Prerequisites

Before attempting to restore the cluster state using the Velero command-line interface, verify the following requirements:

  • The backend storage, Rook Ceph Cluster, is still operational.

  • The Velero platform service in the cluster is still operational.

  • The Velero platform service is set to a restore-only-mode to avoid having backups run while restoring.

Restoring from backup

To list the available backup archives for your cluster, run the following command:

velero backup get
CODE

To set Velero to a restore-only-mode, run the following command:

velero server --restore-only=true
CODE

This mode is being deprecated and will be removed in Velero in Velero v2.0. Use read-only backup storage locations instead.

Finally, check your deployment to verify that the configuration change was applied correctly:

helm get values -n kommander velero
CODE

To restore cluster data on demand from a selected backup snapshot available in the cluster, run a command similar to the following:

velero restore create --from-backup <BACKUP-NAME>
CODE

Important: If you are restoring using Velero from the default setup (and not using an external bucket or blob to store your backups), you may see an error when describing or viewing the logs of your backup restore. This is a known issue when restoring from an object store that is not accessible from outside your cluster. However, you can review the success of the backup restore by confirming the Phase is Completed and not in error, and viewing the logs by running these kubectl commands:

kubectl logs -l name=velero -n kommander --tail -1

Restore your DKP Management Cluster

When restoring a backup to the Management Cluster, you must adjust configuration to avoid restore errors.

Prior to restoring a backup

  1. Ensure the following ResourceQuota setup is not configured on your cluster (this ResourceQuota will be automatically restored)

    kubectl -n kommander delete resourcequota one-kommandercluster-per-kommander-workspace
    CODE
  2. Turn off the Workspace validation webhooks. Otherwise, you will not restore Workspaces with pre-configured namespaces. If the validation webhook named kommander-validating is present, it must be modified with this command:

    kubectl patch validatingwebhookconfigurations kommander-validating \
      --type json \
      --patch '[
        {
          "op": "remove",
          "path": "/webhooks/0/rules/3/operations/0"
        }
      ]'
    CODE

After restoring a backup

  1. Verify that the ResourceQuota named one-kommandercluster-per-kommander-workspace is restored

  2. Add the removed CREATE webhook rule operation with:

    kubectl patch validatingwebhookconfigurations kommander-validating \
      --type json \
      --patch '[
        {
          "op": "add",
          "path": "/webhooks/0/rules/3/operations/0",
          "value": "CREATE"
        }
      ]'
    CODE