PAS Component Availability During Backup
This topic describes the operational impact of backing up Pivotal Application Service (PAS) components with BBR. To ensure correctness of backups, each component that requires backup has its own set of scripts. The sections in this topic describe the availability of each component during backup of its database.
The Cloud Controller is unavailable during backup. Apps and Services continue to run as normal, but you cannot perform operations that require the Cloud Controller API. This includes the following:
- Pushing new apps or creating new services
- Modifying existing apps or services
- Using the clients of the Cloud Controller API, such as the following:
- The Cloud Foundry Command Line Interface (cf CLI)
- Apps Manager and its integrations
- The Java client used by Spring apps
The backup process for the Cloud Controller is as follows:
|1: Pre-backup lock||The processes running on the Cloud Controller Worker, Cloud Controller, and Clock Global VMs are stopped.|
|2: Backup||The BBR SDK backup script runs to backup the Cloud Controller database (CCDB), which contains state information for apps on your deployment.|
|3: Post-backup unlock||The processes start again on the Cloud Controller Worker, Cloud Controller, and Clock Global VMs.|
UAA remains available in read-only mode during backup. This means that you cannot perform write operations for clients, users, groups, identity providers, or zone configuration. However, you can continue performing read operations, such as generating, validating, and revoking tokens. Additionally, UAA continues to authenticate users and authorize requests for users and clients.
The read-only behavior during backup applies to all of the following ways of accessing UAA: the UAA API, the UAA CLI, cf CLI, login screens, and services such as the Single Sign-On Service tile.
The backup process for UAA is as follows:
|1: Pre-backup lock||UAA enters read-only mode.|
|2: Backup||The BBR SDK backup script runs to backup the UAA database, which contains Cloud Foundry user credentials.|
|3: Post-backup unlock||UAA exits read-only mode.|
The Routing API remains available during backup. However, you cannot perform write operations using the Routing API because the routing database is locked. All read operations offered by the Routing API remain available.
The BBR SDK backup script for the Routing API backs up its database, which contains router groups, routes, and internal implementation information.
The Usage Service is unavailable during backup. You cannot access the API as described in Monitoring App, Task, and Service Instance Usage. Additionally, you cannot view usage and accounting reports as described in Monitoring Instance Usage with Apps Manager.
The backup process for Usage Service is as follows:
Note: The Usage Service runs as a set of Cloud Foundry apps in the
|1: Pre-backup lock||The Usage Service apps in the
|2: Backup||The BBR SDK backup script runs to backup the Usage Service database.|
|3: Post-backup unlock||The Usage Service apps in the
The App Autoscaler service is unavailable during backup. You cannot access the UI or API. For any apps configured to use the App Autoscaler, the service does not scale these apps during backup.
The backup process for App Autoscaler is as follows:
Note: The App Autoscaler service runs as a set of Cloud Foundry apps in the
|1: Pre-backup lock||The Autoscaler apps in the
|2: Backup||The BBR SDK backup script runs to backup the App Autoscaler database.|
|3: Post-backup unlock||The Autoscaler apps in the
The NFS service broker backup scripts rely on the locking of the Cloud Controller to stop traffic to its service. This is because the Cloud Controller is responsible for invoking the NFS service broker.
When the Cloud Controller locks during backup, you cannot create or delete new instances or bindings of a volume service. However, apps already bound to a volume service continue to operate normally during backups.
The NFS service broker backup script performs a backup of the database used to store service instances and service bindings for the NFS service broker.
The Notification Service is not available during backup with BBR due to its dependency on the Cloud Controller. Notifications cannot be sent while the Cloud Controller is unavailable.
The Network Policy Server is unavailable during backup. While existing policies are still enforced, you cannot use the cf CLI to add or remove policies for Container Networking as documented in Administering Container-to-Container Networking.
Runtime CredHub is unavailable during backup. If the service instance credentials for an app are stored in CredHub, the app cannot fetch those credentials during backup. In some cases, apps may not start if they cannot fetch credentials for a service instance binding.