Shulou(Shulou.com)06/01 Report--

In this issue, the editor will bring you about how to use Velero to migrate and replicate cluster resources in TKE. The article is rich and analyzed and described from a professional point of view. I hope you can get something after reading this article.

Migration principle

Install Velero instances on both the cluster and the target cluster that need to be migrated, and the Velero instances of the two clusters point to the same Tencent Cloud COS object storage location. Use Velero to perform backup operations on the cluster to be migrated to generate backup data and store the backup data to Tencent Cloud COS, and then use Velero to restore the data on the target cluster to achieve migration. The migration principle is as follows:

prerequisite

Registered for Tencent Cloud account.

Tencent Cloud COS service has been activated.

There are already TKE clusters that need to be migrated (hereinafter referred to as cluster A), and TKE clusters with migration targets have been created (hereinafter referred to as cluster B). For more information on creating TKE clusters, please see creating clusters.

Both cluster An and cluster B need to install Velero instances (version 1.5 or above) and share the same Tencent Cloud COS bucket as Velero backend storage. For installation steps, please see configure Storage and install Velero.

Matters needing attention

Starting with version 1.5, Velero can back up all pod volumes using Restic without having to comment on each pod individually. "by default, this feature allows users to back up all pod volumes using restic, except for the following volumes:"

This example requires Velero 1.5 or later and enables restic to back up persistent volume data. Make sure that the-- use-restic and-- default-volumes-to-restic parameters are enabled during the Velero installation phase. For installation steps, see configuring Storage and installing Velero.

Mount the volume of the default Service Account Secret

Mounted hostPath type volume

Mount volumes for Kubernetes secrets and configmaps

During the migration process, do not do any CRUD operations on the cluster resources on both sides, so as to avoid data differences during the migration process, resulting in inconsistent data after migration.

Try to ensure that the CPU, memory and other specifications of the working nodes of cluster B and cluster An are the same or not too different, so as to avoid the situation that the migrated Pods cannot be scheduled due to resource reasons, resulting in Pending.

The procedure is to create a backup in cluster A.

You can perform backups manually, or you can set up regular automatic backups for velero, which can be viewed using velero schedule-h. This example compares and verifies the resources of default and default2 namespaces. The following figure shows the Pods and PVC resources under the two namespaces in cluster A:

Tip: you can specify some custom Hook actions to be performed during the backup. For example, you need to persist the data in the memory where the application is running to disk before backing up. For more information about backing up Hook, see backing up Hook.

Among them, the minio object storage service in the cluster uses persistent volumes and has uploaded some image data, as shown below:

Execute the following command to back up all other resources in the cluster that do not contain velero namespace (the default namespace for velero installation) resources. If you want to customize the scope of cluster resources that need to be backed up, use velero create backup-h to view the supported resource filtering parameters.

Velero backup create-exclude-namespaces

In this example, we create a "default-all" cluster backup. The backup process is shown in the following figure:

When the backup task status is "Completed", the backup task is completed. You can check whether there is an error in the backup operation by using the velero backup logs | grep error command. If there is no output, no error occurs in the backup process, as shown in the following figure:

Note: please make sure that there are no errors in the backup process. If an error occurs in velero during the backup process, please troubleshoot and re-perform the backup.

"after the backup completes, temporarily update the backup storage location to read-only mode (optional, which prevents Velero from creating or deleting backup objects in the backup storage location during the restore process):"

Kubectl patch backupstoragelocation default-- namespace velero\-- type merge\-- patch'{"spec": {"accessMode": "ReadOnly"}} 'performs a restore in cluster B.

There are no workload resources under the default and default2 namespaces in cluster B before performing the restore operation. The result is shown below:

Temporarily update the Velero backup storage location in cluster B to read-only mode (optional, which prevents Velero from creating or deleting backup objects in the backup storage location during the restore process):

Kubectl patch backupstoragelocation default-- namespace velero\-- type merge\-- patch'{"spec": {"accessMode": "ReadOnly"}'

Tip: you can choose to specify that custom Hook actions are performed during restore or after restoring resources. For example, you may need to perform a custom database restore operation before the database application container starts. For more information about restoring Hook, see restoring Hook.

Before the restore operation, make sure that the Velero resources in cluster B are synchronized with the backup files in the cloud storage. The default synchronization interval is 1 minute, which can be configured using-- backup-sync-period. You can use the following command to see if the backup of cluster A has been synchronized:

Velero backup get

After the backup is checked successfully, execute the following command to restore all the contents to cluster B:

Velero restore create-from-backup

This example performs the restore process as shown in the following figure:

To check the restore log after waiting for the restore task to complete, you can use the following command to see if the restore has reported errors and skipped information:

# check whether there is incorrect restore information during migration velero restore logs | grep error # View the restore operation skipped during migration velero restore logs | grep skip

You can see from the following figure that there are no incorrect restore steps, but there are many "skipped" steps because when we back up cluster resources, we backup all cluster resources that do not contain velero namespaces. Some cluster resources of the same type already exist, such as cluster resources under kube-system. When there are resource conflicts during the restore process, velero will skip the restore steps. So in fact, the restore process is normal, you can ignore these "skipped" logs, if there are special circumstances can be analyzed under the log to see.

Verification of migration results

After checking the cluster resources of cluster B after performing the migration operation, you can see that the pods and PVC resources under the default and default2 namespaces have been migrated successfully as expected:

Then log in to the monio service in cluster B through the Web management page, and you can see that the image data in the minio service has not been lost, indicating that the persistent volume data has been migrated successfully as expected.

At this point, we have completed the migration of resources between TKE clusters. After the migration operation is completed, do not forget to restore the backup storage location to read-write mode (cluster An and cluster B), so that the next backup task can be used successfully:

Kubectl patch backupstoragelocation default-- namespace velero\-- type merge\-- patch'{"spec": {"accessMode": "ReadWrite"}} 'this is how to use Velero to migrate and copy cluster resources in TKE shared by the editor. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.