Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to K8up

Introduction to K8up

Presentation shown at the KubeCon & CloudNativeCon 2019 Recap Meetup on Wednesday, June 5, 2019.

Adrian Kosmaczewski
PRO

June 05, 2019
Tweet

More Decks by Adrian Kosmaczewski

Other Decks in Technology

Transcript

  1. INTRODUCTION TO INTRODUCTION TO K8UP K8UP Adrian Kosmaczewski – Developer

    Relations
  2. Répétez avec moi: /keɪtæpp/ 

  3. None
  4. BAAS BAAS Backup as a Service

  5. WHAT IS K8UP? WHAT IS K8UP? A Backup Operator for

    Kubernetes & OpenShift Used internally at VSHN Previously used … missing K8s integration! Uses under the hood Current version: 0.1.5 (June 4th, 2019) BURP restic
  6. WHERE DOES IT STORE WHERE DOES IT STORE BACKUPS? BACKUPS?

    Any S3-compatible backend Any restic-compatible backend
  7. HOW DOES IT WORK? HOW DOES IT WORK? K8up backs

    all PVCs in the same namespace 1. Create backup credentials 2. Trigger a backup or set up a backup schedule 3. No step 3!
  8. 1. PVC RESOURCE 1. PVC RESOURCE apiVersion: v1 kind: PersistentVolumeClaim

    metadata: name: mysql-pvc labels: app: wordpress spec: accessModes: - ReadWriteMany resources: requests: storage: 10Gi
  9. 2. BACKUP CREDENTIALS 2. BACKUP CREDENTIALS apiVersion: v1 kind: Secret

    metadata: name: backup-repo namespace: default type: Opaque data: password: cEBzc3cwcmQ= # echo -n "[email protected]" | base64
  10. 3. BACKUP SCHEDULE 3. BACKUP SCHEDULE backup: schedule: '*/2 *

    * * *' # backup every 2 minutes keepJobs: 4 promURL: http://minio:9000
  11. None
  12. BACKEND OBJECT BACKEND OBJECT backend: repoPasswordSecretRef: name: backup-repo key: password

    s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password
  13. The Best Linux Blog In the Unixverse @nixcraft #Sysadmin #Truth

    #Backup #Unix #Linux 5,920 9:15 AM - Jun 24, 2015 7,201 people are talking about this
  14. RESTORE RESTORE apiVersion: backup.appuio.ch/v1alpha1 kind: Restore metadata: name: restore-mysql-pvc-test spec:

    snapshot: 88c59378733673e0bc4ab9047775eb9a901725b905975698d9fbf91e7f74 restoreMethod: folder: claimName: mysql-pvc backend: repoPasswordSecretRef: name: backup-repo key: password s3: endpoint: http://minio:9000
  15. MANUAL RESTORE VIA RESTIC MANUAL RESTORE VIA RESTIC backend: repoPasswordSecretRef:

    name: backup-repo key: password s3: endpoint: http://minio:9000 bucket: backups accessKeyIDSecretRef: name: backup-credentials key: username secretAccessKeySecretRef: name: backup-credentials key: password
  16. PRE-BACKUP PODS PRE-BACKUP PODS apiVersion: backup.appuio.ch/v1alpha1 kind: PreBackupPod metadata: name:

    mysqldump spec: backupCommand: sh -c "mysqldump -u$USER -p$PW -h $DB_HOST --all-databa pod: spec: containers: - env: - name: USER value: root - name: PW value: YOUR_PASSWORD - name: DB HOST
  17. OTHER FEATURES OTHER FEATURES Backup of all PVCs in the

    same namespace as the Schedule object "Application-Aware" backups Backup of data piped through stdin Regularly checks for data sanity using restic check Archive feature on a dedicated location (for example AWS Glacier)
  18. ANNOTATION-AWARE ANNOTATION-AWARE BACKUPS BACKUPS --- <SNIP> template: metadata: labels: app:

    mariadb annotations: appuio.ch/backupcommand: mysqldump -uroot -psecure --all-databases <SNIP> ---
  19. ROADMAP ROADMAP Prometheus metrics Improved monitoring Generic pre-backup pods Backup

    of Kubernetes objects
  20. HOW TO CONTRIBUTE? HOW TO CONTRIBUTE? Minishift or Minikube &

    (tested with 1.11.3) Your favorite IDE (with a Go plugin) Docker make github.com/vshn/k8up Go dep
  21. THANKS! THANKS! vshn.ch/k8up github.com/vshn/k8up [email protected]