DEP-06: Immutable ETCD Backups #1
Conversation
There was a problem hiding this comment.
Thanks for the very well written DEP @seshachalam-yv!
Just have one strong suggestion with regards to the terminology that is to be used. Thanks.
| - [Proposal](#proposal) | ||
| - [Overview](#overview) | ||
| - [Detailed Design](#detailed-design) | ||
| - [Bucket Lock Mechanism](#bucket-lock-mechanism) |
There was a problem hiding this comment.
The term Bucket Lock is identical to the terminology used by one vendor - GCS. Perhaps we could come up with terminology which is vendor agnostic, since we plan on supporting multiple and each has their own terminology?
|
|
||
| #### Bucket Lock Mechanism | ||
|
|
||
| The Bucket Lock feature configures a retention policy for a cloud storage bucket, governing how long objects in the bucket must be retained. It also allows for locking the bucket's retention policy, permanently preventing the policy from being reduced or removed. |
There was a problem hiding this comment.
The phrase retention policy might be confusing for someone who is familiar with the etcd repos in gardener. Case in point: gardener/etcd-backup-restore#776 (comment).
In etcd-backup-restore, we already have a feature called delta snapshot retention period which might be confused with what is being expressed here - the duration for which a snapshot is immutable after upload.
Can we use something like immutability period as expressed here gardener/etcd-backup-restore#776 (comment)?
|
|
||
| #### ETCD Backup Configuration | ||
|
|
||
| Operators need to ensure that the ETCD backup configuration aligns with the immutability requirements. This includes setting appropriate retention periods. |
There was a problem hiding this comment.
Retention period here is slightly confusing again.
|
|
||
| Approach 2 is feasible and can be achieved in two ways: | ||
|
|
||
| - **Option A:** Wake up the ETCD cluster by increasing the replicas, take a snapshot, and then hibernate the ETCD by setting the replicas to zero. |
There was a problem hiding this comment.
This assumes the reader knows what happens in gardener/gardener's hibernation. Maybe we could instead say that the etcd cluster is brought up?
|
|
||
| ### Object-Level Retention Policies vs. Bucket-Level Retention Policies | ||
|
|
||
| An alternative to implementing immutability via bucket-level retention is to use object-level retention policies. Object-level retention allows for more granular control over the retention periods of individual objects within a bucket, whereas bucket-level retention applies a uniform retention period to all objects in the bucket. |
There was a problem hiding this comment.
Same suggestions about retention period v/s immutability period apply here specifically.
--------- Co-authored-by: Saketh Kalaga <51327242+renormalize@users.noreply.github.com>
seshachalam-yv
force-pushed
the
feature/dep-06-immutable-etcd-backups
branch
from
be9a969
to
34718cc
Compare
|
Closing this PR, since opening on upstream. |
How to categorize this PR?
/area TODO
/kind TODO
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Release note: