Operations
Backup And Restores
Custom Secret
Monitoring
tpl
This guide walks you through creating and configuring a BackupRepo in KubeBlocks using an S3 bucket for storing backup data.
Use the AWS CLI to create an S3 bucket in your desired region. Replace <your-region>
with your target AWS region (e.g., us-east-1
, ap-southeast-1
).
aws s3api create-bucket --bucket kubeblocks-backup-repo --region <your-region> --create-bucket-configuration LocationConstraint=<your-region>
Example (for us-west-1):
aws s3api create-bucket \
--bucket kubeblocks-backup-repo \
--region us-west-1 \
--create-bucket-configuration LocationConstraint=us-west-1
Example Output:
{
"Location": "http://kubeblocks-backup-repo.s3.amazonaws.com/"
}
Verification: Confirm the bucket was created by listing its contents (it will be empty initially):
aws s3 ls s3://kubeblocks-backup-repo
Store your AWS credentials securely in a Kubernetes Secret. Replace <ACCESS_KEY>
and <SECRET_KEY>
with your actual AWS credentials:
# Create a secret to save the access key
kubectl create secret generic s3-credential-for-backuprepo \
--from-literal=accessKeyId=<ACCESS KEY> \
--from-literal=secretAccessKey=<SECRET KEY> \
-n kb-system
A BackupRepo is a custom resource that defines a storage repository for backups. In this step, you'll integrate your S3 bucket with KubeBlocks by creating a BackupRepo resource.
Apply the following YAML to create the BackupRepo. Replace fields(e.g., bucket name, region) with your specific settings.
apiVersion: dataprotection.kubeblocks.io/v1alpha1
kind: BackupRepo
metadata:
name: s3-repo
annotations:
# mark this backuprepo as default one
dataprotection.kubeblocks.io/is-default-repo: 'true'
spec:
# Currently, KubeBlocks supports configuring various object storage services as backup repositories
# - s3 (Amazon Simple Storage Service)
# - oss (Alibaba Cloud Object Storage Service)
# - cos (Tencent Cloud Object Storage)
# - gcs (Google Cloud Storage)
# - obs (Huawei Cloud Object Storage)
# - minio, and other S3-compatible services.
storageProviderRef: s3
# Specifies the access method of the backup repository.
# - Tool
# - Mount
accessMethod: Tool
# Specifies reclaim policy of the PV created by this backup repository.
pvReclaimPolicy: Retain
# Specifies the capacity of the PVC created by this backup repository.
volumeCapacity: 100Gi
# Stores the non-secret configuration parameters for the StorageProvider.
config:
bucket: kubeblocks-backup-repo
endpoint: ''
mountOptions: --memory-limit 1000 --dir-mode 0777 --file-mode 0666
region: us-west-1
# References to the secret that holds the credentials for the StorageProvider.
credential:
# name is unique within a namespace to reference a secret resource.
name: s3-credential-for-backuprepo
# namespace defines the space within which the secret name must be unique.
namespace: kb-system
The dataprotection.kubeblocks.io/is-default-repo: 'true'
annotation marks this BackupRepo as the default one. When creating backups, if no specific BackupRepo is specified, KubeBlocks will use the one marked as default.
Check the status of the BackupRepo to ensure it is correctly initialized:
kubectl get backuprepo s3-repo -w
Expected Status Flow:
NAME STATUS STORAGEPROVIDER ACCESSMETHOD DEFAULT AGE
s3-repo PreChecking s3 Tool true 5s
s3-repo Ready s3 Tool true 35s
Troubleshooting
When creating a new BackupRepo, KubeBlocks runs a precheck job to test the connection and read/write capabilities. If the BackupRepo status shows Failed
, follow these troubleshooting steps:
Check the BackupRepo status and error details:
kubectl describe backuprepo <BACKUP_REPO_NAME>
Verify your configuration:
The precheck job must complete successfully for the BackupRepo to become Ready
for use.
KubeBlocks supports the following storage providers as backup repositories:
Storage Provider | Description |
---|---|
OSS | Alibaba Cloud Object Storage Service |
S3 | Amazon Simple Storage Service |
COS | Tencent Cloud Object Storage |
GCS | Google Cloud Storage |
OBS | Huawei Cloud Object Storage |
MinIO | Self-hosted Object Storage |
S3-compatible | Other S3-compatible storage services |
To get the full list of StorageProvider
s installed:
kubectl get storageproviders.dataprotection.kubeblocks.io
For detailed instructions on configuring a BackupRepo for other storage providers, please refer to the BackupRepo Introduction.