Member-only story
DevOps
Backup an entire Kubernetes cluster using Velero to AWS S3
Maintaining backup is always rewarding. Learn how to backup and restore an entire K8s cluster in this detailed article
Time is uncertain so having a backup is very important. The period of backup differs from case to case as there is no set period for preparing the right backup strategy. In this article, we will learn in-depth about backing up a Kubernetes cluster to an AWS S3 bucket using Velero.
With Velero plugins you are not just limited to backing up your Kubernetes cluster to S3 but you can also use other cloud providers like GCP, Azure, Alibaba, DigitalOcean and many more.
I’ll be using an EKS cluster that I have already created with managed node group but you can use an unmanaged K8s cluster or a managed cluster provided by other cloud providers to follow along. So, let’s get going.
S3
We will start by creating an S3 bucket to store the cluster backup.
aws s3 mb s3://skildops-velero-backup-demoLet’s follow some security best practices and make our bucket secure. These steps are optional so if you don’t want to you can skip to the IAM Role section.
Note: While executing the below mentioned commands make sure to replace skildops-velero-backup-demo with your own bucket name.
Enable public access block:
aws s3api put-public-access-block --bucket skildops-velero-backup-demo --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"Enable default encryption:
aws s3api put-bucket-encryption --bucket skildops-velero-backup-demo --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}'Add a bucket policy to allow connections only over HTTPS:
aws s3api put-bucket-policy --bucket…
