Run Ansible Backup Playbook RemotelyΒΆ
In this method you can run Ansible Backup playbook on a remote workstation and target it at controller-0.
Prerequisites
You need to have Ansible installed on your remote workstation, along with the Ansible Backup/Restore playbooks.
Your network has IPv6 connectivity before running Ansible Playbook, if the system configuration is IPv6.
Procedure
Log in to the remote workstation.
Create secret and backup folders.
For example:
cd $HOME mkdir -p <br> <overrides>
Provide either a customized Ansible hosts file specified using the
-i
option, or use the default one in the Ansible configuration directory (that is, /etc/ansible/hosts).If using a customized file, change to the
<br>
directory created in the previous step.Make the following modifications. You must specify the floating OAM IP of the controller host. For example, if the host name is stx_Cluster, the inventory file should have an entry stx_Cluster, for example:
--- all: hosts: wc68: ansible_host: 128.222.100.02 stx_Cluster: ansible_host: 128.224.141.74
Switch to the <overrides> directory created previously.
Create a new secret file encrypted with Ansible-Vault using the ansible-vault create secrets.yml command.
Set and confirm a new Ansible-Vault password. Ansible will open an editing window where you can enter your desired contents.
The following settings are usually common to all hosts, in which case they can be placed in the
secrets.yml
file.vault_password_change_responses: yes/no: 'yes' sysadmin*: 'sysadmin' (current) UNIX password: 'sysadmin' New password: 'Li69nux*' Retype new password: 'Li69nux*' admin_password: Li69nux* ansible_become_pass: Li69nux* ansible_ssh_pass: Li69nux*
Save your changes and quit the editor. If you need to make additional changes, you can use the command ansible-vault edit override_dir/secrets.yml.
Run Ansible Backup playbook:
~(keystone_admin)]$ ansible-playbook <path-to-backup-playbook-entry-file> -ask-vault-pass -e "host_backup_dir=$HOME/br_test override_files_dir=$HOME/override_dir"
For example:
~(keystone_admin)]$ ansible-playbook backup.yml --limit sm5 -i $HOME/br_test/hosts --ask-vault-pass -e "host_backup_dir=$HOME/br_test override_files_dir=$HOME/override_dir"
The generated backup tar file can be found in <host_backup_dir>, that is, /home/sysadmin, by default. You can overwrite it using the -e option on the command line or in an override file.
Warning
If a backup of the local registry images file is created, the file is not copied from the remote machine to the local machine. The
inventory_hostname_docker_local_registry_backup_timestamp.tgz
file needs to copied off the host machine to be used if a restore is needed.After the backup is complete, run the following:
$ system helm-override-update nginx-ingress-controller ingress-nginx kube-system --set controller.admissionWebhooks.enabled=true
Then, reapply the nginx app to restore the admissionWebhook:
$ system application-apply nginx-ingress-controller