mirrors/velero
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/velero.git synced 2026-01-03 11:45:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #545 from skriss/update-restic-instructions

Browse Source 
update restic setup instructions
This commit is contained in:
Andy Goldstein
2018-06-12 15:23:50 -04:00
committed by GitHub
parent 6da32a4955 6236085327
commit 3db7c038a5
1 changed files with 49 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
docs/restic.md
View File

@@ -19,74 +19,77 @@ minor differences to account for the fact that a new pod/volume is being created
This setup guide assumes you already have a working Ark v0.8.1+ installation. If not, go [here][2] for instructions.
1. Download an updated Ark client from the [v0.9.0-alpha.1 release][3], and move it to a location within your PATH.
1. From the Ark root directory, run the following to create new custom resource definitions:
```bash
kubectl apply -f examples/common/00-prereqs.yaml
```
2. Run one of the following for your platform to create the daemonset:
```bash
kubectl apply -f examples/common/00-prereqs.yaml
```
1. Run one of the following for your platform to create the daemonset:
- AWS: `kubectl apply -f examples/aws/20-restic-daemonset.yaml`
- Azure: `kubectl apply -f examples/azure/20-restic-daemonset.yaml`
- GCP: `kubectl apply -f examples/gcp/20-restic-daemonset.yaml`
- Minio: `kubectl apply -f examples/minio/30-restic-daemonset.yaml`
3. Use the `master` image tag for both the Ark deployment and daemonset:
```bash
kubectl -n heptio-ark set image deployment/ark ark=gcr.io/heptio-images/ark:master
kubectl -n heptio-ark set image daemonset/restic ark=gcr.io/heptio-images/ark:master
```
1. Use the `v0.9.0-alpha.1` image tag for both the Ark deployment and daemonset:
```bash
kubectl -n heptio-ark set image deployment/ark ark=gcr.io/heptio-images/ark:v0.9.0-alpha.1
kubectl -n heptio-ark set image daemonset/restic ark=gcr.io/heptio-images/ark:v0.9.0-alpha.1
```
4. Create a new bucket for restic to store its data in, and give the `heptio-ark` IAM user access to it, similarly to
1. Create a new bucket for restic to store its data in, and give the `heptio-ark` IAM user access to it, similarly to
the main Ark bucket you've already set up.
5. Update the Ark config to specify the restic bucket:
```bash
kubectl -n heptio-ark get config default -o json | \
jq '.backupStorageProvider.resticLocation = "YOUR_RESTIC_BUCKET_NAME"' |\
kubectl apply -f -
```
1. Update the Ark config to specify the restic bucket:
```bash
kubectl -n heptio-ark get config default -o json | \
jq '.backupStorageProvider.resticLocation = "YOUR_RESTIC_BUCKET_NAME"' |\
kubectl apply -f -
```
6. For each namespace that has pod volumes to be backed up using restic, configure a restic encryption key using
1. For each namespace that has pod volumes to be backed up using restic, configure a restic encryption key using
one of the following commands:
```bash
# provide the encryption key on the command line
ark restic init-repository --namespace YOUR_NAMESPACE --key-data YOUR_ENCRYPTION_KEY
```
```bash
# provide the encryption key on the command line
ark restic init-repository --namespace YOUR_NAMESPACE --key-data YOUR_ENCRYPTION_KEY
```
```bash
# provide the encryption key via file
ark restic init-repository --namespace YOUR_NAMESPACE --key-file YOUR_ENCRYPTION_KEY_FILE
```
```bash
# provide the encryption key via file
ark restic init-repository --namespace YOUR_NAMESPACE --key-file YOUR_ENCRYPTION_KEY_FILE
```
```bash
# have Ark generate a random encryption key
ark restic init-repository --namespace YOUR_NAMESPACE --key-size ENCRYPTION_KEY_SIZE
```
```bash
# have Ark generate a random encryption key
ark restic init-repository --namespace YOUR_NAMESPACE --key-size ENCRYPTION_KEY_SIZE
```
**IMPORTANT**: store this key safely and securely. All restic backup data is encrypted and cannot be accessed
without this key. We will be adding support for key rotation shortly.
**IMPORTANT**: store this key safely and securely. All restic backup data is encrypted and cannot be accessed
without this key. We will be adding support for key rotation shortly.
## Run
1. Run the following for each pod containing a volume that you'd like to backup using restic:
```bash
kubectl -n YOUR_POD_NAMESPACE annotate pod/YOUR_POD_NAME backup.ark.heptio.com/backup-volumes=YOUR_VOLUME_NAME_1,YOUR_VOLUME_NAME_2,...
```
```bash
kubectl -n YOUR_POD_NAMESPACE annotate pod/YOUR_POD_NAME backup.ark.heptio.com/backup-volumes=YOUR_VOLUME_NAME_1,YOUR_VOLUME_NAME_2,...
```
Note that this annotation can also be provided in the pod template spec if using a deployment, daemonset, etc.
to manage your pods.
Note that this annotation can also be provided in the pod template spec if using a deployment, daemonset, etc.
to manage your pods.
2. Take an Ark backup as usual:
```bash
ark backup create NAME OPTIONS...
```
1. Take an Ark backup as usual:
```bash
ark backup create NAME OPTIONS...
```
3. When the backup has completed, view information about your pod volume backups:
```bash
kubectl -n heptio-ark get podvolumebackups -l ark.heptio.com/backup-name=YOUR_BACKUP_NAME -o yaml
```
1. When the backup has completed, view information about your pod volume backups:
```bash
kubectl -n heptio-ark get podvolumebackups -l ark.heptio.com/backup-name=YOUR_BACKUP_NAME -o yaml
```
[1]: https://github.com/restic/restic
[2]: https://heptio.github.io/ark/v0.8.1/cloud-common
[2]: https://heptio.github.io/ark/v0.8.1/cloud-common
[3]: https://github.com/heptio/ark/releases/tag/v0.9.0-alpha.1