Introduction
In modern cloud-native environments, ensuring data protection and disaster recovery is crucial. Kubernetes does not natively offer a comprehensive backup and restore solution, making it necessary to integrate third-party tools. Velero is an open-source tool that enables backup, restoration, and migration of Kubernetes applications and persistent volumes. In this blog post, we will explore setting up Velero on a Kubernetes cluster with MinIO as the storage backend, automating backups, and restoring applications when needed.
Prerequisites
- A running Kubernetes cluster (Minikube, RKE2, or self-managed cluster)
- kubectl installed and configured
- Helm installed for package management
- MinIO deployed as an object storage backend
- Velero CLI installed
Step 1: Deploy MinIO as the Backup Storage
MinIO is a high-performance, S3-compatible object storage server, ideal for Kubernetes environments. We will deploy MinIO in the velero namespace.
Deploy MinIO with Persistent Storage
apiVersion: v1
kind: Namespace
metadata:
name: velero
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: minio
namespace: velero
spec:
replicas: 1
selector:
matchLabels:
app: minio
template:
metadata:
labels:
app: minio
spec:
containers:
- name: minio
image: minio/minio
args:
- server
- /data
- --console-address=:9001
env:
- name: MINIO_ROOT_USER
value: "minioadmin"
- name: MINIO_ROOT_PASSWORD
value: "minioadmin"
ports:
- containerPort: 9000
- containerPort: 9001
volumeMounts:
- name: minio-storage
mountPath: /data
volumes:
- name: minio-storage
persistentVolumeClaim:
claimName: minio-pvc
---
apiVersion: v1
kind: Service
metadata:
name: minio
namespace: velero
spec:
ports:
- port: 9000
targetPort: 9000
name: api
- port: 9001
targetPort: 9001
name: console
selector: app: minio
Create Persistent Volume for MinIO
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: minio-pvc
namespace: velero
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
Apply the configurations:
kubectl apply -f minio.yaml
Step 2: Install Velero
We will install Velero using Helm and configure it to use MinIO as a storage backend.
Add Helm Repository and Install Velero
helm repo add vmware-tanzu https://vmware-tanzu.github.io/helm-charts
helm repo update
helm install velero vmware-tanzu/velero --namespace velero \
--set configuration.provider=aws \
--set configuration.backupStorageLocation.name=default \
--set configuration.backupStorageLocation.bucket=velero-backup \
--set configuration.backupStorageLocation.config.s3Url=http://minio.velero.svc.cluster.local:9000 \
--set configuration.volumeSnapshotLocation.name=default
Step 3: Configure Credentials for Velero
Velero needs credentials to interact with MinIO. We create a Kubernetes secret for this purpose.
apiVersion: v1
kind: Secret
metadata:
name: cloud-credentials
namespace: velero
data:
credentials-velero: W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkPW1pbmlvYWRtaW4KYXdzX3NlY3JldF9hY2Nlc3Nfa2tleT1taW5pb2FkbWluCg==
type: Opaque
Apply the secret:
kubectl apply -f credentials.yaml
Restart Velero for the changes to take effect:
kubectl delete pod -n velero -l app.kubernetes.io/name=velero
Step 4: Create a Backup
We now create a backup of a sample namespace.
velero backup create my-backup --include-namespaces=default
To check the backup status:
velero backup get
Step 5: Restore from Backup
In case of failure, we can restore our applications using:
velero restore create --from-backup my-backup
To check the restore status:
velero restore get
Step 6: Automate Backups with a Schedule
To automate backups every 12 hours:
velero schedule create daily-backup --schedule "0 */12 * * *"
To list scheduled backups:
velero schedule get
Conclusion
By implementing Velero with MinIO, we have built a complete backup and disaster recovery solution for Kubernetes applications. This setup allows us to automate backups, perform point-in-time recovery, and ensure data protection. In real-world scenarios, it is recommended to:
- Secure MinIO with external authentication
- Store backups in an off-cluster storage location
- Regularly test restoration procedures
By integrating Velero into your Kubernetes environment, you enhance resilience and minimize data loss risks. Start implementing backups today to safeguard your critical applications!
Stay tuned for more Kubernetes insights! If you have any issues? Let’s discuss in the comments!
