k8s velero 备份与回复

一 环境准备

1.下载velero，我用的是1.8.1

Releases · vmware-tanzu/velero · GitHubBackup and migrate Kubernetes applications and their persistent volumes - Releases · vmware-tanzu/velerohttps://github.com/vmware-tanzu/velero/releases

2.解压

tar -xf velero-v1.8.1-linux-amd64.tar.gz -C /usr/local

ln -s /usr/local/velero-v1.8.1-linux-amd64/velero /usr/bin/velero

ln -s /usr/local/velero-v1.8.1-linux-amd64/velero /usr/lcoal/bin/velero

二 安装minio

1.创建minio凭证

tee /tmp/credentials-velero <<'EOF'
[default]
aws_access_key_id = minio
aws_secret_access_key = minio123
EOF

2.编辑minio的yaml文件，/usr/local/velero-v1.8.1-linux-amd64/examples/minio/00-minio-deployment.yaml

注：需要增加 console-address 否则不能访问minio，并且它的端口也要通过nodeport暴漏出去，具体的可以根据下面的文件对比进行配置

# Copyright 2017 the Velero contributors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

---
apiVersion: v1
kind: Namespace
metadata:
  name: velero

---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: velero
  name: minio
  labels:
    component: minio
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      component: minio
  template:
    metadata:
      labels:
        component: minio
    spec:
      volumes:
      - name: storage
        emptyDir: {}
      - name: config
        emptyDir: {}
      containers:
      - name: minio
        image: minio/minio:latest
        imagePullPolicy: IfNotPresent
        args:
        - server
        - /storage
        - --config-dir=/config
        - --console-address
        - ":30605"
        env:
        - name: MINIO_ACCESS_KEY
          value: "minio"
        - name: MINIO_SECRET_KEY
          value: "minio123"
        ports:
        - name: web
          containerPort: 9000
        - name: console
          containerPort: 30605
        volumeMounts:
        - name: storage
          mountPath: "/storage"
        - name: config
          mountPath: "/config"

---
apiVersion: v1
kind: Service
metadata:
  namespace: velero
  name: minio
  labels:
    component: minio
spec:
  # ClusterIP is recommended for production environments.
  # Change to NodePort if needed per documentation,
  # but only if you run Minio in a test/trial environment, for example with Minikube.
  type: NodePort
  ports:
    - name: web      
      port: 9000
      targetPort: 9000
      nodePort: 30090
      protocol: TCP
    - name: console
      port: 30605
      targetPort: 30605
      nodePort: 30605
      protocol: TCP
  selector:
    component: minio

---
apiVersion: batch/v1
kind: Job
metadata:
  namespace: velero
  name: minio-setup
  labels:
    component: minio
spec:
  template:
    metadata:
      name: minio-setup
    spec:
      restartPolicy: OnFailure
      volumes:
      - name: config
        emptyDir: {}
      containers:
      - name: mc
        image: minio/mc:latest
        imagePullPolicy: IfNotPresent
        command:
        - /bin/sh
        - -c
        - "mc --config-dir=/config config host add velero http://minio:9000 minio minio123 && mc --config-dir=/config mb -p velero/velero"
        volumeMounts:
        - name: config
          mountPath: "/config"

3.部署minio

kubectl apply -f 00-minio-deployment.yaml

并 查看 svc

kubectl get svc -n velero

 4.访问minio

http://192.168.3.241:30090

并输入账号密码 minio minio123

 5.安装velero客户端

velero install \
  --image velero/velero:v1.8.1 \
  --provider aws \
  --bucket velero \
  --namespace velero \
  --plugins velero/velero-plugin-for-aws:v1.2.0 \
  --secret-file ./credentials-velero \
  --velero-pod-cpu-request 200m \
  --velero-pod-mem-request 200Mi \
  --velero-pod-cpu-limit 1000m \
  --velero-pod-mem-limit 1000Mi \
  --use-volume-snapshots=false \
  --use-restic \
  --restic-pod-cpu-request 200m \
  --restic-pod-mem-request 200Mi \
  --restic-pod-cpu-limit 1000m \
  --restic-pod-mem-limit 1000Mi \
  --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://192.168.3.241:30090

s3Url = 刚搭建的minio server

6.查看velero所有的服务 

7.至此安装velero成功

 这块版本要一致不一致会提示你警告

 三 备份不带pvc的服务

1.可以用velero里面的 nginx做测试

cd /usr/local/velero-v1.8.1-linux-amd64/examples/nginx-app

kubectl apply -f base.yaml

2.执行下面的命令备份

备份的方式由很多种

1.根据selector选择器

velero backup create nginx-backup --selector app=nginx

2.根据命名空间

velero backup create nginx-backup --include-namespaces nginx-example

3.其它还有比如加入定时等等，可以在晚上查询下api

4.获取备份的数据

velero backup get

 

3. 通过minio查看备份的数据

4.备份恢复

1.先删除现有的namespace

kubeclt delete ns nginx-example

2.执行恢复命令

 velero restore create --from-backup nginx-backup

3.查看服务是否正常

kubectl get pod -n nginx-example 

四 备份带pvc的服务

1.以mysql举例，可以通过这个下载yaml文件进行安装

https://download.csdn.net/download/liudongyang123/85123519https://download.csdn.net/download/liudongyang123/85123519 2.利用restic对pvc进行备份，需要给pod加上注解

kubectl -n {namespace} annotate pod {podname} backup.velero.io/backup-volumes={volumes}

namespace：命名空间

podname：mysql pod的名称

volumes：卷名称

 

3.执行备份命令

 velero backup create mysql-pvc-backup --snapshot-volumes --include-namespaces mysql

4.删除mysql

kubectl delete ns mysql 

5.恢复

 velero restore create --from-backup mysql-pvc-backup --restore-volumes