mirror of
https://github.com/funkypenguin/geek-cookbook/
synced 2025-12-15 10:46:34 +00:00
Add Velero and snapshot controller for backups
Signed-off-by: David Young <davidy@funkypenguin.co.nz>
This commit is contained in:
David Young
18
docs/kubernetes/backup/csi-snapshots/index.md
Normal file
18
docs/kubernetes/backup/csi-snapshots/index.md
Normal file
@@ -0,0 +1,18 @@
|
||||
---
|
||||
title: FIXMEHow to use Rook Ceph for Persistent Storage in Kubernetes
|
||||
description: FIXMEHow to deploy Rook Ceph into your Kubernetes cluster for persistent storage
|
||||
---
|
||||
# Creating CSI snapshots
|
||||
|
||||
Available since Kubernetes 1.20, Volume Snapshots work with your storage provider to create snapshots of your volumes. If you're using a managed Kubernetes provider, you probably already have snapshot support, but if you're a bare-metal cave-monkey :monkey: using snapshot-capable storage provider (*like [Rook Ceph](/kubernetes/persistence/rook-ceph/)*), you need to jump through some hoops to enable support.
|
||||
|
||||
K8s-sig-storage publishes [external-snapshotter](https://github.com/kubernetes-csi/external-snapshotter), which talks to your CSI providers, and manages the creation / update / deletion of snapshots.
|
||||
|
||||
!!! question "Why do I care about snapshots?"
|
||||
If you've got persistent data you care about in your cluster, you probably care enough to [back it up](/kubernetes/backup/). Although you don't **need** snapshot support for backups, having a local snapshot managed by your backup tool can rapidly reduce the time taken to restore from a failed upgrade, accidental deletion, etc.
|
||||
|
||||
There are two components required in order to bring snapshot-taking powerz to your bare-metal cluster, detailed below:
|
||||
|
||||
1. First, install the [snapshot validation webhook](/kubernetes/csi-snapshots/snapshot-validation-webhook.md/)
|
||||
2. Then, install the [snapshot controller](/kubernetes/csi-snapshots/snapshot-controller.md)
|
||||
3. Install a snapshot-supporting :camera: [backup tool](/kubernetes/backup/)
|
||||
71
docs/kubernetes/backup/csi-snapshots/snapshot-controller.md
Normal file
71
docs/kubernetes/backup/csi-snapshots/snapshot-controller.md
Normal file
@@ -0,0 +1,71 @@
|
||||
---
|
||||
title: Support CSI VolumeSnapshots with snapshot-controller
|
||||
description: Add CSI VolumeSnapshot support with snapshot support
|
||||
values_yaml_url: https://github.com/piraeusdatastore/helm-charts/blob/main/charts/snapshot-controller/values.yaml
|
||||
helm_chart_version: 1.8.x
|
||||
helm_chart_name: snapshot-controller
|
||||
helm_chart_repo_name: piraeus-charts
|
||||
helm_chart_repo_url: https://piraeus.io/helm-charts/
|
||||
helmrelease_name: snapshot-controller
|
||||
helmrelease_namespace: snapshot-controller
|
||||
kustomization_name: snapshot-controller
|
||||
slug: Snapshot Controller
|
||||
status: new
|
||||
---
|
||||
|
||||
# Add CSI VolumeSnapshot support with snapshot support
|
||||
|
||||
Before we deploy snapshot-controller to actually **manage** the snapshots we take, we need the validation webhook to make sure it's done "right".
|
||||
|
||||
## {{ page.meta.slug }} requirements
|
||||
|
||||
!!! summary "Ingredients"
|
||||
|
||||
Already deployed:
|
||||
|
||||
* [x] A [Kubernetes cluster](/kubernetes/cluster/)
|
||||
* [x] [Flux deployment process](/kubernetes/deployment/flux/) bootstrapped
|
||||
* [x] [snapshot-validation-webhook](/kubernetes/backup/csi-snapshots/snapshot-validation-webhook/) deployed
|
||||
|
||||
{% include 'kubernetes-flux-namespace.md' %}
|
||||
{% include 'kubernetes-flux-kustomization.md' %}
|
||||
{% include 'kubernetes-flux-helmrelease.md' %}
|
||||
|
||||
#### Configure for rook-ceph
|
||||
|
||||
Under the HelmRelease values which you pasted from upstream, you'll note a section for `volumeSnapshotClasses`. By default, this is populated with commented out examples. To configure snapshot-controller to work with rook-ceph, replace these commented values as illustrated below:
|
||||
|
||||
```yaml title="/{{ page.meta.helmrelease_namespace }}/helmrelease-{{ page.meta.helmrelease_name }}.yaml (continued)"
|
||||
values:
|
||||
# extra content from upstream
|
||||
volumeSnapshotClasses:
|
||||
- name: csi-rbdplugin-snapclass
|
||||
driver: rook-ceph.rbd.csi.ceph.com # driver:namespace:operator
|
||||
labels:
|
||||
velero.io/csi-volumesnapshot-class: "true"
|
||||
parameters:
|
||||
# Specify a string that identifies your cluster. Ceph CSI supports any
|
||||
# unique string. When Ceph CSI is deployed by Rook use the Rook namespace,
|
||||
# for example "rook-ceph".
|
||||
clusterID: rook-ceph # namespace:cluster
|
||||
csi.storage.k8s.io/snapshotter-secret-name: rook-csi-rbd-provisioner
|
||||
csi.storage.k8s.io/snapshotter-secret-namespace: rook-ceph # namespace:cluster
|
||||
deletionPolicy: Delete # docs suggest this may need to be set to "Retain" for restoring
|
||||
```
|
||||
|
||||
{% include 'kubernetes-flux-check.md' %}
|
||||
|
||||
## Summary
|
||||
|
||||
What have we achieved? We've got snapshot-controller running, and ready to manage VolumeSnapshots on behalf of Velero, for handy in-cluster volume backups!
|
||||
|
||||
!!! summary "Summary"
|
||||
Created:
|
||||
|
||||
* [X] snapshot-controller running and ready to snap :camera: !
|
||||
|
||||
Next:
|
||||
|
||||
* [ ] Configure [Velero](/kubernetes/backup/velero/) with a VolumeSnapshotLocation, so that volume snapshots can be made as part of a BackupSchedule!
|
||||
|
||||
--8<-- "recipe-footer.md"
|
||||
@@ -0,0 +1,48 @@
|
||||
---
|
||||
title: Prepare for snapshot-controller with snapshot validation webhook
|
||||
description: Prepare your Kubernetes cluster for CSI snapshot support with snapshot validation webhook
|
||||
values_yaml_url: https://github.com/piraeusdatastore/helm-charts/blob/main/charts/snapshot-validation-webhook/values.yaml
|
||||
helm_chart_version: 1.8.x
|
||||
helm_chart_name: snapshot-validation-webhook
|
||||
helm_chart_repo_name: piraeus-charts
|
||||
helm_chart_repo_url: https://piraeus.io/helm-charts/
|
||||
helmrelease_name: snapshot-validation-webhook
|
||||
helmrelease_namespace: snapshot-validation-webhook
|
||||
kustomization_name: snapshot-validation-webhook
|
||||
slug: Snapshot Validation Webhook
|
||||
status: new
|
||||
---
|
||||
|
||||
# Prepare for CSI snapshots with the snapshot validation webhook
|
||||
|
||||
Before we deploy snapshot-controller to actually **manage** the snapshots we take, we need the validation webhook to make sure it's done "right".
|
||||
|
||||
## {{ page.meta.slug }} requirements
|
||||
|
||||
!!! summary "Ingredients"
|
||||
|
||||
Already deployed:
|
||||
|
||||
* [x] A [Kubernetes cluster](/kubernetes/cluster/)
|
||||
* [x] [Flux deployment process](/kubernetes/deployment/flux/) bootstrapped
|
||||
|
||||
{% include 'kubernetes-flux-namespace.md' %}
|
||||
{% include 'kubernetes-flux-helmrepository.md' %}
|
||||
{% include 'kubernetes-flux-kustomization.md' %}
|
||||
{% include 'kubernetes-flux-helmrelease.md' %}
|
||||
{% include 'kubernetes-flux-check.md' %}
|
||||
|
||||
## Summary
|
||||
|
||||
What have we achieved? We now have the snapshot validation admission webhook running in the cluster, ready to support [snapshot-controller](/kubernetes/backup/csi-snapshots/snapshot-controller/)!
|
||||
|
||||
!!! summary "Summary"
|
||||
Created:
|
||||
|
||||
* [X] snapshot-validation-webhook running and ready to validate!
|
||||
|
||||
Next:
|
||||
|
||||
* [ ] Deploy [snapshot-controller]( (/kubernetes/backup/csi-snapshots/snapshot-controller/)) itself
|
||||
|
||||
--8<-- "recipe-footer.md"
|
||||
Reference in New Issue
Block a user