Use the backup center to back up applications in one ACK cluster and restore them in another cluster in a different region. This enables cross-region disaster recovery for your Kubernetes workloads.
Before you start
Review the following constraints to confirm that your scenario is supported before investing time in the procedure.
| Constraint | Detail |
|---|---|
| Storage type | Cross-region migration supports only applications and volumes that use Alibaba Cloud disks. Applications using other storage types cannot be migrated with volume data intact. |
| Stateful apps with non-Alibaba Cloud storage | Do not select Backup Volume when backing up these applications. Selecting it causes cross-region recovery to fail. |
| Destination cluster version | The destination cluster must run Kubernetes version 1.18 or later to restore cloud disk data from Elastic Compute Service (ECS) snapshots. |
| Destination cluster storage plugin | The destination cluster must use the Container Storage Interface (CSI) storage plugin. Clusters using the FlexVolume storage plugin, or both CSI and FlexVolume via the csi-compatible-controller component, are not supported. |
| Resources being deleted | Resources in the process of deletion at backup time are not included in the backup. |
| Backup repository immutability | A backup repository cannot be updated after creation — it can only be deleted. If you delete a repository and recreate it with the same name, the new repository does not work in clusters that used the original. |
| ACK dedicated and registered clusters | For clusters running self-managed Kubernetes on ECS instances, verify that ECS disk snapshot permissions are granted before using cross-region volume recovery. See Install the migrate-controller backup service component and configure permissions. |
Prerequisites
Before you begin, make sure you have:
A destination cluster running Kubernetes 1.18 or later. To create a cluster, see Create an ACK managed cluster, Create an ACK dedicated cluster (no longer available for new creation), or Create a registered cluster and connect to a data center cluster.
A destination cluster that uses the CSI storage plugin.
Required system components installed and configured in the destination cluster before starting a restore job:
ACR passwordless component: Grant permissions and configure
acr-configuration.ALB Ingress component: Configure
ALBConfigand other settings.
The
migrate-controllerbackup service component installed and permissions configured on both the backup cluster and the recovery cluster. See Install the migrate-controller backup service component and configure permissions.ECS cloud disk snapshots enabled. See Enable ECS cloud disk snapshots. Enabling the snapshot service is free. After a snapshot is created, charges apply based on its size and retention period using pay-as-you-go billing. See Snapshot billing.
Preparations
This topic walks through a complete backup-and-restore example:
Backup cluster: ACK Pro cluster Cluster_BJ in the China (Beijing) region
Recovery cluster: ACK Pro cluster Cluster_SZ in the China (Shenzhen) region
Backup repository: Associated with an Object Storage Service (OSS) bucket in the China (Beijing) region
Step 1: In the China (Beijing) region, create an OSS bucket with a name that starts with cnfs-oss-***.
If a qualifying OSS bucket already exists in this region, skip this step.
Step 2: Create a stateful Nginx application in the default namespace of Cluster_BJ by running the following command.
cat << EOF | kubectl apply -f -
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
selector:
matchLabels:
app: nginx
serviceName: "nginx"
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
name: web
volumeMounts:
- name: www
mountPath: /usr/share/nginx/html
volumeClaimTemplates:
- metadata:
name: www
labels:
app: nginx
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "alicloud-disk-topology-alltype"
resources:
requests:
storage: 20Gi
EOFStep 1: Create a backup repository
The backup center uses OSS to store backup data. If no backup repository exists when you create a backup job, create one first.
The network connection between a backup repository and its OSS bucket is set automatically. This affects backup upload and download speeds.
Same region (cluster and OSS bucket): PrivateLink is used.
Different regions (cluster and OSS bucket, as in this cross-region scenario): A public network connection is used. Enable public network access for the cluster before proceeding. See Enable public network access for a cluster.
You cannot update a backup repository after it is created. You can only delete it. If you delete a backup repository and then create a new one with the same name, the new repository will not work in clusters that used the original backup repository.
For instructions, see Create a backup repository.
Step 2: Back up the application in Cluster_BJ
This cross-region scenario supports only stateless applications and stateful applications that use Alibaba Cloud disks exclusively. For all other stateful applications, clear Backup Volume to prevent cross-region recovery failures.
For instructions, see Create a backup schedule or an immediate backup.
Step 3: Restore the application in Cluster_SZ
For instructions, see Restore applications and volumes.
Step 4: Verify the migration
Confirm that the Nginx application is running correctly in Cluster_SZ.
Using kubectl:
kubectl get pods -n default
kubectl get pvc -n defaultConfirm that the Pod status is Running and the PersistentVolumeClaim (PVC) is in Bound state.
Using the console:
Log on to the Container Service Management Console. In the left navigation pane, click Clusters.
On the management page for Cluster_SZ, choose Workloads > StatefulSets in the left navigation pane.
In the Actions column for the Nginx application, click Details, then click the Pods tab. Confirm that the application status is Running.
What's next
To migrate applications between clusters that use different storage plugins or run different Kubernetes versions, see Use the backup center to migrate applications from Kubernetes clusters of earlier versions.
To migrate cluster applications using the command line, see Use kubectl to back up and restore cluster applications.