Backup and restore

Common requirements for all providers

CSI driver

A CSI driver specific to your cloud provider must be installed in the cluster.

Snapshot controller

Install the Kubernetes external-snapshotter’s snapshot-controller

Volume snapshot CRDs

Ensure that the following CRDs are installed:

• volumesnapshots.snapshot.storage.k8s.io

• volumesnapshotcontents.snapshot.storage.k8s.io

• volumesnapshotclasses.snapshot.storage.k8s.io

VolumeSnapshotClass

A VolumeSnapshotClass must be defined and configured for the respective CSI driver.

AWS (Amazon Web Services)

Requirements

• Install the aws-ebs-csi-driver

• Install the snapshot-controller

• Define the following

IAM permissions

Ensure that the IAM role used by the CSI driver has permissions:

• ec2:CreateSnapshot

• ec2:DeleteSnapshot

• ec2:DescribeSnapshots

• ec2:CreateTags

• ec2:DeleteTags

Azure (Microsoft Azure)

Requirements

• Install the azure-disk-csi-driver

• Enable and configure the snapshot feature

• Install the snapshot-controller

• Define the following

Azure Role-Based Access Control (RBAC)

Ensure that the managed identity associated with the cluster has the needed permissions:

• Microsoft.Compute/snapshots/*

• Microsoft.Compute/disks/*

• Microsoft.Resources/subscriptions/resourceGroups/read

GCP (Google Cloud Platform)

Requirements

• Install the gcp-compute-persistent-disk-csi-driver

• Install the snapshot-controller

• Enable the compute.googleapis.com API in your project

• Define the following

IAM permissions

Ensure that the service account used by the node pool has:

• compute.snapshots.create

• compute.snapshots.delete

• compute.snapshots.get

• compute.disks.createSnapshot

• compute.snapshots.useReadOnly

How to back up a PVC

By default, we have a CronJob psc-snapshot-pvc-job running that checks for the existence of a VolumeSnapshotClass. If one is found, it automatically creates snapshots for all PVCs with a retention period of 7 days.

To verify that snapshots are being created, you may use the following command

How to restore a PVC from a VolumeSnapshot

Use the following guide to create a new PersistentVolumeClaim (PVC) from an existing VolumeSnapshot.

Prerequisites

1. A valid VolumeSnapshot already exists.

2. A compatible StorageClass and VolumeSnapshotClass are installed.

3. Your CSI driver supports volume snapshot restore (e.g., AWS EBS, Azure Disk, GCP PD).

Step 1: Identify your VolumeSnapshot

Run the following command to list available snapshots

For example, we found a snapshot for PostgreSQL with the name snapshot-data-postgres-postgresql-0-1745265598

Step 2: Create a PVC from the Snapshot

We need to create a new PVC from the existing snapshot

• Ensure that the service that will use it is scaled to 0

• Set the correct volume size

• Set the correct Namespace

• Verify that PVC was created

Step 3: Scale up or install the helm chart with Postgres to use the new PVC

How to restore ClickHouse

1. Scale down to 0 for ClickHouse and ClickHouse-keeper, and delete PVCs.

1. Run the command below to list the available snapshots:

1. Identify the default StorageClass.

1. Use the following command to create PVC from the snapshot:

1. Scale up clickhouse-keeper to 3 replicas, and wait for all 3 replicas to be running.

1. Scale ClickHouse

1. Once all pods are running, exec into the pod and check the status of the tables

1. If the last command returns some tables, run the restore replica command for every table

and check again

How to restore Minio

1. Scale minio1 and minio2 to 0 replicas and remove their associated PVCs.

1. List the available snapshots by running the following command:

For example, we found snapshots for minio with names snapshot-minio1-202506040306 and snapshot-minio2-202506040306.

1. Identify the default StorageClass.

1. Create PVC from the snapshot by running the following command:

1. Scale minio1 and minio2 to 1 replica, and wait until both are running.