Red Hat Ansible Automation Platform Operator Backup and Recovery Guide

Red Hat Ansible Automation Platform 2.4

Safeguard against data loss with backup and recovery of Ansible Automation Platform operator on OpenShift Container Platform

Red Hat Customer Content Services

Abstract

This guide provides procedures and reference information to backup and recover installations of the Red Hat Ansible Automation Platform operator on OpenShift Container Platform.

Preface

Thank you for your interest in Red Hat Ansible Automation Platform. Ansible Automation Platform is a commercial offering that helps teams manage complex multi-tier deployments by adding control, knowledge, and delegation to Ansible-powered environments.

Use the procedures in this guide to create backup resources that can be used for recovering your Red Hat Ansible Automation Platform deployment in the event of a failure.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your feedback on our technical content and encourage you to tell us what you think. If you’d like to add comments, provide insights, correct a typo, or even ask a question, you can do so directly in the documentation.

Note

You must have a Red Hat account and be logged in to the customer portal.

To submit documentation feedback from the customer portal, do the following:

  1. Select the Multi-page HTML format.
  2. Click the Feedback button at the top-right of the document.
  3. Highlight the section of text where you want to provide feedback.
  4. Click the Add Feedback dialog next to your highlighted text.
  5. Enter your feedback in the text box on the right of the page and then click Submit.

We automatically create a tracking issue each time you submit feedback. Open the link that is displayed after you click Submit and start watching the issue or add more comments.

Chapter 1. Backup and recovery of Red Hat Ansible Automation Platform

To safeguard against unexpected data loss and application errors, it is critical that you perform periodic backups of your Red Hat Ansible Automation Platform deployment. In addition to data loss prevention, backups allow you to fall back to a different deployment state.

1.1. About backup and recovery

Red Hat recommends backing up deployments of Red Hat Ansible Automation Platform in your Red Hat OpenShift Container Platform environment to prevent data loss.

A backup resource of your Red Hat Ansible Automation Platform deployment includes the following:

  • Custom deployment of specific values in the spec section of the Ansible Automation Platform custom resource object
  • Back up of the postgresql database
  • secret_key, admin_password, and broadcast_websocket secrets
  • Database configuration
Note

Be sure to secure your backup resources because they can include sensitive information.

1.1.1. Backup recommendations

Recovering from data loss requires that you plan for and create backup resources of your Red Hat Ansible Automation Platform deployments on a regular basis. At a minimum, Red Hat recommends backing up deployments of Red Hat Ansible Automation Platform under the following circumstances:

  • Before upgrading your Red Hat Ansible Automation Platform deployments
  • Before upgrading your Openshift cluster
  • Once per week. This is particularly important if your environment is configured for automatic upgrades.

Chapter 2. Creating Red Hat Ansible Automation Platform backup resources

Backing up your Red Hat Ansible Automation Platform deployment involves creating backup resources for your deployed automation hub and automation controller instances. Use these procedures to create backup resources for your Red Hat Ansible Automation Platform deployment.

2.1. Backing up the Automation controller deployment

Use this procedure to back up a deployment of the controller, including jobs, inventories, and credentials.

Prerequisites

  • You must be authenticated with an Openshift cluster.
  • The Ansible Automation Platform Operator has been installed to the cluster.
  • The automation controller is deployed to using the Ansible Automation Platform Operator.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select the Ansible Automation Platform Operator installed on your project namespace.
  4. Select the Automation Controller Backup tab.
  5. Click Create AutomationControllerBackup.
  6. Enter a Name for the backup.
  7. Enter the Deployment name of the deployed Ansible Automation Platform instance being backed up. For example, if your automation controller must be backed up and the deployment name is aap-controller, enter 'aap-controller' in the Deployment name field.

  8. If you want to use a custom, pre-created pvc:

    1. Optionally enter the name of the Backup persistant volume claim.

    2. Optionally enter the Backup PVC storage requirements, and Backup PVC storage class.

      Note

      If no pvc or storage class is provided, the cluster’s default storage class is used to create the pvc.

    3. If you have a large database, specify your storage requests accordingly under Backup management pod resource requirements.

      Note

      You can check the size of the existing postgres database data directory by running the following command inside the postgres pod. 

      $ df -h | grep "/var/lib/pgsql/data"

  9. Click Create.

    A backup tarball of the specified deployment is created and available for data recovery or deployment rollback. Future backups are stored in separate tar files on the same pvc.

2.2. Backing up the Automation hub deployment

Use this procedure to back up a deployment of the hub, including all hosted Ansible content.

Prerequisites

  • You must be authenticated with an Openshift cluster.
  • The Ansible Automation Platform Operator has been installed to the cluster.
  • The automation hub is deployed to using the Ansible Automation Platform Operator.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select the Ansible Automation Platform Operator installed on your project namespace.
  4. Select the Automation Hub Backup tab.
  5. Click Create AutomationHubBackup.
  6. Enter a Name for the backup.
  7. Enter the Deployment name of the deployed Ansible Automation Platform instance being backed up. For example, if your automation hub must be backed up and the deployment name is aap-hub, enter 'aap-hub' in the Deployment name field.

  8. If you want to use a custom, pre-created pvc:

    1. Optionally, enter the name of the Backup persistent volume claim, Backup persistent volume claim namespace, Backup PVC storage requirements, and Backup PVC storage class.

  9. Click Create.

    A backup of the specified deployment is created and available for data recovery or deployment rollback.

Chapter 3. Recovering a Red Hat Ansible Automation Platform deployment

If you lose information on your system or issues with an upgrade, you can use the backup resources of your deployment instances. Use these procedures to recover your automation controller and automation hub deployment files.

3.1. Recovering the Automation controller deployment

Use this procedure to restore a previous controller deployment from an AutomationControllerBackup. The deployment name you provide will be the name of the new AutomationController custom resource that will be created.

Note

The name specified for the new AutomationController custom resource must not match an existing deployment or the recovery process will fail. If the name specified does match an existing deployment, see Troubleshooting for steps to resolve the issue.

Prerequisites

  • You must be authenticated with an Openshift cluster.
  • The automation controller has been deployed to the cluster.
  • An AutomationControllerBackup is available on a PVC in your cluster.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select the Ansible Automation Platform Operator installed on your project namespace.
  4. Select the Automation Controller Restore tab.
  5. Click Create AutomationControllerRestore.
  6. Enter a Name for the recovery deployment.

  7. Enter a New Deployment name for the restored deployment.

    Note

    This should be different from the original deployment name.

  8. Select the Backup source to restore from. Backup CR is recommended.
  9. Enter the Backup Name of the AutomationControllerBackup object.

  10. Click Create.

    A new deployment is created and your backup is restored to it. This can take approximately 5 to 15 minutes depending on the size of your database.

3.2. Recovering the Automation hub deployment

Use this procedure to restore a previous hub deployment into the namespace. The deployment name you provide will be the name of the new AutomationHub custom resource that will be created.

Note

The name specified for the new AutomationHub custom resource must not match an existing deployment or the recovery process will fail.

Prerequisites

  • You must be authenticated with an Openshift cluster.
  • The automation hub has been deployed to the cluster.
  • An AutomationHubBackup is available on a PVC in your cluster.

Procedure

  1. Log in to Red Hat OpenShift Container Platform.
  2. Navigate to OperatorsInstalled Operators.
  3. Select the Ansible Automation Platform Operator installed on your project namespace.
  4. Select the Automation Hub Restore tab.
  5. Click Create AutomationHubRestore.
  6. Enter a Name for the recovery deployment.
  7. Select the Backup source to restore from. Backup CR is recommended.
  8. Enter the Backup Name of the AutomationHubBackup object.

  9. Click Create.

    A new deployment is created and your backup is restored to it.

Chapter 4. Troubleshooting

Use this information to diagnose and resolve issues during backup and recovery.

4.1. Automation controller custom resource has the same name as an existing deployment

The name specified for the new AutomationController custom resource must not match an existing deployment or the recovery process will fail.

If your AutomationController customer resource matches an existing deployment, perform the following steps to resolve the issue.

Procedure

  1. Delete the existing AutomationController and the associated postgres PVC: 

    oc delete automationcontroller <YOUR_DEPLOYMENT_NAME> -n <YOUR_NAMESPACE>

oc delete pvc postgres-13-<YOUR_DEPLOYMENT_NAME>-13-0 -n <YOUR_NAMESPACE>

  2. Use AutomationControllerRestore with the same deployment_name in it: 

    oc apply -f restore.yaml

Legal Notice

Copyright © 2023 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.