Automatic backups

Magnolia PaaS provides automatic backups as defined in the values.yml file in your project. The backup sidecar is a container defined in the Magnolia Database (DB) pod of both the author and public workloads. The sidecar provides endpoints to list and create backups. In order to execute the endpoint, a port forward to the corresponding pod/container is required. The backup server is running on port 9999.

Write ahead logging (WAL) must be enabled for the backup to work properly. It stores a base backup as well as the transaction logs.
You can restore, copy, and download backups directly from your Cockpit. See more details on the Dev operations (beta) page.
backups

values.yml file

The values.yml file is found in the root of your Magnolia PaaS project folder.

The example below shows the db section of the file. For a full look at the file, see here. 
...
db:
  backup:
    enabled: true
    env:
      - name: MGNLBACKUP_PG_DATA
        value: "/db/data"
      - name: MGNLBACKUP_USE_PG_WAL (1)
        value: "true"
      - name: MGNLBACKUP_SYNC_DIR
        value: "/archive"
      - name: MGNLBACKUP_NO_STDOUT
        value: "true"
      - name: MGNLBACKUP_LOGLEVEL
        value: "debug"
      - name: MGNLBACKUP_BUCKET (2)
        value: "[subscription-name]-backup-bucket"
      - name: MGNLBACKUP_PREFIX
        value: {{ .Env.DEPLOYMENT }}/author
      - name: MGNLBACKUP_HERITAGE
        value: "magnolia-backup"
      - name: MGNLBACKUP_CRON (3)
        value: "0 3 * * *"
      - name: MGNLBACKUP_KEEPDAYS (4)
        value: "30"
      - name: MGNLBACKUP_S3_ENDPOINT (5)
        value: "s3.eu-central-1.amazonaws.com"
      - name: MGNLBACKUP_S3_REGION (6)
        value: "eu-central-1"
      - name: MGNLBACKUP_S3_ACCESSKEY (7)
        valueFrom:
          secretKeyRef:
            name: s3-backup-key
            key: accesskey
      - name: MGNLBACKUP_S3_SECRETKEY (7)
        valueFrom:
          secretKeyRef:
            name: s3-backup-key
            key: secretkey
      - name: MGNLBACKUP_TAGS_NODE_NAME
        valueFrom:
          fieldRef:
            fieldPath: spec.nodeName
      - name: MGNLBACKUP_TAGS_NAMESPACE
        valueFrom:
          fieldRef:
            fieldPath: metadata.namespace
      - name: MGNLBACKUP_TAGS_POD_NAME
        valueFrom:
          fieldRef:
            fieldPath: metadata.name
      - name: MGNLBACKUP_TAGS_RELEASE
        value: {{ .Env.DEPLOYMENT }}
...
1 MGNLBACKUP_USE_PG_WAL (write-ahead-logging) has to be enabled in order to use Postgres WAL for Point-in-Time Recovery.
2 MGNLBACKUP_BUCKET name of the bucket containing the subscription name.
3 MGNLBACKUP_CRON cron expression for how often a full base backup is created.

  • 0 3 * * * = every day at 3am (or any other time outside of the high traffic hours)
While a basebackup retains a complete dump of the database in the S3 bucket, ongoing backups of transaction logs are being made and stored on the S3 bucket as well due to WAL. Consider that with each base backup the whole database (per author/public instance) is hold back on storage until cleaned up during rotation (MGNLBACKUP_KEEPDAYS).
4 MGNLBACKUP_KEEPDAYS number of days backups are stored in S3 (or similar S3-compatible storage) for the specified number of days.
5 MGNLBACKUP_S3_ENDPOINT endpoint for S3 server storing the backups.
6 MGNLBACKUP_S3_REGION AWS region for the S3.
7 MGNLBACKUP_S3_ACCESSKEY & MGNLBACKUP_S3_SECRETKEY API token credentials for connecting to S3.
Secret s3-backup-key required to be defined on K8s Cluster (in Namespace).
Feedback

PaaS

×

Location

This widget lets you know where you are on the docs site.

You are currently perusing through the Magnolia PaaS docs.

Main doc sections

DX Core Headless PaaS Legacy Cloud Incubator modules