New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1795235: DR: Backup should keep data and keys separate #1398
Bug 1795235: DR: Backup should keep data and keys separate #1398
Conversation
/assign @hexfusion |
/test e2e-aws-disruptive |
templates/master/00-master/_base/files/usr-local-bin-etcd-snapshot-restore-sh.yaml
Outdated
Show resolved
Hide resolved
Only some quotation nits. Otherwise, it looks good. |
e4d4344
to
eb2474e
Compare
@sttts Added quotation marks and braces. |
templates/master/00-master/_base/files/usr-local-bin-etcd-snapshot-restore-sh.yaml
Outdated
Show resolved
Hide resolved
eb2474e
to
158d174
Compare
/approve |
CI flake /test e2e-aws |
/test e2e-aws |
1 similar comment
/test e2e-aws |
/cherrypick release-4.3 |
@retroflexer: once the present PR merges, I will cherry-pick it on top of release-4.3 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test e2e-aws |
2 similar comments
/test e2e-aws |
/test e2e-aws |
158d174
to
5fdfe58
Compare
templates/master/00-master/_base/files/usr-local-bin-etcd-snapshot-restore-sh.yaml
Show resolved
Hide resolved
/test e2e-aws |
/lgtm |
/test e2e-gcp-op |
SNAPSHOT_FILE="$1" | ||
elif [[ "$1" =~ \.tar\.gz$ ]]; then | ||
BACKUP_FILE="$1" | ||
tar xzf ${BACKUP_FILE} -C ${ASSET_DIR}/tmp/ snapshot.db |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
quotes.
tar xzf works? no dash?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Quotes are not needed as we have already checked if it is null.
Yes, tar xzf works. The current version on master uses the same option.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no way for spaces? Everything is hardcoded and not dependent on user input?
/test e2e-aws |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hexfusion, retroflexer, runcom, sttts The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest Please review the full test history for this PR and help us cut down flakes. |
7 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/skip |
@retroflexer: #1398 failed to apply on top of branch "release-4.3":
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@retroflexer: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
@retroflexer: All pull requests linked via external trackers have merged. Bugzilla bug 1795235 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test e2e-aws-scaleup-rhel7 |
- What I did
Backup should save static pod resources of kube-apiserver separate from the snapshot of etcd database. When etcd is encrypted, it is important to keep the data and keys separatedly for security.
Similarly, restore can be invoked on a backup directory containing files for the static pod resources along with the etcd database.
- How to verify it
Follow DR documentation to back up and restore. The cluster should functional after the same backup is restored on all masters.
- Description for the changelog
Save and restore kube apiserver's static pod resources separatedly from the etcd database.