Taking Carina, a cloud-native storage plugin, as an example, data-sensitive scenarios such as databases include multiple compute instances per database cluster, and the instances may drift arbitrarily within the cluster and achieve automatic fault recovery. Traditional data backup methods in the database cluster rapid expansion and contraction, cross-node drift and other scenarios can not automatically follow the migration of computing instances, resulting in data backup failure, so a backup tool to fit the k8s container scenarios is very important.
Velero is a cloud-native disaster recovery and migration tool written in Go and open sourced on github at /vmware-tanzu/velero. Velero is Spanish for sailboat, which is very much in line with the naming style of the Kubernetes community.
With velero users can securely backup, restore, and migrate Kubernetes cluster resources and persistent volumes. The basic principle is to back up cluster data, such as cluster resources and persistent data volumes, to an object store and pull the data off the object store during recovery. In addition to disaster recovery it can also do resource migration, supporting the migration of container applications from one cluster to another, which is a very successful use case for velero.
Velero consists of several core components, the server and the client. The server runs on a specific Kubernetes cluster, and the client is a local command-line tool that can be used as long as you configure kubectl and kubeconfig, which is very simple.
Velero makes it easy to back up and restore data from a Kubernetes cluster, replicate resources from a Kubernetes cluster to other Kubernetes clusters, or quickly replicate production environments to test environments based on its implementation of the Kubernetes resource backup capability.
For resource backups, velero supports backing up data to a wide range of cloud storage, such as AWS S3 or S3-compatible storage systems, Azure Blob, Google Cloud Storage, Aliyun OSS, and more. Compared to etcd, the datastore engine that backs up the entire kubernetes, velero's control is more granular, with the ability to back up at the object level within a Kubernetes cluster, as well as categorize backups or restores by categorizing objects such as Type, Namespace, Label, and so on.
As an example of a core data backup, when executing velero backup create my-backup:
For backup storage locations and volume snapshots, Velero has two custom resources, BackupStorageLocation and VolumeSnapshotLocation, which are used to configure Velero backups and their volume snapshots. used to configure the storage location for Velero backups and their associated persistent volume snapshots.
The Minio installation Yaml file looks like this:
Install Mini and check for resource creation.
Once the services are all up, you can log into minio to see if the velero/velero bucket was created successfully.
Some of the important parameters and their descriptions are as follows:
After the install command completes, wait for the Velero and restic workloads to be ready, and then check to see if the configured storage locations are available.
At this point, velero is fully deployed.
velero supports backing up all objects, as well as filtering objects by type, namespaces, and/or tags
where:
--include-namespaces:Backs up all resources in that namespace, excluding cluster resources
--include-resources:Types of resources to back up
--include-resources:Types of resources to back up
--include-resources:Types of resources to back up
--include-resources:Types of resources to back up. Backup resource types
--include-cluster-resources:Whether to back up cluster resources This option can have three possible values: true: Include all cluster-scoped resources; false: Do not include cluster-scoped resources; nil ("auto " or not provided)
--selector:Select matching resources to back up by tag
--exclude-namespaces:Resources under this namespace are not backed up when backing up
--exclude-resources:Resources of this type are are not backed up
http://--velero.io/exclude-from-backup=true:当标签选择器匹配到该资源时 resources with this tag are also not backed up
It is also possible to back up specific resources in a specific order by using the -ordered- resources can also be used to back up specific kinds of resources in a specific order by using the -ordered- resources parameter. You need to specify the name of the resource and a list of object names of the resource, which are comma-separated in the format of "namespace/resource-name", or just the name of the resource in case of cluster-scoped resources. The key-value pairs in the mapping are separated by semicolons, and the resource types are in plural form.
When the backup task status is "Completed" and the error count is 0, the backup task is complete and no errors occurred. from creating or deleting backup objects in the backup storage location during the restore process.
After the restore is complete, do not forget to restore the backup store to read-write mode for the next backup task:
Velero supports restore hooks, which are customized actions that can be performed before or after the restore task. There are two forms of definitions:
If performing a backup before adding comments to a Pod:
If performing a backup before adding comments to a Pod:
Yes, this can be specified using the --namespace-mappings parameter:
Velero has a parameter that lets the user decide to preserve the original nodePorts.
The velero restore create subcommand has the --preserve-nodeports flag to protect the service nodePorts.This flag is used to preserve the original nodePorts from backups, and can be used as the --preserve- nodeports or --preserve-nodeports=true If this flag is given, Velero does not delete the nodePorts when restoring the Service, but instead tries to use the nodePorts that were written during the backup.
If you are implementing database consistency based on velero, you need to use a velero's hook to quiesce the database before the backup and unquiesce it after the backup. for the backup itself, you can either use restic to copy the data (but not use a snapshot) or use a snapshot of it.