Harness On-Prem backup with Velero for GKE kubernetes installation

Introduction:

While I am working with on-Prem customer on of the question that definitely come up during the onboarding is backup and restore. With KOTs based Harness installation it gave flexibility to customer upgrade on-demand resulted in taking care of back and restore if in case some goes wrong. Recently harness enabled backup and restore of harness using velero for VM based installation and the documentation to perform that is clearly captured in Harness docs. Here I am going to share the steps to perform back up of harness cluster hosted in GKE and store the backup in GCP bucket.

Moving on:
Before getting started with the backup process I just made sure that harness running in my cluster and all components are up and running without any issue. Here is the snapshot of my harness cluster pods that are running at this moment

Now I am going get started with configuring the backup setup in Harness Admin UI, Here are the steps

  • Navigate to Snapshots and that would bring up the Pop-up with options to configure the snapshot (backup) destination and configuration.

  • Since I am using GKE and going to use GCP Bucket as storage, I am going to choose appropriate option in the UI.

  • Upon clicking the link, it will navigate to Velero documentation page. This page have step by step guide for installing velero

  • Here I am going for follow steps listed by choosing the option to Set permissions with a Service Account.

  • Crete service account which will be used for the snapshots

  • Define required permission needed for GCP storage in addition to the default permissions listed in velero documentation page

    ROLE_PERMISSIONS=(
    compute.disks.get
    compute.disks.create
    compute.disks.createSnapshot
    compute.snapshots.get
    compute.snapshots.create
    compute.snapshots.useReadOnly
    compute.snapshots.delete
    compute.zones.get
    storage.objects.create
    storage.objects.delete
    storage.objects.get
    storage.objects.list
    )

  • Attach the permission to IAM role

  • Attach the IAM Role to the GCP Project account

  • Create an IAM service account key for Velero installation

  • Now its time to install valero

    velero install
    –provider gcp
    –plugins velero/velero-plugin-for-gcp:v1.2.0
    –bucket $BUCKET
    –secret-file ./jaykots04-credentials-velero
    –use-restic

  • Check the status of the velero installation

    kubectl logs deployment/velero -n velero

  • Run this command to ensure Velero have require permission

  • Validate the velero installation in UI

  • All set to get started with snapshots with GKE/GCP

Conclusion: Taking kubernetes cluster backup is a complex task! Thanks to KOTS and Velero for making it so easy.

Happy Snapshot with Harness !!!

2 Likes