# Velero Backup Operator This Helm chart deploys the Velero backup and restore operator with Storj as the backup storage provider. ## Overview Velero is a tool to back up and restore Kubernetes cluster resources and persistent volumes. This chart configures Velero to use Storj as the backup storage backend. ## Integration with ContainerMomDeployment CRs This Velero configuration is designed to work with the Container Mom operator, which annotates workloads based on backup plans specified in ContainerMomDeployment custom resources. ### Backup Plan Specification The ContainerMomDeployment CR supports backup configuration via the `.spec.backupPlan` field: ```yaml apiVersion: container.mom/v1alpha1 kind: ContainerMomDeployment metadata: name: my-stateful-app spec: # ... other fields ... # Backup configuration - only applicable for stateful workloads backupPlan: enabled: true # Enable or disable backups schedule: "0 3 * * *" # Cron schedule (default: daily at 3AM) retentionPeriod: "168h" # How long to keep backups (default: 7 days) priority: "standard" # Backup priority: standard or high # Component-specific backup configuration components: - name: database type: statefulset # ... other component fields ... backupPlan: enabled: true priority: "high" # Override to high priority for this component ``` The Container Mom operator applies the backup priority annotation to resources based on the backup plan: - `containermom.io/backup-priority: "high"` - Set on resources with high priority backups ## Backup Focus The backup configuration is designed to protect four key types of data: 1. **ContainerMom Custom Resources** - These CRs function as the "database" of the service: - Customer resources - Deployment configurations - Templates - Builder configurations *Backed up daily at 1 AM with 30-day retention period* 2. **Forgejo Instance** - The stateful Git repository service: - PVCs storing Git repositories - Deployments and StatefulSets - Configuration data (ConfigMaps and Secrets) *Backed up daily at 2 AM with 30-day retention period* 3. **All Customer Stateful Workloads** - Any customer workload with persistent volumes: - Automatically backs up all workloads with PVCs in the containermom-workloads namespace - No annotation requirement - if it has persistent storage, it will be backed up - Includes all related resources (deployments, pods, configmaps, etc.) *Backed up daily at 3 AM with 7-day retention period* 4. **High-Priority Customer Workloads** - Mission-critical customer data: - More frequent backups for workloads annotated with `containermom.io/backup-priority: "high"` - Automatically set by the operator based on ContainerMomDeployment backupPlan.priority *Backed up every 6 hours with 7-day retention for fast recovery* ## Storage Configuration The Velero operator is configured to use Storj as its backup storage destination. Storj is a decentralized cloud storage platform that provides S3-compatible API access. ### Required Credentials To use Storj with Velero, you need to provide the following credentials as environment variables: - `STORJ_ACCESS_KEY_ID`: Access Key ID for Storj S3 gateway - `STORJ_SECRET_ACCESS_KEY`: Secret Access Key for Storj S3 gateway - `STORJ_ACCESS_GRANT` (optional): Storj access grant for additional functionality These can be provided when installing or upgrading the chart: ```bash helm upgrade --install velero ./manifests/40-velero \ --set backupStorage.bucket=your-bucket-name \ --set-string backupStorage.config.storjEndpoint=gateway.storjshare.io \ --set-file STORJ_ACCESS_KEY_ID=/path/to/access-key \ --set-file STORJ_SECRET_ACCESS_KEY=/path/to/secret-key ``` ## Restic Integration This chart enables Restic for volume backup by default. Restic allows backing up persistent volumes without cloud provider snapshots. This is especially important for: - Forgejo's Git repository storage - Customer stateful workloads that need volume-level backups ## Restoring from Backup ### Disaster Recovery Scenario In a disaster recovery scenario, use these steps to restore the Container Mom platform: 1. First, restore the ContainerMom CRs: ```bash velero restore create --from-backup containerMomCRs-[timestamp] ``` 2. Then, restore the Forgejo instance: ```bash velero restore create --from-backup forgejo-[timestamp] ``` 3. Finally, restore customer workloads: ```bash # Standard customer workloads velero restore create --from-backup customerWorkloads-[timestamp] # High priority workloads velero restore create --from-backup highPriorityBackup-[timestamp] ``` ### Selective Restoration For selective restoration of specific resources: ```bash # Restore a specific namespace velero restore create --from-backup containerMomCRs-[timestamp] --include-namespaces containermom-system # Restore a specific deployment velero restore create --from-backup customerWorkloads-[timestamp] --include-resources deployments --selector "app=wordpress" # Restore a high-priority workload velero restore create --from-backup highPriorityBackup-[timestamp] --selector "containermom.io/backup-priority=high" ``` ## Additional Documentation For more information on using Velero, refer to the [official Velero documentation](https://velero.io/docs/).