Configuring Back Up and Restore for Tanzu Application Service for Kubernetes

This topic provides an overview of how to configure back up and restore for Tanzu Application Service for Kubernetes (TAS for Kubernetes).

Overview

After installing TAS for Kubernetes, install and configure Velero in your environment to enable TAS for Kubernetes back up and restore functions. See Install and Configure Velero and Back Up Components below.

Prerequisites

The following are required for TAS for Kubernetes back up and restore.

General Prerequisites

The following are required before configuring back up and restore for TAS for Kubernetes:

• A TAS for Kubernetes installation configured to use an external Tanzu Postgres Pod for the CCDB and UAA databases. For more information, see Configuring Your System Databases and Installing Tanzu Application Service for Kubernetes.
  
• The Kubernetes command line tool (kubectl) is installed in your environment. For more information, see Installing Command-Line Tools.
• A working Kubernetes cluster. For more information, see Supported Kubernetes Distributions in Release Notes.

Prerequisites for vSphere

The following are additional requirements for configuring back up and restore for TAS for Kubernetes on vSphere:

• The vSphere back up and restore user account must meet additional requirements:
  • vSphere CSI driver user requirements. For more information on the vSphere CSI Driver requirements, see vSphere Roles and Privileges in the vSphere CSI Driver - Prerequisites documentation.
  • Virtual Disk Development Kit (VDDK) user requirements. For more information on the VDDK requirements, see Credentials and Privileges for VMDK Access in the Virtual Disk Development Kit Programming Guide documentation.
    
    Apply user privileges at the vCenter Server level.

• The installed components must meet the following supported product requirements:

  • Velero: v1.3.2 or later
  • vSphere: v6.7U3 or later
  • vSphere CSI/CNS driver: v1.0.2 or later
  • Kubernetes: v1.14 or later

  For more information, see Compatibility and Prerequisites in Velero Plugin for vSphere in GitHub.

Install and Configure Velero and Back Up Components

Velero and an Iaas specific Velero plugin must be installed to back up and restore TAS for Kubernetes.

The Velero plugin requires specific IaaS permissions to enable disk snapshotting, storage bucket read/write permissions and other back up and restore features.

To set up back up components:

1. To install the Velero CLI, see Install the CLI in the Velero documentation.

2. To install the Velero plug-in and configure back up components, follow the steps required by your IaaS:

   • Configure Back Up Components on AWS
   • Configure Back Up Components on Azure
   • Configure Back Up Components on GCP
   • Configure Back Up Components on vSphere

Configure Back Up Components on AWS

To install and configure Velero for TAS for Kubernetes on AWS:

1. To create a storage bucket for Velero, follow the steps in Create S3 bucket in Velero plugins for AWS in GitHub.

2. To grant access permissions, follow the steps in Set permissions for Velero in Velero plugins for AWS in GitHub.

3. To install Velero, follow the steps in Install and start Velero in Velero plugins for AWS in GitHub.

Configure Back Up Components on Azure

To install and configure Velero for TAS for Kubernetes on Azure:

1. To create a storage container for Velero, follow the steps in Create Azure storage account and blob container in Velero plugins for Azure in GitHub.

2. To grant access permissions, follow the steps in Set permissions for Velero in Velero plugins for Microsoft Azure in GitHub.

3. To install Velero, follow the steps in Install and start Velero in Velero plugins for Azure in GitHub.

Configure Back Up Components on GCP

To install and configure Velero for TAS for Kubernetes on GCP:

1. To create a storage container for Velero, follow the steps in Create an GCS bucket in Plugins for Google Cloud Platform (GCP) in GitHub.

2. To grant access permissions, follow the steps in Set permissions for Velero in Plugins for Google Cloud Platform (GCP) in GitHub.

3. To install Velero, follow the steps in Install and start Velero in Plugins for Google Cloud Platform (GCP) in GitHub.

Configure Back Up Components on vSphere

To install and configure Velero for TAS for Kubernetes on vSphere:

1. Confirm you have completed the steps in Prerequisites for vSphere above.

2. To create a storage location for Velero:

   1. Follow the steps in Create a VolumeSnapshotLocation in Velero Plugin for vSphere in GitHub.
   2. Follow the steps in Setting a default VolumeSnapshotLocation in Velero Plugin for vSphere in GitHub.

3. To grant access permissions, follow the steps in Set permissions for Velero in Velero plugins for AWS in GitHub.

4. To install Velero, follow the steps in Install and start Velero in Velero plugins for AWS in GitHub.

Note: The Velero Plug-in for vSphere does not support Guest or Supervisor clusters on vSphere.