Table of Contents
In this article, we will see how to install and use velero to take kubernetes cluster backup. If you are looking to backup your kubernetes cluster data to be well prepared for any future disaster or may be for some other purposes such as migrating one cluster data to another, refreshing production data to lower environments such as development and testing environment then velero comes to our rescue in such cases. It is a free and open source tool to backup and restore kubernetes cluster resources and persistent volumes. It can run on both cloud provider as well as on-premise.
Velero can perform both on demand backup as well as scheduled backups. It can either backup all objects in your cluster or you can even filter objects by namespace, label, type to take selected backups. Similarly, it can also restore either all objects and persistent volumes or just a filtered subset of objects and persistent volumes from a previously created backup. You can even set an expiration duration on your backup so that once it expires it removes all the backup resources from cloud storage. By default, backup retention period will be of 30 days. More on official website.
How does velero backup works?
Velero deploys as a kubernetes controller in cluster. To perform backup, it queries Kubernetes API to gather all information about resources it has to backed up such as deployments, statefulset, services, configmap and secrets. Then this data gets serialized into YAML manifests which in turn gets uploaded to the configured cloud storage locations.
How to Install and Use Velero to Backup Kubernetes Cluster
Also Read: How to delete all kubernetes objects deployed by kustomize tool?
Step 1: Prerequisites
a) You should have a running kubernetes cluster.
b) You should have root or sudo access to run any privileged commands.
c) You should have wget and tar utility installed.
d) You should have MinIO running and accessible at url http://127.0.0.1:9000
Step 2: Download Velero
You have to first download the latest velero package from GitHub website using wget utility as shown below. Below command will download the .tar.gz package in current working directory.
cyberithub@ubuntu:~$ wget https://github.com/vmware-tanzu/velero/releases/download/v1.15.0/velero-v1.15.0-linux-amd64.tar.gz --2024-11-27 02:50:45-- https://github.com/vmware-tanzu/velero/releases/download/v1.15.0/velero-v1.15.0-linux-amd64.tar.gz Resolving github.com (github.com)... 20.207.73.82 Connecting to github.com (github.com)|20.207.73.82|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/99143276/e4a322db-f151-4793-8d0f-0acebd99239b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241126%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241126T212045Z&X-Amz-Expires=300&X-Amz-Signature=063b36557c6168554cbab52aa4c5f01f10f6096ae4961e3e8a16d76d0ab65e8d&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dvelero-v1.15.0-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream [following] --2024-11-27 02:50:45-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/99143276/e4a322db-f151-4793-8d0f-0acebd99239b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241126%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241126T212045Z&X-Amz-Expires=300&X-Amz-Signature=063b36557c6168554cbab52aa4c5f01f10f6096ae4961e3e8a16d76d0ab65e8d&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dvelero-v1.15.0-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.111.133, 185.199.108.133, ... Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 44676335 (43M) [application/octet-stream] Saving to: ‘velero-v1.15.0-linux-amd64.tar.gz’ velero-v1.15.0-linux-amd64.tar.gz 100%[=================================================================>] 42.61M 6.49MB/s in 6.3s 2024-11-27 02:50:53 (6.75 MB/s) - ‘velero-v1.15.0-linux-amd64.tar.gz’ saved [44676335/44676335]
Step 3: Install Velero
Once downloaded, you have to extract the binary from downloaded file using tar -xzvf velero-v1.15.0-linux-amd64.tar.gz command as shown below. To know more about tar command, check 20+ Practical tar command examples for Linux Administrators.
cyberithub@ubuntu:~$ tar -xzvf velero-v1.15.0-linux-amd64.tar.gz velero-v1.15.0-linux-amd64/LICENSE velero-v1.15.0-linux-amd64/examples/minio/00-minio-deployment.yaml velero-v1.15.0-linux-amd64/examples/nginx-app/README.md velero-v1.15.0-linux-amd64/examples/nginx-app/base.yaml velero-v1.15.0-linux-amd64/examples/nginx-app/with-pv.yaml velero-v1.15.0-linux-amd64/velero
Then copy or move the binary to a location which is set in global PATH environment variable such as /usr/local/bin/ path.
cyberithub@ubuntu:~$ sudo cp velero-v1.15.0-linux-amd64/velero /usr/local/bin/ [sudo] password for cyberithub:
Step 4: Install Velero Server Components
For demo purpose, we are going to set up a backup location in MinIO object storage which simulates AWS S3 storage. We are going to install velero in kubernetes cluster specifying storage provider as AWS S3 and with other required configuration as shown below.
cyberithub@ubuntu:~$ velero install --provider aws --plugins velero/velero-plugin-for-aws:v1.5.1 --bucket velero-cyberithub --backup-location-config region=minio,publicUrl=http://127.0.0.1:9000 --snapshot-location-config region=default --no-secret CustomResourceDefinition/backuprepositories.velero.io: attempting to create resource CustomResourceDefinition/backuprepositories.velero.io: attempting to create resource client CustomResourceDefinition/backuprepositories.velero.io: created CustomResourceDefinition/backups.velero.io: attempting to create resource CustomResourceDefinition/backups.velero.io: attempting to create resource client CustomResourceDefinition/backups.velero.io: created CustomResourceDefinition/backupstoragelocations.velero.io: attempting to create resource CustomResourceDefinition/backupstoragelocations.velero.io: attempting to create resource client CustomResourceDefinition/backupstoragelocations.velero.io: created CustomResourceDefinition/deletebackuprequests.velero.io: attempting to create resource CustomResourceDefinition/deletebackuprequests.velero.io: attempting to create resource client CustomResourceDefinition/deletebackuprequests.velero.io: created CustomResourceDefinition/downloadrequests.velero.io: attempting to create resource CustomResourceDefinition/downloadrequests.velero.io: attempting to create resource client CustomResourceDefinition/downloadrequests.velero.io: created CustomResourceDefinition/podvolumebackups.velero.io: attempting to create resource CustomResourceDefinition/podvolumebackups.velero.io: attempting to create resource client CustomResourceDefinition/podvolumebackups.velero.io: created CustomResourceDefinition/podvolumerestores.velero.io: attempting to create resource CustomResourceDefinition/podvolumerestores.velero.io: attempting to create resource client CustomResourceDefinition/podvolumerestores.velero.io: created CustomResourceDefinition/restores.velero.io: attempting to create resource CustomResourceDefinition/restores.velero.io: attempting to create resource client CustomResourceDefinition/restores.velero.io: created CustomResourceDefinition/schedules.velero.io: attempting to create resource CustomResourceDefinition/schedules.velero.io: attempting to create resource client CustomResourceDefinition/schedules.velero.io: created CustomResourceDefinition/serverstatusrequests.velero.io: attempting to create resource CustomResourceDefinition/serverstatusrequests.velero.io: attempting to create resource client CustomResourceDefinition/serverstatusrequests.velero.io: created CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting to create resource CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting to create resource client CustomResourceDefinition/volumesnapshotlocations.velero.io: created CustomResourceDefinition/datadownloads.velero.io: attempting to create resource CustomResourceDefinition/datadownloads.velero.io: attempting to create resource client CustomResourceDefinition/datadownloads.velero.io: created CustomResourceDefinition/datauploads.velero.io: attempting to create resource CustomResourceDefinition/datauploads.velero.io: attempting to create resource client CustomResourceDefinition/datauploads.velero.io: created Waiting for resources to be ready in cluster... Namespace/velero: attempting to create resource Namespace/velero: attempting to create resource client Namespace/velero: created ClusterRoleBinding/velero: attempting to create resource ClusterRoleBinding/velero: attempting to create resource client ClusterRoleBinding/velero: created ServiceAccount/velero: attempting to create resource ServiceAccount/velero: attempting to create resource client ServiceAccount/velero: created BackupStorageLocation/default: attempting to create resource BackupStorageLocation/default: attempting to create resource client BackupStorageLocation/default: created VolumeSnapshotLocation/default: attempting to create resource VolumeSnapshotLocation/default: attempting to create resource client VolumeSnapshotLocation/default: created Deployment/velero: attempting to create resource Deployment/velero: attempting to create resource client Deployment/velero: created No secret file was specified, no Secret created. Velero is installed! ⛵ Use 'kubectl logs deployment/velero -n velero' to view the status.
Let's understand above option used with velero install command in detail.
- --provider aws: to configure storage provider as AWS S3(in our case it is MinIO)
- --plugins velero/velero-plugin-for-aws:v1.5.1: to set AWS plugin version for velero to enable compatibility with S3-compatible storage
- --bucket velero-cyberithub: to set the name of bucket to velero-cyberithub in MinIO to store backups
- --backup-location-config region=minio,publicUrl=http://127.0.0.1:9000: to configure backup location which includes region name as MinIO and URL as MinIO server url(in our case it is http://127.0.0.1:9000)
- --snapshot-location-config region=default: to configure snapshot location region as default
- --no-secret: to specify no credentials or authentication required
Step 5: Check Version
Once velero setup is done, check its version by using velero version command as shown below. It should show both Client and Server version as shown below.
cyberithub@ubuntu:~$ velero version Client: Version: v1.15.0 Git commit: 1d4f1475975b5107ec35f4d19ff17f7d1fcb3edf Server: Version: v1.15.0
Step 6: Check Backup Location
To check configured velero backup storage locations, run velero backup-location get command as shown below. It should show all configured cloud based storage or on-premise locations.
cyberithub@ubuntu:~$ velero backup-location get NAME PROVIDER BUCKET/PREFIX PHASE LAST VALIDATED ACCESS MODE DEFAULT default aws velero-cyberithub available 2024-11-17 17:23:55 +0000 UTC ReadWrite true
Step 7: Create a Backup
Now that storage location is configured, let's create a backup called cyberithub-backup to take the backup of resources from a namespace called velero-test using velero backup create local-backup --include-namespaces velero-test command as shown below. This should take backup and store it in configured storage location.
cyberithub@ubuntu:~$ velero backup create cyberithub-backup --include-namespaces velero-test Backup request "cyberithub-backup" submitted successfully. Run `velero backup describe cyberithub-backup` or `velero backup logs cyberithub-backup` for more details.
Step 8: Verify Backup
To verify the created backup called local-backup, run velero backup describe cyberithub-backup command as shown below. This command will show the status, contents, and metadata of the specified backup.
cyberithub@ubuntu:~$ velero backup describe cyberithub-backup Name: cyberithub-backup Namespace: velero Labels: velero.io/storage-location=default Annotations: velero.io/resource-timeout=10m0s velero.io/source-cluster-k8s-gitversion=v1.27.16 velero.io/source-cluster-k8s-major-version=1 velero.io/source-cluster-k8s-minor-version=27 Phase: Completed Namespaces: Included: velero-test Excluded: <none> Resources: Included: * Excluded: <none> Cluster-scoped: auto Label selector: <none> Or label selector: <none> Storage Location: default Velero-Native Snapshot PVs: auto Snapshot Move Data: false Data Mover: velero TTL: 720h0m0s CSISnapshotTimeout: 10m0s ItemOperationTimeout: 4h0m0s Hooks: <none> Backup Format Version: 1.1.0 Started: 2024-11-17 17:25:20 +0000 UTC Completed: 2024-11-17 17:35:10 +0000 UTC Volume Snapshots: - Snapshotted PVCs: 3 - Provider Snapshot IDs: pvc-78564 -> snapshot-bcdaa pvc-42139 -> snapshot-dbcca Backup Stats: - Total items: 223 - Total bytes: 550 MB - Included items: Deployments, Pods, Services, ConfigMaps, Secrets, PVCs Warnings: 0 Errors: 0
Step 9: Restore Backup
You can also restore data into kubernetes cluster from a specific backup taken earlier. For example, to restore all data from a backup local-backup to a kubernetes cluster, run velero restore create --from-backup cyberithub-backup command as shown below. By default, it will restore data into its original place from where backup had taken unless specified otherwise.
cyberithub@ubuntu:~$ velero restore create --from-backup cyberithub-backup Restore request "cyberithub-backup-20241117172806" submitted successfully. Run `velero restore describe cyberithub-backup-20241117172806` or `velero restore logs cyberithub-backup-20241117172806` for more details.