You can use the Velero Plugin for vSphere to backup and restore workloads running on a Tanzu Kubernetes cluster by installing the Velero Plugin for vSphere on that cluster.
Overview
Prerequisite: Install the Velero Plugin for vSphere on the Supervisor Cluster
Installing the Velero Plugin for vSphere on a Tanzu Kubernetes cluster requires the Supervisor Cluster to have the Velero Plugin for vSphere installed. In addition, the Supervisor Cluster must be configured with NSX-T networking.
Prior to the installation of the Velero Plugin for vSphere on a Tanzu Kubernetes cluster, you must first install the Velero Plugin for vSphere on the Supervisor Cluster. SeeInstall and Configure the Velero Plugin for vSphere on the Supervisor Cluster.
Install the Velero CLI on a Linux Workstation
The Velero CLI is the standard tool for interfacing with Velero. The Velero CLI provides more functionality than the Velero Plugin for vSphere CLI (velero-vsphere) and is required for backing up and restoring Tanzu Kubernetes cluster workloads.
Install the Velero CLI on a Linux workstation. Ideally this is the same jump host where you run associated CLIs for your vSphere with Tanzu environment, including kubectl, kubectl-vsphere, and velero-vsphere.
- Download the supported version of the Velero CLI from the VMware product downloads page. For more information about the supported Velero version, see the Release Notes.
- Open a command line and change directory to the Velero CLI download.
gunzip velero-linux-v1.x.x_vmware.1.gz
- Check for the Velero binary.
ls -l -rw-r--r-- 1 root root 7142128 Aug 14 14:14 velero-linux-v1.x.x_vmware.1
- Grant execute permissions to the Velero CLI.
chmod +x velero-linux-v1.x.x_vmware.1
- Make the Velero CLI globally available by moving it to the system path.
cp velero-linux-v1.x.x_vmware.1 /usr/local/bin/velero
- Verify the installation of the Velero CLI.
velero version Client: Version: v1.x.x
Get the S3-Compatible Bucket Details
For convenience, the steps assume that you are using the same S3-compatible object store that you configured when you installed the Velero Plugin for vSphere on the Supervisor Cluster. In production you may want to create a separate object store.
| Data Item | Example Value |
|---|---|
| s3Url | http://my-s3-store.example.com |
| aws_access_key_id | ACCESS-KEY-ID-STRING |
| aws_secret_access_key | SECRET-ACCESS-KEY-STRING |
s3-credentials with the following information. You will reference this file when you install the
Velero Plugin for vSphere.
aws_access_key_id = ACCESS-KEY-ID-STRING aws_secret_access_key = SECRET-ACCESS-KEY-STRING
Create the Velero Plugin Configmap
velero-vsphere-plugin-config.yaml.
apiVersion: v1 kind: ConfigMap metadata: name: velero-vsphere-plugin-config data: cluster_flavor: GUEST
kubectl apply -n <velero-namespace> -f velero-vsphere-plugin-config.yaml
Error received while retrieving cluster flavor from config, err: configmaps "velero-vsphere-plugin-config" not found Falling back to retrieving cluster flavor from vSphere CSI Driver Deployment
Install the Velero Plugin for vSphere on the Tanzu Kubernetes Cluster
You are going to use the Velero CLI to install the Velero Plugin for vSphere on the target Tanzu Kubernetes cluster that you want to backup and restore.
kubectl context. Before running Velero CLI commands to install Velero and the
Velero Plugin for vSphere on the target cluster, be sure to set the
kubectl context to the target cluster.
- Using the vSphere Plugin for kubectl, authenticate with the Supervisor Cluster. See Connect to the Supervisor Cluster as a vCenter Single Sign-On User.
- Set the
kubectlcontext to the target Tanzu Kubernetes cluster.kubectl config use-context TARGET-TANZU-KUBERNETES-CLUSTER
- Run the following Velero CLI command to install Velero on the target cluster.
Replace the placeholder values for the BUCKET-NAME, REGION (two instances), and s3Url fields with the appropriate values. If you deviated from any of the preceding instructions, adjust those values as well, such as the name or location of the secrets file, the name of the manually created
veleronamespace, etc../velero install --provider aws \ --bucket BUCKET-NAME \ --secret-file ./s3-credentials \ --features=EnableVSphereItemActionPlugin \ --plugins velero/velero-plugin-for-aws:v1.1.0 \ --snapshot-location-config region=REGION \ --backup-location-config region=REGION,s3ForcePathStyle="true",s3Url=http://my-s3-store.example.com
- Install the Velero Plugin for vSphere on the target cluster. The installed Velero will communicate with Kubernetes API server to install the plugin.
velero plugin add vsphereveleroplugin/velero-plugin-for-vsphere:1.1.0
Uninstall the Velero Plugin for vSphere from the Cluster
- Set the
kubectlcontext to the target Tanzu Kubernetes cluster.kubectl config use-context TARGET-TANZU-KUBERNETES-CLUSTER
- To uninstall the plugin, run the following command to remove the InitContainer of velero-plugin-for-vsphere from the Velero deployment.
velero plugin remove vsphereveleroplugin/velero-plugin-for-vsphere:1.1.0
- To complete the un-installation, delete the Backup Driver deployment and related CRDs.
kubectl -n velero delete deployment.apps/backup-driver
kubectl delete crds \ backuprepositories.backupdriver.cnsdp.vmware.com \ backuprepositoryclaims.backupdriver.cnsdp.vmware.com \ clonefromsnapshots.backupdriver.cnsdp.vmware.com \ deletesnapshots.backupdriver.cnsdp.vmware.com \ snapshots.backupdriver.cnsdp.vmware.com
kubectl delete crds uploads.datamover.cnsdp.vmware.com downloads.datamover.cnsdp.vmware.com
