Backup & Restore
Backing up and restoring a virtual cluster usually means to backup the namespace where vCluster is installed in. If you are using an external datastore like MySQL or Postgresql that is not running inside the same namespace as vCluster, you will need to create a separate backup for the datastore as well. Please refer to the appropriate docs for doing that.
Using velero
We recommend velero to backup virtual clusters, as it supports PV backup as well as single namespace backups. Other backup solutions should usually work as well.
Make sure your cluster supports volume snapshots to allow velero to backup persistent volumes and persistent volume claims that save the virtual cluster state. Alternatively, you can use velero's restic integration to backup the virtual cluster state.
Backing up a vCluster
Make sure to install the velero cli, velero server components and run the following command:
velero backup create <backup-name> --include-namespaces=my-vcluster-namespace
Verify backup was created successfully with:
velero backup describe <backup-name>
This should create a similar output to:
Name: <backup-name>
Namespace: velero
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.24.0
velero.io/source-cluster-k8s-major-version=1
velero.io/source-cluster-k8s-minor-version=24
Phase: Completed
Errors: 0
Warnings: 0
Namespaces:
Included: test
Excluded: <none>
Resources:
Included: *
Excluded: <none>
Cluster-scoped: auto
...
Restoring a vCluster
After you have created a backup through either the velero cli or a schedule, you can restore a vCluster from the created backup via the velero cli:
velero restore create <restore-name> --from-backup <backup-name>
Verify the restore process via:
velero restore logs <restore-name>
This should recreate the vCluster workloads, configurations as well as vCluster state in the virtual cluster namespace.
Currently its quite difficult to move a vCluster from one namespace to another as there are objects that include a namespace reference such as the cluster role bindings or persistent volumes. velero supports namespace mapping that should work in most cases, but caution is still required as this might not work for every vCluster setup.
Using velero inside vCluster
To use velero for making backups you need to enable the hostpath-mapper component of vCluster. You can do this by adding this to your values.yaml file when creating or upgrading the vCluster
hostpathMapper:
enabled: true
This will start a the vCluster component for mapping the correct hostpaths as a Daemonset.
Once done you need to install velero cli as explained above and then connect to your vCluster, and install velero:
velero install --provider <provider> --bucket <bucket_name> --secret-file <your_secret_file> --plugins velero/velero-plugin-for-<provider>:<semver> --use-restic
Make sure to fill up the appropriate fields like
provider,bucket_name,secret-fileetc. depending on your installation.
Once the installation is complete you can check the status of the velero resources:
$ kubectl get all -n velero
NAME READY STATUS RESTARTS AGE
pod/restic-5szkb 1/1 Running 0 118s
pod/velero-75c5479dfd-4x7sl 1/1 Running 0 118s
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/restic 1 1 1 1 1 <none> 118s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/velero 1/1 1 1 119s
NAME DESIRED CURRENT READY AGE
replicaset.apps/velero-75c5479dfd 1 1 1 119s
Now you're ready to create a backup using restic:
velero backup create test1 --default-volumes-to-restic
Wait for the backup to complete and eventually you should see the following:
$ velero backup describe test1
Name: test1
Namespace: velero
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.25.0+k3s1
velero.io/source-cluster-k8s-major-version=1
velero.io/source-cluster-k8s-minor-version=25
Phase: Completed
Errors: 0
Warnings: 0
Namespaces:
Included: *
Excluded: <none>
Resources:
Included: *
Excluded: <none>
Cluster-scoped: auto
...