cifmw_backup_restore

Automate OpenStack on OpenShift backup and restore operations using OADP (OpenShift API for Data Protection) and Velero. The role supports three actions: backup, restore, and cleanup.

  • backup — creates Galera database dumps, optionally backs up OVN NB/SB databases onto their PVCs, then creates Velero backups of labeled PVCs (via CSI snapshots) and cluster resources.

  • restore — performs an ordered Velero restore sequence (PVCs, foundation, infrastructure, control plane, Galera, optional OVN file restore, full control plane resume, dataplane, EDPM), then Neutron–OVN verification and sync (log mode, then repair, matching the backup-restore user guide Step 12).

  • cleanup — tears down dataplane and control-plane resources so the namespace is ready for a fresh restore.

Privilege escalation

None. All cluster operations are performed through oc against the target OpenShift cluster.

Parameters

Common

  • cifmw_backup_restore_action: (String) Action to perform. Must be one of backup, restore, or cleanup. Defaults to "" (role will fail if unset).

  • cifmw_backup_restore_namespace: (String) Target OpenStack namespace. Defaults to openstack.

  • cifmw_backup_restore_oadp_namespace: (String) Namespace where Velero/OADP is running. Defaults to openshift-adp.

  • cifmw_backup_restore_auto_ack: (Boolean) Skip interactive pause prompts when true. Defaults to false.

  • cifmw_backup_restore_ovn_db: (Boolean) When true (default), the backup path labels OVN NB/SB PVCs and runs ovsdb-client backup before the OADP PVC backup, and the restore path runs OVN NB/SB file restore after Galera (when timestamped files exist on the PVC) before resuming the full control plane. Set to false to skip both; post-EDPM neutron-ovn-db-sync still runs when OVN files were not backed up.

  • cifmw_backup_restore_ovn_db_ready_timeout: (String) Timeout for oc wait on OVN database pods during OVN backup/restore. Defaults to 5m.

Backup

  • cifmw_backup_restore_galera_backup_timeout: (String) Timeout for oc wait on Galera backup jobs. Defaults to 10m.

  • cifmw_backup_restore_galera_storage_class: (String) StorageClass for Galera backup PVCs. Empty string uses the cluster default. Defaults to "".

  • cifmw_backup_restore_galera_storage_request: (String) Size of the Galera backup PVC. Defaults to 5Gi.

  • cifmw_backup_restore_galera_transfer_storage_request: (String) Size of the Galera transfer storage PVC. Defaults to 5Gi.

  • cifmw_backup_restore_oadp_backup_timeout: (String) Timeout for OADP PVC and resource backup completion. Defaults to 30m.

  • cifmw_backup_restore_storage_location: (String) Velero BackupStorageLocation name. Defaults to velero-1.

  • cifmw_backup_restore_backup_ttl: (String) TTL for Velero backups. Defaults to 720h.

  • cifmw_backup_restore_snapshot_move_data: (Boolean) Enable Velero snapshot data mover. When true, cleanup also deletes labeled PVCs. Defaults to true.

Restore

  • cifmw_backup_restore_backup_timestamp: (String) Timestamp suffix that identifies the backup to restore (e.g. 20260311-081234). Required when cifmw_backup_restore_action is restore.

  • cifmw_backup_restore_restore_timeout: (Integer) Seconds to wait for each Velero Restore to reach a terminal phase. Defaults to 900.

  • cifmw_backup_restore_infra_ready_timeout: (String) Timeout for oc wait on OpenStackControlPlaneInfrastructureReady. Defaults to 20m.

  • cifmw_backup_restore_ctlplane_ready_timeout: (String) Timeout for oc wait on control plane Ready after removing the deployment-stage annotation. Defaults to 10m.

  • cifmw_backup_restore_strict_restore: (Boolean) Fail on Velero PartiallyFailed status when true; only warn when false. Defaults to true.

  • cifmw_backup_restore_restore_content: (String) Content flag passed to restore_galera (--content). Defaults to data.

  • cifmw_backup_restore_edpm_deploy_timeout: (String) Timeout for oc wait on the post-restore EDPM deployment. Defaults to 40m.

  • cifmw_backup_restore_pin_pvcs: (Boolean) Enable PVC-to-node pinning during restore for WaitForFirstConsumer storage classes. Defaults to false.

  • Post-EDPM Neutron–OVN steps follow user guide Step 12: run neutron-ovn-db-sync-util in log mode first (neutron-dist.conf, neutron.conf, neutron.conf.d). Repair runs if cifmw_backup_restore_ovn_db is false (no OVN NB/SB file backup was taken), or if log-mode stdout/stderr contains a WARNING line—Neutron reports drift that way while still exiting 0. If OVN file backup/restore was enabled and log output has no WARNING lines, repair is skipped as redundant.

End-to-end orchestration (e2e.yml)

  • cifmw_backup_restore_install_deps: (Boolean) Install MinIO, OADP, and GaleraBackup CRs. Defaults to true.

  • cifmw_backup_restore_create_workload: (Boolean) Create a test VM with floating IP before backup. Defaults to true.

  • cifmw_backup_restore_run_backup: (Boolean) Run the backup step. Defaults to true.

  • cifmw_backup_restore_run_cleanup: (Boolean) Run the cleanup step. Defaults to true.

  • cifmw_backup_restore_run_restore: (Boolean) Run the restore step. Defaults to true.

  • cifmw_backup_restore_run_post_tempest: (Boolean) Run tempest validation after restore. Defaults to false.

  • cifmw_backup_restore_test_swift_data: (Boolean) Upload a random file to Swift before backup and verify it can be downloaded after restore. Catches Swift data loss caused by xattr issues (OSPRH-29818). Defaults to true.

  • cifmw_backup_restore_swift_test_container: (String) Swift container name for the test object. Defaults to backup-test-container.

  • cifmw_backup_restore_swift_test_object: (String) Object name for the test file. Defaults to backup-test-object.

  • cifmw_backup_restore_swift_test_file_size_bytes: (Integer) Size of the random test file in bytes. Defaults to 1048576 (1 MiB).

Cleanup

  • cifmw_backup_restore_cleanup_ctlplane: (Boolean) Delete control-plane resources during cleanup. Defaults to true.

  • cifmw_backup_restore_cleanup_dataplane: (Boolean) Delete dataplane resources during cleanup. Defaults to true.

Examples

Running a backup

- hosts: localhost
  tasks:
    - name: Backup OpenStack
      ansible.builtin.include_role:
        name: cifmw_backup_restore
      vars:
        cifmw_backup_restore_action: backup
        cifmw_backup_restore_namespace: openstack
        cifmw_backup_restore_auto_ack: true

Restoring from a backup

- hosts: localhost
  tasks:
    - name: Restore OpenStack
      ansible.builtin.include_role:
        name: cifmw_backup_restore
      vars:
        cifmw_backup_restore_action: restore
        cifmw_backup_restore_backup_timestamp: "20260311-081234"
        cifmw_backup_restore_auto_ack: true

Cleaning up before a restore

- hosts: localhost
  tasks:
    - name: Cleanup namespace
      ansible.builtin.include_role:
        name: cifmw_backup_restore
      vars:
        cifmw_backup_restore_action: cleanup
        cifmw_backup_restore_auto_ack: true
        cifmw_backup_restore_cleanup_ctlplane: true
        cifmw_backup_restore_cleanup_dataplane: true