kubernetes

Ultimate Guide to Velero for Kubernetes Backups

techhadoop kubernetes

Velero is an open-source tool used to back up, restore, and migrate Kubernetes cluster resources and persistent volumes.

Think of it as a safety net for your Kubernetes environment

What Velero actually does

Velero helps you:

  • Back up cluster data (like deployments, services, configs)
  • Restore your cluster if something breaks
  • Migrate workloads between clusters or cloud providers
  • Schedule automatic backups

How it works (simple view)

Velero connects your Kubernetes cluster to external storage (like cloud object storage — e.g., AWS S3, Azure Blob, etc.) and:

  1. Takes a snapshot of cluster resources
  2. Optionally backs up persistent volumes
  3. Stores everything outside the cluster
  4. Lets you restore it later when needed

What gets backed up

  • Kubernetes resources (Pods, Deployments, Services, etc.)
  • Persistent Volume data (via snapshots or file-level backups)
  • Namespaces and metadata

Common use cases

  • Disaster recovery (cluster crash, accidental deletion)
  • Migrating apps between clusters/clouds
  • Testing environments (restore production snapshot into staging)
  • Compliance backups

Velero vs basic backups

Without Velero, you’d have to manually export configs and handle storage snapshots yourself. Velero automates and organizes all of that.

Ecosystem

Velero is often used alongside:

  • Kubernetes-native tools
  • Cloud providers (AWS, Azure, GCP)
  • Storage plugins (for volume snapshots)

Here’s a simple, practical walkthrough to install Velero and run your first backup.

I’ll show the most common setup: Kubernetes + AWS S3 (others like Azure/GCP are similar).

1. Prerequisites

Make sure you have:

  • A running Kubernetes cluster
  • kubectl configured
  • An S3 bucket (or equivalent object storage)
  • AWS credentials (access key + secret)

2. Install Velero CLI

Download and install the Velero CLI:

# Mac (Homebrew)
brew install velero
# Or via binary
curl -L https://github.com/vmware-tanzu/velero/releases/latest/download/velero-darwin-amd64.tar.gz | tar -xz
sudo mv velero /usr/local/bin/

Verify:

velero version

3. Create credentials file

Create a file called credentials-velero:

[default]
aws_access_key_id=YOUR_ACCESS_KEY
aws_secret_access_key=YOUR_SECRET_KEY

4. Install Velero in your cluster

Run this command (replace bucket + region):

velero install \
  --provider aws \
  --plugins velero/velero-plugin-for-aws:v1.8.0 \
  --bucket YOUR_BUCKET_NAME \
  --backup-location-config region=us-east-1 \
  --snapshot-location-config region=us-east-1 \
  --secret-file ./credentials-velero

This will:

  • Deploy Velero into your cluster
  • Connect it to your S3 bucket
  • Set up volume snapshot support

5. Verify installation

kubectl get pods -n velero

You should see a running Velero pod.

6. Create your first backup

Backup entire cluster:

velero backup create my-first-backup

Backup a specific namespace:

velero backup create my-backup \
  --include-namespaces my-namespace

7. Check backup status

velero backup get

Describe it:

velero backup describe my-first-backup

8. Restore from backup

velero restore create --from-backup my-first-backup

9. (Optional) Schedule automatic backups

velero schedule create daily-backup \
  --schedule="0 2 * * *"

This runs every day at 2 AM.

Tips that actually matter

  • Start with namespace backups, not full cluster
  • Use labels to target specific apps
  • Test restore early (don’t wait for disaster)
  • Monitor storage costs (snapshots + S3)

Common mistakes

  • Wrong IAM permissions → backups silently fail
  • Forgetting persistent volumes → incomplete recovery
  • Not testing restores → risky in real incidents