Back up the Graph DB to S3
This guide shows you how to back up the Rhize Graph database to Amazon S3 and S3-compatible storage.
Prerequisites
Before you start, ensure you have the following:
- A designated S3 backup location, for example
s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>
. - Access to your Rhize Kubernetes Environment
- Optional: kubectx utilities
kubectx
to manage multiple clusterskubens
to switch between and configure namespaces easily
- Optional: the k8 Lens IDE, if you prefer to use Kubernetes graphically.
Before you start, confirm you are in the right context and namespace:
## context
kubectl config current-context
## namespace
kubectl get namespace
Copy
To change the namespace for all subsequent kubectl
commands to libre
, run this command:
kubectl config set-context --current --namespace=libre
Copy
For a reference of useful kubectl
commands, refer to the official kubectl Cheat Sheet.
Steps
To back up the database, follow these steps:
Check the logs for the alpha and zero pods, either in Lens or with
kubectl logs
. Ensure there are no errors.kubectl logs libre-baas-baas-alpha-0 --tail=80
CopySet the following environmental variables:
AWS_ACCESS_KEY_ID
. Your AWS access key with permissions to write to the destination bucketAWS_SECRET_ACCESS_KEY
. Your AWS access key with permissions to write to the destination bucketAWS_SESSION_TOKEN
. Your AWS session token (if required)
Make a POST request to your Keycloak
/token
endpoint to get anaccess_token
value. For example, withcurl
andjq
:## replace USERNAME and PASSWORD with your credentials USERNAME=backups@libremfg.com \ && PASSWORD=password \ && curl --location \ --request POST "${BAAS_OIDC_URL}/realms/libre/protocol/openid-connect/token" \ --header 'Content-Type\ application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=password' \ --data-urlencode "username=<USERNAME>" \ --data-urlencode "password=<PASSWORD>" \ --data-urlencode "client_id=<BASS_CLIENT_ID>" \ --data-urlencode "client_secret=<BASS_CLIENT_SECRET>" | jq .access_token
CopyUsing the token from the previous step, send a POST to
<alpha service>:8080/admin
to create a backup of the node to your S3 bucket. For example, withcurl
:curl --location 'http://alpha:8080/admin' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer <TOKEN>' \ --data '{"query":"mutation {\n backup(input: {destination: \"s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>\"}) {\n response {\n message\n code\n }\n taskId\n }\n}","variables":{}}'
CopyList available backups to confirm your backup succeeded:
curl --location 'http://alpha:8080/admin' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer <TOKEN>' \ --data '{"query":"query backup {\n\tlistBackups(input: {location: \"s3://s3.<AWS-REGION>>.amazonaws.com/<AWS-BUCKET-NAME>\"}) {\n\t\tbackupId\n\t\tbackupNum\n\t\tpath\n\t\tsince\n\t\ttype\n\t}\n}","variables":{}}'
Copy
Next Steps
- Test the Restore Graph Database From S3 procedure to ensure you can recover data from Amazon S3 in case of an emergency.
- To back up other Rhize services, read how to backup Grafana.