Backing up virtual machines
You back up virtual machines (VMs) by creating an OpenShift API for Data Protection (OADP) Backup custom resource (CR).
The Backup
CR performs the following actions:
Backs up OKD Virtualization resources by creating an archive file on S3-compatible object storage, such as Multicloud Object Gateway, Noobaa, or Minio.
Backs up VM disks by using one of the following options:
Container Storage Interface (CSI) snapshots on CSI-enabled cloud storage, such as Ceph RBD or Ceph FS.
Restic file system backups on object storage.
OADP provides backup hooks to freeze the VM file system before the backup operation and unfreeze it when the backup is complete. The The |
You can add hooks to the Backup
CR to run commands on specific VMs before or after the backup operation.
You schedule a backup by creating a Schedule CR instead of a Backup
CR.
Creating a Backup CR
You back up Kubernetes images, internal images, and persistent volumes (PVs) by creating a Backup
custom resource (CR).
Prerequisites
You must install the OpenShift API for Data Protection (OADP) Operator.
The
DataProtectionApplication
CR must be in aReady
state.Backup location prerequisites:
You must have S3 object storage configured for Velero.
You must have a backup location configured in the
DataProtectionApplication
CR.
Snapshot location prerequisites:
Your cloud provider must have a native snapshot API or support Container Storage Interface (CSI) snapshots.
For CSI snapshots, you must create a
VolumeSnapshotClass
CR to register the CSI driver.You must have a volume location configured in the
DataProtectionApplication
CR.
Procedure
Retrieve the
backupStorageLocations
CRs:$ oc get backupStorageLocations
Example output
NAME PHASE LAST VALIDATED AGE DEFAULT
velero-sample-1 Available 11s 31m
Create a
Backup
CR, as in the following example:apiVersion: velero.io/v1
kind: Backup
metadata:
name: <backup>
labels:
velero.io/storage-location: default
namespace: openshift-adp
spec:
hooks: {}
includedNamespaces:
- <namespace> (1)
includeClusterResources: true
storageLocation: <velero-sample-1> (2)
ttl: 720h0m0s
1 Specify an array of namespaces to back up. 2 Specify the name of the backupStorageLocations
CR.Verify that the status of the
Backup
CR isCompleted
:$ oc get backup -n openshift-adp <backup> -o jsonpath='{.status.phase}'
Backing up persistent volumes with CSI snapshots
You back up persistent volumes with Container Storage Interface (CSI) snapshots by editing the VolumeSnapshotClass
custom resource (CR) of the cloud storage before you create the Backup
CR.
Prerequisites
The cloud provider must support CSI snapshots.
You must enable CSI in the
DataProtectionApplication
CR.
Procedure
Add the
metadata.labels.velero.io/csi-volumesnapshot-class: "true"
key-value pair to theVolumeSnapshotClass
CR:apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: <volume_snapshot_class_name>
labels:
velero.io/csi-volumesnapshot-class: "true"
driver: <csi_driver>
deletionPolicy: Retain
You can now create a Backup
CR.
Backing up applications with Restic
You back up Kubernetes resources, internal images, and persistent volumes with Restic by editing the Backup
custom resource (CR).
You do not need to specify a snapshot location in the DataProtectionApplication
CR.
Prerequisites
You must install the OpenShift API for Data Protection (OADP) Operator.
You must not disable the default Restic installation by setting
spec.configuration.restic.enable
tofalse
in theDataProtectionApplication
CR.The
DataProtectionApplication
CR must be in aReady
state.
Procedure
Edit the
Backup
CR, as in the following example:apiVersion: velero.io/v1
kind: Backup
metadata:
name: <backup>
labels:
velero.io/storage-location: default
namespace: openshift-adp
spec:
defaultVolumesToRestic: true (1)
...
1 Add defaultVolumesToRestic: true
to thespec
block.
Creating backup hooks
You create backup hooks to run commands in a container in a pod by editing the Backup
custom resource (CR).
Pre hooks run before the pod is backed up. Post hooks run after the backup.
Procedure
Add a hook to the
spec.hooks
block of theBackup
CR, as in the following example:apiVersion: velero.io/v1
kind: Backup
metadata:
name: <backup>
namespace: openshift-adp
spec:
hooks:
resources:
- name: <hook_name>
includedNamespaces:
- <namespace> (1)
excludedNamespaces:
- <namespace>
includedResources:
- pods (2)
excludedResources: []
labelSelector: (3)
matchLabels:
app: velero
component: server
pre: (4)
- exec:
container: <container> (5)
command:
- /bin/uname (6)
- -a
onError: Fail (7)
timeout: 30s (8)
post: (9)
...
1 Array of namespaces to which the hook applies. If this value is not specified, the hook applies to all namespaces. 2 Currently, pods are the only supported resource. 3 Optional: This hook only applies to objects matching the label selector. 4 Array of hooks to run before the backup. 5 Optional: If the container is not specified, the command runs in the first container in the pod. 6 Array of commands that the hook runs. 7 Allowed values for error handling are Fail
andContinue
. The default isFail
.8 Optional: How long to wait for the commands to run. The default is 30s
.9 This block defines an array of hooks to run after the backup, with the same parameters as the pre-backup hooks.
Scheduling backups
You schedule backups by creating a Schedule
custom resource (CR) instead of a Backup
CR.
Prerequisites
You must install the OpenShift API for Data Protection (OADP) Operator.
The
DataProtectionApplication
CR must be in aReady
state.
Procedure
Retrieve the
backupStorageLocations
CRs:$ oc get backupStorageLocations
Example output
NAME PHASE LAST VALIDATED AGE DEFAULT
velero-sample-1 Available 11s 31m
Create a
Schedule
CR, as in the following example:$ cat << EOF | oc apply -f -
apiVersion: velero.io/v1
kind: Schedule
metadata:
name: <schedule>
namespace: openshift-adp
spec:
schedule: 0 7 * * * (1)
template:
hooks: {}
includedNamespaces:
- <namespace> (2)
storageLocation: <velero-sample-1> (3)
includeClusterResources: true
defaultVolumesToRestic: true (4)
ttl: 720h0m0s
EOF
1 cron
expression to schedule the backup, for example,0 7 *
to perform a backup every day at 7:00.2 Array of namespaces to back up. 3 Name of the backupStorageLocations
CR.4 Optional: Add the defaultVolumesToRestic: true
key-value pair if you are backing up volumes with Restic.Verify that the status of the
Schedule
CR isCompleted
after the scheduled backup runs:$ oc get schedule -n openshift-adp <schedule> -o jsonpath='{.status.phase}'