Velero

Last Updated: Aug 27, 2019 05:01AM PDT

Velero is an open-source tool to safely back up and restore Kubernetes configuration and data, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.

NooBaa deployment instructions: https://github.com/noobaa/noobaa-operator#noobaa-operator

For Velero 1.X and higher, simply follow the next steps:

1. Create a bucket on NooBaa with the name velero
2. Login your K8S or OpenShift
3. Download Velero
4. Create credentials file credentials-velero with NooBaa access key and secret key. 
5. Get your external S3 endpoint and credentials by running the NooBaa CLI

noobaa status -n <namespace>

Look for S3 Addresses, and choose the ExternalDNS address if you have one, or the InternalDNS if you don't have an external one.

File format:

[default]
aws_access_key_id = <NooBaa access key>
aws_secret_access_key = <NooBaa secret key>


6. Run the following command, replace <NooBaa External S3 endpoint >, without the port, with your external S3 endpoint.

Configuration backup only

velero install --provider aws --bucket velero --backup-location-config region=noobaa,s3ForcePathStyle="true",s3Url=http://<NooBaa external URL> --secret-file ./credentials-velero  --use-volume-snapshots=false

Configuration and Persistent volume backup with Restic

1. Deploy velero with restic option

./velero install --provider aws --bucket velero --backup-location-config region=noobaa,s3ForcePathStyle=true,s3Url=http://<NooBaa external URL> --secret-file ./credentials-velero --use-volume-snapshots=false --use-restic

2. Annotate your deployment's YAML per the instructions here
3. Add fsfreeze container to your deployment's YAML, under spec->template->spec->containers
- image: gcr.io/heptio-images/fsfreeze-pause:latest

        name: fsfreeze

        securityContext:

          privileged: true

        volumeMounts:

          - mountPath: "<replace with your container mountPath>"

            name: <replace with your container mount name>

            readOnly: false

    3. Mark your PV for backup by

kubectl -n <namespace> annotate pod/<pod name> backup.velero.io/backup-volumes=<mount name>
 

NOTE: If you are using OpenShift, please run the following commands

After Velero installation, run the following commands:

oc adm policy add-scc-to-user privileged -z velero -n velero

oc patch ds restic  --patch='{"spec":{"template":{"spec":{"containers":[{"name":"restic","securityContext":{ "privileged":true,"procMount":"Default","runAsUser":0 }}]}}}}' --dry-run -o yaml

Backup 
Now you can start using Velero. For example, you can run a baseline backup with the command:

velero backup create <backup name> --include-namespaces <namespace>

More information under https://velero.io/docs/v1.0.0/disaster-case/

Note: next Velero version will support multiple profiles, and would allow volume snapshots with NooBaa

For earlier version, please follow the examples provided by dear Chandler Wilkers 
https://github.com/cwilkers/velero/tree/noobaa-example/examples/noobaa
Did you find this article helpful?
195e69fe2c7a9be6b2b2aa6b87f970548@noobaa.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete