Installing Velero

Velero is a backup, recovery, and migration tool for Managed Service for Kubernetes cluster objects, including persistent volumes. With Velero, you can:

• Protect your data from loss using a flexible backup system.
• Recover a Managed Service for Kubernetes cluster faster if it goes down.
• Move your data from one Managed Service for Kubernetes cluster to another.

Velero uses the Container Storage Interface driver to create backups and restore persistent volumes from Yandex Cloud disk snapshots.

Getting startedGetting started

1. If you do not have the Yandex Cloud command line interface yet, install and initialize it.

   The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

2. Create a service account needed to access Yandex Object Storage.

   yc iam service-account create --name <service_account_name>
   

3. Assign the storage.editor role to the service account:

   yc resource-manager folder add-access-binding <folder_ID> \
     --role storage.editor \
     --subject serviceAccount:<service_account_ID>
   

4. Create a static access key for the service account in JSON format and save it to the sa-key.json file:

   yc iam access-key create \
     --service-account-name=<service_account_name> \
     --format=json > sa-key.json
   

5. Create a Object Storage bucket.

6. Make sure that the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If any rule is missing, add it.

   Warning

   The configuration of security groups determines the performance and availability of the cluster and the services and applications running in it.

Installation using Yandex Cloud MarketplaceInstallation using Yandex Cloud Marketplace

1. Go to the folder page and select Managed Service for Kubernetes.
2. Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
3. Under Application available for installation, select Velero and click Go to install.
4. Configure the application:

   • Namespace: Create a namespace named velero. The application uses it by default.

     Note

     If you select a different namespace, you will have to specify its name in each command.

   • Application name: Specify the app name.

   • Object Storage static access key: Copy the contents of the sa-key.json file or create a new access key for the service account. The service account must have the storage.editor role.

   • Object Storage bucket name: Specify the name of the Object Storage bucket.

5. Click Install.
6. Wait for the application to change its status to Deployed.

Installation using a Helm chartInstallation using a Helm chart

1. Install Helm v3.8.0 or higher.

2. Install kubectl and configure it to work with the created cluster.

3. To install a Helm chart with Velero, run this command:

   helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/velero/velero \
        --version 2.30.4-1 \
        --untar && \
   helm install \
        --namespace velero \
        --create-namespace \
        --set configuration.backupStorageLocation.bucket=<bucket_name> \
        --set-file serviceaccountawskeyvalue=<path_to_sa-key.json> \
        velero ./velero/
   

   Note

   If you are using a Helm version below 3.8.0, append the export HELM_EXPERIMENTAL_OCI=1 && \ string to the command to enable Open Container Initiative (OCI) support in the Helm client.

See alsoSee also

• Velero documentation.