Cloud Platform as a Service

 View Only

Migrate Block Storage PVCs from an IBM Cloud Kubernetes Classic cluster to VPC cluster

By Baker Pratt posted Tue July 16, 2024 10:53 AM

  
You're ready to move your workloads from an IBM Cloud Kubernetes Cluster running on classic infrastructure to a cluster running in a Virtual Private Cloud (VPC). One challenging piece to migrate can be storage. 
If you're running an OpenShift cluster, then you can use OpenShift API for Data Protection (OADP) to migrate data. For your Kubernetes cluster, we'll show you how to use Velero to migrate your block storage PVCs, PVs, and data.

Because the classic cluster's block storage operator does not use the CSI driver, we'll leverage Velero's File System Backup to backup and restore data. This means that you will need to backup and restore the pods that have mounted the PVCs, but these pods can be deleted at the end if they are no longer needed. If you also want to migrate deployments, configmaps, and other Kubernetes objects, then you can modify the Velero backup and restore commands to include those resources, as well.

Pre-requisites:

Steps:

  1. Create IBM Cloud Object Storage instance to store Velero resources.
  2. Create a COS bucket. Enter a unique name, then select cross-region for resiliency and us-geo for region.
  3. Create new HMAC credentials. Select Manager for role.
  4. Create a local credentials file for Velero. Use the HMAC credentials from the prior step. 
    [default]
aws_access_key_id=<HMAC_access_key_id>
aws_secret_access_key=<HMAC_secret_access_key>

  5. Create an IAM Access Group and assign the Service ID of the COS credentials from Step 3 to Cloud Object Storage. Include Manager and Viewer permissions. This gives Velero access to read and write to the COS bucket that you created.

  6. Target the classic cluster. 
    ibmcloud ks cluster config --cluster <classic-cluster>
  7. Install Velero on the classic cluster. If you selected a different region for the COS instance, adjust the command with the appropriate endpoints. By default, this will target all storage in the cluster for backup. 
        velero install \
        --provider aws \
        --plugins velero/velero-plugin-for-aws:v1.9.0 \
        --use-node-agent \
        --bucket <bucket-name> \
        --default-volumes-to-fs-backup \
        --backup-location-config region=us-geo,s3ForcePathStyle="true",s3Url=https://s3.us.cloud-object-storage.appdomain.cloud \
        --secret-file <hmac-credentials-file>
  8. Check the Velero pod status. 
    kubectl get pods -n velero
  9. Create a backup in the classic cluster. This command backs up all PVCs, PVs, and pods in the default namespace. You can also apply filters to target specific resources or namespaces. 
    velero backup create backup-classic-vpc --include-resources pvc,pv,pod --default-volumes-to-fs-backup --snapshot-volumes=false --include-namespaces default
  10. Check the backup status. 
    velero backup describe backup-classic-vpc
  11. Target the VPC cluster. 
    ibmcloud ks cluster config --cluster <vpc-cluster>
  12. Install Velero on the VPC cluster. 
        velero install \
        --provider aws \
        --plugins velero/velero-plugin-for-aws:v1.9.0 \
        --use-node-agent \
        --bucket classic-to-vpc \
        --default-volumes-to-fs-backup \
        --backup-location-config region=us-geo,s3ForcePathStyle="true",s3Url=https://s3.us.cloud-object-storage.appdomain.cloud \
        --secret-file <hmac-credentials-file>
  13. Check the Velero pod status. 
    kubectl get pods -n velero
  14. Create a configmap to map classic to VPC storage classes. Because VPC and classic object storage use different storage classes, you must map each storage class you use in classic to a desired storage class in VPC. An example of this is below. Change the fields in the data section to match your desired storage classes. 
    cat <<EOF | kubectl create -f -
apiVersion: v1
kind: ConfigMap
metadata:
  # any name can be used; Velero uses the labels (below)
  # to identify it rather than the name
  name: change-storage-class-config
  # must be in the velero namespace
  namespace: velero
  # the below labels should be used verbatim in your
  # ConfigMap.
  labels:
    # this value-less label identifies the ConfigMap as
    # config for a plugin (i.e. the built-in change storage
    # class restore item action plugin)
    velero.io/plugin-config: ""
    # this label identifies the name and kind of plugin
    # that this ConfigMap is for.
    velero.io/change-storage-class: RestoreItemAction
data:
  # add 1+ key-value pairs here, where the key is the old
  # storage class name and the value is the new storage
  # class name.
  ibmc-block-bronze: ibmc-vpc-block-5iops-tier
  ibmc-block-retain-silver: ibmc-vpc-block-retain-5iops-tier
  ibmc-block-gold: ibmc-vpc-block-10iops-tier
EOF
  15. Restore the storage backup to the VPC cluster. 
    velero restore create restore-classic-vpc --from-backup backup-classic-vpc --restore-volumes=true
  16. Check restore status. 
    velero restore describe restore-classic-vpc
  17. Delete restored pods if they are unneeded. 
    kubectl delete pod <pod>
  18. Uninstall Velero on the clusters. 
    velero uninstall

You have now migrated your PVCs, PVs and data from your classic Kubernetes cluster to your VPC Kubernetes cluster in IBM Cloud. You can migrate workloads, run tests against your data, and continue your journey to leveraging the advanced networking and security features of VPC.

0 comments
7 views

Permalink