Restoring the Policy Workbench
Before you begin
Before starting a restore, ensure that the following prerequisites are met:
- Ensure that an existing backup is available. Backups are taken automatically as part of the default installation of the Policy Workbench using scheduled backup mechanisms. The backups are available in the encrypted AWS S3 bucket that you created when you deployed PPC. You can also choose to manually back up the data.
For more information about the AWS S3 bucket, refer to the section Creating AWS KMS Key and S3 Bucket.
For more information about manually backing up the data, refer to the section Backing up the Policy Workbench.
- Ensure that a restored PPC cluster is available. The Policy Workbench is restored on a restored PPC cluster. For information about restoring the PPC, refer to the section Restoring the PPC.
Important: Before you restore the data, ensure that Velero CLI version 1.17 or later is installed.
To restore the data:
- Ensure that the
main.tffile in the root module, which is the working directory for executing the OpenTofu commands, contains the following code block. If root module is not available, then you need to create a root module with themain.tffile.
module "policy_workbench" {
source = "oci://<Container_Registry_Path>/policy-workbench/<major.minor>/opentofu/modules/policy-workbench?tag=<version>"
cluster_name = var.cluster_name
}
variable "cluster_name" {
type = string
description = "EKS cluster name."
nullable = false
validation {
condition = length(trimspace(var.cluster_name)) > 0
error_message = "cluster_name must be provided and cannot be empty."
}
}
This code block adds the Policy Workbench OpenTofu module.
- Run the following commands on the jump box.
tofu init
tofu plan -var="cluster_name=<Restored-PPC-cluster-name>"
tofu apply -var="cluster_name=<Restored-PPC-cluster-name>"
Specify the name of the restored PPC cluster as the value of the cluster_name variable.
For information about restoring the PPC, refer to the section Restoring the PPC.
- Run the following command on the jump box.
velero restore create workbench-restore-$(date +%Y%m%d-%H%M%S) --from-backup <backup-name> -n <Namespace where data is backed up>
For example:
velero restore create workbench-restore-$(date +%Y%m%d-%H%M%S) --from-backup <backup-name> -n pty-backup-recovery
For more information about the velero restore command, refer to the section Restore Reference in the Velero documentation.
- Run the following command to list all the restore operations in the specific namespace.
velero restore get -n pty-backup-recovery
Ensure that the status of the restore operation is WaitingForPluginOperations.
- Run the following command to annotate the Kubernetes resources.
kubectl annotate productconfiguration workbench -n pty-admin kopf.zalando.org/last-handled-configuration- --overwrite
- Run the following command to upgrade the Policy Workbench.
helm upgrade policy-workbench \
<chart> \
--version <version> \
--namespace policy-workbench \
--reuse-values
<chart> is the name of the Helm chart that you specified while installing the Policy Workbench.
- Run the following commands to monitor the restore status.
- Run the following command to retrieve the list of existing restores.
velero restore get -n pty-backup-recovery- Run the following command to obtain details of a specific restore.
velero restore describe workbench-restore-<timestamp> -n pty-backup-recovery- Run the following command obtains the log details for a specific restore.
velero restore logs workbench-restore-<timestamp> -n pty-backup-restore
Feedback
Was this page helpful?