Edit Page

Restore the GraphDB from S3

This guide shows you how to restore the Graph database from Amazon S3 to your Rhize environment.

Prerequisites

Before you start, ensure you have the following:

Steps

  1. Set the follow environmental variables:

    • AWS_ACCESS_KEY_ID your AWS access key with permissions to write to the destination bucket
    • AWS_SECRET_ACCESS_KEY your AWS access key with permissions to write to the destination bucket
    • AWS_SESSION_TOKEN your AWS session token (if required)
  2. Confirm the cluster and namespace are correct.

    ## context
    kubectl config current-context
    ## namespace
    kubectl get namespace
    

    To change the namespace for all subsequent kubectl commands to libre, run this command:

    kubectl config set-context --current --namespace=libre
    

    For a reference of useful kubectl commands, refer to the official kubectl Cheat Sheet.

  3. Upgrade or install the Helm chart.

    helm upgrade --install -f baas.yaml libre-baas libre/baas -n libre
    
  4. Wait for libre-baas-alpha-0 to start serving the GraphQL API.

  5. Make a POST request to your Keycloak /token endpoint to get an access_token value. For example, with curl and jq:

    ## replace USERNAME and PASSWORD with your credentials
    USERNAME=backups@libremfg.com \
    && PASSWORD=password \
    && curl --location \
      --request POST "${BAAS_OIDC_URL}/realms/libre/protocol/openid-connect/token" \
      --header 'Content-Type\ application/x-www-form-urlencoded' \
      --data-urlencode 'grant_type=password' \
      --data-urlencode "username=<USERNAME>" \
      --data-urlencode "password=<PASSWORD>"  \
      --data-urlencode "client_id=<BASS_CLIENT_ID>" \
      --data-urlencode "client_secret=<BASS_CLIENT_SECRET>" | jq .access_token
    
  6. Using the token from the previous step, send a POST to <alpha pod>:8080/admin to retrieve a list of available backups from the s3 bucket.

     curl --location 'http://alpha-0:8080/admin' \
    --header 'Content-Type: application/json' \
    --header 'Authorization: Bearer <TOKEN>' \
    --data '{"query":"query {\n\tlistBackups(input: {location: \"s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>\"}) {\n\t\tbackupId\n\t\tbackupNum\n\t\tencrypted\n\t\tpath\n\t\tsince\n\t\ttype\n        readTs\n\t}\n}","variables":{}}'
    
  7. Using the backup id and token from the previous step, send a POST to <alpha pod>:8080/admin to start the restore from the s3 bucket to the alpha node. For example, with curl:

    curl --location 'http://alpha-0:8080/admin' \
    --header 'Content-Type: application/json' \
    --header 'Authorization: Bearer <TOKEN>' \
    --data '{"query":"mutation{\n  restore(input:{\n    location: \"s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>\",\n    backupId: \"<BACKUP_ID>\"\n  }){\n    message\n    code\n  }\n}","variables":{}}'