Skip to main content
Skip table of contents

Prepare your Cluster for Backup - AWS

This section describes how to prepare your cluster on an AWS environment, so it can be backed up before you begin with Platform Expansion: Convert a DKP Essential Cluster to a DKP Enterprise Managed Cluster.

Prerequisites

  • Ensure Velero is installed on your Essential cluster

  • Install the Velero CLI (Use at least Velero CLI version 1.10.1)

  • Ensure kubectl is installed

  • Ensure you have admin rights to the DKP Essential cluster

Prepare your Cluster

Run the following commands in the DKP Essential cluster. For general guidelines on how to set the context, refer to Provide Context for Commands with a kubeconfig File.

Prepare Velero

Enable the CSI snapshotting plug-in by providing a custom configuration of Velero.

  1. Create an Override with the custom configuration:

    CODE
    cat << EOF | kubectl apply -f -
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: velero-overrides
      namespace: kommander
    data:
      values.yaml: |
        ---
        configuration:
          features: EnableCSI
        initContainers:
          - name: velero-plugin-for-aws
            image: velero/velero-plugin-for-aws:v1.5.2
            imagePullPolicy: IfNotPresent
            volumeMounts:
              - mountPath: /target
                name: plugins
          - name: velero-plugin-for-csi
            image: velero/velero-plugin-for-csi:v0.4.2
            imagePullPolicy: IfNotPresent
            volumeMounts:
              - mountPath: /target
                name: plugins
    EOF
  2. Update the AppDeployment to apply the new configuration:

    CODE
    cat << EOF | kubectl -n kommander patch appdeployment velero --type='merge' --patch-file=/dev/stdin
    spec:
      configOverrides:
        name: velero-overrides
    EOF
  3. Verify the configuration has been updated before proceeding with the next section:

    CODE
    kubectl -n kommander wait --for=condition=Ready kustomization velero

    The output should look similar to this:

    CODE
    kustomization.kustomize.toolkit.fluxcd.io/velero condition met

Prepare the AWS IAM Permission

When creating a cluster on AWS, you provided an additional permission as specified in AWS Cluster IAM Policies, Roles, and Artifacts .

For the CSI plugin to function correctly, you must update the existing IAM role to include an additional policy.

Add the AmazonEBSCSIDriverPolicy policy to the control plane role control-plane.cluster-api-provider-aws.sigs.k8s.io:

CODE
aws iam attach-role-policy \
  --role-name control-plane.cluster-api-provider-aws.sigs.k8s.io \
  --policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy

This will allow the EBS CSI driver, a volume manager, to have enough permissions to create volume snapshots.

The default control plane role name is control-plane.cluster-api-provider-aws.sigs.k8s.io. If you customized this name when creating the AWS cluster, replace the default control plane role with the name you assigned to it.

Prepare the CSI Configuration

Configure a VolumeSnapshotClass object on the cluster, so Velero can create a volume snapshot:

CODE
cat << EOF | kubectl apply -f -
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
  name: aws
  labels:
    velero.io/csi-volumesnapshot-class: "true"
driver: ebs.csi.aws.com
deletionPolicy: Delete
parameters:
EOF

Next Step:

Back up a Cluster - AWS Environment

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.