Appendix U: TrilioVault Data Protection¶
Overview¶
As of the 20.05 release, the OpenStack charms support deployment of TrilioVault, a data protection solution that integrates with OpenStack.
TrilioVault allows end-users to independently backup and restore point-in-time snapshots of their own workloads.
Note
TrilioVault is not part of the OpenStack project and is a commercially supported propriety product. For more details visit trilio.io.
Prerequisites¶
Ubuntu 18.04 LTS
OpenStack Queens, Stein or Train
NFS server for storage of snapshots
Note
TrilioVault requires a license for operation. For more details visit trilio.io.
Warning
TrilioVault only supports Ubuntu 18.04 LTS.
Deployment¶
The TrilioVault solution consists of three core services:
TrilioVault Workload Manager: this service provides the main API for TrilioVault and is used to create and manage snapshots and restores.
TrilioVault Data Mover API: this service provides the API for managing the TrilioVault Data Mover services and is used by the TrilioVault Workload Manager.
TrilioVault Data Mover: deployed alongside Nova Compute services this service is responsible for managing the snapshot process for instances running on the OpenStack Cloud.
TrilioVault also provides an OpenStack Dashboard plugin providing a Web UI for end users and cloud administrators.
TrilioVault may be added to an OpenStack cloud using the following example overlay bundle:
series: bionic
applications:
trilio-data-mover:
charm: cs:~openstack-charmers/trilio-data-mover
trilio-dm-api:
charm: cs:~openstack-charmers/trilio-dm-api
num_units: 1
options:
openstack-origin: cloud:bionic-train
trilio-horizon-plugin:
charm: cs:~openstack-charmers/trilio-horizon-plugin
options:
trilio-wlm:
charm: cs:~openstack-charmers/trilio-wlm
num_units: 1
options:
openstack-origin: cloud:bionic-train
relations:
- - trilio-horizon-plugin:dashboard-plugin
- openstack-dashboard:dashboard-plugin
- - trilio-dm-api:identity-service
- keystone:identity-service
- - trilio-dm-api:shared-db
- mysql:shared-db
- - trilio-dm-api:amqp
- rabbitmq-server:amqp
- - trilio-data-mover:amqp
- rabbitmq-server:amqp
- - trilio-data-mover:juju-info
- nova-compute:juju-info
- - trilio-wlm:shared-db
- mysql:shared-db
- - trilio-wlm:amqp
- rabbitmq-server:amqp
- - trilio-wlm:identity-service
- keystone:identity-service
- - trilio-data-mover:ceph
- ceph-mon:client
Note
The trilio-wlm and trilio-dm-api charms must be deployed with openstack-origin >= cloud:bionic-train - even for Queens deployments. These parts of the TrilioVault deployment are Python 3 only and have dependency version requirements that are only supported from Train onwards.
NFS¶
After deployment completes the TrilioVault Data Mover and Workload Manager applications will be in a blocked state (see juju status). Both must be configured with a valid NFS share on the NFS server used in the deployment via configuration:
juju config trilio-wlm nfs-shares=10.40.3.20:/srv/triliovault
juju config trilio-data-mover nfs-shares=10.40.3.20:/srv/triliovault
Both services must be configured with the same NFS share.
Authorisation¶
The TrilioVault service account must be granted the authorisation to access
resources from across users and projects to perform backups. This will require
passing the cloud admin password (setup by the keystone application) to the
create-cloud-admin-trust
action:
juju run-action trilio-wlm/leader create-cloud-admin-trust password=cloudadminpassword
Licensing¶
Finally, the TrilioVault deployment must be licensed. This is completed by
uploading the license file from Trilio as a resource and then executing the
create-license
action:
juju attach trilio-wlm license=mycorp_tv.lic
juju run-action trilio-wlm/leader create-license
The trilio-wlm and trilio-data-mover applications should be in the ‘active’ state and ready for use.