Skip to content

Commit aa6bc46

Browse files
committed
Guide for complete data protection feature usage
Signed-off-by: Shobha M <mshobha@vmware.com>
1 parent a39108a commit aa6bc46

File tree

3 files changed

+281
-0
lines changed

3 files changed

+281
-0
lines changed
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,141 @@
1+
---
2+
Title: "Data Protection of a Tanzu Kubernetes Cluster"
3+
Description: |-
4+
An example of using Data Protection Feature for a Tanzu Kubernetes Cluster
5+
---
6+
# Enable Data Protection
7+
8+
The `tanzu-mission-control_enable_data_protection` resource enables users to activate and set up data protection for a Tanzu Kubernetes Cluster.
9+
Once enabled, users can create instant backups or schedule backups for later.
10+
11+
For more information regarding data protection, see [Data Protection][data-protection].
12+
13+
[data-protection]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-concepts/GUID-C16557BC-EB1B-4414-8E63-28AD92E0CAE5.html
14+
15+
16+
# Target Location
17+
18+
The `"tanzu-mission-control_target_location` resource enables users to create and configure target locations for data protection backups.
19+
Once created, a target location can be used to store cluster backups.
20+
21+
**NOTE**: The type of a target location is inherited from the configured credentials type which can be either "TMC Managed" or "Self Managed".
22+
23+
For more information regarding target location, see [Target Location][target-location].
24+
25+
[target-location]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-using/GUID-867683CE-8AF0-4DC7-9121-81AD507EDB3B.html
26+
27+
# Backup Schedule
28+
29+
The `tanzu-mission-control_backup_schedule` resource enables users to create and configure scheduled backups in a cluster.
30+
31+
Backups can be applied in 3 levels:
32+
33+
* Entire/Full Cluster
34+
* Selected Namespaces
35+
* Resources Selection By Label Selector
36+
37+
For more information regarding scheduled backups, see [Scheduled Backups][backup-schedule].
38+
39+
[backup-schedule]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-using/GUID-89926F80-050A-4F1C-9D04-D56D5F453995.html?hWord=N4IghgNiBcIEZgMYGsCuAHABAZ0QCwFMATVCAkAXyA
40+
41+
## Sample usage of Data Protection
42+
43+
You can use the following template as reference for enabling all stages of data protection feature of Tanzu Mission Control using Terraform (i.e.) Enable data-protection for cluster, Set a Target Location of backup and finally, set a backup schedule for periodic data protection.
44+
45+
```terraform
46+
// Tanzu Mission Control Data Protection Feature
47+
48+
locals {
49+
cluster_name = "<cluster-name>"
50+
management_cluster_name = "<management-cluster-name>"
51+
provisioner_name = "<provisioner-name>"
52+
}
53+
54+
// Enable Data Protection
55+
resource "tanzu-mission-control_enable_data_protection" "data_protection" {
56+
scope {
57+
cluster {
58+
cluster_name = local.cluster_name
59+
management_cluster_name = local.management_cluster_name
60+
provisioner_name = local.provisioner_name
61+
}
62+
}
63+
64+
spec {
65+
disable_restic = false // Default: false
66+
enable_csi_snapshots = false // Default: false
67+
enable_all_api_group_versions_backup = false // Default: false
68+
}
69+
70+
deletion_policy {
71+
delete_backups = false // Default: false
72+
}
73+
}
74+
75+
// Create Target Location for Scheduled Back Up
76+
// Self managed AWS Target Location
77+
resource "tanzu-mission-control_target_location" "aws_self_provisioned" {
78+
name = "<target-location-name>"
79+
80+
spec {
81+
target_provider = "AWS"
82+
credential = {
83+
name = "<aws-credential-name?"
84+
}
85+
86+
bucket = "<bucket-name>"
87+
region = "<region>"
88+
89+
config {
90+
aws {
91+
s3_force_path_style = false
92+
s3_bucket_url = "<aws-s3-bucket-url>"
93+
s3_public_url = "<aws-s3-public-url>"
94+
}
95+
}
96+
97+
assigned_groups {
98+
cluster {
99+
name = local.cluster_name
100+
management_cluster_name = local.management_cluster_name
101+
provisioner_name = local.provisioner_name
102+
}
103+
104+
cluster_groups = ["<cluster-group-name-1>", "<cluster-group-name-2>"]
105+
}
106+
}
107+
}
108+
109+
// Create Full Cluster Scheduled Back Up
110+
resource "tanzu-mission-control_backup_schedule" "backup_full_cluster" {
111+
name = "<scheduled-backup-name>"
112+
scope {
113+
cluster {
114+
cluster_name = local.cluster_name
115+
management_cluster_name = local.management_cluster_name
116+
provisioner_name = local.provisioner_name
117+
}
118+
}
119+
120+
backup_scope = "FULL_CLUSTER"
121+
122+
spec {
123+
schedule {
124+
rate = "0 12 * * 1"
125+
}
126+
127+
template {
128+
backup_ttl = "2592000s"
129+
excluded_namespaces = [
130+
"<namespace-1>",
131+
]
132+
excluded_resources = [
133+
"<resource-1>",
134+
"<resource-2>"
135+
]
136+
137+
storage_location = tanzu-mission-control_target_location.aws_self_provisioned.name
138+
}
139+
}
140+
}
141+
```
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
// Tanzu Mission Control Data Protection Feature
2+
3+
locals {
4+
cluster_name = "<cluster-name>"
5+
management_cluster_name = "<management-cluster-name>"
6+
provisioner_name = "<provisioner-name>"
7+
}
8+
9+
// Enable Data Protection
10+
resource "tanzu-mission-control_enable_data_protection" "data_protection" {
11+
scope {
12+
cluster {
13+
cluster_name = local.cluster_name
14+
management_cluster_name = local.management_cluster_name
15+
provisioner_name = local.provisioner_name
16+
}
17+
}
18+
19+
spec {
20+
disable_restic = false // Default: false
21+
enable_csi_snapshots = false // Default: false
22+
enable_all_api_group_versions_backup = false // Default: false
23+
}
24+
25+
deletion_policy {
26+
delete_backups = false // Default: false
27+
}
28+
}
29+
30+
// Create Target Location for Scheduled Back Up
31+
// Self managed AWS Target Location
32+
resource "tanzu-mission-control_target_location" "aws_self_provisioned" {
33+
name = "<target-location-name>"
34+
35+
spec {
36+
target_provider = "AWS"
37+
credential = {
38+
name = "<aws-credential-name?"
39+
}
40+
41+
bucket = "<bucket-name>"
42+
region = "<region>"
43+
44+
config {
45+
aws {
46+
s3_force_path_style = false
47+
s3_bucket_url = "<aws-s3-bucket-url>"
48+
s3_public_url = "<aws-s3-public-url>"
49+
}
50+
}
51+
52+
assigned_groups {
53+
cluster {
54+
name = local.cluster_name
55+
management_cluster_name = local.management_cluster_name
56+
provisioner_name = local.provisioner_name
57+
}
58+
59+
cluster_groups = ["<cluster-group-name-1>", "<cluster-group-name-2>"]
60+
}
61+
}
62+
}
63+
64+
// Create Full Cluster Scheduled Back Up
65+
resource "tanzu-mission-control_backup_schedule" "backup_full_cluster" {
66+
name = "<scheduled-backup-name>"
67+
scope {
68+
cluster {
69+
cluster_name = local.cluster_name
70+
management_cluster_name = local.management_cluster_name
71+
provisioner_name = local.provisioner_name
72+
}
73+
}
74+
75+
backup_scope = "FULL_CLUSTER"
76+
77+
spec {
78+
schedule {
79+
rate = "0 12 * * 1"
80+
}
81+
82+
template {
83+
backup_ttl = "2592000s"
84+
excluded_namespaces = [
85+
"<namespace-1>",
86+
]
87+
excluded_resources = [
88+
"<resource-1>",
89+
"<resource-2>"
90+
]
91+
92+
storage_location = tanzu-mission-control_target_location.aws_self_provisioned.name
93+
}
94+
}
95+
}
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
---
2+
Title: "Data Protection of a Tanzu Kubernetes Cluster"
3+
Description: |-
4+
An example of using Data Protection Feature for a Tanzu Kubernetes Cluster
5+
---
6+
# Enable Data Protection
7+
8+
The `tanzu-mission-control_enable_data_protection` resource enables users to activate and set up data protection for a Tanzu Kubernetes Cluster.
9+
Once enabled, users can create instant backups or schedule backups for later.
10+
11+
For more information regarding data protection, see [Data Protection][data-protection].
12+
13+
[data-protection]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-concepts/GUID-C16557BC-EB1B-4414-8E63-28AD92E0CAE5.html
14+
15+
16+
# Target Location
17+
18+
The `"tanzu-mission-control_target_location` resource enables users to create and configure target locations for data protection backups.
19+
Once created, a target location can be used to store cluster backups.
20+
21+
**NOTE**: The type of a target location is inherited from the configured credentials type which can be either "TMC Managed" or "Self Managed".
22+
23+
For more information regarding target location, see [Target Location][target-location].
24+
25+
[target-location]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-using/GUID-867683CE-8AF0-4DC7-9121-81AD507EDB3B.html
26+
27+
# Backup Schedule
28+
29+
The `tanzu-mission-control_backup_schedule` resource enables users to create and configure scheduled backups in a cluster.
30+
31+
Backups can be applied in 3 levels:
32+
33+
* Entire/Full Cluster
34+
* Selected Namespaces
35+
* Resources Selection By Label Selector
36+
37+
For more information regarding scheduled backups, see [Scheduled Backups][backup-schedule].
38+
39+
[backup-schedule]: https://docs.vmware.com/en/VMware-Tanzu-Mission-Control/services/tanzumc-using/GUID-89926F80-050A-4F1C-9D04-D56D5F453995.html?hWord=N4IghgNiBcIEZgMYGsCuAHABAZ0QCwFMATVCAkAXyA
40+
41+
## Sample usage of Data Protection
42+
43+
You can use the following template as reference for enabling all stages of data protection feature of Tanzu Mission Control using Terraform (i.e.) Enable data-protection for cluster, Set a Target Location of backup and finally, set a backup schedule for periodic data protection.
44+
45+
{{ tffile "resource_templates/data_protection_feature.tf" }}

0 commit comments

Comments
 (0)