Kubernetes Backups with Velero

Information on setting up a Kubernetes backup with Velero (using minIO as a dummy s3 bucket destination).

Overview:

  • This git project consists of two components (minIO and Velero).
  • minIO is a package used to create dummy S3 buckets as a destination for the Velero backup package.
  • minIO should be installed on the intended destination for the backups (Eg your backup server).
  • Velero can be deployed to the Kubernetes cluster directly via an Ansible playbook.

Gitlab Project: https://github.com/tjth-ltd/kubernetes-backup/

Installation:

  • Installation instructions are detailed in project README.
  • minIO should be installed on the backup server
  • Velero must be deployed from an ansible host with the kubernetes cluster in it’s hosts file.

Running a backup:

A once-off backup can be run from the Kubernetes host as follows (Using default settings):

velero backup create full-backup-initial

Backing up by Namespace:

To run a backup of a particular namespace, run as follows:

velero backup create full-backup-[namespace] --include-namespaces [namespace]

Scheduling a backup:

Backup schedules can be created via kubernetes jobs using the velero binary on the master, eg below to take a full backup, daily at 05:00:

velero schedule create full-backup --schedule "0 5 * * *"

Run the below one-liner to schedule a full backup per-namespace each morning:

for namespace in $(kubectl get namespaces | tail -n +2 | awk {'print $1'}); do echo "velero schedule create full-backup-$namespace --include-namespaces $namespace --schedule "0 5 * * *"";done

Listing backups:

Run the below command to list restore points from the backup destination:

velero backup get

Restoring from Backup:

Run the below steps to restore your Kubernetes cluster from a previous state. Note: Instructions include the safe measure of setting the backup destination to read-only to ensure no changes are made during the restoration process.

velero restore create --from-backup <SCHEDULE NAME>-<TIMESTAMP>

NOTE: If no Timestamp is entered, the latest backup will be used.

To restore a backed up namespace onto a new namespace (Eg to run the two side by side) you can run similar to the following:

velero restore create --from-backup full-backup-[namespace] --namespace-mappings [old-namespace]:[new-namespace]

Source: https://velero.io/docs/master/disaster-case/

Adding another backup-location:

To add a second velero backup-location to use to restore from (Eg to move namespaces between clusters), run the following (adjust options as appropriate).

velero backup-location create staging --provider aws --bucket staging --config region=minio,s3ForcePathStyle="true",s3Url=http://[your-minio-server]:9000

Uninstalling:

Velero can be uninstalled from the Kubernetes host by running the following via kubectl:
kubectl delete namespace/velero clusterrolebinding/velero
kubectl delete crds -l component=velero

Any comments or questions? Get in touch here or Email me at [email protected]