Skip to main content
Version: 2.11

Install from AWS Marketplace

You can install Portworx Backup from the Amazon Web Services (AWS) Marketplace in your AWS account. After installation, you can use the same account to send metering data to AWS. You can also back up and restore applications and Portworx Backup data for any Amazon Elastic Kubernetes Service (EKS) cluster.

Prerequisite

Ensure that the following prerequisites are met before you install Portworx Backup from AWS Marketplace:

  • Configure IAM permissions with EKS cluster.

    Create an IAMServiceAccount for Portworx Backup and configure it with permissions for EKS cluster to send metering data to AWS:

    1. Enable the IAM OIDC Provider for your EKS cluster. Replace the <region> and <clustername> parameters to match your environment.
    eksctl utils associate-iam-oidc-provider --region=<region> --cluster=<clustername> --approve
    1. Update the existing IAMServiceAccount or create a local service account for Portworx Backup, and link it to your EKS cluster.
      Change the namespace if you are not deploying the Portworx Backup instance, and replace the <clustername> with your EKS cluster.
    eksctl create iamserviceaccount --name px-backup-account --namespace <pxb-namespace> --cluster <clustername> --attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess \
    --attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage --approve --override-existing-serviceaccounts

  • Add Stork environment variable to point to the AWS image repository

    For each EKS application cluster that you add to Portworx Backup, you must include the MARKET_PLACE=aws environment variable so that Stork uses the AWS Marketplace image registry. For supported Stork versions, see the compatibility matrix.

    - name: MARKET_PLACE
      value: aws

    Stork uses this environment variable to pick the appropriate Kopia executor image from the AWS Marketplace repository.

Procedure

To install Portworx Backup from AWS Marketplace using the px-central Helm chart, follow these steps:

  1. Add the Portworx AWS Helm chart:

    helm repo add aws-portworx https://raw.githubusercontent.com/portworx/aws-helm/master/stable

  2. Install Portworx Backup using the Helm chart.

    helm install <release-name> aws-portworx/px-central --namespace <pxb-namespace> --set persistentStorage.enabled=true,persistentStorage.storageClassName=gp2,pxbackup.enabled=true --create-namespace

    Replace:

    • <release-name> with a unique name for this Helm release (for example, px-central). This is the Helm release name, not the Portworx Backup version.
    • <pxb-namespace> with the namespace where you want to deploy Portworx Backup.

    For information about the configurable parameters, see Portworx Backup Helm chart reference.

    note

    You can override the default administrator password, and set a custom password to access the Portworx Backup web console using the oidc.centralOIDC.defaultPassword option.

What to do Next

  • Install Stork on all application clusters.
    For information about installing Stork, see Stork installation.
    For information about Stork and Portworx Backup compatibility, see Stork compatibility matrix.

  • Access Portworx Backup UI using load balancer endpoint
    In addition to accessing Portworx Backup from the CLI, you can access it on a Web browser using the load balancer endpoint.
    To access Portworx Backup UI using load balancer endpoint, follow these steps:

    1. Get the load balancer endpoint for Portworx Backup using one of the following commands:

      kubectl get ingress --namespace <pxb-namespace> px-backup-ui -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"
      kubectl get ingress --namespace <pxb-namespace> px-backup-ui -o jsonpath="{.status.loadBalancer.ingress[0].ip}"

    2. Access Portworx Backup and Keycloak using the endpoint:

      • Portworx Backup: http://<LB_endpoint>
      • Portworx Backup Keycloak: http://<LB_endpoint>/auth
    note

    After running the kubectl get ingress commands, allow a few minutes for the AWS Application Load Balancer (ALB) to become active. If the hostname field is empty, the ALB may still be provisioning. Verify that the pxb-alb ingress object has a fully qualified hostname assigned before attempting to access the UI. You can watch the status with:

    kubectl get ingress -n <pxb-namespace> -w

Uninstall Helm chart

To uninstall px-central Helm chart, follow these steps:

  1. Uninstall the Helm chart:

    helm uninstall px-central --namespace <pxb-namespace>

  2. Clean up the namespace, including secrets and PVCs created by Portworx Backup:

    kubectl delete ns <pxb-namespace>
Last updated on