Velero Backup Custom Resource
The Backup custom resource enables the Replicated snapshots backup and restore feature. The backend of this feature uses the Velero open source project to back up Kubernetes manifests and persistent volumes.
Add a Backup custom resource (kind: Backup
, apiVersion: velero.io/v1
) to your release and configure it as needed. A Backup custom resource is required for each application that you deploy.
You must add annotations for each volume that you want to back up. For more information about configuring backups, see Configuring Backups.
The Backup custom resource also supports optional resource installations so that the feature can be dynamically enabled based on a license field or a config option. For more information, see Conditionally Including or Excluding Resources.
Full backups are recommended because they give the flexibility of restoring full data, the application only, or the KOTS Admin Console only. For an example of a full backup and a list of the supported fields, see Example and Fields.
Partial backups (application only) are supported but not recommended. For partial backups, you can use all of the fields that Velero supports. For information about the supported fields for partial backups, see Backups in the Velero documentation.
Example
The following example shows the supported fields for a full backup.
The annotations
field shows that pvc-volume
is the only volume included in the backup.
apiVersion: velero.io/v1
kind: Backup
metadata:
name: backup
annotations:
backup.velero.io/backup-volumes: pvc-volume
spec:
includedNamespaces:
- '*'
excludedNamespaces:
- some-namespace
orderedResources:
pods: mysql/mysql-cluster-replica-0,mysql/mysql-cluster-replica-1
persistentvolumes: pvc-12345,pvc-67890
ttl: 720h
hooks:
resources:
-
name: my-hook
includedNamespaces:
- '*'
excludedNamespaces:
- some-namespace
includedResources:
- pods
excludedResources: []
labelSelector:
matchLabels:
app: velero
component: server
pre:
-
exec:
container: my-container
command:
- /bin/uname
- -a
onError: Fail
timeout: 10s
post:
Fields
The following Velero fields are supported for full backups, as shown in the previous example:
Field Name | Description |
---|---|
includedNamespaces | (Optional) Specifies an array of namespaces to include in the backup. If unspecified, all namespaces are included. |
excludedNamespaces | (Optional) Specifies an array of namespaces to exclude from the backup. |
orderedResources | (Optional) Specifies the order of the resources to collect during the backup process. This is a map that uses a key as the plural resource. Each resource name has the format NAMESPACE/OBJECTNAME. The object names are a comma delimited list. For cluster resources, use OBJECTNAME only. |
ttl | Specifies the amount of time before this backup is eligible for garbage collection. Default:720h (equivalent to 30 days). This value is configurable only by the customer. |
hooks | (Optional) Specifies the actions to perform at different times during a backup. The only supported hook is executing a command in a container in a pod (uses the pod exec API). Supports pre and post hooks. |
resources | (Optional) Specifies an array of hooks that are applied to specific resources. |
name | Specifies the name of the hook. This value displays in the backup log. |
includedNamespaces | (Optional) Specifies an array of namespaces that this hook applies to. If unspecified, the hook is applied to all namespaces. |
excludedNamespaces | (Optional) Specifies an array of namespaces to which this hook does not apply. |
includedResources | Specifies an array of pod resources to which this hook applies. |
excludedResources | (Optional) Specifies an array of resources to which this hook does not apply. |
labelSelector | (Optional) Specifies that this hook only applies to objects that match this label selector. |
pre | Specifies an array of exec hooks to run before executing custom actions. |
post | Specifies an array of exec hooks to run after executing custom actions. Supports the same arrays and fields as pre hooks. |
exec | Specifies the type of the hook. exec is the only supported type. |
container | (Optional) Specifies the name of the container where the specified command will be executed. If unspecified, the first container in the pod is used. |
command | Specifies the command to execute. The format is an array. |
onError | (Optional) Specifies how to handle an error that might occur when executing the command. Valid values: Fail and Continue Default: Fail |
timeout | (Optional) Specifies how many seconds to wait for the command to finish executing before the action times out. Default: 30s |
Limitations
-
The following top-level Velero fields, or children of
spec
, are not supported in full backups. Therefore, these fields are not shown in the preceding example specification. See Example.snapshotVolumes
volumeSnapshotLocations
labelSelector
includedResources
excludedResources
Note that some of these fields are supported for hook arrays, as described in the previous field definition table. See Fields.
-
All resources are included in the backup by default. However, resources can be excluded by adding
velero.io/exclude-from-backup=true
to the manifest files that you want to exclude. For more information, see Configuring Backups.