Backup and Restore Kubernetes Volumes with Velero Restic Integration

中文版： 使用Velero Restic集成备份及恢复Kubernetes数据卷 – Frank’s Weblog

I built a Kubernetes cluster using OpenEBS as the storage backend. I selected Jiva as the storage engine, Jiva is a high-available storage controller, data is replicated to all nodes. To ensure the safety of the data, I used Velero and its Restic integration to backup the volumes to AWS S3.

Install

To install Velero CLI on your computer, see Velero Docs – Basic Install for install instructions.

Prepare the kubeconfig. The kubeconfig should be placed in .kube/config and make sure kubectl get pod returns the correct result.

Create an AWS credentials file with the following format, this credential should have access to the s3 bucket you provide below, note down the path to the file.

[default]
aws_access_key_id=<AWS_ACCESS_KEY_ID>
aws_secret_access_key=<AWS_SECRET_ACCESS_KEY>

Install Velero to Kubernetes cluster

velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.5.0 \
--bucket velero \
--secret-file /path/to/aws/cred/file \
--use-volume-snapshots false \
--use-restic \
--backup-location-config region=us-east-1

Backup and Restore

To run a single backup

velero backup create BACKUP_NAME \
  --include-namespaces default \
  --default-volumes-to-restic

To create a backup schedule

velero schedule create SCHEDULE_NAME \
  --include-namespaces default \
  --default-volumes-to-restic \
  --schedule="@every 1h"

For more backup options, see Velero Docs – Restic Integration

To restore from a backup

velero restore create --from-backup BACKUP_NAME

Export/Dump Backed up Files

Sometimes restoring directly to the Kubernetes cluster doesn’t work for us. In this case, we can dump the files directly from the backup repository. Since Velero doesn’t provide this functionality in its CLI, we need to use Restic CLI.

Install the Restic CLI

Installation — restic 0.14.0 documentation

Get the snapshot ID, the default password is static-passw0rd

restic snapshots -r s3:s3-us-east-1.amazonaws.com/(backup-bucket)/restic/default

It returns the list of snapshots. Note down the snapshot ID that you’d like to export.

ed17cb1b  2022-08-28 00:00:00  velero      backup=(redacted),backup-uid=(redacted),ns=default,pod=(redacted),pod-uid=(redacted),volume=etc-gitlab-runner                                                          /host_pods/(redacted)/volumes/kubernetes.io~empty-dir/etc-gitlab-runner

You can use ls command to list the files in the snapshot.

restic ls -r s3:s3-us-east-1.amazonaws.com/(backup-bucket)/restic/default ed17cb1b

Dump the files in an archive.

restic dump -a tar -r s3:s3-us-east-1.amazonaws.com/(backup-bucket)/restic/default 4e68ea11 / > ./dump.tar

References

[1] Velero Docs – Run Velero on AWS

[2] Backup and Restore Stateful Workloads using Velero and Restic | James McLeod

[3] Velero Docs – Restic Integration