Last Updated: Aug 27, 2019 05:01AM PDT

Velero is an open-source tool to safely back up and restore Kubernetes configuration and data, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.

NooBaa deployment instructions:

For Velero 1.X and higher, simply follow the next steps:

1. Create a bucket on NooBaa with the name velero
2. Login your K8S or OpenShift
3. Download Velero
4. Create credentials file credentials-velero with NooBaa access key and secret key. 
5. Get your external S3 endpoint and credentials by running the NooBaa CLI

noobaa status -n <namespace>

Look for S3 Addresses, and choose the ExternalDNS address if you have one, or the InternalDNS if you don't have an external one.

File format:

aws_access_key_id = <NooBaa access key>
aws_secret_access_key = <NooBaa secret key>

6. Run the following command, replace <NooBaa External S3 endpoint >, without the port, with your external S3 endpoint.

Configuration backup only

velero install --provider aws --bucket velero --backup-location-config region=noobaa,s3ForcePathStyle="true",s3Url=http://<NooBaa external URL> --secret-file ./credentials-velero  --use-volume-snapshots=false

Configuration and Persistent volume backup with Restic

1. Deploy velero with restic option

./velero install --provider aws --bucket velero --backup-location-config region=noobaa,s3ForcePathStyle=true,s3Url=http://<NooBaa external URL> --secret-file ./credentials-velero --use-volume-snapshots=false --use-restic

2. Annotate your deployment's YAML per the instructions here
3. Add fsfreeze container to your deployment's YAML, under spec->template->spec->containers
- image:

        name: fsfreeze


          privileged: true


          - mountPath: "<replace with your container mountPath>"

            name: <replace with your container mount name>

            readOnly: false

    3. Mark your PV for backup by

kubectl -n <namespace> annotate pod/<pod name><mount name>

NOTE: If you are using OpenShift, please run the following commands

After Velero installation, run the following commands:

oc adm policy add-scc-to-user privileged -z velero -n velero

oc patch ds restic  --patch='{"spec":{"template":{"spec":{"containers":[{"name":"restic","securityContext":{ "privileged":true,"procMount":"Default","runAsUser":0 }}]}}}}' --dry-run -o yaml

Now you can start using Velero. For example, you can run a baseline backup with the command:

velero backup create <backup name> --include-namespaces <namespace>

More information under

Note: next Velero version will support multiple profiles, and would allow volume snapshots with NooBaa

For earlier version, please follow the examples provided by dear Chandler Wilkers
Did you find this article helpful?
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found