功能测试
测试前的准备工作:可用的K8S集群环境、云厂商对象存储功能
- 设置Velero的凭证配置文件,此处用的阿里云的AK/SK,大家可以自行定义
vim credentials-velero
[default]
aws_access_key_id=<输入合法的AK>
aws_secret_access_key=<输入合法的SK>
- 安装velero(指定AWS插件、BUCKET、Regin、BSL配置信息、NameSpace等)
velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.3.1 \
--bucket <bucket> \
--prefix <prefix> \
--secret-file ./credentials-velero \
--use-restic \
--default-volumes-to-restic \
--backup-location-config region=<region>,s3ForcePathStyle="false",s3Url=https://oss-<region>.aliyuncs.com \
--use-volume-snapshots=false \
--namespace velero-1 \
--wait
成功安装完成后会有提示,这时候velero就安装到k8s中,命名空间是velero-1,这里需要注意的是,BSL的状态应该为:Available,如果不是的话,会导致Restic备份的数据无法上传至S3对象存储桶中,还有就是pods中restic的状态,必须是Running,否则无法使用restic功能
查看下BSL的详细信息
[root@single-k8s-cluster velero-v1.7.0-linux-amd64]# velero backup-location get -n velero-1 -o json
{
"kind": "BackupStorageLocation",
"apiVersion": "velero.io/v1",
"metadata": {
"name": "default",
"namespace": "velero-1",
"uid": "04b8a845-9cae-4b81-b346-ab26eb9600cb",
"resourceVersion": "12037612",
"generation": 1,
"creationTimestamp": "2022-03-16T02:00:58Z",
"labels": {
"component": "velero"
},
"managedFields": [
{
"manager": "velero",
"operation": "Update",
"apiVersion": "velero.io/v1",
"time": "2022-03-16T02:00:58Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:labels":{".":{},"f:component":{}}},"f:spec":{".":{},"f:config":{".":{},"f:region":{},"f:s3ForcePathStyle":{},"f:s3Url":{}},"f:default":{},"f:objectStorage":{".":{},"f:bucket":{},"f:prefix":{}},"f:provider":{}}}
},
{
"manager": "velero-server",
"operation": "Update",
"apiVersion": "velero.io/v1",
"time": "2022-03-16T02:01:12Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:status":{".":{},"f:lastSyncedTime":{},"f:lastValidationTime":{},"f:phase":{}}}
}
]
},
"spec": {
"provider": "aws",
"config": {
"region": "cn-beijing",
"s3ForcePathStyle": "false",
"s3Url": "https://oss-cn-beijing.aliyuncs.com"
},
"objectStorage": {
"bucket": "xueltestoss",
"prefix": "yxtest1"
},
"default": true
},
"status": {
"phase": "Available",
"lastSyncedTime": "2022-03-16T02:05:13Z",
"lastValidationTime": "2022-03-16T02:05:13Z"
}
}
- 先查看下即将备份的资源,这是需要备份的的PV数据
我们去该Pods中准备些数据进行备份,执行命令进入Pod
kubectl exec -it -n liang nginx-deployment-64cdcd754c-7sczz -- bash
在/usr/share/nginx/html路径下,上传了一个30mb大小的压缩文件
- 需要备份的资源准备妥当,开始使用velero创建备份
velero backup create yx-bk1\
--default-volumes-to-restic=true \
--include-namespaces=liang \
--snapshot-volumes=false \
-n velero-1
可以看到yx-bk1备份任务已经创建成功了,我们可以查看下备份任务的详细信息
[root@single-k8s-cluster velero-v1.7.0-linux-amd64]# velero backup describe yx-bk1 -n velero-1 --details
Name: yx-bk1
Namespace: velero-1
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.20.4
velero.io/source-cluster-k8s-major-version=1
velero.io/source-cluster-k8s-minor-version=20
Phase: Completed
Errors: 0
Warnings: 0
Namespaces:
Included: liang
Excluded: <none>
Resources:
Included: *
Excluded: <none>
Cluster-scoped: auto
Label selector: <none>
Storage Location: default
Velero-Native Snapshot PVs: false
TTL: 720h0m0s
Hooks: <none>
Backup Format Version: 1.1.0
Started: 2022-03-16 11:43:49 +0800 CST
Completed: 2022-03-16 11:44:08 +0800 CST
Expiration: 2022-04-15 11:43:49 +0800 CST
Total items to be backed up: 15
Items backed up: 15
Resource List:
apps/v1/Deployment:
- liang/nginx-deployment
apps/v1/ReplicaSet:
- liang/nginx-deployment-64cdcd754c
v1/ConfigMap:
- liang/kube-root-ca.crt
v1/Event:
- liang/nginx-deployment-64cdcd754c-7sczz.16dcbf07fbf97282
- liang/nginx-deployment-64cdcd754c-7sczz.16dcbf083bc9f4f8
- liang/nginx-deployment-64cdcd754c-7sczz.16dcbf0bdb8d6ee0
- liang/nginx-deployment-64cdcd754c-7sczz.16dcbf0bdffb412d
- liang/nginx-deployment-64cdcd754c-7sczz.16dcbf0bf13bf614
- liang/nginx-deployment-64cdcd754c.16dcbf07fb4ce5a0
v1/Namespace:
- liang
v1/PersistentVolume:
- pvc-3be8fc06-a07f-43ba-baff-ad2112bca0ac
v1/PersistentVolumeClaim:
- liang/pvc-storage
v1/Pod:
- liang/nginx-deployment-64cdcd754c-7sczz
v1/Secret:
- liang/default-token-9b4z9
v1/ServiceAccount:
- liang/default
Velero-Native Snapshots: <none included>
Restic Backups:
Completed:
liang/nginx-deployment-64cdcd754c-7sczz: wwwroot
状态为Completed,说明备份已经成功。样的,我们可以在S3对象存储桶中看到备份的信息
在
backup文件夹中可以看到备份的任务以及日志等信息
在
restic文件夹中可以看到备份的信息
-
备份完成后,我们可以模拟灾难场景,将命名空间liang完全删除,并通过Velero恢复
可以看到集群的命名空间中已经不包含liang了
-
通过Velero来恢复被删除的资源
velero restore create yx-re1 \
--include-namespaces=liang \
--from-backup yx-bk1 \
-n velero-1
恢复任务已经创建完毕,我们可以查看恢复任务的详细信息
[root@single-k8s-cluster velero-v1.7.0-linux-amd64]# velero restore describe yx-re1 -n velero-1 --details
Name: yx-re1
Namespace: velero-1
Labels: <none>
Annotations: <none>
Phase: Completed
Total items to be restored: 9
Items restored: 9
Started: 2022-03-16 14:03:25 +0800 CST
Completed: 2022-03-16 14:03:46 +0800 CST
Backup: yx-bk1
Namespaces:
Included: liang
Excluded: <none>
Resources:
Included: *
Excluded: nodes, events, events.events.k8s.io, backups.velero.io, restores.velero.io, resticrepositories.velero.io
Cluster-scoped: auto
Namespace mappings: <none>
Label selector: <none>
Restore PVs: auto
Restic Restores:
Completed:
liang/nginx-deployment-64cdcd754c-7sczz: wwwroot
Preserve Service NodePorts: auto
可以看到恢复状态是Completed,说明恢复成功
-
这时候可以看到,被删除的命名空间liang已经恢复到集群中,并且Pod也成功运行
-
检测下之前用来测试备份的
test.rar文件是否一同恢复,我们进入恢复好的Pod中
kubectl exec -it -n liang nginx-deployment-64cdcd754c-7sczz -- bash
可以看到,用于测试的文件也一同恢复到原来的位置
至此,通过BSL的方式备份&恢复集群资源到这里就结束了
