Velero 云原生备份

云原生备份约 1071 字大约 4 分钟

Velero 云原生的灾难恢复和迁移工具,可将集群中的数据,备份到对象存储中(本地使用minio),在需要的时候进行恢复,也可以用来做集群环境的迁移

工作流程

How Velero Worksopen in new window

官方图
官方图

velero 主要包含两部分

  • 部署在集群上的服务端
  • 部署在管控机的客户端

备份流程

  • 客户端发送指令,如 velero backup create test-backup
  • 调用 Kubernetes API 服务器来创建一个 Backup 对象。
  • BackupController 通知新对象Backup 开始备份过程。
  • BackupController 开始备份过程。查询 API 资源来收集备份数据。
  • BackupController 调用对象存储服务(如 AWS S3)上传备份文件。

velero 特性

  • 集群数据备份和恢复
  • 迁移集群的资源到其他集群
  • 将生产集群复制到开发和测试集群

存储支持

BackupStorageLocation: 用来定义 Kubernetes 集群资源的数据存放位置,也就是集群对象数据,不是 PVC 的数据。主要支持的后端存储是 S3 兼容的存储,比如:Mino 和阿里云 OSS 等。

VolumeSnapshotLocation: 主要用来给 PV 做快照,需要云提供商提供插件。阿里云已经提供了插件,这个需要使用 CSI 等存储机制。你也可以使用专门的备份工具 Restic,把 PV 数据备份到阿里云 OSS 中去(安装时需要自定义选项)。

Restic 是一款 GO 语言开发的数据加密备份工具,支持的仓库有 Local、SFTP、Aws S3、Minio、OpenStack Swift、Backblaze B2、Azure BS、Google Cloud storage、Rest Server。

项目地址:https://github.com/restic/resticopen in new window

前置准备

集群(兼容)信息

兼容列表open in new window

❯ kubectl version --output json
{
  "clientVersion": {
    "major": "1",
    "minor": "24",
    "gitVersion": "v1.24.2",
    "gitCommit": "f66044f4361b9f1f96f0053dd46cb7dce5e990a8",
    "gitTreeState": "clean",
    "buildDate": "2022-06-15T14:22:29Z",
    "goVersion": "go1.18.3",
    "compiler": "gc",
    "platform": "darwin/arm64"
  },
  "kustomizeVersion": "v4.5.4",
  "serverVersion": {
    "major": "1",
    "minor": "24",
    "gitVersion": "v1.24.4",
    "gitCommit": "95ee5ab382d64cfe6c28967f36b53970b8374491",
    "gitTreeState": "clean",
    "buildDate": "2022-08-17T18:47:37Z",
    "goVersion": "go1.18.5",
    "compiler": "gc",
    "platform": "linux/amd64"
  }
}

安装velero 客户端

方式一 macos

brew install velero

方式二

git releases pageopen in new window

tar -xvf <RELEASE-TARBALL-NAME>.tar.gz

安装minio

创建bucket

web界面或其他方式

mc mb local/velero

安装velero 服务端

minio凭证

cat > .credentials-velero <<EOF
[default]
aws_access_key_id = username
aws_secret_access_key = password
EOF

helm chartopen in new window

helm repo add vmware-tanzu https://vmware-tanzu.github.io/helm-charts

helm repo update

helm install velero vmware-tanzu/velero \
--namespace velero \
--create-namespace \
--set-file credentials.secretContents.cloud=./credentials-velero \
--set configuration.backupStorageLocation[0].name=default \
--set configuration.backupStorageLocation[0].provider=aws \
--set configuration.backupStorageLocation[0].bucket=velero \
--set configuration.backupStorageLocation[0].config.region=minio \
--set configuration.backupStorageLocation[0].config.s3ForcePathStyle=true \
--set configuration.backupStorageLocation[0].config.s3Url=http://jkstack-minio.middleware.svc.cluster.local:9000 \
--set configuration.defaultVolumesToFsBackup=true \
--set snapshotsEnabled=false \
--set deployNodeAgent=true \
--set initContainers[0].name=velero-plugin-for-aws \
--set initContainers[0].image=velero/velero-plugin-for-aws:latest \
--set initContainers[0].imagePullPolicy=IfNotPresent \
--set initContainers[0].volumeMounts[0].mountPath=/target \
--set initContainers[0].volumeMounts[0].name=plugins

客户端已连上服务端,并查询和返回了版本信息

❯ velero version
Client:
	Version: v1.10.0
	Git commit: -
Server:
	Version: v1.11.1
# WARNING: the client version does not match the server version. Please update client

备份

官方示例open in new window

备份参考open in new window

新建了个mysql,并创建了个db

创建备份


❯ velero backup create mysql-backup --include-namespaces velero-mysql --wait

Backup request "mysql-backup" submitted successfully.
Waiting for backup to complete. You may safely press ctrl-c to stop waiting - your backup will continue in the background.
.......
Backup completed with status: Finalizing. You may check for more information using the commands `velero backup describe mysql-backup` and `velero backup logs mysql-backup`.

模拟故障

直接把服务删除了

❯ helm uninstall velero-mysql -n velero-mysql

恢复备份

❯ velero restore create --from-backup mysql-backup --wait

Restore request "mysql-backup-20230811165240" submitted successfully.
Waiting for restore to complete. You may safely press ctrl-c to stop waiting - your restore will continue in the background.
......................................................
Restore completed with status: Completed. You may check for more information using the commands `velero restore describe mysql-backup-20230811165240` and `velero restore logs mysql-backup-20230811165240`.

恢复成功,数据库仍在。

删除备份

❯ velero backup get

NAME           STATUS      ERRORS   WARNINGS   CREATED                         EXPIRES   STORAGE LOCATION   SELECTOR
mysql-backup   Completed   0        0          2023-08-11 16:29:53 +0800 CST   29d       default            <none>

❯ velero backup delete mysql-backup

Are you sure you want to continue (Y/N)? y
Request to delete backup "mysql-backup" submitted successfully.
The backup will be fully deleted after all associated data (disk snapshots, backup files, restores) are removed.

❯

定时备份

# Create a backup every 6 hours
velero create schedule NAME --schedule="0 */6 * * *"
# every day or weekly
velero schedule create NAME --schedule="30 09 * * *"
velero schedule create NAME --schedule="30 10 * * 0" --include-cluster-resources=true

velero schedule create NAME --include-namespaces NS --schedule "0 8 * * *"