Restore the GraphDB from S3

⚠️

This documentation is for Rhize v3.0.3. If you don’t need a specific version, switch to the latest documentation

Restore the GraphDB from S3

This guide shows you how to restore the Graph database from Amazon S3 to your Rhize environment.

Prerequisites

Before you start, ensure you have the following:

The GraphDB Helm chart
kubectl
A Database backup

Steps

Set the follow environmental variables:
- AWS_ACCESS_KEY_ID your AWS access key with permissions to write to the destination bucket
- AWS_SECRET_ACCESS_KEY your AWS access key with permissions to write to the destination bucket
- AWS_SESSION_TOKEN your AWS session token (if required)
Confirm the cluster and namespace are correct.
```
## context
kubectl config current-context
## namespace
kubectl get namespace
```
To change the namespace for all subsequent kubectl commands to libre, run this command:
```
kubectl config set-context --current --namespace=libre
```
For a reference of useful kubectl commands, refer to the official kubectl Cheat Sheet.

Upgrade or install the Helm chart.

helm upgrade --install -f baas.yaml libre-baas libre/baas -n libre

Wait for libre-baas-alpha-0 to start serving the GraphQL API.

Make a POST request to your Keycloak /token endpoint to get an access_token value. For example, with curl and jq:

## replace USERNAME and PASSWORD with your credentials
USERNAME=backups@libremfg.com \
&& PASSWORD=password \
&& curl --location \
  --request POST "${BAAS_OIDC_URL}/realms/libre/protocol/openid-connect/token" \
  --header 'Content-Type\ application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=password' \
  --data-urlencode "username=<USERNAME>" \
  --data-urlencode "password=<PASSWORD>"  \
  --data-urlencode "client_id=<BASS_CLIENT_ID>" \
  --data-urlencode "client_secret=<BASS_CLIENT_SECRET>" | jq .access_token

Using the token from the previous step, send a POST to <alpha pod>:8080/admin to retrieve a list of available backups from the s3 bucket.

 curl --location 'http://alpha-0:8080/admin' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <TOKEN>' \
--data '{"query":"query {\n\tlistBackups(input: {location: \"s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>\"}) {\n\t\tbackupId\n\t\tbackupNum\n\t\tencrypted\n\t\tpath\n\t\tsince\n\t\ttype\n        readTs\n\t}\n}","variables":{}}'

Using the backup id and token from the previous step, send a POST to <alpha pod>:8080/admin to start the restore from the s3 bucket to the alpha node. For example, with curl:

curl --location 'http://alpha-0:8080/admin' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <TOKEN>' \
--data '{"query":"mutation{\n  restore(input:{\n    location: \"s3://s3.<AWS-REGION>.amazonaws.com/<AWS-BUCKET-NAME>\",\n    backupId: \"<BACKUP_ID>\"\n  }){\n    message\n    code\n  }\n}","variables":{}}'

Restore the GraphDB Restore Audit backup