Approach

Credentials

• Every cluster has two service accounts:

  • For the backups it uses an account which requires RW permissions.

  • For the restore it uses an account which only should have RO permissions.

• The access restrictions are enforced on the S3 side. E.g. this allows to give the restore of acceptance the right to read out of the production backup.

Tool selection for Volume backups

volsync is in use to backup and restore volumes. We switched from k8up mainly because the solid snapshot support of volsync and due to issues with deadlocks and piling up backup jobs in k8up.

Volsync specifics

Drawbacks

Volsync has two drawbacks at the moment:

1. It cannot backup multiple volumes into the same Restic repository. This is because it does not support --host, --tag and --path.

2. It does require a configuration per volume.

Both drawbacks are related and it seems that adding support for those is not too hard.

Strong aspects

It does support using CSI Snapshots leading to consistent backups.

Implementation pointers

• Mover implementation

• Restic shell script

• Helm chart