Documentation for version v1.4 is no longer actively maintained. The version you are currently viewing is a static snapshot. For up-to-date documentation, see the latest version.
Velero has two custom resources, BackupStorageLocation
and VolumeSnapshotLocation
, that are used to configure where Velero backups and their associated persistent volume snapshots are stored.
A BackupStorageLocation
is defined as a bucket, a prefix within that bucket under which all Velero data should be stored, and a set of additional provider-specific fields (e.g. AWS region, Azure storage account, etc.) The
API documentation captures the configurable parameters for each in-tree provider.
A VolumeSnapshotLocation
is defined entirely by provider-specific fields (e.g. AWS region, Azure resource group, Portworx snapshot type, etc.) The
API documentation captures the configurable parameters for each in-tree provider.
The user can pre-configure one or more possible BackupStorageLocations
and one or more VolumeSnapshotLocations
, and can select at backup creation time the location in which the backup and associated snapshots should be stored.
This configuration design enables a number of different use cases, including:
Velero only supports a single set of credentials per provider. It’s not yet possible to use different credentials for different locations, if they’re for the same provider.
Volume snapshots are still limited by where your provider allows you to create snapshots. For example, AWS and Azure do not allow you to create a volume snapshot in a different region than where the volume is. If you try to take a Velero backup using a volume snapshot location with a different region than where your cluster’s volumes are, the backup will fail.
Each Velero backup has one BackupStorageLocation
, and one VolumeSnapshotLocation
per volume provider. It is not possible (yet) to send a single Velero backup to multiple backup storage locations simultaneously, or a single volume snapshot to multiple locations simultaneously. However, you can always set up multiple scheduled backups that differ only in the storage locations used if redundancy of backups across locations is important.
Cross-provider snapshots are not supported. If you have a cluster with more than one type of volume (e.g. EBS and Portworx), but you only have a VolumeSnapshotLocation
configured for EBS, then Velero will only snapshot the EBS volumes.
Restic data is stored under a prefix/subdirectory of the main Velero bucket, and will go into the bucket corresponding to the BackupStorageLocation
selected by the user at backup creation time.
Let’s look at some examples of how we can use this configuration mechanism to address some common use cases:
During server configuration:
velero snapshot-location create ebs-us-east-1 \
--provider aws \
--config region=us-east-1
velero snapshot-location create portworx-cloud \
--provider portworx \
--config type=cloud
During backup creation:
velero backup create full-cluster-backup \
--volume-snapshot-locations ebs-us-east-1,portworx-cloud
Alternately, since in this example there’s only one possible volume snapshot location configured for each of our two providers (ebs-us-east-1
for aws
, and portworx-cloud
for portworx
), Velero doesn’t require them to be explicitly specified when creating the backup:
velero backup create full-cluster-backup
During server configuration:
velero backup-location create default \
--provider aws \
--bucket velero-backups \
--config region=us-east-1
velero backup-location create s3-alt-region \
--provider aws \
--bucket velero-backups-alt \
--config region=us-west-1
During backup creation:
# The Velero server will automatically store backups in the backup storage location named "default" if
# one is not specified when creating the backup. You can alter which backup storage location is used
# by default by setting the --default-backup-storage-location flag on the `velero server` command (run
# by the Velero deployment) to the name of a different backup storage location.
velero backup create full-cluster-backup
Or:
velero backup create full-cluster-alternate-location-backup \
--storage-location s3-alt-region
During server configuration:
velero snapshot-location create portworx-local \
--provider portworx \
--config type=local
velero snapshot-location create portworx-cloud \
--provider portworx \
--config type=cloud
During backup creation:
# Note that since in this example we have two possible volume snapshot locations for the Portworx
# provider, we need to explicitly specify which one to use when creating a backup. Alternately,
# you can set the --default-volume-snapshot-locations flag on the `velero server` command (run by
# the Velero deployment) to specify which location should be used for each provider by default, in
# which case you don't need to specify it when creating a backup.
velero backup create local-snapshot-backup \
--volume-snapshot-locations portworx-local
Or:
velero backup create cloud-snapshot-backup \
--volume-snapshot-locations portworx-cloud
If you don’t have a use case for more than one location, it’s still easy to use Velero. Let’s assume you’re running on AWS, in the us-west-1
region:
During server configuration:
velero backup-location create default \
--provider aws \
--bucket velero-backups \
--config region=us-west-1
velero snapshot-location create ebs-us-west-1 \
--provider aws \
--config region=us-west-1
During backup creation:
# Velero will automatically use your configured backup storage location and volume snapshot location.
# Nothing needs to be specified when creating a backup.
velero backup create full-cluster-backup
If you’re using Azure’s AKS, you may want to store your volume snapshots outside of the “infrastructure” resource group that is automatically created when you create your AKS cluster. This is possible using a VolumeSnapshotLocation
, by specifying a resourceGroup
under the config
section of the snapshot location. See the
Azure volume snapshot location documentation for details.
If you’re using Azure, you may want to store your Velero backups across multiple storage accounts and/or resource groups/subscriptions. This is possible using a BackupStorageLocation
, by specifying a storageAccount
, resourceGroup
and/or subscriptionId
, respectively, under the config
section of the backup location. See the
Azure backup storage location documentation for details.
To help you get started, see the documentation.