velero介绍
Velero 是由vmware公司团队研发开源工具,用于安全地备份、恢复和迁移 Kubernetes 集群和持久卷。它可以在本地和公共云中运行。Velero 由一个在您的 Kubernetes 集群中作为部署运行的服务器进程和一个命令行界面 (CLI) 组成,DevOps 团队和平台操作员可通过该界面配置计划备份、触发临时备份、执行恢复等。官网地址:https://velero.io/
安装minio
1、创建minio数据目录
mkdir -pv /data/minio/data
2、下载镜像
docker pull minio/minio
3、启动镜像
docker run --name minio \
-p 9000:9000 \
-p 9999:9999 \
-d --restart=always \
-e "MINIO_ROOT_USER=admin" \
-e "MINIO_ROOT_PASSWORD=12345678" \
-v /data/minio/data:/data \
minio/minio server /data \
--console-address '0.0.0.0:9999'
4、浏览器访问:http://ip:9999
5、创建目录
安装velero
在master节点上面安装velero
下载velero客户端
https://github.com/vmware-tanzu/velero/releases
解压velero到/usr/local/bin
tar xvf velero-v1.9.6-linux-amd64.tar.gz
cp velero /usr/local/bin/
chmod +x /usr/local/sbin/velero
测试使用
velero --help
配置auth认证信息
mkdir /data/velero -p
cd /data/velero
root@easzlab-k8s-master-01:/data/velero# cat velero-auth.txt
[default]
aws_access_key_id = admin
aws_secret_access_key = 12345678
创建namespaces
kubectl create ns velero-system
启动服务:
velero --kubeconfig /root/.kube/config \
install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.3.1 \
--bucket velerodata \
--secret-file ./velero-auth.txt \
--use-volume-snapshots=false \
--namespace velero-system \
--backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://192.168.0.201:9000/
查看镜像日志
[root@master1 ~]# kubectl logs deployments/velero -nvelero-system
确保正常连接至minio.
使用velero进行备份
[root@master1 ~]# DATE=`date +%Y%m%d%H%M%S`
[root@master1 ~]# velero backup create default-backup-${DATE} --include-cluster-resources=tru --include-namespaces kube-system --kubeconfig=/root/.kube/config --namespace velero-system
Backup request "default-backup-20230316213429" submitted successfully.
Run `velero backup describe default-backup-20230316213429` or `velero backup logs default-bacup-20230316213429` for more details.
[root@master1 ~]# velero backup create myserver-backup-${DATE} --include-cluster-resources=tre --include-namespaces myserver --kubeconfig=/root/.kube/config --namespace velero-system
Backup request "myserver-backup-20230316213429" submitted successfully.
Run `velero backup describe myserver-backup-20230316213429` or `velero backup logs myserver-bckup-20230316213429` for more details.
查看备份
[root@master1 ~]# velero backup get --kubeconfig=/root/.kube/config --namespace velero-system
查看minio
批量备份所有namespace
编写脚本自动备份
[root@master1 velero]# vim backupvelero.sh
#!/bin/bash
NS_NAME=$(kubectl get ns |awk '{if(NR>1){print $1}}')
DATE=$(date +%Y%m%d%H%M%S)
cd /data/velero/
for i in $NS_NAME;do
velero backup create ${i}-ns-backup-${DATE} \
--include-cluster-resources=true \
--include-namespaces ${i} \
--kubeconfig=/root/.kube/config \
--namespace velero-system
done
从备份文件恢复
[root@master1 velero]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 9m2s
test2 1/1 Running 23 (123m ago) 116d
test3 1/1 Running 23 (123m ago) 116d
删除pod
[root@master1 velero]# kubectl delete pod test
pod "test" deleted
[root@master1 velero]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test2 1/1 Running 23 (133m ago) 116d
test3 1/1 Running 23 (133m ago) 116d
[root@master1 velero]#
使用备份还原
[root@master1 velero]# velero restore create --from-backup test-ns-backup-20230316213943 --wait --kubeconfig=/root/.kube/config --namespace velero-system Restore request "test-ns-backup-20230316213943-20230316220740" submitted successfully.
Waiting for restore to complete. You may safely press ctrl-c to stop waiting - your restore will continue in the background.
..................
Restore completed with status: Completed. You may check for more information using the commands `velero restore describe test-ns-backup-20230316213943-20230316220740` and `velero restore logs test-ns-backup-20230316213943-20230316220740`.
[root@master1 velero]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 22s
test2 1/1 Running 23 (134m ago) 116d
test3 1/1 Running 23 (134m ago) 116d