Back up data for disaster recovery

Stay organized with collections Save and categorize content based on your preferences.

This page shows you how to back up data for disaster recovery using Filestore backups. To learn more about backups, common use cases, and best practices, see Backups.

Supported tiers

The following table shows the Filestore tiers that support backups:

Tier Backups support
Basic HDD Yes
Basic SSD Yes
High Scale SSD Yes

(Preview)

Enterprise Yes

(Preview)

Before you begin

  1. Install gcloud.

  2. Update gcloud components:

    gcloud components update
    
  3. Ensure that the account you are using has either the Cloud Filestore Editor role, or the Project Owner or Project Editor basic role. For more information about roles and permissions for Filestore, see Access Control.

Backing up a file share

Filestore backups do not include file locks and certain instance-specific information. The following table shows what information backups preserve and what information they don't:

Preserved Not preserved
Instance ID Description
Tier of the source instance Location
Capacity Network
File share name IP address
Creation time
IP-based access controls
File locks
Lock state

Backup chains and encryption

A group of backups associated with the same source instance are called a backup chain. While a backup chain is not restricted to the same location as the source instance, all backups in the chain must reside in the same region.

Basic tier backup chains

Basic tier instances can support multiple backup chains, allowing users to geo-redundantly store their backup data in multiple regions separate from the source instance. CMEK support is not available for Basic HDD and Basic SSD tier backups.

High Scale and Enterprise tier backup chains

High Scale SSD and Enterprise tier instances support a single backup chain. With High Scale and Enterprise tier backups, users can store their backup data in a geographic region separate from the source and also take advantage of CMEK support by applying separate CMEKs to the source instance and backup chain. When creating a backup chain encrypted with CMEK, consider the following limitations:

  • A single CMEK is applied to the bucket where the backup chain is stored and cannot be combined or replaced.

  • To create a backup using a new CMEK, the entire existing backup chain must first be deleted.

For more information see Customer-managed encryption keys and Backups.

Creating a backup

You can create a backup of a file share using one of the following methods:

Console

  1. Go to the Filestore instances page
  2. Click the Filestore instance that you want to create a backup of.
  3. Click the Backups tab.
  4. Click Create backup.
  5. For Backup ID, type a name for the backup.
  6. For Region, select the Google Cloud region where you want the backup to be located.
  7. Optional: Add a description.
  8. Optional: Click Add label to add labels to the backup.
  9. Click Create.

gcloud

Run the following gcloud filestore backups create command in a terminal window on your local machine. The --kms-key flag is optional:

gcloud filestore backups create BACKUP-NAME \
    --instance=INSTANCE-NAME \
    --file-share=FILE-SHARE-NAME \
    --instance-zone=ZONE \
    --region=BACKUP-LOCATION \
    --kms-key=projects/KMS-PROJECT/locations/KMS-LOCATION/keyRings/KEYRING/cryptoKeys/CRYPTO-KEY

where:

  • BACKUP-NAME is the name you want to give the backup.
  • INSTANCE-NAME is the name of the Filestore instance to back up.
  • FILE-SHARE-NAME is the name of the file share on the Filestore instance.
  • ZONE is the zone where the Filestore instance is located.
  • BACKUP-LOCATION is the region where the backup will be stored. If a region is not indicated, the backup is created in the same region as the Filestore instance.
  • KMS-PROJECT is the project name where the KMS key resource is stored.
  • KMS-LOCATION is the region of the KMS key resource.
  • KEYRING is the name of the keyring.
  • CRYPTO-KEY is the KMS key resource.

Example

The following command creates a backup of file share vol1 on the Filestore instance nfs-server, which is located in zone us-central1-c. The backup is named mybackup, is located in region asia-east2, and has an associated encryption key that will encrypt the instance when restored:

gcloud filestore backups create mybackup \
    --instance=nfs-server \
    --file-share=vol1 \
    --instance-zone=us-central1-c \
    --region=asia-east2 \
    --kms-key=projects/purple-project/locations/us-central1/keyRings/filestore-keyring/cryptoKeys/filestore-key

Listing, viewing, updating, and deleting backups

Filestore backups can be listed, viewed, updated, and deleted.

Console

  1. To view a list of all backups in your current project:

    Go to the Filestore backups page

  2. To see details about a backup, click the backup ID.

  3. To delete a backup:

    1. Click the backup ID of the backup you want to delete.
    2. Click Delete.
    3. When prompted, type the backup ID.
    4. Click Delete.

gcloud

Listing all backups in your current project

To view a list of backups for your current project, run the backups list command:

gcloud filestore backups list

Viewing information about a backup

To view information about a backup, run the backups describe command:

gcloud filestore backups describe BACKUP-NAME \
    --region=BACKUP-LOCATION

Where:

  • BACKUP-NAME is the name of the backup whose information you want to view.
  • BACKUP-LOCATION is the region where the backup is stored.

Updating a backup

To update a backup, run the backups update command:

gcloud filestore backups update BACKUP-NAME \
  --region=BACKUP-LOCATION \
  --description="NEW-DESCRIPTION" \
  --update-labels=KEY=VALUE,...

Where:

  • BACKUP-NAME is the name of the backup whose information you want to view.
  • BACKUP-LOCATION is the region where the backup is stored. The region cannot be changed.
  • NEW-DESCRIPTION is the description of the backup.
  • KEY=VALUE,... is a list of KEY=VALUE pairs you want to update. If a label exists, its value is updated, otherwise a new label is created.

Deleting a backup

To delete a backup, run the backups delete command:

gcloud filestore backups delete BACKUP-NAME \
  --region=BACKUP-LOCATION

Where:

  • BACKUP-NAME is the name of the backup whose information you want to view.
  • BACKUP-LOCATION is the region where the backup is stored.

Restoring a file share

File shares can be restored from a backup to either a new Filestore instance or to a file share of an existing instance. You must re-mount the file share after it is restored from a backup. All outstanding file locks are revoked upon successful restoration.

Before you begin

gcloud

Ensure you have the proper permissions such as the roles/cloudkms.admin role to run the following command:

 gcloud projects add-iam-policy-binding KMS_PROJECT_NUMBER \
     --member serviceAccount:service-TARGET_INSTANCE_PROJECT_NUMBER@cloud-filer.iam.gserviceaccount.com \
     --role roles/cloudkms.cryptoKeyEncrypterDecrypter

where:

  • KMS_PROJECT_NUMBER is the project number where the key is located.
  • TARGET_INSTANCE_PROJECT_NUMBER is the project number for the instance you want associated with the key.

For gcloud flag details, see the gcloud projects add-iam-policy-binding page.

Restoring to an existing instance

When restoring a backup to an existing Filestore instance, the capacity of the target instance must be greater than or equal to that of the original instance from which the backup was created. If the original instance has a greater capacity, you must first increase the target instance's capacity before attempting the restore operation.

If a backup restore to a Basic HDD or SSD tier instance fails, the file share state remains unchanged. If, once the operation begins, a backup restore to an Enterprise or High Scale tier instance fails, the filesystem resets to an empty state. Users are responsible for retrying the operation.

Console

  1. Go to the Filestore instances page
  2. Click the instance ID of the instance you want to restore a backup from.
  3. Click the Backups tab.
  4. Locate the backup you want to restore from and click (...) More actions.
  5. Click Restore backup.
  6. Choose a target instance to restore:
    1. If restoring the source instance, click Source instance.
    2. If restoring to another existing instance, click Other existing instance.
      1. Click Select instance.
      2. Select the target instance where you want the restored backup to reside and click Select.
  7. Click Restore and a confirmation dialog appears.
    1. Click the acknowledgement checkbox.
    2. Enter the name of the backup in the input field and click Restore.

gcloud

To restore a Filestore file share to an existing instance, run the instances restore command:

gcloud filestore instances restore INSTANCE-NAME \
    --source-backup=BACKUP-NAME \
    --source-backup-region=BACKUP-LOCATION \
    --file-share=FILE-SHARE-NAME \
    --zone=INSTANCE-LOCATION

Where:

  • INSTANCE-NAME is the name of the existing Filestore instance to restore the file share to.
  • BACKUP-NAME is the name of the backup to restore from.
  • BACKUP-LOCATION is the region where the backup is located.
  • FILE-SHARE-NAME is the name of the file share to restore to.
  • INSTANCE-LOCATION is the zone that the Filestore instance is located.

Example

The following command restores mybackup, which is located in region asia-east2, to file share vol1 on Filestore instance myinstance, which is located in zone us-central1-c:

gcloud filestore instances restore myinstance \
    --source-backup=mybackup \
    --source-backup-region=asia-east2  \
    --file-share=vol1 \
    --zone=us-central1-c

Restoring to a new instance

When a backup is restored to a new Filestore instance, the capacity of the new file share needs to be equal to or larger than the capacity of the backup.

You can also choose an instance tier that is different from the original.

Console

  1. In the Google Cloud console, go to the Filestore instances page.

    Go to the Filestore instances page

  2. Click Backups.

  3. Click the name of the backup you want to restore from.

  4. Click Restore.

  5. Click New instance.

  6. Configure the new instance by following the instructions on the page. For details, see Creating instances.

  7. Click Restore.

gcloud

To restore a Filestore file share to a new instance, run the instances create command:

gcloud filestore instances create INSTANCE-NAME \
    --zone=ZONE \
    --file-share=name=FILE-SHARE-NAME,capacity=FILE-SHARE-CAPACITY,source-backup=SOURCE-BACKUP-NAME,source-backup-region=SOURCE-BACKUP-LOCATION \
    --network=name=VPC-NETWORK,reserved-ip-range=RESERVED-IP-ADDRESS

Where:

  • INSTANCE-NAME is the name you want to give to the new Filestore instance.
  • ZONE is the zone where the Filestore instance resides.
  • FILE-SHARE-NAME is the name you specify for the NFS file share that is served from the instance.
  • FILE-SHARE-CAPACITY is the capacity you want for the file share.
  • SOURCE-BACKUP-NAME is the name of the backup to restore from.
  • SOURCE-BACKUP-LOCATION is the region where the backup is located.
  • VPC-NETWORK is the name of the VPC network you want the instance to use.
  • RESERVED-IP-ADDRESS is the IP address range for the Filestore instance.

For gcloud flag details, see Creating instances.

Example

The following command creates a new Filestore instance myinstance-restored located in zone us-central1-c on network default. Backup mybackup located in region asia-east2 is restored on file share vol1 of myinstance-restored with a 2TiB capacity:

gcloud filestore instances create myinstance-restored \
    --zone=us-central1-c \
    --network=name=default \
    --file-share=name=vol1,capacity=2TiB,source-backup=mybackup,source-backup-region=asia-east2

What's next