Velero is an open source, VMware-backed tool to backup, restore, migrate, and perform DR on Kubernetes cluster resources & persistent volumes.
Unlike other Kubernetes backup solutions, Velero does not access etcd directly. Instead it uses Kubernetes APIs for all operations.
This has a number of advantages:
Velero doesn’t need access to etcd. This is great in cases where you don’t have access to etcd yourself, like in AWS EKS & other managed Kubernetes offerings.
You can backup individual objects (using label selectors), or restrict your backups to certain resource types, or backup everything in a namespace.
In cases where your cluster has multiple etcd servers, perhaps serving aggregated API resources, Velero can still backup those.
Velero consists of a server that runs on the cluster & a CLI to interact with it.
Each Velero operation is a custom resource, defined with a Kubernetes Custom Resource Definition (CRD) & stored in etcd. Velero includes controllers that process the CRDs to perform backups, restores, etc.
Velero creates the following CRDs:
Restic for Velero
Velero comes with an additional (optional) component called restic, that handles data backup at a file system level if required. The only other option to backup data is to snapshot the underlying EBS volume. The AWS plugin for Velero can do that, if file system backups are not needed. Restic is not installed by default when you install Velero.
The Velero service account has “cluster admin” role but can be scoped down with RBAC. We will learn how to do this in another atricle in this series.
WARNING: Cluster backups are not strictly atomic. If Kubernetes objects are being created or edited at the time of backup, they might not be included in the backup.
In this article, we got familiar with Velero for Kubernetes & explored how it works.
How do you use Velero? Do you prefer other backup solutions over Velero? Let us know in the comments below. 😊
About the Author ✍🏻
Harish KM is a Principal DevOps Engineer at QloudX & a top-ranked AWS Ambassador since 2020. 👨🏻💻
With over a decade of industry experience as everything from a full-stack engineer to a cloud architect, Harish has built many world-class solutions for clients around the world! 👷🏻♂️
With over 20 certifications in cloud (AWS, Azure, GCP), containers (Kubernetes, Docker) & DevOps (Terraform, Ansible, Jenkins), Harish is an expert in a multitude of technologies. 📚
These days, his focus is on the fascinating world of DevOps & how it can transform the way we do things! 🚀
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.