$ oc get backupStorageLocations
You back up applications by creating a Backup
custom resource (CR).
The Backup
CR creates backup files for Kubernetes resources and internal images, on S3 object storage, and snapshots for persistent volumes (PVs), if the cloud provider uses a native snapshot API or the Container Storage Interface (CSI) to create snapshots, such as OpenShift Data Foundation 4. For more information, see CSI volume snapshots.
The For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview/. |
If your cloud provider has a native snapshot API or supports Container Storage Interface (CSI) snapshots, the Backup
CR backs up persistent volumes by creating snapshots. For more information, see the Overview of CSI volume snapshots in the OpenShift Container Platform documentation.
If your cloud provider does not support snapshots or if your applications are on NFS data volumes, you can create backups by using Restic.
You can create backup hooks to run commands before or after the backup operation.
You can schedule backups by creating a Schedule
CR instead of a Backup
CR.
You back up Kubernetes images, internal images, and persistent volumes (PVs) by creating a Backup
custom resource (CR).
You must install the OpenShift API for Data Protection (OADP) Operator.
The DataProtectionApplication
CR must be in a Ready
state.
Backup location prerequisites:
You must have S3 object storage configured for Velero.
You must have a backup location configured in the DataProtectionApplication
CR.
Snapshot location prerequisites:
Your cloud provider must have a native snapshot API or support Container Storage Interface (CSI) snapshots.
For CSI snapshots, you must create a VolumeSnapshotClass
CR to register the CSI driver.
You must have a volume location configured in the DataProtectionApplication
CR.
Retrieve the backupStorageLocations
CRs by entering the following command:
$ oc get backupStorageLocations
NAME PHASE LAST VALIDATED AGE DEFAULT
velero-sample-1 Available 11s 31m
Create a Backup
CR, as in the following example:
apiVersion: velero.io/v1
kind: Backup
metadata:
name: <backup>
labels:
velero.io/storage-location: default
namespace: openshift-adp
spec:
hooks: {}
includedNamespaces:
- <namespace> (1)
includedResources: [] (2)
excludedResources: [] (3)
storageLocation: <velero-sample-1> (4)
ttl: 720h0m0s
labelSelector: (3)
- matchLabels:
app=<label_1>
- matchLabels:
app=<label_2>
- matchLabels:
app=<label_3>
orlabelSelectors: (4)
- matchLabels:
app=<label_1>
- matchLabels:
app=<label_2>
- matchLabels:
app=<label_3>
1 | Specify an array of namespaces to back up. |
2 | Optional: Specify an array of resources to include in the backup. Resources might be shortcuts (for example, 'po' for 'pods') or fully-qualified. If unspecified, all resources are included. |
3 | Optional: Specify an array of resources to exclude from the backup. Resources might be shortcuts (for example, 'po' for 'pods') or fully-qualified. |
4 | Specify the name of the backupStorageLocations CR. |
Verify that the status of the Backup
CR is Completed
:
$ oc get backup -n openshift-adp <backup> -o jsonpath='{.status.phase}'
You back up persistent volumes with Container Storage Interface (CSI) snapshots by editing the VolumeSnapshotClass
custom resource (CR) of the cloud storage before you create the Backup
CR.
The cloud provider must support CSI snapshots.
You must enable CSI in the DataProtectionApplication
CR.
Add the metadata.labels.velero.io/csi-volumesnapshot-class: "true"
key-value pair to the VolumeSnapshotClass
CR:
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: <volume_snapshot_class_name>
labels:
velero.io/csi-volumesnapshot-class: "true"
driver: <csi_driver>
deletionPolicy: Retain
You can now create a Backup
CR.
You back up Kubernetes resources, internal images, and persistent volumes with Restic by editing the Backup
custom resource (CR).
You do not need to specify a snapshot location in the DataProtectionApplication
CR.
Restic does not support backing up |
You must install the OpenShift API for Data Protection (OADP) Operator.
You must not disable the default Restic installation by setting spec.configuration.restic.enable
to false
in the DataProtectionApplication
CR.
The DataProtectionApplication
CR must be in a Ready
state.
Edit the Backup
CR, as in the following example:
apiVersion: velero.io/v1
kind: Backup
metadata:
name: <backup>
labels:
velero.io/storage-location: default
namespace: openshift-adp
spec:
defaultVolumesToRestic: true (1)
...
1 | Add defaultVolumesToRestic: true to the spec block. |
Data Mover for CSI snapshots is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview/. |
The OADP 1.1.0 Data Mover enables customers to back up container storage interface (CSI) volume snapshots to a remote object store. When Data Mover is enabled, you can restore stateful applications from the store if a failure, accidental deletion, or corruption of the cluster occurs. The OADP 1.1.0 Data Mover solution uses the Restic option of VolSync.
Data Mover supports backup and restore of CSI volume snapshots only. Currently, Data Mover does not support Google Cloud Storage (GCS) buckets. |
You have verified that the StorageClass
and VolumeSnapshotClass
custom resources (CRs) support CSI.
You have verified that only one volumeSnapshotClass
CR has the annotation snapshot.storage.kubernetes.io/is-default-class: true
.
You have verified that only one storageClass
CR has the annotation storageclass.kubernetes.io/is-default-class: true
.
You have included the label velero.io/csi-volumesnapshot-class: 'true'
in your VolumeSnapshotClass
CR.
You have installed the VolSync Operator by using the Operator Lifecycle Manager (OLM).
The VolSync Operator is required only for use with the Technology Preview Data Mover. The Operator is not required for using OADP production features. |
You have installed the OADP operator by using OLM.
Configure a Restic secret by creating a .yaml
file as following:
apiVersion: v1
kind: Secret
metadata:
name: <secret_name>
namespace: openshift-adp
type: Opaque
stringData:
RESTIC_PASSWORD: <secure_restic_password>
By default, the Operator looks for a secret named |
Create a DPA CR similar to the following example. The default plugins include CSI.
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: velero-sample
namespace: openshift-adp
spec:
features:
dataMover:
enable: true
credentialName: <secret_name> (1)
backupLocations:
- velero:
config:
profile: default
region: us-east-1
credential: