). By default, only Cluster Administrators (users having the **superadmin** role) and Tenant Administrators (users having the **tenantadmin** role) have permission to do so. Tenant Administrators are only allowed to stop sharing a backup with users from their tenant. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Unshares a backup with a set of users and/or unassigns operations the aforementioned users are allowed to perform on the backup. **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: user_unshare`` - This mandatory field within the payload specifies that the user unshare operation is to be performed. - ``backupid: `` - This mandatory field within the payload specifies the UUID of the backup that needs to be unshared. - ``tenant: `` - This mandatory field within the payload specifies the name of the tenant the user share should be removed from. - ``user_list: `` - Utilizing this parameter within the payload, by specifiying a comma seperated list of usernames, results in the backup being unshared with the respective users. - ``operation_list: `` - Utilizing this parameter within the payload, by specifying a comma seperated list of operations, results in the aforementioned users not being able to perform the given operations on the target backup. To disallow all valid operations to be performed specify a list containing 'ALL_OPERATIONS'. - ``all_tenant_users: true`` - Utilizing this parameter within the payload results in the backup being unshared with all users of the specified tenant. The default value is false. Note this field overrides any users passed via the ``user_list`` parameter. .. note:: At least one of the following options, ``user_list`` or ``all_tenant_users``, must be used in order to specify the users to unshare the backup with. In addition to view a list of operations that can be unshared for the backup object, review the section detailed `here `_. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":765 } .. raw:: html
----------------------------------------------------------- List shares of an application backup with tenants and users ----------------------------------------------------------- .. tabs:: .. tab:: CLI List application backups that have been shared with one or more tenants or users: .. code-block:: text # robin backup list-shares [username] ============== =============================================================== ``username`` The username of the user to show backup shares for. If username is not supplied, then show backup shares for all users. ============== =============================================================== **Example:** .. code-block:: text # robin backup list-shares Tenant Shares: Backup Id | Backup Name | Operation | Tenants ---------------------------------+---------------------------------+-----------+--------- 8fd19606015011ebaf3abbf769ba4a18 | mysql-t1-u1-1_backup-1601273096 | view | t2 User Shares: Backup Id | Backup Name | Operation | Tenant | Users ---------------------------------+---------------------------------+-----------+--------+------------------ 8fd19606015011ebaf3abbf769ba4a18 | mysql-t1-u1-1_backup-1601273096 | view | t2 | All Tenant Users .. note:: The ability to list application backup shares is subject to Role Based Access Control (RBAC). Only Cluster Administrators (users having the superadmin role) and Tenant Administrators (users having the tenantadmin role) have permission to do so. Tenant Administrators are only allowed to view user shares for for users from their tenant. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Lists the users/tenants each backup is shared with alongside the operations the aforementioned users/tenants can perform on each of the respective backups. **End Point:** /api/v3/robin_server/backups **Method:** GET **URL Parameters:** None **Data Parameters:** - ``action: get_shares`` - This mandatory field within the payload specifies that backup user/tenant shares should be returned. - ``username: `` - Utilizing this parameter within the payload, by specifiying the name of a user, results in only backup shares for the respective user being returned. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 200 **Error Response Code:** 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "backup_shares":{ "user_shares":[ { "all_tenant_users":false, "repocatalog":{ "id":1, "backupname":"demo_backup-1602150193", "bkpid":"b549dd0c094a11eb9ccd8908b6db07e6" }, "operation":"view", "users":[ "user2" ], "id":1, "share_type":"repocatalog_share", "object_type":"BACKUP", "tenant":"Administrators" } ], "tenant_shares":[ { "all_tenants":true, "operation":"view", "repocatalog":{ "path":"\/1602135579\/demo_18\/b549dd0c094a11eb9ccd8908b6db07e6\/appconfig\/backup_metadata.json", "id":1, "backupname":"demo_backup-1602150193", "bkpid":"b549dd0c094a11eb9ccd8908b6db07e6" }, "id":1, "share_type":"repo_catalog_tenant_share", "tenants":[ ], "object_type":"BACKUP" } ] } } .. raw:: html
---------------------------- Export an application backup ---------------------------- .. tabs:: .. tab:: CLI Generate a token for use when importing an application backup into another cluster: .. code-block:: text # robin backup export ============================= ========================================================= ``backupid`` Application backup ID ============================= ========================================================= **Example:** .. code-block:: text # robin backup list +----------------------------------+-------------+----------+--------------------+--------+ | Backup ID | Backup Name | Repo | Snapshot Name | State | +----------------------------------+-------------+----------+--------------------+--------+ | 644770427d8911e9b908cbe6a78db423 | mysql1 | testrepo | mysql1_mysql1-snap | Pushed | +----------------------------------+-------------+----------+--------------------+--------+ # robin backup export 644770427d8911e9b908cbe6a78db423 eyJyZXBvX3R5cGUiOiAiR0NTIiwgImJhY2t1cF9pZCI6ICI2NDQ3NzA0MjdkODkxMWU5YjkwOGNiZTZhNzhkYjQyMyIsICJiYWNrdXBfcGF0aCI6ICJkZXYvdGVzdGluZy9hcHBjb25maWcvMTU1ODU5NDE0Ny9teXNxbDFfMS9teXNxbDFfbXlzcWwxLXNuYXAuanNvbiIsICJyZXBvX3BhcmFtcyI6IHsiYnVja2V0IjogInRlc3RidWNrZXQtMTAyOTM4NDc1NiIsICJyZXBvX3R5cGUiOiAiR0NTIiwgInBhdGgiOiAiZGV2L3Rlc3RpbmcvIiwgImNyZWRlbnRpYWxzIjogeyJwcm9qZWN0X2lkIjogInJvY2stcmFuZ2UtMjA3NjIyIn19fQ== .. note:: The ability to export a backup is subject to Robin Role Based Access Control (RBAC). By default, only Cluster Administrators (users having the **superadmin** role) have permission to do so. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Generates a token for use when importing an application backup into another cluster: **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: export`` - This mandatory field within the payload specifies that the export operation should be performed - ``bkpid: `` - This mandatory field within the payload specifies the ID of the backup to be exported. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 200 **Error Response Code:** 500 (Internal Server Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error), 404 (Not Found Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "backup_token":"eyJyZXBvX3BhcmFtcyI6IHsiYnVja2V0IjogInJhbWVuZHJhIiwgImNyZWRlbnRpYWxzIjogeyJwcm9qZWN0X2lkIjogInJvY2stcmFuZ2UtMjA3NjIyIn0sICJwYXRoIjogIm15LWFwcGN3LWJ1Y2tldC8iLCAicmVwb190eXBlIjogIkdDUyJ9LCAicmVwb190eXBlIjogIkdDUyIsICJiYWNrdXBfaWQiOiAiMzg3YTlkNDZmMzA5MTFlYWFlNzYwNTE0YTU5NDU4YmQiLCAiYmFja3VwX3BhdGgiOiAibXktYXBwY3ctYnVja2V0LzE1OTUzMzE4NjYvbXlzcWwyXzkvMzg3YTlkNDZmMzA5MTFlYWFlNzYwNTE0YTU5NDU4YmQvYXBwY29uZmlnL2JhY2t1cF9tZXRhZGF0YS5qc29uIn0=" } .. raw:: html
---------------------------- Import an application backup ---------------------------- .. tabs:: .. tab:: CLI Run this command to import an application backup from another cluster: .. note:: Importing a backup requires that the same bundle originally used to create the initial application, which was backed up, be present in the destination cluster. .. code-block:: text # robin backup import ============================= ========================================================= ``backup_token`` Token containing details of the backup to import ============================= ========================================================= **Example:** .. code-block:: text # robin backup import eyJyZXBvX3R5cGUiOiAiR0NTIiwgImJhY2t1cF9pZCI6ICI2NDQ3NzA0MjdkODkxMWU5YjkwOGNiZTZhNzhkYjQyMyIsICJiYWNrdXBfcGF0aCI6ICJkZXYvdGVzdGluZy9hcHBjb25maWcvMTU1ODU5NDE0Ny9teXNxbDFfMS9teXNxbDFfbXlzcWwxLXNuYXAuanNvbiIsICJyZXBvX3BhcmFtcyI6IHsiYnVja2V0IjogInRlc3RidWNrZXQtMTAyOTM4NDc1NiIsICJyZXBvX3R5cGUiOiAiR0NTIiwgInBhdGgiOiAiZGV2L3Rlc3RpbmcvIiwgImNyZWRlbnRpYWxzIjogeyJwcm9qZWN0X2lkIjogInJvY2stcmFuZ2UtMjA3NjIyIn19fQ== .. note:: The ability to import a backup is subject to Robin Role Based Access Control (RBAC). By default, only Cluster Administrators (users having the **superadmin** role) have permission to do so. See the section on :ref:`UserManagement` for details on how Robin RBAC works. .. tab:: API Imports an application backup from another cluster. **End Point:** /api/v3/robin_server/k8s_app **Method:** PUT **URL Parameters:** None **Data Parameters:** - ``action: import`` - This mandatory field within the payload specifies that the import operation should be performed - ``backup_token: `` - This mandatory field within the payload specifies the token containing the details of the backup to import. **Port:** RCM Port (default value is 29442) **Headers:** - ``Authorization: `` : Authorization token to identify which user is sending the request. The token can be acquired from the login API. **Success Response Code:** 202 **Error Response Code:** 500 (Internal Server Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error) **Example Response:** .. raw:: html
Output .. code-block:: text { "jobid":722 } .. raw:: html