# INSTALL AND CONFIGURE VELERO
# Introduction
Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. It works both on premises and in a public cloud. Velero consists of a server process running as a deployment in your Kubernetes cluster and a command-line interface (CLI) with which DevOps teams and platform operators configure scheduled backups, trigger ad-hoc backups, perform restores, and more.
Unlike other tools which directly access the Kubernetes etcd database to perform backups and restores, Velero uses the Kubernetes API to capture the state of cluster resources and to restore them when necessary. This API-driven approach has a number of key benefits:
Backups can capture subsets of the cluster's resources, filtering by namespace, resource type, and/or label selector, providing a high degree of flexibility around what's backed up and restored
Users of managed Kubernetes offerings often do not have access to the underlying etcd database, so direct backups/restores of it are not possible
Resources exposed through aggregated API servers can easily be backed up and restored even if they're stored in a separate etcd database
Velero provides a suite of tools to backup Kubernetes resources and applications for two main purposes:
Disaster Recovery -- Recover Kubernetes cluster components and applications
Migration -- Migrate your Kubernetes applications to another Kubernetes cluster
Data Protection - Offers key data protection features such as scheduled backups, retention schedules, and pre or post-backup hooks for custom actions
FIGURE 23 Installing and Configure Velero High Level View
Velero lets you:
Take backups of your cluster and restore in case of loss
Migrate cluster resources to other clusters
Replicate your production cluster to development and testing clusters
Velero consists of:
A server that runs on your cluster
A command-line client that runs locally
This section covers how to install and configure Velero and how to use Velero to take backup/restore on an Openshift Container Platform by using noobaa object storage
Prerequisites
OpenShift Container Platform cluster should be available with the administrator credentials OCP cluster should have NooBaa object storage as part of Openshift Storage cluster
Installation Process
Installing the Velero Client
- From the installer node navigate to the temporary /tmp directory
[root@installer ] \ cd /tmp
- Use wget and the link you can copy from (https://github.com/vmware-tanzu/velero/releases ) to download the release tarball:
[root@installer ] $ wget https://<link_copy_from_release_page >
- Once the download completes, extract the tarball using tar
[root@installer tmp] $ tar -xvzf velero-v1.12.3-linux-amd64.tar.gz
- The /tmp directory should now contain the extracted velero-v1.12.3-linux-amd64.
Move the Velero executable out of the temporary /tmp directory and add it to your PATH.
[root@installer tmp] $ sudo velero-v1.12.3-linux-amd64velero /usr/local/bin/velero
- Now you can get the secret key from AWS and create the file in the format shown below using the key you retrieved.
[default]
aws_access_key_id= <Access Key ID>
aws_secret_access_key= <Secret Access Key>
Installing the Velero Server
Once you are ready with the appropriate bucket and backup location settings, it is time to install Velero. Run the following command, substituting your values where required:
[root@installer tmp] $ velero install
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.5.0 \
--bucket velerobucket10 \
--secret-file ./cloud-credentials \
--backup-location-config region=ap-south-1 \
--snapshot-location-config region=ap-south-1
You should see the following output:
CustomResourceDefinition/backups.velero.io: attempting to create
resource
CustomResourceDefinition/backups.velero.io: attempting to create
resource client
CustomResourceDefinition/backups.velero.io: created
CustomResourceDefinition/backupstoragelocations.velero.io: attempting to
create resource
CustomResourceDefinition/backupstoragelocations.velero.io: attempting to
create resource client
CustomResourceDefinition/backupstoragelocations.velero.io: created
CustomResourceDefinition/deletebackuprequests.velero.io: attempting to
create resource
CustomResourceDefinition/deletebackuprequests.velero.io: attempting to
create resource client
CustomResourceDefinition/deletebackuprequests.velero.io: created
CustomResourceDefinition/downloadrequests.velero.io: attempting to
create resource
CustomResourceDefinition/downloadrequests.velero.io: attempting to
create resource client
CustomResourceDefinition/downloadrequests.velero.io: created
CustomResourceDefinition/podvolumebackups.velero.io: attempting to
create resource
CustomResourceDefinition/podvolumebackups.velero.io: attempting to
create resource client
CustomResourceDefinition/podvolumebackups.velero.io: created
CustomResourceDefinition/podvolumerestores.velero.io: attempting to
create resource
CustomResourceDefinition/podvolumerestores.velero.io: attempting to
create resource client
CustomResourceDefinition/podvolumerestores.velero.io: created
CustomResourceDefinition/resticrepositories.velero.io: attempting to
create resource
CustomResourceDefinition/resticrepositories.velero.io: attempting to
create resource client
CustomResourceDefinition/resticrepositories.velero.io: created
CustomResourceDefinition/restores.velero.io: attempting to create
resource
CustomResourceDefinition/restores.velero.io: attempting to create
resource client
CustomResourceDefinition/restores.velero.io: created
CustomResourceDefinition/schedules.velero.io: attempting to create
resource
CustomResourceDefinition/schedules.velero.io: attempting to create
resource client
CustomResourceDefinition/schedules.velero.io: created
CustomResourceDefinition/serverstatusrequests.velero.io: attempting to
create resource
CustomResourceDefinition/serverstatusrequests.velero.io: attempting to
create resource client
CustomResourceDefinition/serverstatusrequests.velero.io: created
CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting
to create resource
CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting
to create resource client
CustomResourceDefinition/volumesnapshotlocations.velero.io: created
Waiting for resources to be ready in cluster...
Namespace/velero: attempting to create resource
Namespace/velero: attempting to create resource client
Namespace/velero: created
ClusterRoleBinding/velero: attempting to create resource
ClusterRoleBinding/velero: attempting to create resource client
ClusterRoleBinding/velero: created
ServiceAccount/velero: attempting to create resource
ServiceAccount/velero: attempting to create resource client
ServiceAccount/velero: created
Secret/cloud-credentials: attempting to create resource
Secret/cloud-credentials: attempting to create resource client
Secret/cloud-credentials: created
BackupStorageLocation/default: attempting to create resource
BackupStorageLocation/default: attempting to create resource client
BackupStorageLocation/default: created
VolumeSnapshotLocation/default: attempting to create resource
VolumeSnapshotLocation/default: attempting to create resource client
VolumeSnapshotLocation/default: created
Deployment/velero: attempting to create resource
Deployment/velero: attempting to create resource client
Deployment/velero: created
Velero is installed! ⛵ Use 'kubectl logs deployment/velero -n velero' to
view the status.
Once the deployment is ready you will be able to see the status using the following command:
[root@installer tmp] $ oc get po -n velero
NAME READY STATUS RESTARTS AGE
velero-798b86bf47-2s68n 1/1 Running 0 36s
Follow below steps for backup and restore.
- Below figure shows WordPress app resources under project WordPress.
[root@installer tmp]$ oc get pods,pvc,routes -n test-word
NAME READY STATUS
RESTARTS AGE
pod/wordpress-687f77b58d-7p66j 1/1 Running 0 40m
pod/wordpress-mysql-db6648954-rsvn8 1/1 Running 0 40m
NAME STATUS VOLUME
CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/mysql-pv-claim Bound local-pv-c0254aba
279Gi RWO localstorageclass 40m
persistentvolumeclaim/wp-pv-claim Bound local-pv-4e4a3889
931Gi RWO localstorageclass 40m
NAME
HOST/PORT PATH SERVICES
PORT TERMINATION WILDCARD
route.route.openshift.io/wordpress-http
wordpress-http-default.apps.rhocp.tamil.local wordpress-http
80-tcp None
- Run the following command to create a backup.
[root@installer tmp] $ velero backup create wordbackup
--include-namespaces test-word
Backup request "wordbackup" submitted successfully.
Run velero backup describe wordbackup
or velero backup logs wordbackup
for more details.
- Run below command to get available backups in Velero.
[root@installer tmp] $ velero backup get
NAME STATUS ERRORS WARNINGS
CREATED EXPIRES STORAGE LOCATION SELECTOR
wordbackup Completed 0 0 2022-08-23 02:46:51 -0500
CDT 29d default <none>
- Now you can Delete the wordpress application and you can restore from aws. Run the below command to restore the backup in Velero.
[root@installer tmp] $ velero restore create --from-backup
wordbackup
Restore request "wordbackup-20220823040033" submitted successfully.
Run `velero restore describe wordbackup-20220823040033` or `velero
restore logs wordbackup-20220823040033` for more details.
```
5. Run the below command to list the restore.
``` bash
[root@installer tmp] $ velero restore get
NAME BACKUP STATUS
STARTED COMPLETED ERRORS
WARNINGS CREATED SELECTOR
wordbackup-20220823035926 wordbackup Completed 2022-08-23 03:54:52
-0500 CDT 2022-08-23 03:54:58 -0500 CDT 0 0
2022-08-23 03:59:28 -0500 CDT <none>
Verification
Verify WordPress resources were restored.
[root@installer tmp] $ oc get pods,pvc,routes -n test-word
NAME READY STATUS
RESTARTS AGE
pod/wordpress-85fcfb7db6-8gbmg 1/1 Running 0 35m
pod/wordpress-mysql-568dc68776-jtgs5 1/1 Running 0 35m
NAME STATUS VOLUME
CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/mysql-pv-claim Bound local-pv-c0254aba
279Gi RWO localstorageclass 35m
persistentvolumeclaim/wp-pv-claim Bound local-pv-4e4a3889
931Gi RWO localstorageclass 35m
NAME
HOST/PORT PATH SERVICES
PORT TERMINATION WILDCARD
route.route.openshift.io/wordpress-http
wordpress-http-default.apps.rhocp.tamil.local wordpress-http
80-tcp None