Introduction to K8up

Transcript

1. INTRODUCTION TO INTRODUCTION TO K8UP K8UP Adrian Kosmaczewski – Developer

   Relations

2. Répétez avec moi: /keɪtæpp/ 

3. None

4. BAAS BAAS Backup as a Service

5. WHAT IS K8UP? WHAT IS K8UP? A Backup Operator for

   Kubernetes & OpenShift Used internally at VSHN Previously used … missing K8s integration! Uses under the hood Current version: 0.1.5 (June 4th, 2019) BURP restic

6. WHERE DOES IT STORE WHERE DOES IT STORE BACKUPS? BACKUPS?

   Any S3-compatible backend Any restic-compatible backend

7. HOW DOES IT WORK? HOW DOES IT WORK? K8up backs

   all PVCs in the same namespace 1. Create backup credentials 2. Trigger a backup or set up a backup schedule 3. No step 3!

8. 1. PVC RESOURCE 1. PVC RESOURCE apiVersion: v1 kind: PersistentVolumeClaim

   metadata: name: mysql-pvc labels: app: wordpress spec: accessModes: - ReadWriteMany resources: requests: storage: 10Gi

9. 2. BACKUP CREDENTIALS 2. BACKUP CREDENTIALS apiVersion: v1 kind: Secret

   metadata: name: backup-repo namespace: default type: Opaque data: password: cEBzc3cwcmQ= # echo -n "p@ssw0rd" | base64

10. 3. BACKUP SCHEDULE 3. BACKUP SCHEDULE backup: schedule: '*/2 *

    * * *' # backup every 2 minutes keepJobs: 4 promURL: http://minio:9000
11. None

12. BACKEND OBJECT BACKEND OBJECT backend: repoPasswordSecretRef: name: backup-repo key: password

    s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password

13. The Best Linux Blog In the Unixverse @nixcraft #Sysadmin #Truth

    #Backup #Unix #Linux 5,920 9:15 AM - Jun 24, 2015 7,201 people are talking about this

14. RESTORE RESTORE apiVersion: backup.appuio.ch/v1alpha1 kind: Restore metadata: name: restore-mysql-pvc-test spec:

    snapshot: 88c59378733673e0bc4ab9047775eb9a901725b905975698d9fbf91e7f74 restoreMethod: folder: claimName: mysql-pvc backend: repoPasswordSecretRef: name: backup-repo key: password s3: endpoint: http://minio:9000

15. MANUAL RESTORE VIA RESTIC MANUAL RESTORE VIA RESTIC backend: repoPasswordSecretRef:

    name: backup-repo key: password s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password

16. PRE-BACKUP PODS PRE-BACKUP PODS apiVersion: backup.appuio.ch/v1alpha1 kind: PreBackupPod metadata: name:

    mysqldump spec: backupCommand: sh -c "mysqldump -u$USER -p$PW -h $DB_HOST --all-databa pod: spec: containers: - env: - name: USER value: root - name: PW value: YOUR_PASSWORD - name: DB HOST

17. OTHER FEATURES OTHER FEATURES Backup of all PVCs in the

    same namespace as the Schedule object "Application-Aware" backups Backup of data piped through stdin Regularly checks for data sanity using restic check Archive feature on a dedicated location (for example AWS Glacier)

18. ANNOTATION-AWARE ANNOTATION-AWARE BACKUPS BACKUPS --- <SNIP> template: metadata: labels: app:

    mariadb annotations: appuio.ch/backupcommand: mysqldump -uroot -psecure --all-databases <SNIP> ---

19. ROADMAP ROADMAP Prometheus metrics Improved monitoring Generic pre-backup pods Backup

    of Kubernetes objects

20. HOW TO CONTRIBUTE? HOW TO CONTRIBUTE? Minishift or Minikube &

    (tested with 1.11.3) Your favorite IDE (with a Go plugin) Docker make github.com/vshn/k8up Go dep

21. THANKS! THANKS! vshn.ch/k8up github.com/vshn/k8up [email protected]