k8s资源备份

发表于 阅读次数: 本文字数: 2k 阅读时长 ≈ 2 分钟

https://blog.csdn.net/qq_35583325/article/details/132410819

https://blog.51cto.com/kaliarch/4919159

https://blog.csdn.net/sanhewuyang/article/details/128959394

minio

创建velero凭证

1
2
3
4
5
cat > credentials-velero << EOF
[default]
aws_access_key_id = admin
aws_secret_access_key = admin123456
EOF

安装 velero

1
2
3
4
5
6
7
8
9
10
11
12
#bucket要填写在minio控制台创建的名字:data
#secret-file要指向前面创建的秘钥文件:/root/credentials-velero
#安装时velero需加上--use-restic参数表示使用restic备份pv数据
velero install \
    --provider aws \
    --kubeconfig ~/.kube/config \
    --namespace velero-system \
    --plugins velero/velero-plugin-for-aws:v1.4.1 \
    --bucket data \
    --secret-file /root/credentials-velero \
    --use-volume-snapshots=false \
    --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://192.168.100.225:9000

阿里云

创建velero凭证

1
2
3
4
5
cat > credentials-velero << EOF
[default]
ALIBABA_CLOUD_ACCESS_KEY_ID=xxxx
ALIBABA_CLOUD_ACCESS_KEY_SECRET=xxxxx
EOF

Policy策略

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
{
    "Version": "1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "oss:ListBuckets",
            "Resource": "acs:oss:*:*:*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "oss:ListObjects",
                "oss:GetBucketAcl"
            ],
            "Resource": [
                "acs:oss:*:*:k8s-file-backup"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "oss:GetObject",
                "oss:GetObjectAcl",
                "oss:PutObject",
                "oss:DeleteObject"
            ],
            "Resource": [
                "acs:oss:*:*:k8s-file-backup/*"
            ]
        }
    ]
}

安装 velero

1
2
3
4
5
6
7
8
9
10
11
12
BUCKET=k8s-file-backup
REGION=cn-hangzhou
velero install \
  --provider alibabacloud \
  --image registry.$REGION.aliyuncs.com/acs/velero:1.4.2-2b9dce65-aliyun \
  --bucket $BUCKET \
  --secret-file ./credentials-velero \
  --use-volume-snapshots=false \
  --backup-location-config region=$REGION,network=internal \
  --use-restic \
  --plugins registry.$REGION.aliyuncs.com/acs/velero-plugin-alibabacloud:v1.0.0-2d33b89 \
  --wait