Backup and restore

Magnolia PaaS provides automatic backups as defined in the values.yml file in your project. The backup sidecar is a container defined in the Magnolia Database (DB) pod of both the author and public workloads. The sidecar provides endpoints to list and create backups. In order to execute the endpoint, a port forward to the corresponding pod/container is required. The backup server is running on port 9999.

Write ahead logging (WAL) must be enabled for the backup to work properly. It stores a base backup as well as the transaction logs.
backups

values.yml file

The values.yml file is found in the root of your Magnolia PaaS project folder.

The example below shows the db section of the file. For a full look at the file, see here.
...
db:
  backup:
    enabled: true
    tag: v0.5.2 (1)
    env:
      - name: MGNLBACKUP_CMD
        value: "pg_basebackup"
      - name: MGNLBACKUP_ARGS
        value: "--host localhost --user postgres -D /scratch -Fp"
      - name: MGNLBACKUP_USE_PG_WAL (2)
        value: "true"
      - name: MGNLBACKUP_SYNC_DIR
        value: "/archive"
      - name: MGNLBACKUP_NO_STDOUT
        value: "true"
      - name: MGNLBACKUP_LOGLEVEL
        value: "debug"
      - name: MGNLBACKUP_BUCKET (3)
        value: "eu-playground-backup-bucket"
      - name: MGNLBACKUP_PREFIX
        value: {{ .Env.DEPLOYMENT }}/author
      - name: MGNLBACKUP_HERITAGE
        value: "magnolia-backup"
      - name: MGNLBACKUP_CRON (4)
        value: "@every 720h"
      - name: MGNLBACKUP_KEEPDAYS (5)
        value: "90"
      - name: MGNLBACKUP_S3_ENDPOINT (6)
        value: "s3.eu-central-1.amazonaws.com"
      - name: MGNLBACKUP_S3_REGION (7)
        value: "eu-central-1"
      - name: MGNLBACKUP_S3_ACCESSKEY (8)
        valueFrom:
          secretKeyRef:
            name: s3-backup-key
            key: accesskey
      - name: MGNLBACKUP_S3_SECRETKEY (8)
        valueFrom:
          secretKeyRef:
            name: s3-backup-key
            key: secretkey
      - name: MGNLBACKUP_TAGS_NODE_NAME
        valueFrom:
          fieldRef:
            fieldPath: spec.nodeName
      - name: MGNLBACKUP_TAGS_NAMESPACE
        valueFrom:
          fieldRef:
            fieldPath: metadata.namespace
      - name: MGNLBACKUP_TAGS_POD_NAME
        valueFrom:
          fieldRef:
            fieldPath: metadata.name
      - name: MGNLBACKUP_TAGS_RELEASE
        value: {{ .Env.DEPLOYMENT }}
...
1 magnolia_backup version tag (Default: version value being set in dependency by magnolia-helm chart)
2 MGNLBACKUP_USE_PG_WAL (write-ahead-logging) has to be enabled in order to use Postgres WAL for Point-in-Time Recovery.
3 MGNLBACKUP_BUCKET name of the bucket containing the subscription name.
4 MGNLBACKUP_CRON cron query (in hours) for how often a full base backup is created.
  • 720h = monthly base backups (transaction log backups ongoing)

  • 168h = weekly base backups (transaction log backups ongoing)

While a basebackup retains a complete dump of the database in the S3 bucket, ongoing backups of transaction logs are being made and stored on the S3 bucket as well due to WAL. Consider that with each base backup the whole database (per author/public instance) is hold back on storage until cleaned up during rotation (MGNLBACKUP_KEEPDAYS).
5 MGNLBACKUP_KEEPDAYS number of days backups are stored in S3 (or similar S3-compatible storage) for the specified number of days.
6 MGNLBACKUP_S3_ENDPOINT endpoint for S3 server storing the backups.
7 MGNLBACKUP_S3_REGION AWS region for the S3.
8 MGNLBACKUP_S3_ACCESSKEY & MGNLBACKUP_S3_SECRETKEY API token credentials for connecting to S3.
Secret s3-backup-key required to be defined on K8s Cluster (in Namespace)
Feedback