|
1873 | 1873 | Infrastructure Elements of this Pattern OpenShift Virtualization OpenShift Virtualization is a Kubernetes-native way to run virtual machine workloads. It is used in this pattern to host VMs simulating an Edge environment; the chart that configures the VMs is designed to be flexible to allow easy customization to model different VM sizes, mixes, versions and profiles for future pattern development. |
1874 | 1874 | HashiCorp Vault Vault is used as the authoritative source for the Kiosk ssh pubkey via the External Secrets Operator. As part of this pattern HashiCorp Vault has been installed. Refer to the section on Vault. |
1875 | 1875 | Next Steps Help & Feedback Report Bugs `,url:"https://validatedpatterns.io/patterns/virtualization-starter-kit/getting-started/",breadcrumb:"/patterns/virtualization-starter-kit/getting-started/"},"https://validatedpatterns.io/patterns/trilio-continuous-recovery/prerequisites/":{title:"Prerequisites",tags:[],content:`Prerequisites Clusters Cluster Role Minimum size Hub Primary; runs ACM, HashiCorp Vault, ArgoCD, Trilio 3 worker nodes, 8 vCPU / 32 GB each DR Spoke Disaster Recovery target 3 worker nodes, 8 vCPU / 32 GB each Both clusters must: |
1876 | | -Run Red{nbsp}Hat OpenShift 4.18 or later Have network access to the shared S3 bucket Be reachable by ACM on the hub S3 storage A single S3-compatible bucket accessible from both clusters. Required values: |
| 1876 | +Run Red Hat OpenShift 4.18 or later Have network access to the shared S3 bucket Be reachable by ACM on the hub S3 storage A single S3-compatible bucket accessible from both clusters. Required values: |
1877 | 1877 | Bucket name Bucket region (must match the bucket’s actual region — always set this explicitly) Access key and secret key with read/write permissions on the bucket Trilio license A valid Trilio for Kubernetes license key. This pattern supports Trilio for Kubernetes version 5.3.0 and later. Obtain a license from trilio.io or your Trilio representative. |
1878 | 1878 | Tooling (hub workstation) oc CLI logged in to the hub cluster with cluster-admin |
1879 | 1879 | ansible-navigator (for manual DR operations) |
|
5350 | 5350 | This detection happens automatically on every reconcile loop, so there is no manual configuration or migration step needed. Existing clusters that upgrade the patterns operator will simply keep running as they always have. |
5351 | 5351 | Summary This change gives the Validated Patterns framework its own independent ArgoCD instance, improving isolation and giving the operator full control over its GitOps engine. Existing deployments are unaffected and will continue to use the openshift-gitops instance they were deployed with. New deployments will automatically get the dedicated vp-gitops instance with no additional configuration required. |
5352 | 5352 | `,url:"https://validatedpatterns.io/blog/2026-04-13-own-argocd-instance/",breadcrumb:"/blog/2026-04-13-own-argocd-instance/"},"https://validatedpatterns.io/patterns/":{title:"Patterns",tags:[],content:`Browse through available patterns and their respective documentation for deployment and operation. Filter patterns by type, industry, and product. |
5353 | | -`,url:"https://validatedpatterns.io/patterns/",breadcrumb:"/patterns/"},"https://validatedpatterns.io/patterns/trilio-continuous-recovery/":{title:"Trilio Continuous Restore",tags:[],content:`Trilio Continuous Restore — Red{nbsp}Hat Validated Pattern Overview This Validated Pattern delivers an automated, GitOps-driven Disaster Recovery (DR) solution for stateful applications running on Red{nbsp}Hat OpenShift. By integrating Trilio for Kubernetes with the Red{nbsp}Hat Validated Patterns framework, the pattern delivers: |
5354 | | -Automated backup of stateful workloads on the primary (hub) cluster Continuous Restore — Trilio’s accelerated Recovery Time Objective (RTO) DR path that continuously pre-stages backup data on the DR cluster so that recovery requires only metadata retrieval, not a full data transfer Automated DR testing — the full backup-to-restore lifecycle runs as a scheduled, self-healing GitOps workflow with no human intervention after initial setup Multi-cluster lifecycle management through Red{nbsp}Hat Advanced Cluster Management (ACM) Use case The pattern targets organizations that need a documented, repeatable DR posture for Kubernetes-native workloads — particularly those that must demonstrate RTO/Recovery Point Objective (RPO) targets through regular, automated DR tests rather than annual manual exercises. |
| 5353 | +`,url:"https://validatedpatterns.io/patterns/",breadcrumb:"/patterns/"},"https://validatedpatterns.io/patterns/trilio-continuous-recovery/":{title:"Trilio Continuous Restore",tags:[],content:`Trilio Continuous Restore — Red Hat Validated Pattern Overview This Validated Pattern delivers an automated, GitOps-driven Disaster Recovery (DR) solution for stateful applications running on Red Hat OpenShift. By integrating Trilio for Kubernetes with the Red Hat Validated Patterns framework, the pattern delivers: |
| 5354 | +Automated backup of stateful workloads on the primary (hub) cluster Continuous Restore — Trilio’s accelerated Recovery Time Objective (RTO) DR path that continuously pre-stages backup data on the DR cluster so that recovery requires only metadata retrieval, not a full data transfer Automated DR testing — the full backup-to-restore lifecycle runs as a scheduled, self-healing GitOps workflow with no human intervention after initial setup Multi-cluster lifecycle management through Red Hat Advanced Cluster Management (ACM) Use case The pattern targets organizations that need a documented, repeatable DR posture for Kubernetes-native workloads — particularly those that must demonstrate RTO/Recovery Point Objective (RPO) targets through regular, automated DR tests rather than annual manual exercises. |
5355 | 5355 | A WordPress + MySQL deployment is included as a representative stateful application. It serves as the reference workload for the full backup, restore, and URL-rewrite lifecycle. |
5356 | | -Architecture graph TD subgraph Git["Git (Source of Truth)"] values["values-hub.yaml\\nvalues-secondary.yaml\\ncharts/"] end subgraph Hub["Hub Cluster (primary)"] ACM["ACM"] ArgoCD["ArgoCD"] Vault["HashiCorp Vault + ESO"] Trilio_Hub["Trilio Operator + TVM"] CronJob["Imperative CronJob\\n(DR lifecycle automation)"] end subgraph Spoke["DR Cluster (secondary)"] Trilio_Spoke["Trilio Operator + TVM"] EventTarget["EventTarget pod\\n(pre-stages PVCs)"] ConsistentSet["ConsistentSet\\n(restore point)"] end S3["Shared S3 Bucket"] Git -->|GitOps sync| ArgoCD ArgoCD --> Trilio_Hub Vault -->|S3 creds + license| Trilio_Hub Trilio_Hub -->|backups| S3 ACM -->|provisions| Spoke S3 -->|EventTarget polls| EventTarget EventTarget --> ConsistentSet CronJob -->|restore from ConsistentSet| ConsistentSet Component roles Component Where Role Trilio Operator Hub + Spoke Installed through Operator Lifecycle Manager (OLM) from the certified-operators catalog, channel 5.3.x TrilioVaultManager Hub + Spoke Trilio operand Custom Resource (CR); manages the Trilio data plane Red{nbsp}Hat OpenShift Hub + Spoke Container orchestration platform; provides OLM, storage, networking, and the GitOps operator substrate Red{nbsp}Hat OpenShift GitOps (ArgoCD) Hub + Spoke GitOps sync engine; all configuration is driven from Git Red{nbsp}Hat Advanced Cluster Management (ACM) Hub Cluster lifecycle, policy enforcement, and spoke provisioning Validated Patterns Imperative CronJob Hub + Spoke Runs the automated DR lifecycle on a 10-minute schedule BackupTarget Hub + Spoke Points to the shared S3 bucket; the spoke BackupTarget has the EventTarget flag set BackupPlan Hub Defines backup scope (wordpress namespace), quiesce/unquiesce hooks, and retention CR BackupPlan Hub Continuous Restore variant of BackupPlan; drives pre-staging on the spoke EventTarget pod Spoke Watches the shared S3 bucket for new backups; pre-stages Persistent Volume Claims (PVCs) locally ConsistentSet Spoke Cluster-scoped CR representing a fully pre-staged restore point HashiCorp Vault and External Secrets Operator (ESO) Hub Secret management; S3 credentials and Trilio license are never stored in Git How Continuous Restore works The hub creates a backup using the CR BackupPlan and writes it to the shared S3 storage. The EventTarget pod on the spoke detects the new backup and begins copying volume data locally — ahead of any DR event. When the spoke’s imperative job detects an Available ConsistentSet, it submits a Restore CR. Because the data is already local, only backup metadata is fetched — resulting in significantly lower RTO than a standard on-demand restore. The post-restore Hook CR rewrites WordPress database URLs to the DR cluster’s ingress domain. Links Trilio for Kubernetes documentation Red{nbsp}Hat Validated Patterns Validated Patterns imperative framework Red{nbsp}Hat Advanced Cluster Management (ACM) External Secrets Operator Next steps Prerequisites Getting started CR operations Troubleshooting `,url:"https://validatedpatterns.io/patterns/trilio-continuous-recovery/",breadcrumb:"/patterns/trilio-continuous-recovery/"},"https://validatedpatterns.io/blog/2026-02-16-pattern-uninstall/":{title:"Experimental support for pattern uninstall",tags:[],content:` We are excited to announce that uninstalling patterns are now experimentally supported from pattern operator version 0.0.65 To initiate the uninstallation, only the pattern cr needs to be deleted. |
| 5356 | +Architecture graph TD subgraph Git["Git (Source of Truth)"] values["values-hub.yaml\\nvalues-secondary.yaml\\ncharts/"] end subgraph Hub["Hub Cluster (primary)"] ACM["ACM"] ArgoCD["ArgoCD"] Vault["HashiCorp Vault + ESO"] Trilio_Hub["Trilio Operator + TVM"] CronJob["Imperative CronJob\\n(DR lifecycle automation)"] end subgraph Spoke["DR Cluster (secondary)"] Trilio_Spoke["Trilio Operator + TVM"] EventTarget["EventTarget pod\\n(pre-stages PVCs)"] ConsistentSet["ConsistentSet\\n(restore point)"] end S3["Shared S3 Bucket"] Git -->|GitOps sync| ArgoCD ArgoCD --> Trilio_Hub Vault -->|S3 creds + license| Trilio_Hub Trilio_Hub -->|backups| S3 ACM -->|provisions| Spoke S3 -->|EventTarget polls| EventTarget EventTarget --> ConsistentSet CronJob -->|restore from ConsistentSet| ConsistentSet Component roles Component Where Role Trilio Operator Hub + Spoke Installed through Operator Lifecycle Manager (OLM) from the certified-operators catalog, channel 5.3.x TrilioVaultManager Hub + Spoke Trilio operand Custom Resource (CR); manages the Trilio data plane Red Hat OpenShift Hub + Spoke Container orchestration platform; provides OLM, storage, networking, and the GitOps operator substrate Red Hat OpenShift GitOps (ArgoCD) Hub + Spoke GitOps sync engine; all configuration is driven from Git Red Hat Advanced Cluster Management (ACM) Hub Cluster lifecycle, policy enforcement, and spoke provisioning Validated Patterns Imperative CronJob Hub + Spoke Runs the automated DR lifecycle on a 10-minute schedule BackupTarget Hub + Spoke Points to the shared S3 bucket; the spoke BackupTarget has the EventTarget flag set BackupPlan Hub Defines backup scope (wordpress namespace), quiesce/unquiesce hooks, and retention CR BackupPlan Hub Continuous Restore variant of BackupPlan; drives pre-staging on the spoke EventTarget pod Spoke Watches the shared S3 bucket for new backups; pre-stages Persistent Volume Claims (PVCs) locally ConsistentSet Spoke Cluster-scoped CR representing a fully pre-staged restore point HashiCorp Vault and External Secrets Operator (ESO) Hub Secret management; S3 credentials and Trilio license are never stored in Git How Continuous Restore works The hub creates a backup using the CR BackupPlan and writes it to the shared S3 storage. The EventTarget pod on the spoke detects the new backup and begins copying volume data locally — ahead of any DR event. When the spoke’s imperative job detects an Available ConsistentSet, it submits a Restore CR. Because the data is already local, only backup metadata is fetched — resulting in significantly lower RTO than a standard on-demand restore. The post-restore Hook CR rewrites WordPress database URLs to the DR cluster’s ingress domain. Links Trilio for Kubernetes documentation Red Hat Validated Patterns Validated Patterns imperative framework Red Hat Advanced Cluster Management (ACM) External Secrets Operator Next steps Prerequisites Getting started CR operations Troubleshooting `,url:"https://validatedpatterns.io/patterns/trilio-continuous-recovery/",breadcrumb:"/patterns/trilio-continuous-recovery/"},"https://validatedpatterns.io/blog/2026-02-16-pattern-uninstall/":{title:"Experimental support for pattern uninstall",tags:[],content:` We are excited to announce that uninstalling patterns are now experimentally supported from pattern operator version 0.0.65 To initiate the uninstallation, only the pattern cr needs to be deleted. |
5357 | 5357 | oc delete -n openshift-operators patterns/<pattern-name> Initial approach When we initialy started to work on supporting pattern uninstall, the naive approach was to remove the app of apps, and let argocd handle and clean up the rest. Unfortunatelly this path was unfeasable for two reasons: some long outstanding issues in argocd regarding application health checks, here and here and the hub-spoke architecture with acm policies. |
5358 | 5358 | Gory implementation details We decided to go with a more fine grained solution, and do phases: |
5359 | 5359 | Delete spoke child applications |
|
0 commit comments