Terug naar overzicht

Velero manual

It can sometimes happen that you make a mistake in your production kubernetes cluster and then you would prefer to reverse it as quickly as possible. Even faster than redeploying your entire cluster. With velero (https://velero.io/), this is possible.

Velero is an open-source tool sponsored by VMware to safely backup, migrate and restore kubernetes clusters. The tool runs as a server process (deployment) in your cluster. In addition, on your desktop you have a cli client with which you can control the service. With this cli client, you can create, restore, schedule and delete backups.

In this guide, we will go through the steps on how to set this up in combination with S3 object storage. In this guide, we will use a Linux workstation. For Windows or macOS, you will need to adjust some of the steps.

Prerequisites:

Step 1, install the velero client.

Find the right version for your OS on this github page: https://github.com/vmware-tanz...

download the veleroclient to your /tmp folder

❯ cd /tmp

❯ wget https://link_van_git

Unpack the tarball

❯ tar -xvzf velero-v1.5.3-linux-amd64.tar.gz

You now have the velero binary in your /tmp dir. You can already test if it works

❯ ./velero-v1.5.3-linux-amd64/velero help

If everything works fine, move the binary to your PATH. Under (Ubuntu) Linux, you do that by moving it to /usr/local/bin

❯ sudo mv velero-v1.5.3-linux-amd64/velero /usr/local/bin/velero

Translated with DeepL.com (free version)

Step 2 Configure S3 storage

Create a configuration file (credentials-velero) for the S3 bucket in your homefolder with your bucket's credentials

[default]

aws_access_key_id =

aws_secret_access_key =

Step 3 Install Velero in Kubernetes Cluster

Now you can install velero using the following command, make sure you specify the correct bucket at the bucket parameter and at the s3 url the url of your object store, in this case Previder's.

❯ velero install ❯

--provider aws

--plugins velero/velero-plugin-for-aws

--bucket myvelerobucket ).

--secret-file ./credentials-velero \u2019

--use-volume-snapshots=false

--wait

--backup-location-config region=NL,s3ForcePathStyle="true",s3Url=https://object.previder.nl

Once the installation is complete, you can check it via

❯ kubectl get deployments -l component=velero -namespace=velero

You will then get the following output

Translated with DeepL.com (free version)

Step 4 Testing

For this test, you can use the example application included in the tarball from step 1. Of course, you can also use any other application here.

❯ kubectl apply -f examples/nginx-app/base.yaml

namespace/nginx-example created

deployment.apps/nginx-deployment created

Now create a backup of this nginx app, this can be done with the following command

❯ velero backup create nginx-backup --selector app=nginx

We can check if everything went well through:

❯ velero backup describe nginx-backup

Next, we discard the entire namespace in which the nginx test application is running.

❯ kubectl delete namespace nginx-example

And check that everything is gone

❯ kubectl get deployments --namespace=nginx-example

❯ kubectl get services --namespace=nginx-example

❯ kubectl get namespace/nginx-example

Wiederherstellung der nginx-Anwendung

❯ velero restore create --from-backup nginx-backup

And check that the namespace and services are back:

❯ kubectl get namespace/nginx-example

❯ kubectl get services --namespace=nginx-example

Other tips

Instead of backing up by hand, you can schedule it with cron. As an example to backup our nginx demo application every night at 1am:

❯ velero schedule create nginx-daily --schedule="0 1 * * * *" --selector app=nginx

You can clean up the backup with

❯ velero backup delete nginx-backup

To remove everything from this test from the cluster

❯ kubectl delete namespace/velero clusterrolebinding/velero

❯ kubectl delete crds -l component=velero

❯ kubectl delete -f examples/nginx-app/base.yaml