[velero] install

zzery·2023년 4월 20일
zzerym

일지(2022~2024)

목록 보기
23/25

velero는 스토리지 기반 쿠버네티스 리소스 백업을 쉽게 해주는 오픈소스다.
쿠버네티스에서 한정된 범위를 백업하거나, DB관련 리소스 백업에 주로 사용되고 있다.

로컬 스토리지 설치 - minio

로컬이어도 스토리지가 필요하기에 minio를 설치한다.

helm repo add minio https://charts.min.io/
helm repo update

# minio.yaml
replicas: 4
accessKey: minioalex
secretKey: minio123
persistence:
  enabled: false
resources:
  requests:
    memory: 1Gi
service:
  type: ClusterIP
consoleService:
  type: LoadBalancer
    

helm upgrade -i minio -f ./minio.yaml minio/minio -n minio

velero 설치

velero도 자체 CLI가 있다. 이번엔 빠른 설치를 위해 CLI로만 했지만 velero도 커스텀 컨트롤러 기반 오픈소스다.

❯ brew install velero

# velero-cr  <- 파일의 아래 두 값은 minio 웹콘솔에서 확인한다.
[default]
aws_access_key_id=???
aws_secret_access_key=???
# ---


velero install \
    --provider aws \
    --plugins velero/velero-plugin-for-aws:v1.0.0 \
    --bucket velero \
    --secret-file ./velero-cr \
    --use-volume-snapshots=false \
    --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://minio.minio:9000

CustomResourceDefinition/backups.velero.io: attempting to create resource
CustomResourceDefinition/backups.velero.io: attempting to create resource client
CustomResourceDefinition/backups.velero.io: created
CustomResourceDefinition/backupstoragelocations.velero.io: attempting to create resource
CustomResourceDefinition/backupstoragelocations.velero.io: attempting to create resource client
CustomResourceDefinition/backupstoragelocations.velero.io: created
CustomResourceDefinition/deletebackuprequests.velero.io: attempting to create resource
CustomResourceDefinition/deletebackuprequests.velero.io: attempting to create resource client
CustomResourceDefinition/deletebackuprequests.velero.io: created
CustomResourceDefinition/downloadrequests.velero.io: attempting to create resource
CustomResourceDefinition/downloadrequests.velero.io: attempting to create resource client
CustomResourceDefinition/downloadrequests.velero.io: created
CustomResourceDefinition/podvolumebackups.velero.io: attempting to create resource
CustomResourceDefinition/podvolumebackups.velero.io: attempting to create resource client
CustomResourceDefinition/podvolumebackups.velero.io: created
CustomResourceDefinition/podvolumerestores.velero.io: attempting to create resource
CustomResourceDefinition/podvolumerestores.velero.io: attempting to create resource client
CustomResourceDefinition/podvolumerestores.velero.io: created
CustomResourceDefinition/resticrepositories.velero.io: attempting to create resource
CustomResourceDefinition/resticrepositories.velero.io: attempting to create resource client
CustomResourceDefinition/resticrepositories.velero.io: created
CustomResourceDefinition/restores.velero.io: attempting to create resource
CustomResourceDefinition/restores.velero.io: attempting to create resource client
CustomResourceDefinition/restores.velero.io: created
CustomResourceDefinition/schedules.velero.io: attempting to create resource
CustomResourceDefinition/schedules.velero.io: attempting to create resource client
CustomResourceDefinition/schedules.velero.io: created
CustomResourceDefinition/serverstatusrequests.velero.io: attempting to create resource
CustomResourceDefinition/serverstatusrequests.velero.io: attempting to create resource client
CustomResourceDefinition/serverstatusrequests.velero.io: created
CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting to create resource
CustomResourceDefinition/volumesnapshotlocations.velero.io: attempting to create resource client
CustomResourceDefinition/volumesnapshotlocations.velero.io: created
Waiting for resources to be ready in cluster...
Namespace/velero: attempting to create resource
Namespace/velero: attempting to create resource client
Namespace/velero: already exists, proceeding
Namespace/velero: created
ClusterRoleBinding/velero: attempting to create resource
ClusterRoleBinding/velero: attempting to create resource client
ClusterRoleBinding/velero: created
ServiceAccount/velero: attempting to create resource
ServiceAccount/velero: attempting to create resource client
ServiceAccount/velero: created
Secret/cloud-credentials: attempting to create resource
Secret/cloud-credentials: attempting to create resource client
Secret/cloud-credentials: created
BackupStorageLocation/default: attempting to create resource
BackupStorageLocation/default: attempting to create resource client
BackupStorageLocation/default: created
Deployment/velero: attempting to create resource
Deployment/velero: attempting to create resource client
Deployment/velero: created
Velero is installed! ⛵ Use 'kubectl logs deployment/velero -n velero' to view the status.

백업 테스트

❯ velero backup get
# nothing

❯ k run nginx --image nginx
pod/nginx created

❯ velero backup create test-bk --include-namespaces=default
Backup request "test-bk" submitted successfully.
Run `velero backup describe test-bk` or `velero backup logs test-bk` for more details.

# ---
apiVersion: velero.io/v1
kind: Backup
metadata:
  annotations:
    velero.io/source-cluster-k8s-gitversion: v1.22.5
    velero.io/source-cluster-k8s-major-version: "1"
    velero.io/source-cluster-k8s-minor-version: "22"
  creationTimestamp: "2023-04-20T17:50:06Z"
  generation: 5
  labels:
    velero.io/storage-location: default
  name: test-bk
  namespace: velero
  resourceVersion: "28760"
  uid: 4a685414-4f82-4477-8ab8-8040b8090788
spec:
  defaultVolumesToRestic: false
  hooks: {}
  includedNamespaces:
  - default
  metadata: {}
  storageLocation: default
  ttl: 720h0m0s
status:
  completionTimestamp: "2023-04-20T17:50:07Z"
  expiration: "2023-05-20T17:50:06Z"
  formatVersion: 1.1.0
  phase: Completed
  progress:
    itemsBackedUp: 13
    totalItems: 13
  startTimestamp: "2023-04-20T17:50:06Z"
  version: 1
# ---

백업 결과 확인

minio 웹콘솔에서 확인 가능하다.

별개로 신기한 점은 backup 리소스를 지워도 곧 다시 생긴다. 이건 나중에 구조 추가로 볼 예정.

restore 테스트

❯ k get po
No resources found in default namespace.

❯ velero restore get
# nothing

❯ velero restore create test-bk --from-backup test-bk
Restore request "test-bk" submitted successfully.
Run `velero restore describe test-bk` or `velero restore logs test-bk` for more details.

# 다시 생김
❯ k get po -o wide
NAME    READY   STATUS    RESTARTS   AGE   IP           NODE             NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          32s   10.1.6.197   docker-desktop   <none>           <none>

#---
apiVersion: velero.io/v1
kind: Restore
metadata:
  creationTimestamp: "2023-04-20T17:55:13Z"
  generation: 4
  name: test-bk
  namespace: velero
  resourceVersion: "29169"
  uid: 510940d1-efb4-4e60-a79c-564dea9811d7
spec:
  backupName: test-bk
  excludedResources:
  - nodes
  - events
  - events.events.k8s.io
  - backups.velero.io
  - restores.velero.io
  - resticrepositories.velero.io
  hooks: {}
  includedNamespaces:
  - '*'
status:
  completionTimestamp: "2023-04-20T17:55:13Z"
  phase: Completed
  progress:
    itemsRestored: 7
    totalItems: 7
  startTimestamp: "2023-04-20T17:55:13Z"
  warnings: 1
# ---

# 2차 백업
❯ k get po -o wide
NAME    READY   STATUS    RESTARTS   AGE   IP           NODE             NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          16s   10.1.6.198   docker-desktop   <none>           <none>

정리

더 봐야겠지만 다른 백업 방안과 비교해서 장점은
설치 후엔 백업 관리가 쉽다, 백업 범위를 한정짓기 편하다.
이 두개인 것 같다.

스토리지 기반이라 스토리지 자체에 문제가 생길 경우도 고려해야하고
cluster API 백업하려다 찾게된 오픈소스인데 리소스별 status 파트 백업이 안되는게 제일 걸린다.
내 경우 status가 백업이 안되면 의미가 없기 때문이다...

참고

profile
zzery
이 블로그의 모든 글은 수제로 짜여져 있습니다...
이전 포스트

[helm] 샘플 차트 만들기

다음 포스트

SIG-Multicluster 그리고 Karmada

0개의 댓글