Kentledge is a Kubernetes operator designed to facilitate the backup and restore of persistent volumes (PVs) in Kubernetes, along with associated MySQL databases and S3 buckets. This project aims to provide a comprehensive backup solution that handles various types of storage efficiently, ensuring data integrity and availability.
- Backup and restore of PersistentVolumes (PVs)
- Backup and restore of MySQL databases
- Backup and restore of S3 buckets
- Support for ReadWriteOnce (RWO) and ReadWriteMany (RWX) volume modes
- Scheduling of backups using custom resources
- Retention policies for backup data
- Integration with Borg backup server
This project is currently under heavy development. The features described in this README are planned to be supported, but are not currently implemented.
- Write README with planned features :D
- Support basic backup functionality
- Support backup of ReadWriteMany volumes
- Support backup of ReadWriteOnce volumes
- Support restore
- Support pre- and postrestore/backup hooks
- Support MySQL backup
- Support S3 backup
This project is build using metacontroller, and need to have
Metacontroller installed as well.
Kentledge is installed into your Kubernetes cluster via a Helm chart located in the helm subdirectory.
-
Add the Kentledge Helm repository:
git clone https://github.com/Deltachaos/kubernetes-kentledge.git cd kubernetes-kentledge/helm/kentledge -
Install the Kentledge Helm chart:
helm install kentledge .
The Backup CRD defines the backup schedule and targets. Here's an example manifest:
apiVersion: kentledge.deltachaos.de/v1alpha1
kind: Backup
metadata:
name: daily-backup
spec:
schedule: "0 2 * * *" # Cron schedule for daily backups at 2 AM
clusterBackupStore:
name: default-store
targets:
- type: mysql
name: mydatabase1
url: mysql://user:password@mysql-host:3306/database1
- type: mysql
name: mydatabase2
url: mysql://user:password@mysql-host:3306/database2
- type: s3
name: mybucket
url: s3://access-key:secret-key@s3-bucket-name
- type: pvc
name: important-app
- type: pvc
matchLabel:
app: important-appThe ClusterBackupStore CRD defines the backup storage configuration, including credentials and retention policies. Here's an example manifest:
apiVersion: kentledge.deltachaos.de/v1alpha1
kind: ClusterBackupStore
metadata:
name: default-store
spec:
borgBackupServer:
url: borg://backup-server:repo
credentials:
username: borg-user
password: borg-password
storageClass: "default" # Optional storage class for temporary volumes, defaults to emptydir
retentionPolicy:
keepDaily: 7
keepWeekly: 4
keepMonthly: 6The Kentledge operator creates a CronJob resource for each Backup custom resource. To handle ReadWriteOnce volumes, it uses a DaemonSet to mount the /var/lib/kubelet directories. During a backup job, the operator mounts ReadWriteOnce volumes via SSHFS if a pod using the volume is already running. Otherwise, it uses the Kubernetes native method, temporarily preventing other pods from accessing the volume. ReadWriteMany volumes are always mounted natively by Kubernetes.
- Use ReadWriteMany volumes: While Kentledge supports both ReadWriteOnce and ReadWriteMany volumes, it is recommended to use ReadWriteMany volumes for more stable operation.
- Comprehensive Backups: Kentledge ensures that all targets defined in the
Backupresource are backed up in a single run. This holistic approach guarantees consistency across different storage types.
We welcome contributions to Kentledge!
Kentledge is licensed under the AGPL License.
For any inquiries or issues, please open an issue on our GitHub repository or contact me via email at [email protected].