Backup and restore#
The full cluster backup is composed by configuration and applications data.
Backup page to manage the backup and restore.
First, you will need to configure a backup repository where the data will be saved. A backup repository keeps all backup data encrypted using restic engine.
Backup page, click on Add repository button and choose a provider.
Currently supported providers are:
Generic S3, like MinIO
Windows file share, through SMB2/3 protocols
Local storage, attached to a node of the cluster
Fill in the required fields depending on the chosen provider.
A new encryption key will be automatically created for new repositories.
If you are accessing a repository which already contains a NS8 backup, remember also to enter
Repository password under the
If you want to store backup data in a locally attached storage, like an external USB disk or similar, follow this procedure:
Format the disk with a supported filesystem, for example XFS:
Create a Podman volume named
podman volume create \ --label org.nethserver.role=backup \ --opt=device=/dev/disk/by-id/some-disk-id \ --opt=o=noatime \ backup00
rclone-webdav.serviceunit to use that volume:
echo BACKUP_VOLUME=backup00 > /var/lib/nethserver/node/state/rclone-webdav.env
Restart the service. The disk is mounted automatically:
systemctl restart rclone-webdav.service
The disk is unmounted when the
rclone-webdavservice is stopped
Remove the default volume used by the service, because it is no longer used. Existing content will be lost:
podman volume rm rclone-webdav
Once at least one repository has been configured, you can schedule the backup of existing applications:
click on Schedule backup button
select which application instances should be added to the backup
choose one backup repository
setup day and time of the backup and the retention policy
enter a name of the backup
save the configuration by clicking the Schedule backup button
Whenever you want to manually execute the backup, click the
Run backup now item from the three-dots menu of the scheduled backup.
To add more instances to an existing backup, click the
Edit item from the three-dots menu of the scheduled backup.
You can restore an application only if there is at least one repository configured:
click on the Restore an app button.
a dialog box will list all applications inside the existing backup, select the application you want to restore
as default the restore procedure will create a new instance, if you want to replace the existing one select the
Replace existing appoption
select the target node
click on the Restore button
The cluster configuration backup contains all required data to execute a Disaster recovery. It is a compressed JSON file encrypted with GPG.
The first time
Backup page is accessed an encryption password must be
set and stored in a safe place. A new encryption password is needed also
after a new leader node is elected (see Promote a node to leader).
To download the cluster configuration backup, click on Download cluster backup button under
Cluster configuration section of the
Please, download the cluster configuration backup and keep it on a safe place.
In addition, the cluster configuration backup is automatically copied to the designated repository each time a scheduled operation occurs. This ensures that the repository holds up-to-date backups of both your data and the specific cluster setup, including all its configurations.
In case you lose the configuration backup, you can still restore applications to another cluster only if you know the encryption password of the backup repository.
To inspect the content of the backup use the following command, where
<pass> is the encryption password
entered before the download:
echo <pass> | gpg --batch --passphrase-fd 0 --decrypt backup.json.gz.gpg | gunzip | jq
You can restore a previously configured cluster using the disaster recovery procedure. To follow this procedure you will need a a cluster configuration backup:
install a new cluster and login using default credentials
change the default administrator password
click on Restore cluster
you can now choose whether to restore a cluster configuration hosted on a remote HTTP server or upload the backup from your browser
if on step 2 you entered the same password of the old cluster, the system will automatically decrypt the configuration backup; otherwise enter the encryption secret inside the
select the applications to restore