Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS Backup: Restore composite recovery point for EKS and EBS with cli

0

We try to restore an EKS composite recovery point, which consists of the EKS and EBS resource type. When triggering an restore with

aws backup start-restore-job \
    --recovery-point-arn "<composite-recovery-arn>" \
    --iam-role-arn "<restore-role-arn>" \
    --metadata '{"clusterName":"my-cluster", "newCluster":"false" }'

The composite restore fails, since the EBS restore got an error

Restore Job failed as no restore metadata was provided

When adding the missing availabilityZone metadata, i.e.

--metadata '{"clusterName":"my-cluster", "newCluster":"false", "availabilityZone":"eu-central-1a" }'

the composite jobs fails with error

Invalid metadata keys found: [availabilityzone]

On the AWS console, it's possible to complete the missing availabilityZone for the volume during the "Restore backup" wizard.

Topics
Storage
Tags
AWS Backup
Language
English
asked 2 months ago63 views
2 Answers
0
Accepted Answer

Hello.

To restore EBS to an existing cluster, you will need the commands described in the following documentation.
The EKS "start-restore-job" command does not directly include metadata called "availabilityZone".
Please use the metadata provided for nested restores.
https://docs.aws.amazon.com/aws-backup/latest/devguide/restoring-eks.html

aws backup start-restore-job \
    --recovery-point-arn "arn:aws:backup:us-west-2:123456789012:recovery-point:composite:eks/my-cluster-20240115" \
    --iam-role-arn "arn:aws:iam::123456789012:role/AWSBackupDefaultServiceRole" \
    --metadata '{"clusterName":"existing-cluster","newCluster":"false","namespaceLevelRestore":"true","nestedrestorejobs":"{\"arn:aws:ec2:us-west-2::snapshot/snap-abc123\":\"{\\\"AvailabilityZone\\\":\\\"us-west-2a\\\"}\",\"arn:aws:backup:us-west-2:123456789012:recovery-point:fa71a304-2555-4c37-8128-f154b9578032\":\"{\\\"DestinationBucketName\\\":\\\"bucket-name\\\"}\"}"}' \
    --resource-type "EKS"
EXPERT
answered 2 months ago
EXPERT
reviewed 2 months ago
-2

When restoring a composite recovery point for EKS that includes EBS volumes, you need to handle the metadata requirements for both resource types. The challenge you're experiencing occurs because EKS and EBS have different metadata requirements, and the composite restore needs to accommodate both.

For EKS restores to an existing cluster, the required metadata includes clusterName and newCluster. However, when the composite recovery point includes EBS volumes, those volumes also require their own metadata, such as availabilityZone.

The issue with your second command attempt is likely related to case sensitivity - the metadata key should be availabilityZone (with capital Z), not availabilityzone.

When using the CLI for composite restores, you need to ensure that:

  1. The metadata keys are correctly formatted with proper capitalization
  2. The IAM role specified has the necessary permissions for both EKS and EBS restore operations
  3. You're providing the appropriate metadata for each resource type within the composite recovery point

For EBS-specific metadata that can be specified during restore, valid keys include availabilityZone, encrypted, iops, kmsKeyId, volumeType, volumeSize, and throughput.

If you continue to experience issues with the CLI approach, you may need to verify that your composite recovery point structure supports the metadata configuration you're attempting to apply, as the console wizard may handle certain metadata mappings differently than the CLI command.
Sources
Restore an Amazon EKS cluster - AWS Backup
Restore an Amazon EBS volume - AWS Backup
start-restore-job — AWS CLI 2.27.41 Command Reference

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content