Harness On-Prem backup with Velero for GKE kubernetes installation

Harness Experts
1

Introduction:

While I am working with on-Prem customer on of the question that definitely come up during the onboarding is backup and restore. With KOTs based Harness installation it gave flexibility to customer upgrade on-demand resulted in taking care of back and restore if in case some goes wrong. Recently harness enabled backup and restore of harness using velero for VM based installation and the documentation to perform that is clearly captured in Harness docs. Here I am going to share the steps to perform back up of harness cluster hosted in GKE and store the backup in GCP bucket.

Moving on:
Before getting started with the backup process I just made sure that harness running in my cluster and all components are up and running without any issue. Here is the snapshot of my harness cluster pods that are running at this moment

image
image1350×760 58.8 KB

Now I am going get started with configuring the backup setup in Harness Admin UI, Here are the steps

  • Navigate to Snapshots and that would bring up the Pop-up with options to configure the snapshot (backup) destination and configuration.

    image
    image2180×1308 269 KB

  • Since I am using GKE and going to use GCP Bucket as storage, I am going to choose appropriate option in the UI.

  • Upon clicking the link, it will navigate to Velero documentation page. This page have step by step guide for installing velero

image
image1860×1434 228 KB

  • Here I am going for follow steps listed by choosing the option to Set permissions with a Service Account.

    image
    image694×284 19.9 KB

  • Crete service account which will be used for the snapshots

    image
    image1078×362 50.8 KB

  • Define required permission needed for GCP storage in addition to the default permissions listed in velero documentation page

    image
    image866×528 41.9 KB

    ROLE_PERMISSIONS=(
    compute.disks.get
    compute.disks.create
    compute.disks.createSnapshot
    compute.snapshots.get
    compute.snapshots.create
    compute.snapshots.useReadOnly
    compute.snapshots.delete
    compute.zones.get
    storage.objects.create
    storage.objects.delete
    storage.objects.get
    storage.objects.list
    )

  • Attach the permission to IAM role

    image
    image1184×816 92.2 KB

  • Attach the IAM Role to the GCP Project account

    image
    image1158×256 32 KB

  • Create an IAM service account key for Velero installation

    image
    image2814×224 27 KB

  • Now its time to install valero

    velero install
    –provider gcp
    –plugins velero/velero-plugin-for-gcp:v1.2.0
    –bucket $BUCKET
    –secret-file ./jaykots04-credentials-velero
    –use-restic

    image
    image1488×540 77.1 KB

    image
    image1578×266 34.3 KB

  • Check the status of the velero installation

    kubectl logs deployment/velero -n velero

  • Run this command to ensure Velero have require permission

    image
    image2366×196 27.9 KB

  • Validate the velero installation in UI

    image
    image1454×2724 333 KB

  • All set to get started with snapshots with GKE/GCP

image
image2030×1242 211 KB

image
image1818×1048 56 KB

Conclusion: Taking kubernetes cluster backup is a complex task! Thanks to KOTS and Velero for making it so easy.

Happy Snapshot with Harness !!!

3 Likes