marko/docker-development-youtube-series
1
0
Fork 0
mirror of https://github.com/marcel-dempers/docker-development-youtube-series.git synced 2025-06-06 17:01:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
marcel-dempers 2020-10-07 22:22:26 +11:00 committed by Marcel Dempers
parent 08fa3baaae
commit 0c8be9ddbd
3 changed files with 315 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
kubernetes/velero/README.md Normal file
View File

@ -0,0 +1,156 @@
# Introduction to Velero
## We need a Kubernetes cluster
Lets create a Kubernetes cluster to play with using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/)
```
kind create cluster --name velero --image kindest/node:v1.19.1
```
## Get a container to work in
<br/>
Run a small `alpine linux` container where we can install and play with `velero`: <br/>
```
docker run -it --rm -v ${HOME}:/root/ -v ${PWD}:/work -w /work --net host alpine sh
# install curl & kubectl
apk add --no-cache curl nano
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod +x ./kubectl
mv ./kubectl /usr/local/bin/kubectl
export KUBE_EDITOR="nano"
#test cluster access:
/work # kubectl get nodes
NAME STATUS ROLES AGE VERSION
velero-control-plane Ready master 26m v1.18.4
```
## Velero CLI
Lets download the `velero` command line tool <br/>
I grabbed the `v1.5.1` release using `curl`
You can go to the [releases](https://github.com/vmware-tanzu/velero/releases/tag/v1.5.1) page to get it
```
curl -L -o /tmp/velero.tar.gz https://github.com/vmware-tanzu/velero/releases/download/v1.5.1/velero-v1.5.1-linux-amd64.tar.gz
tar -C /tmp -xvf /tmp/velero.tar.gz
mv /tmp/velero-v1.5.1-linux-amd64/velero /usr/local/bin/velero
chmod +x /usr/local/bin/velero
velero --help
```
## Deploy some stuff
```
kubectl apply -f kubernetes/configmaps/configmap.yaml
kubectl apply -f kubernetes/secrets/secret.yaml
kubectl apply -f kubernetes/deployments/deployment.yaml
kubectl apply -f kubernetes/services/service.yaml
kubectl get all
```
## Create storage in Azure and AWS
In this example, we'll create a storage in AWS and Azure to try both scenarios.</br>
You can follow along in the video </br>
Create a storage account and secret for: [Azure](./azure.md) </br>
Create a storage account and secret for: [AWS](./aws.md) </br>
```
```
## Deploy Velero for Azure
Start [here](./azure.md) </br>
```
# Azure credential file
cat << EOF > /tmp/credentials-velero
AZURE_STORAGE_ACCOUNT_ACCESS_KEY=${AZURE_STORAGE_ACCOUNT_ACCESS_KEY}
AZURE_CLOUD_NAME=AzurePublicCloud
EOF
velero install \
--provider azure \
--plugins velero/velero-plugin-for-microsoft-azure:v1.1.0 \
--bucket $BLOB_CONTAINER \
--secret-file /tmp/credentials-velero \
--backup-location-config resourceGroup=$AZURE_BACKUP_RESOURCE_GROUP,storageAccount=$AZURE_STORAGE_ACCOUNT_NAME,storageAccountKeyEnvVar=AZURE_STORAGE_ACCOUNT_ACCESS_KEY,subscriptionId=$AZURE_BACKUP_SUBSCRIPTION_ID \
--use-volume-snapshots=false
kubectl -n velero get pods
kubectl logs deployment/velero -n velero
```
## Deploy Velero for AWS
Start [here](./aws.md)
```
cat > /tmp/credentials-velero <<EOF
[default]
aws_access_key_id=$AWS_ACCESS_ID
aws_secret_access_key=$AWS_ACCESS_KEY
EOF
velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.1.0 \
--bucket $BUCKET \
--backup-location-config region=$REGION \
--snapshot-location-config region=$REGION \
--secret-file /tmp/credentials-velero
kubectl -n velero get pods
kubectl logs deployment/velero -n velero
```
## Create a Backup
```
velero backup create default-namespace-backup --include-namespaces default
# describe
velero backup describe default-namespace-backup
# logs
velero backup logs default-namespace-backup
```
## Do a Restore
```
# delete all resources
kubectl delete -f kubernetes/configmaps/configmap.yaml
kubectl delete -f kubernetes/secrets/secret.yaml
kubectl delete -f kubernetes/deployments/deployment.yaml
kubectl delete -f kubernetes/services/service.yaml
velero restore create default-namespace-backup --from-backup default-namespace-backup
# describe
velero restore describe default-namespace-backup
#logs
velero restore logs default-namespace-backup
# see items restored
kubectl get all
```

108
kubernetes/velero/aws.md Normal file
View File

@ -0,0 +1,108 @@
# Run AWS CLI
```
docker run -it --rm --entrypoint /bin/sh amazon/aws-cli:2.0.55
# install JSON tool
yum install -y jq
```
# Login to AWS
https://docs.aws.amazon.com/eks/latest/userguide/getting-started-console.html
```
# Access your "My Security Credentials" section in your profile.
# Create an access key
aws configure
Default region name: ap-southeast-2
Default output format: json
```
# Create a Storage Bucket
```
aws s3api create-bucket --bucket veleromarcel --region ap-southeast-2 --create-bucket-configuration LocationConstraint=ap-southeast-2
```
# Create IAM User
```
aws iam create-user --user-name velero
```
# Setup Policy for the User
```
cat > velero-policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeVolumes",
"ec2:DescribeSnapshots",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:CreateSnapshot",
"ec2:DeleteSnapshot"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:DeleteObject",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::${BUCKET}/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::${BUCKET}"
]
}
]
}
EOF
aws iam put-user-policy \
--user-name velero \
--policy-name velero \
--policy-document file://velero-policy.json
```
# Create Access Key for that user
```
aws iam create-access-key --user-name velero > /tmp/key.json
AWS_ACCESS_ID=`cat /tmp/key.json | jq .AccessKey.AccessKeyId | sed s/\"//g`
AWS_ACCESS_KEY=`cat /tmp/key.json | jq .AccessKey.SecretAccessKey | sed s/\"//g`
```
# Export variables
Let's export these variables into our Velero container <br/>
<br/>
Copy and paste this to the velero container:
```
printf "export AWS_ACCESS_ID=$AWS_ACCESS_ID \nexport AWS_ACCESS_KEY=$AWS_ACCESS_KEY\nexport BUCKET=$BUCKET \nexport REGION=$REGION\n"
```

51
kubernetes/velero/azure.md Normal file
View File

@ -0,0 +1,51 @@
# Run Azure CLI
```
docker run -it --rm --entrypoint /bin/sh mcr.microsoft.com/azure-cli:2.9.1
```
# Login to Azure
```
az login
```
# Create Storage
```
AZURE_BACKUP_RESOURCE_GROUP=velero
AZURE_STORAGE_ACCOUNT_NAME=veleromarcel
BLOB_CONTAINER=mycluster
AZURE_BACKUP_SUBSCRIPTION_ID=
# set subscription
az account set --subscription $AZURE_BACKUP_SUBSCRIPTION_ID
# resource group
az group create -n $AZURE_BACKUP_RESOURCE_GROUP --location WestUS
# storage account
az storage account create \
--name $AZURE_STORAGE_ACCOUNT_NAME \
--resource-group $AZURE_BACKUP_RESOURCE_GROUP \
--sku Standard_GRS
# get key
AZURE_STORAGE_ACCOUNT_ACCESS_KEY=`az storage account keys list --account-name $AZURE_STORAGE_ACCOUNT_NAME --query "[?keyName == 'key1'].value" -o tsv`
# blob container
az storage container create -n $BLOB_CONTAINER \
--public-access off \
--account-name $AZURE_STORAGE_ACCOUNT_NAME \
--account-key $AZURE_STORAGE_ACCOUNT_ACCESS_KEY
```
# Export variables
Let's export these variables into our Velero container <br/>
<br/>
Copy and paste this to the velero container:
```
printf "export BLOB_CONTAINER=$BLOB_CONTAINER \nexport AZURE_BACKUP_RESOURCE_GROUP=$AZURE_BACKUP_RESOURCE_GROUP \nexport AZURE_STORAGE_ACCOUNT_NAME=$AZURE_STORAGE_ACCOUNT_NAME \nexport AZURE_STORAGE_ACCOUNT_ACCESS_KEY=$AZURE_STORAGE_ACCOUNT_ACCESS_KEY \nexport AZURE_BACKUP_SUBSCRIPTION_ID=$AZURE_BACKUP_SUBSCRIPTION_ID\n"
```