- Overview
- Requirements
- Installation
- Prerequisite checks
- Downloading the installation packages
- uipathctl cluster
- uipathctl cluster maintenance
- uipathctl cluster maintenance disable
- uipathctl cluster maintenance enable
- uipathctl cluster maintenance is-enabled
- uipathctl cluster migration
- uipathctl cluster migration export
- uipathctl cluster migration import
- uipathctl cluster migration run
- uipathctl cluster upgrade
- uipathctl config
- uipathctl config add-host-admin
- uipathctl config additional-ca-certificates
- uipathctl config additional-ca-certificates get
- uipathctl config additional-ca-certificates update
- uipathctl config alerts
- uipathctl config alerts add-email
- uipathctl config alerts remove-email
- uipathctl config alerts update-email
- uipathctl config argocd
- uipathctl config argocd ca-certificates
- uipathctl config argocd ca-certificates get
- uipathctl config argocd ca-certificates update
- uipathctl config argocd generate-dex-config
- uipathctl config argocd generate-rbac
- uipathctl config argocd registry
- uipathctl config argocd registry get
- uipathctl config argocd registry update
- uipathctl config enable-basic-auth
- uipathctl config orchestrator
- uipathctl config orchestrator get-config
- uipathctl config orchestrator update-config
- uipathctl config saml-certificates get
- uipathctl config saml-certificates rotate
- uipathctl config saml-certificates update
- uipathctl config tls-certificates
- uipathctl config tls-certificates get
- uipathctl config tls-certificates update
- uipathctl config token-signing-certificates
- uipathctl config token-signing-certificates get
- uipathctl config token-signing-certificates rotate
- uipathctl config token-signing-certificates update
- uipathctl health
- uipathctl health bundle
- uipathctl health check
- uipathctl health diagnose
- uipathctl health test
- uipathctl manifest
- uipathctl manifest apply
- uipathctl manifest diff
- uipathctl manifest get
- uipathctl manifest get-revision
- uipathctl manifest list-applications
- uipathctl manifest list-revisions
- uipathctl manifest render
- uipathctl prereq
- uipathctl prereq create
- uipathctl prereq run
- uipathctl resource
- uipathctl resource report
- uipathctl snapshot
- uipathctl snapshot backup
- uipathctl snapshot backup create
- uipathctl snapshot backup disable
- uipathctl snapshot backup enable
- uipathctl snapshot delete
- uipathctl snapshot list
- uipathctl snapshot restore
- uipathctl snapshot restore create
- uipathctl snapshot restore delete
- uipathctl snapshot restore history
- uipathctl snapshot restore logs
- uipathctl version
- Post-installation
- Migration and upgrade
- Upgrading Automation Suite on EKS/AKS
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Orchestrator
- Step 7: Migrating standalone Insights
- Step 8: Deleting the default tenant
- B) Single tenant migration
- Migrating from Automation Suite on Linux to Automation Suite on EKS/AKS
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Backing up and restoring the cluster
Automation Suite supports the backup and restore functionality to prevent data loss in various scenarios. You can configure a backup any time post-installation. Even though it is optional, enabling backup is recommended so that you can resume from the same point in case of a disaster.
To use the backup and restore functionaliry, you must provision an additional objectstore, a backup, and a restore cluster. These concepts are defined in the following section.
Objectstore - Storage location that stores the backup data and facilitates the restoration. You must bring the objectstore to store the backup data. This objectstore must differ from the objectstore where the user files are held while using the Automation Suite cluster.
Backup Cluster – The cluster you set up to install Automation Suite. This is the cluster where you will enable the backup.
Restore Cluster – The cluster where you restore all the data from the backup cluster. This becomes the new cluster where you run Automation Suite once the restore process is complete.
This setup only enables a cluster backup, including the cluster configuration and data stored as part of the block storage.
However, it does not enable the backup of any external data sources, such as the SQL database and external objectstore. You must enable the external data source backup separately.
Additionally, you must ensure that you take a backup of all the databases and buckets that you provisioned during the Automation Suite installation.
The data stored in FileStore and Redis ia transient and does not require to be backed up.
To set up the backup and restore functionality, you must meet the following requirements:
-
You must bring an additional objectstore for the backup.
Kubernetes
Objectstore
EKS
AWS S3
AKS
Azure Storage Account
-
The cluster you want to back up and the objectstore must be in the same region.
-
During the cluster restore, you must use the same zones where you deployed Automation Suite before the disaster.
-
In EKS deployments, if the original cluster uses the EBS and EFS storage classes, you must configure the restore cluster to use the same storage classes before starting the restore operation.
Automation Suite leverages Velero to take the backup of the Kubernetes and restore it to another Kubernetes after a natural or man-made disaster.
An application-level backup in Automation Suite targets two components:
-
Kubernetes objects and configurations are stored in the etcd key/value store. Some important secrets and config maps are required to be backed up.
-
Application data is stored in persistent volumes. Insights stores its data in the PVCs that must be backed up to resume to the point when the disaster happens.
etcd is a key/value store belonging to the Kubernetes Control Plane. This store is directly inaccessible and can be queried via Kubernetes API Server. Velero leverages the Kubernetes API to retrieve this data from the key/value store. Kubernetes APIs provide the flexibility to easily filter resources by namespace, resource type, or label.
Velero also takes snapshots of the cluster’s persistent volumes and restores them alongside the cluster’s objects.
Backup
The following architecture diagram depicts how backup works in Automation Suite on EKS. Similar architecture and workflow are applicable to Automation Suite on AKS.
The backup consists of two components:
-
A Velero server pod that runs in your Automation Suite cluster
-
uipathctlcommand line interface (CLI) that runs on the local machine.
Whenever we issue a backup against an Automation Suite cluster, Velero performs a backup of cluster resources in the following way:
-
The
uipathctlCLI calls the Kubernetes API server to create Velero’s backup controller object. -
Velero's backup controller checks the backup scope via a query made to the Kube API server.
-
The backup controller queries the API Server to retrieve the etcd resources that need a backup.
-
The backup controller queries the Persistent Volume that needs a backup.
-
The backup controller compresses the retrieved Kubernetes objects into a
.tarfile and saves it in the objectstore alongside the volume back up.
In this process, Microsoft SQL Server (database) and external objectstore are not backed up. Since these are the external components, Velero has no control over them. For this reason, it is mandatory to enable the backup of these storage components explicitly.
Restore
The following architecture diagram depicts how restoring works in Automation Suite on EKS. Similar architecture and workflow are applicable to Automation Suite on AKS.
Similarly to the backup process, whenever we issue a restore operation, the following happens:
-
The
uipathctlCLI calls the Kubernetes API server to create a Velero’s restore controller that will restore from an existing backup. -
Velero’s restore controller checks the restore scope via a query made to the Kube API server.
-
The restore controller retrieves the backup files from the objectstore.
-
The restore controller initiates a restore operation of the cluster configuration and persistent volume.
