Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to K8up

Introduction to K8up

Presentation shown at the February 2023 Cloud Native Computing Switzerland Meetup.

Adrian Kosmaczewski

February 23, 2023
Tweet

More Decks by Adrian Kosmaczewski

Other Decks in Technology

Transcript

  1. VSHN – The DevOps Company Pronounced ˈvɪʒn – like "vision"

    The DevOps Company Founded 2014, 46 VSHNeers in Zürich, 5 in Vancouver Canada Switzerland’s leading DevOps, Docker, Kubernetes & OpenShift partner 24/7 support ISO 27001 certified ISAE 3402 Report Type 1 verified 2
  2. VSHN – The DevOps Company A Backup Operator for Kubernetes

    & OpenShift Used internally at VSHN since 2018 Uses under the hood Current version: 2.5.3 (February 17th, 2023) k8up.io and github.com/k8up-io What is K8up? restic 9
  3. VSHN – The DevOps Company K8up backs all PVCs in

    the same namespace 1. Create backup credentials 2. Trigger a backup or set up a backup schedule 3. No step 3! How does it work? 12
  4. VSHN – The DevOps Company 1 Annotation required for K8up

    1. PVC Resource kind: PersistentVolumeClaim apiVersion: v1 metadata: name: app-data labels: app.kubernetes.io/name: demo-app annotations: k8up.io/backup: "true" spec: accessModes: - ReadWriteOnce resources: requests: storage: "1Gi" 1 13
  5. VSHN – The DevOps Company 1 A really secure password!

    2. Backup Credentials apiVersion: v1 kind: Secret metadata: name: backup-repo type: Opaque stringData: password: p@ssw0rd 1 14
  6. VSHN – The DevOps Company 1 A backup every minute!

    apiVersion: k8up.io/v1 kind: Schedule metadata: name: schedule-test spec: failedJobsHistoryLimit: 2 successfulJobsHistoryLimit: 2 backend: repoPasswordSecretRef: name: backup-repo key: password s3: endpoint: https://sos-ch-gva-2.exo.io bucket: my-bucket-change-name accessKeyIDSecretRef: name: objectbucket-creds key: AWS_ACCESS_KEY_ID secretAccessKeySecretRef: name: objectbucket-creds key: AWS_SECRET_ACCESS_KEY backup: schedule: '*/1 * * * *' failedJobsHistoryLimit: 2 successfulJobsHistoryLimit: 2 1 15
  7. VSHN – The DevOps Company Backend Object backend: repoPasswordSecretRef: name:

    backup-repo key: password s3: endpoint: https://sos-ch-gva-2.exo.io bucket: my-bucket-change-name accessKeyIDSecretRef: name: objectbucket-creds key: AWS_ACCESS_KEY_ID secretAccessKeySecretRef: name: objectbucket-creds key: AWS_SECRET_ACCESS_KEY 16
  8. VSHN – The DevOps Company 1 PVC where the restoration

    takes place Restore apiVersion: k8up.io/v1 kind: Restore metadata: name: restore-wordpress spec: snapshot: SNAPSHOT_ID restoreMethod: folder: claimName: wordpress-pvc backend: repoPasswordSecretRef: name: backup-repo key: password s3: endpoint: https://sos-ch-gva-2.exo.io bucket: my-bucket-change-name accessKeyIDSecretRef: name: objectbucket-creds key: AWS_ACCESS_KEY_ID secretAccessKeySecretRef: name: objectbucket-creds key: AWS_SECRET_ACCESS_KEY 1 18
  9. VSHN – The DevOps Company Manual Restore via restic $

    export RESTIC_REPOSITORY=s3:http://location/of/the/backup $ export RESTIC_PASSWORD=p@assword $ export AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX $ export AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx $ restic snapshots repository dec6d66c opened successfully, password is correct ID Date Host Tags Directory ---------------------------------------------------------------------- 5ed64a2d 2018-06-08 09:18:34 macbook-vshn.local /data ---------------------------------------------------------------------- 1 snapshots $ restic restore 5ed64a2d --target /restore 19
  10. VSHN – The DevOps Company Pre-Backup Pods apiVersion: k8up.io/v1 kind:

    PreBackupPod metadata: name: mysqldump spec: backupCommand: sh -c 'mysqldump -u$USER -p$PW -h $DB_HOST --all-databases' pod: spec: containers: - env: - name: USER value: dumper - name: PW value: topsecret - name: DB_HOST value: mariadb.example.com image: mariadb command: - 'sleep' - 'infinity' imagePullPolicy: Always name: mysqldump 20
  11. VSHN – The DevOps Company Backup of all PVCs in

    the same namespace as the Schedule object "Application-Aware" backups Backup of data piped through stdin Regularly checks for data sanity using restic check Archive feature on a dedicated location (for example AWS Glacier) Default backup mechanism on APPUiO Cloud Other Features 22
  12. VSHN – The DevOps Company Annotation-Aware Backups --- # …

    template: metadata: labels: app: mariadb annotations: appuio.ch/backupcommand: mysqldump -uroot -psecure --all-databases # … --- 24
  13. VSHN – The DevOps Company Backup of RWO storage Already

    in 2.6.0-rc2, released today! k8up CLI Better visibility of backups List available snapshots directly in Kubernetes Usability improvements Specify in which container to run backup commands Roadmap 25
  14. VSHN – The DevOps Company Your favorite IDE (with a

    Go plugin) Docker make Kind How to Contribute? github.com/vshn/k8up Go 26
  15. VSHN – The DevOps Company K8up will be present in

    a booth at the upcoming Kubecon, see you there! See you at Kubecon! 27
  16. VSHN – The DevOps Company Adrian Kosmaczewski, Developer Relations –

    VSHN AG – Neugasse 10 – CH-8005 Zürich – +41 44 545 53 00 – – Thanks! [email protected] vshn.ch [email protected] 28