This topic describes how to use Velero and restic to migrate cloud-native applications and data on persistent volumes (PVs) from a user-created Kubernetes cluster to an Alibaba Cloud Container Service for Kubernetes (ACK) cluster. You can also use Velero and restic to migrate applications and data on PVs from a Kubernetes cluster managed by another cloud provider to an ACK cluster.
Prerequisites
In most cases, a user-created Kubernetes cluster resides in a data center and container images are stored in a user-created image repository. Before you migrate applications, you must migrate the container images to Alibaba Cloud Container Registry (ACR). For more information, see Migrate container images.
registry.api.paas.com:5000/admin/wordpress:latest
registry.api.paas.com:5000/admin/mysql:8
registry.cn-hangzhou.aliyuncs.com/ack-migration/wordpress:latest
registry.cn-hangzhou.aliyuncs.com/ack-migration/mysql:8
Background information
This topic describes how to migrate the WordPress application from a user-created Kubernetes cluster to an ACK cluster. The WordPress application consists of two components: WordPress and MySQL. Each component uses a Network File System (NFS) PV to store application data. The WordPress application provides services of the NodePort type.
Procedure
Set up the environment
Back up the application in the user-created Kubernetes cluster
- If you want to back up only the WordPress application, run the following commands:
velero backup create wordpress-backup-without-pv --include-namespaces wordpress
# Output Backup request "wordpress-backup-without-pv" submitted successfully. Run `velero backup describe wordpress-backup-without-pv` or `velero backup logs wordpress-backup-without-pv` for more details.
velero backup get
# Output NAME STATUS CREATED EXPIRES STORAGE LOCATION SELECTOR wordpress-backup-without-pv Completed 2019-12-12 14:08:24 0800 CST 29d default <none>
- If you want to back up the WordPress application and PV data, run the following commands:
# Annotate the pods to which PVs are attached. Assume that the WordPress application runs on the wordpress-7cf5849f47-mbvx4 and mysql-74dddbdcc8-h2tls pods. kubectl -n wordpress annotate pod/wordpress-7cf5849f47-mbvx4 backup.velero.io/backup-volumes=wordpress-persistent-storage pod/wordpress-7cf5849f47-mbvx4 annotated
# The PV attached to the wordpress-7cf5849f47-mbvx4 pod is mysql-persistent-storage. The PV attached to the mysql-74dddbdcc8-h2tls pod is wordpress-persistent-storage. Run the following commands to annotate the pods: kubectl -n wordpress annotate pod/mysql-74dddbdcc8-h2tls backup.velero.io/backup-volumes=mysql-persistent-storage pod/mysql-74dddbdcc8-h2tls annotated
# Back up the WordPress application. velero backup create wordpress-backup-with-pv --include-namespaces wordpress
# Output Backup request "wordpress-backup-with-pv" submitted successfully. Run `velero backup describe wordpress-backup-with-pv` or `velero backup logs wordpress-backup-with-pv` for more details.
velero backup get
# Output NAME STATUS CREATED EXPIRES STORAGE LOCATION SELECTOR wordpress-backup-with-pv Completed 2019-12-12 14:23:40 0800 CST 29d default <none> wordpress-backup-without-pv Completed 2019-12-12 14:08:24 0800 CST 29d default <none>
In the OSS console, you can view the files that have been backed up in the OSS bucket.
Restore the application in the ACK cluster
In the user-created Kubernetes cluster, the WordPress application uses NFS PVs. In the ACK cluster, you can configure Apsara File Storage NAS volumes to store data of the WordPress application. In this example, a StorageClass named nfs is created for the WordPress application, and Alibaba Cloud SSDs are used as backend storage.
The CSI plug-in is used in this example. For more information, see Provision Alibaba Cloud disks as dynamic volumes.
Update application configurations
Application configurations include the image address, service exposure method, and the mount point of the storage disks used by the application. This topic describes only how to update the image address.
Debug and start the application.
# 1. Create a StorageClass named nfs.
cat nfs-sc.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs
provisioner: helm.default/nfs
reclaimPolicy: Delete
kubectl apply -f nfs-sc.yaml
# 2. Create a secret to store the password of the MySQL component. For example, if the password is mysql, run the echo -n "mysql" |base64 command to query the Base64-encoded string of the password.
cat secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysql
type: Opaque
data:
password: bXlzcWw=
kubectl apply -f secret.yaml
# 3. Create a service, a persistent volume claim (PVC), and a deployment for the MySQL component.
cat mysql.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
labels:
app: mysql
spec:
type: ClusterIP
ports:
- port: 3306
selector:
app: mysql
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-volumeclaim
annotations:
volume.beta.kubernetes.io/storage-class: "nfs"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
securityContext:
runAsUser: 999
runAsGroup: 999
fsGroup: 999
containers:
- image: registry.api.paas.com:5000/admin/mysql:8
name: mysql
args:
- "--default-authentication-plugin=mysql_native_password"
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-volumeclaim
kubectl apply -f mysql.yaml
# 4. Create a PVC, a deployment, and a service for the WordPress component.
cat wordpress.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: wordpress
name: wordpress
spec:
ports:
- port: 80
targetPort: 80
protocol: TCP
nodePort: 31570
selector:
app: wordpress
type: NodePort
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wordpress-volumeclaim
annotations:
volume.beta.kubernetes.io/storage-class: "nfs"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- image: registry.api.paas.com:5000/admin/wordpress
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: mysql:3306
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: password
ports:
- containerPort: 80
name: wordpress
volumeMounts:
- name: wordpress-persistent-storage
mountPath: /var/www/html
volumes:
- name: wordpress-persistent-storage
persistentVolumeClaim:
claimName: wordpress-volumeclaim
kubectl apply -f wordpress.yaml