All Products
Search
Document Center

Container Service for Kubernetes:Back up and restore applications in an ACK cluster

Last Updated:Nov 01, 2024

You can use the backup center to back up and restore applications in Container Service for Kubernetes (ACK) clusters for disaster recovery.

Limits

  • When the backup center backs up applications, the resources that are being deleted are not backed up.

  • Only ACK clusters that run Kubernetes 1.16 or later support the backup center. For more information about how to update the Kubernetes version of an ACK cluster, see Manually upgrade ACK clusters.

    By default, Elastic Compute Service (ECS) snapshots are created to back up disks. Only ACK clusters that run Kubernetes 1.18 or later and use CSI support ECS snapshots. If your cluster does not meet the requirement, use Cloud Backup.

Prerequisites

Billing

The backup center feature is free of charge. However, you may be charged for the following related services when you use the feature:

  • OSS: An OSS bucket is used to store backup files of the cluster, such as the related YAML files. For more information about the billing of OSS, see Billing overview.

  • Disk snapshot: Used to back up volumes that use Alibaba Cloud disks. For more information about the billing, see Snapshots.

    Note
    • Starting 11:00 (UTC+8) on October 12, 2023, you are no longer charged storage fees and feature usage fees for the instant access feature. For more information, see Use the instant access feature.

    • If you use PL0 enhanced SSD (ESSD), PL1 ESSD, PL2 ESSD, PL3 ESSD, or ESSD AutoPL disks, snapshots created during backups have the instant access feature enabled by default.

  • Cloud Backup: Used to back up data from volume types other than disk volumes. You are charged for storage usage of container backup vaults created at the Cloud Backup side. For more information, see Price Details.

Step 1: Create a backup vault

When you back up applications in an ACK cluster, the backup files are stored in an Object Storage Service (OSS) bucket. If no backup vault is available when you create a backup task, you must perform the operations in Step 1.

Note
  • You need to create only one backup vault in the region of your ACK clusters. The ACK clusters can shared the backup vault.

  • You cannot update existing backup vaults. Existing backup vaults can only be deleted. If you create a backup vault that has the same name as a deleted backup vault, the backup vault that you create cannot be used by clusters that have used the application backup feature.

  1. Log on to the ACK console. In the left-side navigation pane, choose Multi-cluster > Backup Center.

  2. On the Backup Center page, click Create Backup Vault.

  3. In the Create Backup Vault panel, configure parameters and click OK.

    Parameter

    Description

    Vault Name

    The name of the backup vault. The name can contain lowercase letters and digits.

    OSS Bucket Region

    The region where the OSS bucket that you want to use is deployed.

    OSS Bucket Name

    The name of the OSS bucket.

    If you use an ACK managed cluster, you need to create an OSS bucket before you perform this step. The OSS bucket must be named in the cnfs-oss**** format.

    OSS Bucket Subdirectory

    The subdirectory of the OSS bucket. This parameter is optional.

    Visible Scope

    The visibility of the backup vault to other users. Valid values:

    • The backup vault is visible only to Alibaba Cloud accounts and the creator.

    • The backup vault is visible to Alibaba Cloud accounts and RAM users.

Step 2: Create a backup plan or back up instantly

  • Create a backup plan: The system periodically creates backup tasks based on the backup cycle until the backup plan is deleted. You can specify a backup cycle to allow the system to create backup tasks at an interval or at a scheduled time of each day, week, or month.

  • Back up instantly: The system creates a backup task to back up applications at the current time.

After you create a backup plan or choose to back up instantly, a backup task is issued to the ACK cluster. The status of the backup task is displayed on the Backup Records tab.

Create a backup schedule

  1. On the Clusters page, click the name of the cluster that you want to manage and choose Operations > Application Backup in the left-side navigation pane.

    The system automatically checks whether the backup service component is installed. If not, follow the instructions on the page to install the backup service component. If you use a registered cluster or ACK dedicated cluster, you also need to configure permissions. For more information, see Install migrate-controller and grant permissions.

  2. On the Application Backup page, click Create Backup Plan. In the Create Backup Plan panel, configure parameters and click OK.

    Note
    • The backup plan name can contain lowercase letters and digits. Space characters are not allowed.

    • You can select multiple namespaces for the backup plan.

    • You can specify only one backup label.

    • Disk snapshots are empowered by the snapshot technology of Alibaba Cloud. Cloud Backup is a high-performance, secure, cost-efficient, and fully-hosted cloud backup and storage service.

    • You can use a Linux crontab expression to specify a backup cycle or specify a backup interval.

    Parameter

    Description

    Name

    The name of the backup plan. This parameter is required.

    Backup Vaults

    Select the backup vault that you want to use. This parameter is required.

    Select Namespace

    • Include: Back up applications in the namespaces specified in Backup Namespaces. If a specified namespace is deleted, applications in the namespace are not backed up.

    • Exclude: Back up applications in namespaces other than those specified in Backup Namespaces. Applications in newly created namespaces are also backed up.

      Note

      The Select Namespace parameter is available only for backup plans. If you choose to back up instantly, only the Include mode is supported.

    Backup Namespaces

    You can select one or more namespaces. Applications in the selected namespaces are backed up or skipped. This parameter is required.

    Note

    The kube-system, kube-publish, kube-node-lease, and csdr namespaces strongly rely on the cluster. The backup and restore feature is not suitable for these namespaces. Therefore, you cannot back up applications in these namespaces.

    Backup Cycle

    Enter a crontab expression. You need to specify a backup cycle only when you create a backup plan. For more information, see How do I specify the backup cycle when creating a backup plan?

    Volume Backup

    Specify whether to back up data in volumes used by applications.

    If you select Enable, ECS snapshots are created or Cloud Backup is used to back up data in volumes.

    • Disk volumes: By default, ECS snapshots are created to back up disk volumes.

    • Other types of volumes: Cloud Backup is used.

    During the restoration process, data is restored from ECS snapshots or Cloud Backup to new disk volumes.

    Important

    If you do not enable volume backup and have not excluded persistent volumes (PVs) and persistent volume claims (PVCs) from the backup list, only the YAML files of the PVs and PVCs are backed up. The data stored in volumes is not backed up. The YAML files contain the underlying storage information, such as disk IDs and NAS server information. During the restoration process, PVs and PVCs are restored from the YAML files by creating statically provisioned volumes.

    Label

    Specify a label. Applications that have this label are backed up.

    Specify Resources

    Specify one or more resource object names that are separated by commas (,). Example: deploy, configmap. Only the specified Kubernetes resources are backed up.

    Excluded Resources

    You can specify one or more Kubernetes resources that you want to exclude from the backup task and separate them with commas (,). Example: pod or Secret. The excluded resources are not backed up.

    Validity Period

    The validity period of backups. Expired backups cannot be restored. Valid values: 1 to 65536. Unit: days.

What to do next

On the Backup Plans tab of the Application Backup page, you can click View Backup Records in the Actions column of a backup plan to view backup records. If the Status column displays Completed, backups are created.

On the Backup Plans tab of the Application Backup page, you can click Edit in the Actions column of a backup plan to modify the backup namespaces and backup cycle.

Back up instantly

  1. On the Clusters page, click the name of the cluster that you want to manage and choose Operations > Application Backup in the left-side navigation pane.

    The system automatically checks whether the backup service component is installed. If not, follow the instructions on the page to install the backup service component. If you use a registered cluster or ACK dedicated cluster, you also need to configure permissions. For more information, see Install migrate-controller and grant permissions.

  2. On the Application Backup page, click Back up Now. In the Back up Now panel, configure parameters and click OK.

    Note
    • The task name can contain lowercase letters and digits. Space characters are not allowed.

    • You can select one or more namespaces to back up applications.

    • You can specify only one backup label.

    • Disk snapshots are empowered by the snapshot technology of Alibaba Cloud. Cloud Backup is a high-performance, secure, cost-efficient, and fully-hosted cloud backup and storage service.

    Parameter

    Description

    Name

    The name of the real-time backup task. This parameter is required.

    Backup Vaults

    Select the backup vault that you want to use. This parameter is required.

    Backup Namespaces

    You can select one or more namespaces. Applications in the selected namespaces are backed up or skipped. This parameter is required.

    Note

    The kube-system, kube-publish, kube-node-lease, and csdr namespaces strongly rely on the cluster. The backup and restore feature is not suitable for these namespaces. Therefore, you cannot back up applications in these namespaces.

    Volume Backup

    Specify whether to back up data in volumes used by applications.

    If you select Enable, ECS snapshots are created or Cloud Backup is used to back up data in volumes.

    • Disk volumes: By default, ECS snapshots are created to back up disk volumes.

    • Other types of volumes: Cloud Backup is used.

    During the restoration process, data is restored from ECS snapshots or Cloud Backup to new disk volumes.

    Important

    If you do not enable volume backup and have not excluded persistent volumes (PVs) and persistent volume claims (PVCs) from the backup list, only the YAML files of the PVs and PVCs are backed up. The data stored in volumes is not backed up. The YAML files contain the underlying storage information, such as disk IDs and NAS server information. During the restoration process, PVs and PVCs are restored from the YAML files by creating statically provisioned volumes.

    Label

    Specify a label. Applications that have this label are backed up.

    Specify Resources

    Specify one or more resource object names that are separated by commas (,). Example: deploy, configmap. Only the specified Kubernetes resources are backed up.

    Excluded Resources

    You can specify one or more Kubernetes resources that you want to exclude from the backup task and separate them with commas (,). Example: pod or Secret. The excluded resources are not backed up.

    Validity Period

    The validity period of backups. Expired backups cannot be restored. Valid values: 1 to 65536. Unit: days.

What to do next

On the Backup Plans tab of the Application Backup page, if the Status column of a backup record displays Completed, backups are created.

You can click Clone in the Actions column of a backup record to create a real-time backup task from the backup record.

Step 3: Restore applications and volumes

Important

The system does not overwrite existing resources in the cluster when it restores data. It restores only resources that do not exist in the cluster. If the cluster already contains resources that you want to restore, delete the existing resources before you perform the restoration.

  1. On the Application Backup page, click Restore.

  2. In the Restore panel, configure parameters and click OK.

    Parameter

    Description

    Name

    The name of the restore task. The name can contain lowercase letters and digits.

    Backup Vaults

    Select the backup vault where backup files are stored.

    After you select a backup vault, click Initialize Backup Vault to associate the restore cluster with the backup vault. You need to associate a backup vault with a cluster only once. After the backup vault is initialized, you can select a backup file from the backup vault to restore data.

    Select Backup

    Select a backup file.

    Reset Namespace

    If you want to select backup files in other namespaces, click Add, select the namespace to which the backup files belong, and then specify the namespace to which the backup files are restored after the colon (:).

    StorageClass Conversion

    The snapshot feature is renamed as StorageClass conversion. This feature can convert the StorageClasses of PVCs in volume backups. For example, your application uses NAS volumes. After you select the alicloud-disk StorageClass, the restored application uses disk volumes.

    Important

    You can convert only the StorageClasses of volumes of the FileSystem type (volumes other than disk volumes created by Cloud Backup).

    For ReadWriteMany volumes, recovery to a disk is not supported. For ReadOnlyMany volumes, when recovering to a disk, ensure that replicas are not simultaneously mounted on multiple nodes to avoid forced disk unmounting.

  3. Verify that the related stateful or stateless application, volumes, and Services can be started and accessed as normal.

    1. In the left-side navigation pane of the restore cluster management page, choose Workloads > Deployments.

    2. Find the application and click Details in the Actions column.

      On the Pods tab, confirm that the status of the restored Deployment is Running.

    3. In the left-side navigation pane of the details page, choose Volumes > Persistent Volume Claims.

      On the Persistent Volume Claims page, confirm that the PVCs are restored and displayed.

    4. In the left-side navigation pane of the details page, choose Network > Services.

    5. On the Services page, click the external endpoint of a Service to check whether the Service can be accessed.

References