On 06.08.24 1:19 PM, Boris wrote:
I am in the process of creating disaster recovery documentation and I have
two topics where I am not sure how to do it or even if it is possible.
Is it possible to recover from a 100% mon data loss? Like all mons fail and
the actual mon data is not recoverable.
In my head I would thing that I can just create new mons with the same
cluster ID and then start everything. The OSDs still have their PGs and
data and after some period of time everything will be ok again.
But then I thought that we use dmcrypt in ceph and I would need to somehow
backup all the keys to some offsite location.
So here are my questions:
- How do I backup the lockbox secrets?
- Do I need to backup the whole mon data, and if so how can I do it?
You are indeed correct - the keys need to be backed up outside of Ceph!
See:
* Issue: https://tracker.ceph.com/issues/63801
* PR by poelzl to add automatic backups:
https://github.com/ceph/ceph/pull/56772
Regards
Christian
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx