ConfigsApr 11, 2026·1 min read

Velero — Backup, Migrate & Disaster Recovery for Kubernetes

Velero is the standard tool for backing up and restoring Kubernetes cluster resources and persistent volumes. Migrate workloads between clusters and recover from disasters.

AI
AI Open Source · Community
Quick Use

Use it first, then decide how deep to go

This block should tell both the user and the agent what to copy, install, and apply first.

# Install Velero CLI
brew install velero

# Install in cluster with S3 backend
velero install 
  --provider aws 
  --plugins velero/velero-plugin-for-aws:v1.9.0 
  --bucket my-backup-bucket 
  --backup-location-config region=us-west-2 
  --snapshot-location-config region=us-west-2 
  --secret-file ./credentials-velero

# Create first backup
velero backup create my-backup --include-namespaces default
Intro

Velero is an open-source tool to safely back up, restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. Originally created by Heptio (now VMware Tanzu), Velero works with all major cloud providers and on-premises Kubernetes clusters — making it the standard solution for Kubernetes backup and disaster recovery.

With 10K+ GitHub stars and Apache-2.0 license, Velero is used by thousands of organizations to protect Kubernetes workloads, enable cluster migrations, and meet compliance requirements.

What Velero Does

  • Backup: Back up Kubernetes resources and persistent volumes
  • Restore: Restore backed-up resources to the same or different cluster
  • Disaster Recovery: Recover from cluster failures
  • Cluster Migration: Move workloads between clusters (cloud to cloud, on-prem to cloud)
  • Scheduled Backups: Automated periodic backups with retention policies
  • Selective Backup: Filter by namespace, label, or resource type
  • Volume Snapshots: Native cloud volume snapshots (EBS, GCE PD, Azure Disk)
  • File System Backup: Restic/Kopia-based file-level backups for any volume
  • Hooks: Pre/post backup/restore hooks for app-consistent backups
  • CSI Support: Container Storage Interface snapshot integration
  • Multi-Cloud: AWS, Azure, GCP, Alibaba Cloud, Digital Ocean, and more

Architecture

┌─────────────────────────────────────────────┐
│          Kubernetes Cluster                  │
│                                              │
│  ┌──────────────┐  ┌──────────────────┐     │
│  │ Velero Server│  │  Your Workloads  │     │
│  │              │  │  - Deployments   │     │
│  │  Controllers │  │  - Services      │     │
│  │  - Backup    │  │  - ConfigMaps    │     │
│  │  - Restore   │  │  - Secrets       │     │
│  │  - Schedule  │  │  - PVCs          │     │
│  └──────┬───────┘  └──────────────────┘     │
└─────────┼────────────────────────────────────┘
          │
          ▼
┌──────────────────────────────────────────────┐
│  Backup Storage Location                     │
│  ┌────────────┐  ┌────────────┐             │
│  │ S3 / GCS / │  │ Volume     │             │
│  │ Azure Blob │  │ Snapshots  │             │
│  └────────────┘  └────────────┘             │
└──────────────────────────────────────────────┘

Installation

AWS S3

# Create S3 bucket
aws s3 mb s3://velero-backups-mycluster

# Create IAM user with S3 access
aws iam create-user --user-name velero

# Save credentials to file
cat > credentials-velero <<EOF
[default]
aws_access_key_id=YOUR_KEY
aws_secret_access_key=YOUR_SECRET
EOF

# Install Velero
velero install 
  --provider aws 
  --plugins velero/velero-plugin-for-aws:v1.9.0 
  --bucket velero-backups-mycluster 
  --backup-location-config region=us-west-2 
  --snapshot-location-config region=us-west-2 
  --secret-file ./credentials-velero

MinIO (Self-Hosted)

# Assuming MinIO is already running
velero install 
  --provider aws 
  --plugins velero/velero-plugin-for-aws:v1.9.0 
  --bucket velero 
  --secret-file ./credentials-velero 
  --use-volume-snapshots=false 
  --backup-location-config region=minio,s3ForcePathStyle=true,s3Url=http://minio.minio.svc:9000

Usage Examples

Basic Backup

# Backup entire cluster
velero backup create cluster-backup

# Backup specific namespace
velero backup create nginx-backup --include-namespaces nginx-app

# Backup by label selector
velero backup create app-backup --selector app=frontend

# Backup with TTL (auto-delete after 30 days)
velero backup create weekly-backup --ttl 720h

Scheduled Backups

# Daily backup at 1am
velero schedule create daily --schedule "0 1 * * *"

# Weekly backup on Sundays
velero schedule create weekly 
  --schedule "@weekly" 
  --ttl 720h 
  --include-namespaces production

# View schedules
velero schedule get

# Trigger schedule immediately
velero backup create --from-schedule daily

Restore

# List backups
velero backup get

# Describe backup
velero backup describe cluster-backup

# Restore entire backup
velero restore create --from-backup cluster-backup

# Restore to different namespace
velero restore create --from-backup nginx-backup 
  --namespace-mappings nginx-app:nginx-test

# Restore only specific resources
velero restore create --from-backup cluster-backup 
  --include-resources deployments,configmaps

# Restore with labels filter
velero restore create --from-backup cluster-backup 
  --selector environment=production

Cluster Migration

# On source cluster
velero backup create migration-backup --include-namespaces myapp

# Wait for completion
velero backup describe migration-backup

# Switch kubectl context to destination cluster
kubectl config use-context destination-cluster

# Install Velero on destination with same backup storage
velero install --provider aws ... (same config)

# Restore
velero restore create --from-backup migration-backup

Backup Hooks

# Pre-backup hook: Flush database
apiVersion: v1
kind: Pod
metadata:
  annotations:
    pre.hook.backup.velero.io/container: postgres
    pre.hook.backup.velero.io/command: '["/bin/bash", "-c", "pg_dumpall > /backup/dump.sql"]'
    post.hook.backup.velero.io/container: postgres
    post.hook.backup.velero.io/command: '["/bin/bash", "-c", "rm /backup/dump.sql"]'
spec:
  containers:
    - name: postgres
      image: postgres:16

Volume Backups

# Use CSI snapshots (recommended for modern clusters)
velero backup create app-backup 
  --include-namespaces production 
  --snapshot-volumes=true 
  --features=EnableCSI

# Use Restic for file-level backup (works with any storage)
velero backup create app-backup 
  --include-namespaces production 
  --default-volumes-to-fs-backup

Backup Storage Backends

Provider Plugin Volume Snapshots
AWS velero-plugin-for-aws EBS
Azure velero-plugin-for-microsoft-azure Azure Disk
GCP velero-plugin-for-gcp GCE PD
Alibaba velero-plugin-for-alibabacloud Cloud Disk
DigitalOcean velero-plugin-for-do Block Storage
MinIO/S3-compat AWS plugin Via CSI
vSphere velero-plugin-for-vsphere vSphere volumes

Key Features

Restic/Kopia File System Backup

For storage without native snapshots or CSI:

# Enable file system backup by default
velero install 
  --use-node-agent 
  --default-volumes-to-fs-backup 
  ...

# Backup includes all volumes automatically
velero backup create app-backup --include-namespaces production

Backup Compression

apiVersion: velero.io/v1
kind: Backup
metadata:
  name: compressed-backup
spec:
  storageLocation: default
  includedNamespaces:
    - production
  snapshotVolumes: true
  ttl: 720h0m0s

Retention & Cleanup

# Delete old backups
velero backup delete old-backup

# Delete all backups older than 30 days
velero backup delete --confirm 
  --label-selector 'velero.io/backup-name!='

# Automatic cleanup via schedule TTL

Velero vs Alternatives

Feature Velero Kasten K10 Portworx PX-Backup Stash
Open Source Yes (Apache-2.0) No No Yes (Apache-2.0)
Cluster backup Yes Yes Yes Yes
Volume snapshots Native cloud + CSI Yes Native Restic
App-consistent Via hooks Yes (Kanister) Yes Via hooks
Migration Yes Yes Yes Limited
Multi-cloud Yes Yes Yes Yes
Pricing Free $0.25/GB Paid Free
Complexity Medium Low (GUI) Medium Medium

常见问题

Q: Velero 能备份数据库吗? A: 能,但需要正确配置以保证一致性。简单方法是使用 backup hooks 在备份前 pause 数据库写入或执行 dump。对于 PostgreSQL 等数据库,建议使用数据库原生备份工具 + Velero 备份配置和持久卷。

Q: 备份存储需要多大空间? A: 取决于数据量。Velero 只备份 Kubernetes 资源定义(几 MB)+ 持久卷数据(实际大小)。启用压缩可以减少 30-50% 空间。建议使用 S3 生命周期策略自动清理旧备份。

Q: 可以跨云迁移吗? A: 可以。这是 Velero 的核心使用场景之一。在源集群备份到 S3,在目标集群(可以是另一个云)使用相同的备份存储配置,然后执行 restore。存储类和网络配置可能需要调整。

来源与致谢

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets

pnpm — Fast, Disk-Space Efficient Package Manager

pnpm is a fast, disk-space efficient package manager for Node.js. Uses a content-addressable store and symlinks to avoid duplicating packages across projects — saves gigabytes and installs 2x faster than npm.

AI Open Source

Zustand — Bear-Sized State Management for React

Zustand is a small, fast, and scalable bearbones state-management solution for React. A cozy alternative to Redux with a simple hooks API, no providers needed, and first-class TypeScript support.

AI Open Source

Vitest — Next Generation Testing Framework Powered by Vite

Vitest is a blazing-fast unit testing framework powered by Vite, with native ESM, TypeScript, and JSX support. Jest-compatible API, instant HMR for tests, and in-source testing make it the go-to test runner for Vite projects.

AI Open Source
Home🔍Search👤Me