Velero is a freely available tool that helps manage backups, recovery, and the transfer of Kubernetes clusters and their associated persistent data. It supports both on-premises environments and public cloud platforms. The tool includes a server component that runs within the Kubernetes cluster as a deployment, along with a command-line interface (CLI) that allows DevOps teams and platform engineers to set up and manage automated backup schedules, initiate one-time backups when needed, carry out restore operations, and handle additional data protection tasks.
Unlike some other backup tools that interact directly with the Kubernetes etcd database, Velero operates through the Kubernetes API to capture and restore cluster resource states. This API-based method offers several advantages:
- It allows for selective backups by filtering resources based on namespace, type, or label selectors, offering flexible control over what is backed up or restored.
- In managed Kubernetes environments where access to the etcd database is restricted, Velero still functions effectively without requiring direct etcd access.
- Resources managed through aggregated API servers can also be protected and restored seamlessly, even when they reside outside the primary etcd database.
Velero further allows you to back up and recover both the configuration and persistent data of your applications, either by leveraging native snapshot features of your storage platform or by using its built-in file-level backup tool, Restic.
Kubernetes itself doesn’t provide native backup solutions for persistent data. If a cluster fails, critical workloads and configurations could be lost forever.
Key Features of Velero
- Backup & Restore
- Capture entire namespaces or filtered resources using labels.
- Restore lost or corrupted resources in minutes.
- Disaster Recovery
- Quickly recover from cluster failures, accidental deletions, or ransomware attacks.
- Cluster Migration
- Move applications between clusters (e.g., dev > prod, on-prem > cloud).
- Scheduled Backups
- Automate backups using Cron expressions (e.g., daily at 2 AM).
- Hooks for Custom Actions
- Execute pre/post-backup scripts (e.g., flushing databases before a backup).
- Support for Multiple Storage Backends
- Compatible with storage solutions such as AWS S3, Azure Blob Storage, Google Cloud Storage, and MinIO.
How Velero Works
Velero consists of two main components:
- Velero CLI – A command-line interface used to configure, manage, and monitor backups.
- Velero Server – Runs inside your Kubernetes cluster, handling backup operations.
Storage Options
- Cloud Storage (S3, GCS, Azure Blob) –Well-suited for cloud-native setups.
- On-Prem (MinIO, NFS) – For air-gapped or private environments.
Volume Snapshots
- Uses cloud-native snapshots (AWS EBS, GCP PD) for fast backups.
- Restic integration for backing up volumes without native snapshot support.
Installing Velero
Prerequisites:
- Kubernetes cluster
- kubectl configured
- Object storage (e.g., AWS S3 bucket)
Step 1: Install CLI
wget https://github.com/vmware-tanzu/velero/releases/download/v1.11.0/velero-v1.11.0-linux-amd64.tar.gztar -xzvf velero-v1.11.0-linux-amd64.tar.gzsudo mv velero /usr/local/bin/
Step 2: Deploy Server
AWS S3 Example:
velero install \ --provider aws \ --plugins velero/velero-plugin-for-aws:v1.6.1 \ --bucket my-velero-backups \ --secret-file ./aws-credentials \ --backup-location-config region=us-west-2
MinIO Example:
velero install \ --provider aws \ --plugins velero/velero-plugin-for-aws:v1.6.1 \ --bucket velero \ --secret-file ./minio-credentials \ --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://minio-server:9000
Backup and Restore in Action
velero backup create my-backup --include-namespaces=production
Check backup status
velero backup describe my-backup
velero restore create --from-backup my-backup
velero schedule create daily-backup --schedule="0 2 * * *" --include-namespaces=production
This runs every day at 2 AM.
Use Case Scenarios
- DevOps Automation: Automate scheduled backups and test restore procedures as part of CI/CD.
- Cluster Rebuilding: Recreate a corrupted or deleted cluster environment with minimal downtime.
- Cloud Migration: Effortlessly transfer workloads across cloud providers or from on-premises environments to the cloud.
- Staging Replication: Duplicate production environments for staging/testing with up-to-date data.
Velero is a reliable, flexible, and production-ready solution designed for backing up, recovering, and migrating Kubernetes clusters. Its API-first design, multi-cloud support, and extensibility make it the go-to tool for platform teams looking to safeguard their Kubernetes workloads.
By implementing Velero, you not only protect your applications and data but also gain peace of mind knowing you can recover quickly from any disaster, be it accidental deletions, system failures, or full cluster outages.