Velero(以前称为 Heptio Ark)是一个开源工具,可以安全地备份和还原,执行灾难恢复以及迁移 Kubernetes 集群资源和持久卷。 Velero可以部署Kubenetes集群中,可用于如下场景:
-
• 备份集群资源并在丢失的情况下进行还原
-
• 将集群资源迁移到其他集群
-
• 将生产集群资源复制到开发和测试集群
Velero 包含运行在集群中的服务端软件和一个命令行的客户端
1. 安装 Velero
1.1 安装Velero客户端
Velero下载
wget -cN https://github.com/vmware-tanzu/velero/releases/download/v1.7.0/velero-v1.7.0-linux-amd64.tar.gz
部署
tar -zxvf velero-v1.7.0-linux-amd64.tar.gz
cp -p velero-v1.7.0-linux-amd64/velero /usr/bin/
安装命令补全
yum install -y bash-completion
echo 'source <(velero completion bash)' >>/etc/profile
source /etc/profile
1.2 安装服务端软件到集群中
1.2.1 配置kubectl访问Kubernetes集群
velero 命令默认读取kubectl配置的集群上下文,所以我们先配置 kubectl 对 kubernetes 集群的访问 [备注] Velero 也支持--kubeconfig参数和KUBECONFIG环境变量
1.2.2 准备秘钥文件
mkdir -p /opt/velero
vim /opt/velero/credentials-velero
[default]
aws_access_key_id = minioadmin
aws_secret_access_key = minioadmin
1.2.3 执行安装程序
velero install \
--provider aws \
--image {镜像仓库地址}/velero:v1.7.0 \
--plugins {镜像仓库地址}/velero/velero-plugin-for-aws:v1.2.1 \
--bucket fcloud-sc \
--use-restic \
--secret-file /opt/velero/credentials-velero \
--use-volume-snapshots=false \
--backup-location-config region=cn-northeast-204,s3ForcePathStyle="true",s3Url={对象存储访问地址}
[检查安装状态]
kubectl logs deployment/velero -n velero
参数说明
-
• --provider: 声明使用的 Velero 插件类型,MINIO提供为aws
-
• --bucket: MINIO对象存储中的桶,需提前创建
-
• --secret-file: 提供访问MINIO的访问秘钥
-
• --use-volume-snapshots=true: 是否使用kubernetes的卷快照功能
-
• --use-restic: 使用开源免费备份工具restic备份和还原持久卷数据
-
• --backup-location-config: 备份bucket的一些配置
-
• --prefix: 备份存储在 QingStor bucket 中的前缀,相当于指定备份存放在bucket的目录
-
• --plugins: 使用的 Velero 插件,我们使用AWS S3兼容插件和CSI插件
-
• --feature=EnableCSI: 安装Velero中CSI的支持
-
• s3Url:MINIO对象存储API地址
Velero 支持对持久卷以建立快照的方式备份,也支持使用restic将持久卷里的文件备份到对象存储
1.3 执行备份与恢复操作
[使用案例]
1.3.1 执行备份
参数说明:
-
•
--ttl
(在ttl超时后,backup会被定期清理,ttl默认30天),可用单位h、m、s -
•
--include-namespaces
选项可以指定备份某些命名空间下面的资源 -
•
--exclude-namespaces
选项可以指定备份排除某些命名空间下面的资源 -
•
--include-resources
选项可以指定备份哪些资源类型--exclude-resources
可以指定排除某些资源类型 -
• 备份集群的所有资源
velero backup create cluster-all-resource
-
• 备份集群所有资源,并指定有效期为10天
velero backup create cluster-all-resource-10-day --ttl 240h
-
• 匹配满足条件的标签备份所有资源
velero backup create nginx-backup --selector app=nginx
-
• 指定命名空间备份
velero create backup namespaces-backup --include-namespaces kube-system,default
-
• 备份指定namespace之外的所有namespace
velero backup create exclude-namespace-default --exclude-namespaces default
-
• 按照资源类型备份
velero backup create resource-backup-cluster --include-resources pod,secret,configmap
-
• 备份包括PV数据的方法
velero create backup nacos-backup --selector app=nacos --default-volumes-to-restic
[说明]
--default-volumes-to-restic
参数会将PV中数据同步备份
-
• 备份排除指定标签外的所有资源
velero backup create except-label --selector 'backup notin (ignore)'
-
• 指定执行备份匹配标签的对象
velero schedule create custome-time-backup --schedule="1 0 * * *" --selector app=nginx
-
• 每隔一分钟执行备份
velero schedule create backup-1-m --schedule="@every 1m" --selector app=nginx
-
• 每隔10秒执行备份
velero schedule create backup-10-s --schedule="@every 10s" --selector app=nginx
-
• 每隔一小时执行备份
velero schedule create backup-10-s --schedule="@every 1h" --selector app=nginx
-
• 每隔一天执行备份
velero schedule create nginx-daily-backup --schedule="@daily" --selector app=nginx
1.3.2 查看备份信息
-
• 查看备份目录
velero get backup-locations
NAME PROVIDER BUCKET/PREFIX PHASE LAST VALIDATED ACCESS MODE DEFAULT
default aws velero Available 2021-11-17 18:44:57 +0800 CST ReadWrite true
-
• 查看所有备份清单信息
velero get backup
NAME STATUS ERRORS WARNINGS CREATED EXPIRES STORAGE LOCATION SELECTOR
backup-all Completed 0 0 2021-11-17 16:34:04 +0800 CST 29d default backup notin (ignore)
backup-all-1-m-20211117104612 Completed 0 0 2021-11-17 18:46:21 +0800 CST 29d default <none>
backup-all-1-m-20211117104512 Completed 0 0 2021-11-17 18:45:17 +0800 CST 29d default <none>
backup-all-1-m-20211117104412 Completed 0 0 2021-11-17 18:44:17 +0800 CST 29d default <none>
backup-all-1-m-20211117104312 Completed 0 0 2021-11-17 18:43:17 +0800 CST 29d default <none>
backup-all-1-m-20211117104212 Completed 0 0 2021-11-17 18:42:23 +0800 CST 29d default <none>
backup-all-1-m-20211117104109 Completed 0 0 2021-11-17 18:41:17 +0800 CST 29d default <none>
backup-all-1-m-20211117104008 Completed 0 0 2021-11-17 18:40:08 +0800 CST 29d default <none>
backup-all-1-m-20211117103908 Completed 0 0 2021-11-17 18:39:08 +0800 CST 29d default <none>
backup-all-1-m-20211117103808 Completed 0 0 2021-11-17 18:38:17 +0800 CST 29d default <none>
backup-all-1-m-20211117103708 Completed 0 0 2021-11-17 18:37:08 +0800 CST 29d default <none>
backup-all-1-m-20211117103608 Completed 0 0 2021-11-17 18:36:08 +0800 CST 29d default <none>
backup-all-1-m-20211117103508 Completed 0 0 2021-11-17 18:35:08 +0800 CST 29d default <none>
backup-all-1-m-20211117103408 Completed 0 0 2021-11-17 18:34:08 +0800 CST 29d default <none>
-
• 查看指定备份
velero backup get cluster-all-resource-10-day
NAME STATUS ERRORS WARNINGS CREATED EXPIRES STORAGE LOCATION SELECTOR
cluster-all-resource-10-day Completed 0 0 2021-11-18 10:26:40 +0800 CST 9d default <none>
-
• 查看backup的详细信息,带上detail可以查看备份的资源内容
velero backup describe cluster-all-resource-10-day --details
Name: cluster-all-resource-10-day
Namespace: velero
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.21.5
velero.io/source-cluster-k8s-major-version=1
velero.io/source-cluster-k8s-minor-version=21
Phase: Completed
Errors: 0
Warnings: 0
Namespaces:
Included: *
Excluded: <none>
Resources:
Included: *
Excluded: <none>
Cluster-scoped: auto
Label selector: <none>
Storage Location: default
Velero-Native Snapshot PVs: auto
TTL: 240h0m0s
Hooks: <none>
Backup Format Version: 1.1.0
Started: 2021-11-18 10:26:40 +0800 CST
Completed: 2021-11-18 10:26:49 +0800 CST
Expiration: 2021-11-28 10:26:40 +0800 CST
Total items to be backed up: 774
Items backed up: 774
Resource List:
apiextensions.k8s.io/v1/CustomResourceDefinition:
- backups.velero.io
- backupstoragelocations.velero.io
- bgpconfigurations.crd.projectcalico.org
- bgppeers.crd.projectcalico.org
- blockaffinities.crd.projectcalico.org
- clusterinformations.crd.projectcalico.org
- deletebackuprequests.velero.io
- downloadrequests.velero.io
- felixconfigurations.crd.projectcalico.org
- globalnetworkpolicies.crd.projectcalico.org
- globalnetworksets.crd.projectcalico.org
- hostendpoints.crd.projectcalico.org
- ipamblocks.crd.projectcalico.org
- ipamconfigs.crd.projectcalico.org
- ipamhandles.crd.projectcalico.org
- ippools.crd.projectcalico.org
- kubecontrollersconfigurations.crd.projectcalico.org
- networkpolicies.crd.projectcalico.org
- networksets.crd.projectcalico.org
- podvolumebackups.velero.io
- podvolumerestores.velero.io
- resticrepositories.velero.io
- restores.velero.io
- schedules.velero.io
- serverstatusrequests.velero.io
- volumesnapshotlocations.velero.io
apiregistration.k8s.io/v1/APIService:
- v1.
- v1.admissionregistration.k8s.io
- v1.apiextensions.k8s.io
- v1.apps
- v1.authentication.k8s.io
- v1.authorization.k8s.io
- v1.autoscaling
- v1.batch
- v1.certificates.k8s.io
- v1.coordination.k8s.io
- v1.crd.projectcalico.org
- v1.discovery.k8s.io
- v1.events.k8s.io
- v1.networking.k8s.io
- v1.node.k8s.io
- v1.policy
- v1.rbac.authorization.k8s.io
- v1.scheduling.k8s.io
- v1.storage.k8s.io
- v1.velero.io
- v1beta1.admissionregistration.k8s.io
- v1beta1.apiextensions.k8s.io
- v1beta1.authentication.k8s.io
- v1beta1.authorization.k8s.io
- v1beta1.batch
- v1beta1.certificates.k8s.io
- v1beta1.coordination.k8s.io
- v1beta1.discovery.k8s.io
- v1beta1.events.k8s.io
- v1beta1.extensions
- v1beta1.flowcontrol.apiserver.k8s.io
- v1beta1.networking.k8s.io
- v1beta1.node.k8s.io
- v1beta1.policy
- v1beta1.rbac.authorization.k8s.io
- v1beta1.scheduling.k8s.io
- v1beta1.storage.k8s.io
- v2beta1.autoscaling
- v2beta2.autoscaling
apps/v1/ControllerRevision:
- kube-system/calico-node-7d87c4c87d
- kube-system/kube-proxy-5ccdb8dc86
- kube-system/nodelocaldns-58f95f4df7
apps/v1/DaemonSet:
- kube-system/calico-node
- kube-system/kube-proxy
- kube-system/nodelocaldns
apps/v1/Deployment:
- kube-system/calico-kube-controllers
- kube-system/coredns
- kube-system/openebs-localpv-provisioner
- velero/velero
apps/v1/ReplicaSet:
- kube-system/calico-kube-controllers-846b5f484d
- kube-system/coredns-b5648d655
- kube-system/openebs-localpv-provisioner-5bfb67894
- nginx-example/nginx-deployment-57d5dcb68
- velero/velero-666dff5c96
coordination.k8s.io/v1/Lease:
- kube-node-lease/portlb-bird-server
- kube-system/kube-controller-manager
- kube-system/kube-scheduler
crd.projectcalico.org/v1/BlockAffinity:
- portlb-bird-server-10-233-118-0-24
crd.projectcalico.org/v1/ClusterInformation:
- default
crd.projectcalico.org/v1/FelixConfiguration:
- default
crd.projectcalico.org/v1/IPAMBlock:
- 10-233-118-0-24
crd.projectcalico.org/v1/IPAMHandle:
- ipip-tunnel-addr-portlb-bird-server
- k8s-pod-network.39fec2325367cfbc59fabe82a6492fdcb93a59c171fa6fd34c43bb5a7d6425bb
- k8s-pod-network.51a5f327459894bd1e426d108a5b44d714905c61c9932e6fea359354136fc0d6
- k8s-pod-network.5b6f67561d96a8ce2a0438eda8d137fb13d549a616c29aead82a44d494fdb1c6
- k8s-pod-network.7716e4e89d82fd8869d3dfdda054db247211d769ea448f50279d85c3f86f25f7
- k8s-pod-network.7fa1af505ac996bb2fa0003c4d4fa8c0cb553fab4b84b5306794e15b9d84dd27
- k8s-pod-network.91554fb749b2d3f85ce12e92f7afdc42727860c90cd762e926007ae3f820e425
- k8s-pod-network.a5b2dbe887e2bdc152ca337a87c1a24106b5ca608ce55f782a79b0507023b6eb
- k8s-pod-network.adf0e44e6443edbaafc5dffa3913d605af4ef24365065129c5a03873c4c40ddf
- k8s-pod-network.eab88d54fcf5a7d1eb032f8d6aa8c1ccef99202a85210b9ee5528e6788c517a5
crd.projectcalico.org/v1/IPPool:
- default-ipv4-ippool
crd.projectcalico.org/v1/KubeControllersConfiguration:
- default
discovery.k8s.io/v1/EndpointSlice:
- default/kubernetes
- kube-system/coredns-2fjtf
- nginx-example/my-nginx-6ljkr
flowcontrol.apiserver.k8s.io/v1beta1/FlowSchema:
- catch-all
- exempt
- global-default
- kube-controller-manager
- kube-scheduler
- kube-system-service-accounts
- probes
- service-accounts
- system-leader-election
- system-nodes
- workload-leader-election
flowcontrol.apiserver.k8s.io/v1beta1/PriorityLevelConfiguration:
- catch-all
- exempt
- global-default
- leader-election
- system
- workload-high
- workload-low
policy/v1/PodDisruptionBudget:
- kube-system/calico-kube-controllers
rbac.authorization.k8s.io/v1/ClusterRole:
- admin
- calico-kube-controllers
- calico-node
- cluster-admin
- devops-app
- edit
- ks-installer
- kubeadm:get-nodes
- openebs-maya-operator
- system:aggregate-to-admin
- system:aggregate-to-edit
- system:aggregate-to-view
- system:auth-delegator
- system:basic-user
- system:certificates.k8s.io:certificatesigningrequests:nodeclient
- system:certificates.k8s.io:certificatesigningrequests:selfnodeclient
- system:certificates.k8s.io:kube-apiserver-client-approver
- system:certificates.k8s.io:kube-apiserver-client-kubelet-approver
- system:certificates.k8s.io:kubelet-serving-approver
- system:certificates.k8s.io:legacy-unknown-approver
- system:controller:attachdetach-controller
- system:controller:certificate-controller
- system:controller:clusterrole-aggregation-controller
- system:controller:cronjob-controller
- system:controller:daemon-set-controller
- system:controller:deployment-controller
- system:controller:disruption-controller
- system:controller:endpoint-controller
- system:controller:endpointslice-controller
- system:controller:endpointslicemirroring-controller
- system:controller:ephemeral-volume-controller
- system:controller:expand-controller
- system:controller:generic-garbage-collector
- system:controller:horizontal-pod-autoscaler
- system:controller:job-controller
- system:controller:namespace-controller
- system:controller:node-controller
- system:controller:persistent-volume-binder
- system:controller:pod-garbage-collector
- system:controller:pv-protection-controller
- system:controller:pvc-protection-controller
- system:controller:replicaset-controller
- system:controller:replication-controller
- system:controller:resourcequota-controller
- system:controller:root-ca-cert-publisher
- system:controller:route-controller
- system:controller:service-account-controller
- system:controller:service-controller
- system:controller:statefulset-controller
- system:controller:ttl-after-finished-controller
- system:controller:ttl-controller
- system:coredns
- system:discovery
- system:heapster
- system:kube-aggregator
- system:kube-controller-manager
- system:kube-dns
- system:kube-scheduler
- system:kubelet-api-admin
- system:monitoring
- system:node
- system:node-bootstrapper
- system:node-problem-detector
- system:node-proxier
- system:persistent-volume-provisioner
- system:public-info-viewer
- system:service-account-issuer-discovery
- system:volume-scheduler
- view
rbac.authorization.k8s.io/v1/ClusterRoleBinding:
- calico-kube-controllers
- calico-node
- cluster-admin
- devops-app
- ks-installer
- kubeadm:get-nodes
- kubeadm:kubelet-bootstrap
- kubeadm:node-autoapprove-bootstrap
- kubeadm:node-autoapprove-certificate-rotation
- kubeadm:node-proxier
- openebs-maya-operator
- system:basic-user
- system:controller:attachdetach-controller
- system:controller:certificate-controller
- system:controller:clusterrole-aggregation-controller
- system:controller:cronjob-controller
- system:controller:daemon-set-controller
- system:controller:deployment-controller
- system:controller:disruption-controller
- system:controller:endpoint-controller
- system:controller:endpointslice-controller
- system:controller:endpointslicemirroring-controller
- system:controller:ephemeral-volume-controller
- system:controller:expand-controller
- system:controller:generic-garbage-collector
- system:controller:horizontal-pod-autoscaler
- system:controller:job-controller
- system:controller:namespace-controller
- system:controller:node-controller
- system:controller:persistent-volume-binder
- system:controller:pod-garbage-collector
- system:controller:pv-protection-controller
- system:controller:pvc-protection-controller
- system:controller:replicaset-controller
- system:controller:replication-controller
- system:controller:resourcequota-controller
- system:controller:root-ca-cert-publisher
- system:controller:route-controller
- system:controller:service-account-controller
- system:controller:service-controller
- system:controller:statefulset-controller
- system:controller:ttl-after-finished-controller
- system:controller:ttl-controller
- system:coredns
- system:discovery
- system:kube-controller-manager
- system:kube-dns
- system:kube-scheduler
- system:monitoring
- system:node
- system:node-proxier
- system:public-info-viewer
- system:service-account-issuer-discovery
- system:volume-scheduler
- velero
rbac.authorization.k8s.io/v1/Role:
- default/pod-reader
- kube-public/kubeadm:bootstrap-signer-clusterinfo
- kube-public/system:controller:bootstrap-signer
- kube-system/extension-apiserver-authentication-reader
- kube-system/kube-proxy
- kube-system/kubeadm:kubeadm-certs
- kube-system/kubeadm:kubelet-config-1.21
- kube-system/kubeadm:nodes-kubeadm-config
- kube-system/system::leader-locking-kube-controller-manager
- kube-system/system::leader-locking-kube-scheduler
- kube-system/system:controller:bootstrap-signer
- kube-system/system:controller:cloud-provider
- kube-system/system:controller:token-cleaner
rbac.authorization.k8s.io/v1/RoleBinding:
- default/read-pods
- kube-public/kubeadm:bootstrap-signer-clusterinfo
- kube-public/system:controller:bootstrap-signer
- kube-system/kube-proxy
- kube-system/kubeadm:kubeadm-certs
- kube-system/kubeadm:kubelet-config-1.21
- kube-system/kubeadm:nodes-kubeadm-config
- kube-system/system::extension-apiserver-authentication-reader
- kube-system/system::leader-locking-kube-controller-manager
- kube-system/system::leader-locking-kube-scheduler
- kube-system/system:controller:bootstrap-signer
- kube-system/system:controller:cloud-provider
- kube-system/system:controller:token-cleaner
scheduling.k8s.io/v1/PriorityClass:
- system-cluster-critical
- system-node-critical
storage.k8s.io/v1/CSINode:
- portlb-bird-server
storage.k8s.io/v1/StorageClass:
- local
v1/ConfigMap:
- default/kube-root-ca.crt
- kube-node-lease/kube-root-ca.crt
- kube-public/cluster-info
- kube-public/kube-root-ca.crt
- kube-system/calico-config
- kube-system/coredns
- kube-system/extension-apiserver-authentication
- kube-system/kube-proxy
- kube-system/kube-root-ca.crt
- kube-system/kubeadm-config
- kube-system/kubelet-config-1.21
- kube-system/nodelocaldns
- nginx-example/kube-root-ca.crt
- velero/kube-root-ca.crt
v1/Endpoints:
- default/kubernetes
- kube-system/coredns
- kube-system/openebs.io-local
- nginx-example/my-nginx
v1/Namespace:
- default
- kube-node-lease
- kube-public
- kube-system
- nginx-example
- velero
v1/Node:
- portlb-bird-server
v1/Pod:
- kube-system/calico-kube-controllers-846b5f484d-jf9v9
- kube-system/calico-node-glhk7
- kube-system/coredns-b5648d655-bwmkc
- kube-system/coredns-b5648d655-cncmh
- kube-system/kube-apiserver-portlb-bird-server
- kube-system/kube-controller-manager-portlb-bird-server
- kube-system/kube-proxy-dnt2f
- kube-system/kube-scheduler-portlb-bird-server
- kube-system/nodelocaldns-s4mr9
- kube-system/openebs-localpv-provisioner-5bfb67894-4h6hq
- nginx-example/nginx-deployment-57d5dcb68-m7rrt
- nginx-example/nginx-deployment-57d5dcb68-ncdlj
- velero/velero-666dff5c96-jlzrw
- velero/velero-666dff5c96-qgrtj
v1/Secret:
- default/default-token-rn7nc
- kube-node-lease/default-token-lnlrx
- kube-public/default-token-t88k8
- kube-system/attachdetach-controller-token-frxt5
- kube-system/bootstrap-signer-token-9clct
- kube-system/calico-kube-controllers-token-jj7sk
- kube-system/calico-node-token-7tfjs
- kube-system/certificate-controller-token-pm22g
- kube-system/clusterrole-aggregation-controller-token-h4nzb
- kube-system/coredns-token-h2xg8
- kube-system/cronjob-controller-token-v8nzg
- kube-system/daemon-set-controller-token-lmsrc
- kube-system/default-token-cqvk9
- kube-system/deployment-controller-token-tm9hx
- kube-system/disruption-controller-token-85c5n
- kube-system/endpoint-controller-token-2sw6t
- kube-system/endpointslice-controller-token-gc6df
- kube-system/endpointslicemirroring-controller-token-26qhz
- kube-system/ephemeral-volume-controller-token-mn25l
- kube-system/expand-controller-token-9dsww
- kube-system/generic-garbage-collector-token-djbb6
- kube-system/horizontal-pod-autoscaler-token-964br
- kube-system/job-controller-token-5n492
- kube-system/kube-proxy-token-5hlzd
- kube-system/namespace-controller-token-4f9v2
- kube-system/node-controller-token-svbhz
- kube-system/nodelocaldns-token-qxljm
- kube-system/openebs-maya-operator-token-p78db
- kube-system/persistent-volume-binder-token-sfptc
- kube-system/pod-garbage-collector-token-6p788
- kube-system/pv-protection-controller-token-9mw4r
- kube-system/pvc-protection-controller-token-hs5tp
- kube-system/replicaset-controller-token-w8ctz
- kube-system/replication-controller-token-hmvgw
- kube-system/resourcequota-controller-token-hv8g2
- kube-system/root-ca-cert-publisher-token-558ss
- kube-system/service-account-controller-token-vpzg6
- kube-system/service-controller-token-zkjcl
- kube-system/statefulset-controller-token-k57p8
- kube-system/token-cleaner-token-gd8kf
- kube-system/ttl-after-finished-controller-token-z8fxz
- kube-system/ttl-controller-token-kbtns
- nginx-example/default-token-5hsbg
- velero/cloud-credentials
- velero/default-token-7522j
- velero/velero-restic-credentials
- velero/velero-token-g5gl6
v1/Service:
- default/kubernetes
- kube-system/coredns
- nginx-example/my-nginx
v1/ServiceAccount:
- default/default
- kube-node-lease/default
- kube-public/default
- kube-system/attachdetach-controller
- kube-system/bootstrap-signer
- kube-system/calico-kube-controllers
- kube-system/calico-node
- kube-system/certificate-controller
- kube-system/clusterrole-aggregation-controller
- kube-system/coredns
- kube-system/cronjob-controller
- kube-system/daemon-set-controller
- kube-system/default
- kube-system/deployment-controller
- kube-system/disruption-controller
- kube-system/endpoint-controller
- kube-system/endpointslice-controller
- kube-system/endpointslicemirroring-controller
- kube-system/ephemeral-volume-controller
- kube-system/expand-controller
- kube-system/generic-garbage-collector
- kube-system/horizontal-pod-autoscaler
- kube-system/job-controller
- kube-system/kube-proxy
- kube-system/namespace-controller
- kube-system/node-controller
- kube-system/nodelocaldns
- kube-system/openebs-maya-operator
- kube-system/persistent-volume-binder
- kube-system/pod-garbage-collector
- kube-system/pv-protection-controller
- kube-system/pvc-protection-controller
- kube-system/replicaset-controller
- kube-system/replication-controller
- kube-system/resourcequota-controller
- kube-system/root-ca-cert-publisher
- kube-system/service-account-controller
- kube-system/service-controller
- kube-system/statefulset-controller
- kube-system/token-cleaner
- kube-system/ttl-after-finished-controller
- kube-system/ttl-controller
- nginx-example/default
- velero/default
- velero/velero
velero.io/v1/Backup:
- velero/cluster-all-resource-10-day
velero.io/v1/BackupStorageLocation:
- velero/default
velero.io/v1/DeleteBackupRequest:
- velero/backup-all-1-m-20211117120808-czvh2
- velero/backup-all-10-s-20211117161008-nwpxw
- velero/backup-all-10-s-20211117161108-h9g8c
Velero-Native Snapshots: <none included>
-
• 查看指定backup的服务日志
velero backup logs cluster-all-resource-10-day
-
• 查看velero服务日志
kubectl logs deployment/velero -n velero
1.3.2 删除备份
-
• 删除所有备份
velero backup delete --all --confirm
[说明] 默认删除需要确认,可以添加参数
--confirm
例如:velero backup delete --all --confirm
-
• 删除指定备份
velero backup delete cluster-all-resource-10-day --confirm
1.3.3 执行恢复操作
-
• 从backup创建restore并指定restore名称进行恢复
velero restore create restore-02 --from-backup cluster-all-resource-10-day
-
• 从backup创建restore,不手动创建restore名称,restore默认名为 ${BACKUP_NAME}-
velero restore create --from-backup cluster-all-resource-10-day
-
• 从schedule最新一次的backup创建restore
velero restore create --from-schedule backup-all-cluster-1-m
1.4 卸载velero
velero uninstall
You are about to uninstall Velero.
Are you sure you want to continue (Y/N)? y
Waiting for velero namespace "velero" to be deleted
..............................................................................................................................................................................................................................................................
Velero namespace "velero" deleted
Velero uninstalled