Data Protection and Snapshots

Setup CSI Volume Snapshotting

In order to use VolumeSnapshots with the Portworx CSI Driver, you must enable Snapshot Controller in your StorageCluster. By default, installSnapshotController is set to true when you enable CSI in the StorageCluster.

Run the following command to edit the StorageCluster and update the arguments if CSI is not enabled:

Kubernetes

kubectl edit stc <storageclustername> -n <px-namespace>

    csi:
      enabled: true
      installSnapshotController: true

Openshift

oc edit stc <storageclustername> -n <px-namespace>

    csi:
      enabled: true
      installSnapshotController: true

Manage local snapshots of CSI-enabled volumes

If you already have a CSI PVC, complete the following steps to create, restore, or delete a CSI VolumeSnapshot.

1. Create a VolumeSnapshotClass, specifying the following:

   • The snapshot.storage.kubernetes.io/is-default-class: "true" annotation

   • The csi.storage.k8s.io/snapshotter-secret-name parameter with your encryption and/or authorization secret

   • The csi.storage.k8s.io/snapshotter-secret-namespace parameter with the namespace your secret is in.

     note

     Specify snapshotter-secret-name and snapshotter-secret-namespace if px-security is ENABLED.

     See enable security in Portworx for more information.

   apiVersion: snapshot.storage.k8s.io/v1
   kind: VolumeSnapshotClass
   metadata:
     name: px-csi-snapclass
     annotations:
       snapshot.storage.kubernetes.io/is-default-class: "true"
   driver: pxd.portworx.com
   deletionPolicy: Delete
   parameters: ## Specify only if px-security is ENABLED
     csi.storage.k8s.io/snapshotter-secret-name: px-user-token  
     csi.storage.k8s.io/snapshotter-secret-namespace: <px-namespace> 
     csi.openstorage.org/snapshot-type: local

2. Manage Cloud Snapshots
   
   You can perform operations such as create, update, or delete a VolumeSnapshot as follows:

• Create a VolumeSnapshot:

  apiVersion: snapshot.storage.k8s.io/v1
  kind: VolumeSnapshot
  metadata:
    name: px-csi-snapshot
  spec:
    volumeSnapshotClassName: px-csi-snapclass
    source:
      persistentVolumeClaimName: px-mysql-pvc

  note

  VolumeSnapshot objects are namespace-scoped and should be created in the same namespace as the PVC.

• Restore from a VolumeSnapshot:

  apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: px-csi-pvc-restored 
  spec:
    storageClassName: px-csi-db
    dataSource:
      name: px-csi-snapshot
      kind: VolumeSnapshot
      apiGroup: snapshot.storage.k8s.io
    accessModes:
      - ReadWriteOnce
    resources:
      requests:
        storage: 2Gi

• Delete a VolumeSnapshot:

  kubectl delete VolumeSnapshot <snapshot-name>

Kubernetes

See the Kubernetes-CSI snapshotting documentation for more examples and documentation.

Openshift

See the Openshift-CSI snapshotting documentation for more examples and documentation.

Manage cloud snapshots of CSI-enabled volumes

important

• Before creating or restoring a cloud snapshot, you must configure S3 credentials that Portworx uses to communicate with the S3 endpoint where snapshots are uploaded. For information on how to create the credential using the pxctl command, see Managing Cloud Credentials Using pxctl.
  • If your cluster has a single credential configured, you do not need to specify credentials during snapshot or restore operations. Portworx automatically uses the configured credential.
  • If your cluster has multiple credentials, create a Kubernetes secret containing the credential ID and reference it in the VolumeSnapshotClass or storage class, depending on your operation. Update the secret whenever credentials change between snapshot creation, deletion, or restore operations to ensure successful authentication.
• When restoring a PVC from a CloudSnapshot, ensure that the target PVC uses the same storage class properties as the source PVC.

If you already have a CSI PVC, complete the following steps to create, restore, or delete a CSI CloudSnapshot.

1. Create a VolumeSnapshotClass:

   Single Credential

   Specify the csi.openstorage.org/snapshot-type parameter as cloud.

   apiVersion: snapshot.storage.k8s.io/v1
   deletionPolicy: Delete
   driver: pxd.portworx.com
   kind: VolumeSnapshotClass
   metadata:
     name: px-csi-cloud-snapshot-class
   parameters:
     csi.openstorage.org/snapshot-type: cloud

   Multiple Credentails

   • Specify the csi.openstorage.org/snapshot-type parameter as cloud.

   • Replace the csi.openstorage.org/snapshot-credential-id parameter with the UUID of the S3 credential.

     apiVersion: snapshot.storage.k8s.io/v1
     deletionPolicy: Delete
     driver: pxd.portworx.com
     kind: VolumeSnapshotClass
     metadata:
       name: px-csi-cloud-snapshot-class
     parameters:
       csi.openstorage.org/snapshot-type: cloud
       csi.openstorage.org/snapshot-credential-id: <credential-UUID>

2. Manage Cloud Snapshots
   
   You can perform operations such as create, update, or delete a CSI Cloud VolumeSnapshot as follows:

   • Create a Cloud VolumeSnapshot:

     apiVersion: snapshot.storage.k8s.io/v1
     kind: VolumeSnapshot
     metadata:
       name: cloud-snapshot-1
     spec:
       volumeSnapshotClassName: px-csi-cloud-snapshot-class
     source:
       persistentVolumeClaimName: task-pv-claim

   • Restore from a Cloud VolumeSnapshot:

     apiVersion: v1
     kind: PersistentVolumeClaim
     metadata:
       name: pvc-restore
     spec:
       storageClassName: px-csi-replicated
       dataSource:
         name: cloud-snapshot-1
         kind: VolumeSnapshot
         apiGroup: snapshot.storage.k8s.io
       accessModes:
         - ReadWriteOnce
       resources:
         requests:
           storage: 3Gi

   • Delete a Cloud VolumeSnapshot:

     kubectl delete VolumeSnapshot <cloudsnapshot-name>

Kubernetes

See the Kubernetes-CSI snapshotting documentation for more examples and documentation.

Openshift

See the Openshift-CSI snapshotting documentation for more examples and documentation.