$ oc get backupStorageLocations
×
Backing up applications
You back up applications by creating a Backup custom resource (CR).
The Backup CR creates backup files for Kubernetes resources and internal images, on S3 object storage, and snapshots for persistent volumes (PVs), if the cloud provider uses a native snapshot API or the Container Storage Interface (CSI) to create snapshots, such as OpenShift Container Storage 4. For more information, see CSI volume snapshots.
|
The For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview/. |
If your cloud provider has a native snapshot API or supports Container Storage Interface (CSI) snapshots, the Backup CR backs up persistent volumes by creating snapshots. For more information, see the Overview of CSI volume snapshots in the OKD documentation.
If your cloud provider does not support snapshots or if your applications are on nfs data volumes, you can create backups by using Restic.
You can create backup hooks to run commands before or after the backup operation.
You can schedule backups by creating a Schedule CR instead of a Backup CR.
Creating a Backup CR
You back up Kubernetes images, internal images, and persistent volumes (PVs) by creating a Backup custom resource (CR).
Prerequisites
-
You must install the OpenShift API for Data Protection (OADP) Operator.
-
The
DataProtectionApplicationCR must be in aReadystate. -
Backup location prerequisites:
-
You must have S3 object storage configured for Velero.
-
You must have a backup location configured in the
DataProtectionApplicationCR.
-
-
Snapshot location prerequisites:
-
Your cloud provider must have a native snapshot API or support Container Storage Interface (CSI) snapshots.
-
For CSI snapshots, you must create a
VolumeSnapshotClassCR to register the CSI driver. -
You must have a volume location configured in the
DataProtectionApplicationCR.
-
Procedure
-
Retrieve the
backupStorageLocationsCRs:Example outputNAME PHASE LAST VALIDATED AGE DEFAULT velero-sample-1 Available 11s 31m -
Create a
BackupCR, as in the following example:apiVersion: velero.io/v1 kind: Backup metadata: name: <backup> labels: velero.io/storage-location: default namespace: openshift-adp spec: hooks: {} includedNamespaces: - <namespace> (1) storageLocation: <velero-sample-1> (2) ttl: 720h0m0s1 Specify an array of namespaces to back up. 2 Specify the name of the backupStorageLocationsCR. -
Verify that the status of the
BackupCR isCompleted:$ oc get backup -n openshift-adp <backup> -o jsonpath='{.status.phase}'
Backing up persistent volumes with CSI snapshots
You back up persistent volumes with Container Storage Interface (CSI) snapshots by creating a VolumeSnapshotClass custom resource (CR) to register the CSI driver before you create the Backup CR.
Prerequisites
-
The cloud provider must support CSI snapshots.
-
You must enable CSI in the
DataProtectionApplicationCR.
Procedure
-
Create a
VolumeSnapshotClassCR, as in the following examples:Ceph RBDapiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass deletionPolicy: Retain metadata: name: <volume_snapshot_class_name> labels: velero.io/csi-volumesnapshot-class: "true" snapshotter: openshift-storage.rbd.csi.ceph.com driver: openshift-storage.rbd.csi.ceph.com parameters: clusterID: openshift-storage csi.storage.k8s.io/snapshotter-secret-name: rook-csi-rbd-provisioner csi.storage.k8s.io/snapshotter-secret-namespace: openshift-storageCeph FSapiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass metadata: name: <volume_snapshot_class_name> labels: velero.io/csi-volumesnapshot-class: "true" driver: openshift-storage.cephfs.csi.ceph.com deletionPolicy: Retain parameters: clusterID: openshift-storage csi.storage.k8s.io/snapshotter-secret-name: rook-csi-cephfs-provisioner csi.storage.k8s.io/snapshotter-secret-namespace: openshift-storageOther cloud providersapiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass metadata: name: <volume_snapshot_class_name> labels: velero.io/csi-volumesnapshot-class: "true" driver: <csi_driver> deletionPolicy: Retain
You can now create a Backup CR.
Backing up applications with Restic
You back up Kubernetes resources, internal images, and persistent volumes with Restic by editing the Backup custom resource (CR).
You do not need to specify a snapshot location in the DataProtectionApplication CR.
Prerequisites
-
You must install the OpenShift API for Data Protection (OADP) Operator.
-
You must not disable the default Restic installation by setting
spec.configuration.restic.enabletofalsein theDataProtectionApplicationCR. -
The
DataProtectionApplicationCR must be in aReadystate.
Procedure
-
Edit the
BackupCR, as in the following example:apiVersion: velero.io/v1 kind: Backup metadata: name: <backup> labels: velero.io/storage-location: default namespace: openshift-adp spec: defaultVolumesToRestic: true (1) ...1 Add defaultVolumesToRestic: trueto thespecblock.
Creating backup hooks
You create backup hooks to run commands in a container in a pod by editing the Backup custom resource (CR).
Pre hooks run before the pod is backed up. Post hooks run after the backup.
Procedure
-
Add a hook to the
spec.hooksblock of theBackupCR, as in the following example:apiVersion: velero.io/v1 kind: Backup metadata: name: <backup> namespace: openshift-adp spec: hooks: resources: - name: <hook_name> includedNamespaces: - <namespace> (1) excludedNamespaces: - <namespace> includedResources: - pods (2) excludedResources: [] labelSelector: (3) matchLabels: app: velero component: server pre: (4) - exec: container: <container> (5) command: - /bin/uname (6) - -a onError: Fail (7) timeout: 30s (8) post: (9) ...1 Array of namespaces to which the hook applies. If this value is not specified, the hook applies to all namespaces. 2 Currently, pods are the only supported resource. 3 Optional: This hook only applies to objects matching the label selector. 4 Array of hooks to run before the backup. 5 Optional: If the container is not specified, the command runs in the first container in the pod. 6 Array of commands that the hook runs. 7 Allowed values for error handling are FailandContinue. The default isFail.8 Optional: How long to wait for the commands to run. The default is 30s.9 This block defines an array of hooks to run after the backup, with the same parameters as the pre-backup hooks.
Scheduling backups
You schedule backups by creating a Schedule custom resource (CR) instead of a Backup CR.
|
Leave enough time in your backup schedule for a backup to finish before another backup is created. For example, if a backup of a namespace typically takes 10 minutes, do not schedule backups more frequently than every 15 minutes. |
Prerequisites
-
You must install the OpenShift API for Data Protection (OADP) Operator.
-
The
DataProtectionApplicationCR must be in aReadystate.
Procedure
-
Retrieve the
backupStorageLocationsCRs:$ oc get backupStorageLocationsExample outputNAME PHASE LAST VALIDATED AGE DEFAULT velero-sample-1 Available 11s 31m -
Create a
ScheduleCR, as in the following example:$ cat << EOF | oc apply -f - apiVersion: velero.io/v1 kind: Schedule metadata: name: <schedule> namespace: openshift-adp spec: schedule: 0 7 * * * (1) template: hooks: {} includedNamespaces: - <namespace> (2) storageLocation: <velero-sample-1> (3) defaultVolumesToRestic: true (4) ttl: 720h0m0s EOF1 cronexpression to schedule the backup, for example,0 7 * * *to perform a backup every day at 7:00.2 Array of namespaces to back up. 3 Name of the backupStorageLocationsCR.4 Optional: Add the defaultVolumesToRestic: truekey-value pair if you are backing up volumes with Restic. -
Verify that the status of the
ScheduleCR isCompletedafter the scheduled backup runs:$ oc get schedule -n openshift-adp <schedule> -o jsonpath='{.status.phase}'