Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to K8up

Introduction to K8up

Presentation shown at the KubeCon & CloudNativeCon 2019 Recap Meetup on Wednesday, June 5, 2019.

88dd97cf2dc7f06cc51a01d450f0b1e5?s=128

Adrian Kosmaczewski
PRO

June 05, 2019
Tweet

More Decks by Adrian Kosmaczewski

Other Decks in Technology

Transcript

  1. INTRODUCTION TO INTRODUCTION TO K8UP K8UP Adrian Kosmaczewski – Developer

    Relations
  2. Répétez avec moi: /keɪtæpp/ 

  3. None
  4. BAAS BAAS Backup as a Service

  5. WHAT IS K8UP? WHAT IS K8UP? A Backup Operator for

    Kubernetes & OpenShift Used internally at VSHN Previously used … missing K8s integration! Uses under the hood Current version: 0.1.5 (June 4th, 2019) BURP restic
  6. WHERE DOES IT STORE WHERE DOES IT STORE BACKUPS? BACKUPS?

    Any S3-compatible backend Any restic-compatible backend
  7. HOW DOES IT WORK? HOW DOES IT WORK? K8up backs

    all PVCs in the same namespace 1. Create backup credentials 2. Trigger a backup or set up a backup schedule 3. No step 3!
  8. 1. PVC RESOURCE 1. PVC RESOURCE apiVersion: v1 kind: PersistentVolumeClaim

    metadata: name: mysql-pvc labels: app: wordpress spec: accessModes: - ReadWriteMany resources: requests: storage: 10Gi
  9. 2. BACKUP CREDENTIALS 2. BACKUP CREDENTIALS apiVersion: v1 kind: Secret

    metadata: name: backup-repo namespace: default type: Opaque data: password: cEBzc3cwcmQ= # echo -n "p@ssw0rd" | base64
  10. 3. BACKUP SCHEDULE 3. BACKUP SCHEDULE backup: schedule: '*/2 *

    * * *' # backup every 2 minutes keepJobs: 4 promURL: http://minio:9000
  11. None
  12. BACKEND OBJECT BACKEND OBJECT backend: repoPasswordSecretRef: name: backup-repo key: password

    s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password
  13. The Best Linux Blog In the Unixverse @nixcraft #Sysadmin #Truth

    #Backup #Unix #Linux 5,920 9:15 AM - Jun 24, 2015 7,201 people are talking about this
  14. RESTORE RESTORE apiVersion: backup.appuio.ch/v1alpha1 kind: Restore metadata: name: restore-mysql-pvc-test spec:

    snapshot: 88c59378733673e0bc4ab9047775eb9a901725b905975698d9fbf91e7f74 restoreMethod: folder: claimName: mysql-pvc backend: repoPasswordSecretRef: name: backup-repo key: password s3: endpoint: http://minio:9000
  15. MANUAL RESTORE VIA RESTIC MANUAL RESTORE VIA RESTIC backend: repoPasswordSecretRef:

    name: backup-repo key: password s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password
  16. PRE-BACKUP PODS PRE-BACKUP PODS apiVersion: backup.appuio.ch/v1alpha1 kind: PreBackupPod metadata: name:

    mysqldump spec: backupCommand: sh -c "mysqldump -u$USER -p$PW -h $DB_HOST --all-databa pod: spec: containers: - env: - name: USER value: root - name: PW value: YOUR_PASSWORD - name: DB HOST
  17. OTHER FEATURES OTHER FEATURES Backup of all PVCs in the

    same namespace as the Schedule object "Application-Aware" backups Backup of data piped through stdin Regularly checks for data sanity using restic check Archive feature on a dedicated location (for example AWS Glacier)
  18. ANNOTATION-AWARE ANNOTATION-AWARE BACKUPS BACKUPS --- <SNIP> template: metadata: labels: app:

    mariadb annotations: appuio.ch/backupcommand: mysqldump -uroot -psecure --all-databases <SNIP> ---
  19. ROADMAP ROADMAP Prometheus metrics Improved monitoring Generic pre-backup pods Backup

    of Kubernetes objects
  20. HOW TO CONTRIBUTE? HOW TO CONTRIBUTE? Minishift or Minikube &

    (tested with 1.11.3) Your favorite IDE (with a Go plugin) Docker make github.com/vshn/k8up Go dep
  21. THANKS! THANKS! vshn.ch/k8up github.com/vshn/k8up adrian@vshn.ch