Velero

• https://velero.io/

• https://velero.io/docs/v1.10/

• Using Velero + Restic

• On AWS

  • https://github.com/vmware-tanzu/velero-plugin-for-aws — plugin setup and releases

    
    
    export AWS_PROFILE=x-dev
    export BUCKET=x-eks-backups
    export REGION=us-west-2
    
    aws s3api create-bucket \
        --bucket $BUCKET \
        --region $REGION \
        --create-bucket-configuration LocationConstraint=$REGION
    
    aws iam create-user --user-name velero
    
    cat > velero-policy.json <<EOF
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "ec2:DescribeVolumes",
                    "ec2:DescribeSnapshots",
                    "ec2:CreateTags",
                    "ec2:CreateVolume",
                    "ec2:CreateSnapshot",
                    "ec2:DeleteSnapshot"
                ],
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": [
                    "s3:GetObject",
                    "s3:DeleteObject",
                    "s3:PutObject",
                    "s3:AbortMultipartUpload",
                    "s3:ListMultipartUploadParts"
                ],
                "Resource": [
                    "arn:aws:s3:::${BUCKET}/*"
                ]
            },
            {
                "Effect": "Allow",
                "Action": [
                    "s3:ListBucket"
                ],
                "Resource": [
                    "arn:aws:s3:::${BUCKET}"
                ]
            }
        ]
    }
    EOF
    
    aws iam put-user-policy \
      --user-name velero \
      --policy-name velero \
      --policy-document file://velero-policy.json
    
    aws iam create-access-key --user-name velero |tee dir/save.json
    
    # create creds file velero.creds like this
    [default]
    aws_access_key_id=$AWS_ACCESS_KEY_ID
    aws_secret_access_key=$AWS_SECRET_ACCESS_KEY
    
    brew install velero
    . <(velero completion zsh)
    
    
    # Install Velero on EKS 
    velero install \
      --provider aws \
      --plugins velero/velero-plugin-for-aws:v1.6.0 \
      --bucket $BUCKET \
      --backup-location-config region=$REGION \
      --snapshot-location-config region=$REGION \
      --secret-file ./velero.creds
    
    kubectl get all -n velero
    k -n velero logs -f deployment/velero
    
    
    velero backup create <backupname> --include-namespaces <namespacename>
    velero backup create test1 --include-namespaces demo
    
    velero backup describe <backupname>
    velero backup describe test1
    
    velero restore create --from-backup test1
    
    # repeat on second cluster and restore
    velero restore create --from-backup test1
    

• Test

  kubectl create deployment web \
   --image=gcr.io/google-samples/hello-app:1.0 \
   -n demo
  
  kubectl create deployment nginx \
   --image=nginx 
   -n demo
  
  kubectl get deployments -n demo
  

• Learn

  docker-development-youtube-series/kubernetes/velero at master · marcel-dempers/docker-development-youtube-series

  Lets create a Kubernetes cluster to play with using kind kind create cluster --name velero --image kindest/node:v1.19.1 Run a small `alpine linux` container where we can install and play with `velero`: docker run -it --rm -v ${HOME}:/root/ -v ${PWD}:/work -w /work --net host alpine sh # install curl & kubectl

  https://github.com/marcel-dempers/docker-development-youtube-series/tree/master/kubernetes/velero