We continue with our discussion on backup of Kubernetes resources

The  chart described earlier provides the convenience of using helm with Kubernetes custom resources with either one resource encompassing all other required K8s resources at user namespace scope or use several discrete resources at the charts level while allowing transaction like behavior with create and delete at the overall chart level. The benefit is that resources are now grouped by user and automated for creation and deletion.

Backup and restore helps with data protection, disaster recovery and data migration across clusters. These are also routine activities performed on storage systems. In our discussion, the storage system comprises of hybrid components that may or may not have a backup and restore technique and if they do, their tools might vary.
The commands to do backup and restore have varied for storage systems. For example, filesystems are backed up with rsync or duplicity. Databases have their own backup and restore command. In some cases, the backup and restore may not be even needed for some data.
A virtualizer for translating a global backup and restore command will be helpful since it would know which data to backup and how. It provides a common entry point for triggering the individual backups. There are benefits to a common invocation point such as policy evaluation, monitoring and enforcement
A virtualizer also helps to work with the Kubernetes controller or external software.
The backup and restore works exclusively with persistence. It is also possible to sync between replicas
Most tools for backup now work with S3 storage. This allows web access from any source and to ant destination. Since object storage is considered limitless storage with durability and availability, this suits backup schedules very well. The backups to the web accessible can also be on a regular basis.
When the backups are on a regular basis, the web accessible storage can take incremental backups.
Tools that take backup from a cluster do not necessarily perform incremental backups. In such cases it is perfectly alright to take an incremental backup on local file system using rsync or duplicity and then uploading it to the final cloud storage destination.

We continue with our discussion on backup of Kubernetes resources



The  chart described now provides the convenience of using helm with Kubernetes custom resources with either one resource encompassing all other required K8s resources at user namespace scope or use several discrete resources at the charts level while allowing transaction like behavior with create and delete at the overall chart level. The benefit is that resources are now grouped by user and automated for creation and deletion.

T-shirt size deployment does not need to be a matter of scale. It can be hybrid as well selectively including components that do not need to be present in all categories. The statefulset can describe the replica and the components to include
Even when the pods are the same between the charts, they can be made to behave differently by authoring rules and policies. Even the same chart can be used to conditionally deploy different sizes and containers. The predetermined configuration helps with the proper match for workload  requirements.
Backup and restore helps with data protection, disaster recovery and data migration across clusters. These are also routine activities performed on storage systems. In our discussion, the storage system comprises of hybrid components that may or may not have a backup and restore technique and if they do, their tools might vary.
The commands to do backup and restore have varied for storage systems. For example, filesystems are backed up with rsync or duplicity. Databases have their own backup and restore command. In some cases, the backup and restore may not be even needed for some data.
A virtualizer for translating a global backup and restore command will be helpful since it would know which data to backup and how. It provides a common entry point for triggering the individual backups. There are benefits to a common invocation point such as policy evaluation, monitoring and enforcement

We continue with our discussion on backup of Kubernetes resources

The  chart described now provides the convenience of using helm with Kubernetes custom resources with either one resource encompassing all other required K8s resources at user namespace scope or use several discrete resources at the charts level while allowing transaction like behavior with create and delete at the overall chart level. The benefit is that resources are now grouped by user and automated for creation and deletion.
The groupings for the resources can be based on selectors. This makes the chart combine resources dynamically. Since the resource have annotations, selectors based on match can be efficiently used to group resources. The charts make it convenient to create and delete these groups of resources all at once.
The custom resource is not a dynamic selection of resources. It is a resource in itself. A custom resource may have definition to include other resources and it will make it easy to create and delete them with the help of a single resource.
The use of charts helps us define t-shirt size deployments as well. This comes from scaling out the pods   to different capacity because they will allow the load to scale. Thus us an effective plan to handle workloads that vary against deployment.
T-shirt size deployment does not need to be a matter of scale. It can be hybrid as well selectively including components that do not need to be present in all categories. The statefulset can describe the replica and the components to include
Even when the pods are the same between the charts, they can be made to behave differently by authoring rules and policies. Even the same chart can be used to conditionally deploy different sizes and containers. The predetermined configuration helps with the proper match for workload  requirements.

We continue with our discussion on backup of Kubernetes resources

 is also a difference in the results of the Velero tool versus custom configuration generated using the scripts above. For example, there is no knowledge of the product and the logic pertaining to the reconcilation of the operator states in built into the output of the tool. The custom configuration on the other hand, leverages the product specific knowledge to make the export and import of user resources all the more efficient, streamlined and conformant with the product.

The above chart now provides the convenience of using helm with Kubernetes custom resources with either one resource encompassing all other required K8s resources at user namespace scope or use several discrete resources at the charts level while allowing transaction like behavior with create and delete at the overall chart level. The benefit is that resources are now grouped by user and automated for creation and deletion.
The groupings for the resources can be based on selectors. This makes the chart combine resources dynamically. Since the resource have annotations, selectors based on match can be efficiently used to group resources. The charts make it convenient to create and delete these groups of resources all at once.
The custom resource is not a dynamic selection of resources. It is a resource in itself. A custom resource may have definition to include other resources and it will make it easy to create and delete them with the help of a single resource.

The Velero tool is designed to take backups from cluster. It requires S3 storage which comes with a cloud provider such as AWS.
The install command is
velero install \
    --provider aws \
    --plugins velero/velero-plugin-for-aws:v1.0.0 \
    --bucket velerobucket \
    --backup-location-config region=us-east-2 \
    --snapshot-location-config region=us-east-2 \
    --secret-file /root/aws-iam-creds-csv-local \
    --log_dir /tmp/velero
And the server part can be created with helm charts. However, the backups were yet to be created so I do not have that handy.

On the other hand, I have created scripts and charts to make it easy to create and delete K8s resources.
This chart now provides the convenience of using helm with Kubernetes custom resources with either one resource encompassing all other required K8s resources at user namespace scope or use several discrete resources at the charts level while allowing transaction like behavior with create and delete at the overall chart level. The benefit is that resources are now grouped by user and automated for creation and deletion.

We continue with our discussion on backup of Kubernetes resources
 is also a difference in the results of the Velero tool versus custom configuration generated using the scripts above. For example, there is no knowledge of the product and the logic pertaining to the reconcilation of the operator states in built into the output of the tool. The custom configuration on the other hand, leverages the product specific knowledge to make the export and import of user resources all the more efficient, streamlined and conformant with the product.
The above is particularly true for custom resources and their definitions. The custom resources have a two fold utility:
1) they are a bigger scope than the native Kubernetes resources and translate export and import to simpler instructions and
2) they provide the opportunity to offload all maintenance to the reconciliation logic in-built into their corresponding operators which may even have their own assembling and disassembling in terms of native Kubernetes resources.
The overall suggestion is that scope and actions can become more granular to help with their export-import usability.
One of the challenges in registering resources is passing ip addresses for pod, host and cluster regardless of the technique used to export and import. These are dynamic values that are obtained as the import proceeds and are not available beforehand. Although it is easy to write a query to retrieve the ip address, even those queries have parameters such as pod names which do not necessarily have a pattern. This chains yet another query to retrieve the parameter. If this was limited to a few levels, it would have been easy to repeat. However not all resources are like pods, so the parameters for each type of resource have their own logic.
Similarly, another criteria is the determination of uid for the resource itself or its parent or that of the cluster. Again the determination of this parameter varies by resource whose uid is needed or the determination of the owner that may require a lookup table.
Certain values for ip and uid can be “None” but they can always be the case.
Also, the charts deploy hard-coded definitions and resources. They invoke scripts only during certain events. Each definition and its corresponding resource can be provisioned with the given values beforehand as long as we are talking about flat native K8s resources but the same resources in user namespaces may become sophisticated and complex in scope with hierarchy which requires those dependencies to be followed for each registration and deregistration.
Sample resources and definition files have been generated with the shell script shown above and they have been repeatedly modified and their import attempted to be automated to come to the enumerations above. It is very easy to tweak the scripts for a given user namespace after a few trials and use the script as a template for creating and populating say namespaces. The use of schema or auxiliary data structures to store and each every resource types and their import logic and order seems on overkill as a general purpose solution

Lies, sweet lies:
Last Friday and today I came across as raving at times, no pun intended. I was ready to find composure again in any sort of activity. Luckily, I found a book from the local library that I had brought home sometime back. It is titled “Fearless at work” by Michael Carroll. He is a Manhattanite who spent years as an executive prior to finding relevant teachings from Buddhism his calling. I presumed this book would be much of the sage and ancient wisdom that washes away in the hustle and bustle of modern day life. I was pleasantly surprised to read anecdotes one after another that held such profound connection for me.
This book teaches us to be free, confident and skillful. On any day, those words would have sounded too simple to afford any time for reflection. His writing and his references however made a tremendous difference in how I have come to realize that there is boundless abilities in being fearless.
Take the example of a Taoist story of a boy named Simha He was walking along the edge of the jungle on his way home when a tiger spotted him. The boy was clever and being mindful of where he was decided to make it to a quarry nearby. He slowed turned towards the path of safety and dashed towards the quarry. As he climbed up the quarry with the help of a vine, the tiger came to the base only a little too late. The boy’s relief was however shortlived There came another tiger at the top of the quarry ready to make its meal. As the boy hung in limbo, he couldn’t help notice a pair of mice playing in the nearby growth nibbling at the very vine that was supporting his weight. As the boy weighed his options, he saw a bright strawberry just within reach if he could swing close enough. In the midst of a desperate dismal circumstance, Simha delights in a simple gesture which is the tasting of the berry. Michael teaches that to be human is to confront our circumstance but always with the possibility of delight. He reminds us that the outcome of this story is not as important as the slogan “No delight; no courage”.
 This is essentially one of the five primary slogans Michael mentions at the outset of his book and walks us through each of these. These five are 1 Face the fierce facts of life 2 No delight; no courage 3 Recognize fear 4. Discover the jewel of fearless abundance and 5. Command gracefully. He knows we will forget teachings even if they are in the form of slogans. So he suggests that we write it down on index cards or better yet attach our own experiences to some of the slogan. These five are the primary. There are thirty-eight slogans in all. He doesn’t mind if we randomly pick a slogan from a set of cards and put it against our calendars, so we become more familiar with them.
He makes it clear this book is not about solving fear nor is it a roadmap for a fear free life. Instead he draws on the Buddhist observation that “fear does not exist”. It is merely our experience and we can overcome it with the practice of mindfulness-awareness meditation.
Among his countless stories and varied sources including the military examples of “shih”, he lays out plain and simple narratives that we immediately get instead of lengthy and numbing discussions. Among his teachings, one of my favorites is about lies. When we have absolutely nothing, we can take delight in lies and pretense if it helps us feel confident to confront the world. In this regard, I recall his example of “the wish fulfilling gem from the mystical kingdom of Shambhala” The gem has the magical ability to manifest whatever the possessor wishes. The abundance of fearlessness is like this wish fulfilling gem. One day when a worker was feeling anxious all day about a possible layoff when called by his manager, his wife called him and said “you have won a lottery of 345 million dollars”. He was more fearless and poised even in the face of bad news and would come out appearing confident and even shaking hands with the manager.
This book has been a delight and a profound learning in what even nothing can offer so much possibilities to be fearless.