fedora-infrastructure

Clone
Source Code
GIT

#11070 Please update/fix AWS snapshot lifecycle manager for Copr team
Closed: Fixed with Explanation a year ago by praiskup. Opened a year ago by praiskup.

Closed: Fixed with Explanation
Reopen Issue

Originally discussed here.

As I understand it, we need to use all those tags to make the snapshots automaized:

FedoraGroup=copr  (imo redundant)
CoprInstance=production
CoprPurpose=infrastructure
CoprVolume=data

We have some volumes being tagged like that ^^^, but since November there are no
new snapshots. Example volume:

vol-09dd80709532958a8 (data-copr-distgit-prod)

The last snapshot created is:

snap-08dda52b8f01b5987 (data-copr-distgit-prod) Sun Nov 06 2022 08:16:49 GMT+0100 (Central European Standard Time)

Can anyone please help with fixing the lifecycle policy? Copr team (aws-copr
group) doesn't have the permissions to do this:

User: arn:aws:sts::125523088429:assumed-role/aws-copr/praiskup is not authorized to perform: dlm:GetLifecyclePolicies on resource: arn:aws:dlm:us-east-1:125523088429:*

Thank you!

Thinking about it, we have some data volumes with raid10. Creating snapshots for them doesn't make that much sense (restoration of software RAID wouldn't be possible likely, so we backup differently). Perhaps we could have a new tag on top of those, like:

CoprBackupSnapshots=true
Edited a year ago by praiskup

Metadata Update from @nb:
- Issue assigned to nb
a year ago

I will try to look at this tomorrow.

Lemme know if I can help.

Metadata Update from @phsmoura:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: medium-gain, medium-trouble, ops
a year ago

@nb any news here?

@praiskup apparently somehow the policy got removed. I didn't see any policy in us-east-1. I tried to recreate it following what @mobrien did in the original ticket.

@mobrien can you check what I did to make sure it looks right?

We in CPT/Copr team are unable to read the rules of the new policy at all; would you mind dumping them here for the future? Just so we know how to tag the disks properly.

I've attached screenshots of how I set it up. If you want anything adjusted, please let me know and I will be happy to change it.

I just saw your first comment on here - I can add the CoprBackupSnapshots=true if you would like. I don't have that set currently. Do you want that added, or leave it the way it is?

Yes, please add also CoprBackupSnapshots=true (or, if possible, could we ignore volumes with CoprBackupSnapshots=false?).

Ping on this, @nb can you please require also the CoprBackupSnapshots=true tag?

Maybe -> would it be possible to require just CoprBackupSnapshots=true ?

Either way is possible. I've changed it to just require CoprBackupSnapshots=true.

Thank you @nb, closing then!

Metadata Update from @praiskup:
- Issue close_status updated to: Fixed with Explanation
- Issue status updated to: Closed (was: Open)
a year ago

Login to comment on this ticket.

Metadata

ops medium-gain medium-trouble

None
None
Waiting on Assignee
Boards 1
ops Status: Backlog
Attachments 1
Screenshot_from_2023-01-11_13-30-11.png
Attached a year ago View Comment
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.