Introduction:
As organizations increasingly adopt Azure Kubernetes Service (AKS) for deploying their containerized workloads, ensuring robust backup and disaster recovery mechanisms becomes paramount. Velero , a powerful open-source tool, simplifies this process by offering seamless backup and restore capabilities for AKS clusters. In this blog post, we’ll explore how to utilize It to back up an AKS cluster and restore it on another cluster, ensuring data resilience and continuity across Kubernetes environments.
Demo For backup
1. Setting Up Velero with Azure Blob Storage:
Create a Resource Group (Optional):
If you don’t already have a resource group in which you want to create the storage account, you can create one using the following Azure CLI command:
az group create –name –location
Replace <resource-group-name> with your desired name for the resource group and <location> with the Azure region where you want to create the resource group.
Create a Storage Account:
Use the following Azure CLI command to create a storage account:
az storage account create –name <storage-account-name> –resource-group <resource-group-name> –sku Standard_GRS –encryption-services blob –https-only true –kind BlobStorage –access-tier Hot
Replace <storage-account-name> with your desired name for the storage account, <resource-group-name> with the name of the resource group created in the previous step (or an existing one).
Set Up its Configuration:
Create a service principal that has Contributor privileges.
Create a file that contains the variables the Velero installation requires. The command looks similar to the following one:
AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID}
AZURE_TENANT_ID=${AZURE_TENANT_ID}
AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET}
AZURE_RESOURCE_GROUP=${AZURE_BACKUP_RESOURCE_GROUP}
AZURE_CLOUD_NAME=AzurePublicCloud” | Out-File -FilePath ./credentials.txt
Install and start service:
velero install –provider azure –plugins velero/velero-plugin-for-microsoft-azure:v1.5.0 –bucket $BLOB_CONTAINER –secret-file ./credentials.txt –backup-location-config resourceGroup=$AZURE_BACKUP_RESOURCE_GROUP,storageAccount=$AZURE_STORAGE_ACCOUNT_ID,subscriptionId=$AZURE_BACKUP_SUBSCRIPTION_ID
Check whether the service is running properly
kubectl -n velero get pods
kubectl logs deployment/velero -n velero
2. Backup Process for AKS Cluster:
Once it is configured, initiate the backup process for your AKS cluster. It allows you to specify the resources you want to include in the backup. Common resources include deployments, services, persistent volume claims (PVCs), and more. Execute the following commands to back up your AKS cluster:
velero backup create <BACKUP-NAME>
3. Verify Backup Completion:
After initiating the backup, monitor the progress using its commands. Once the backup is complete, verify its existence in Azure Blob Storage by checking the backups in the configured Azure Blob Storage account.
velero backup describe
Demo for Restore Process on Another Cluster
Now, let’s explore how to restore the AKS cluster backup on another Kubernetes cluster. Ensure that it is installed and configured on the target cluster, along with access to the Azure Blob Storage account containing the backup. Execute the following steps:
Install Service on the target Kubernetes cluster:
velero install –provider azure –plugins velero/velero-plugin-for-microsoft-azure:v1.5.0 –bucket $BLOB_CONTAINER –secret-file ./credentials.txt –backup-location-config resourceGroup=$AZURE_BACKUP_RESOURCE_GROUP,storageAccount=$AZURE_STORAGE_ACCOUNT_ID,subscriptionId=$AZURE_BACKUP_SUBSCRIPTION_ID
Retrieve the backup from Azure Blob Storage to the target cluster:
Make sure the it backup object was created by running the following command. It resources are synchronized with the backup files in cloud storage.
velero backup describe
After you confirm that the right backup (BACKUP-NAME) is present, restore all objects in the backup:
velero restore create –from-backup