- Create IBM Cloud Object Storage instance to store Velero resources.
- Create a COS bucket. Enter a unique name, then select cross-region for resiliency and us-geo for region.
- Create new HMAC credentials. Select Manager for role.
- Create a local credentials file for Velero. Use the HMAC credentials from the prior step.
[default]
aws_access_key_id=<HMAC_access_key_id>
aws_secret_access_key=<HMAC_secret_access_key>
-
Create an IAM Access Group and assign the Service ID of the COS credentials from Step 3 to Cloud Object Storage. Include Manager and Viewer permissions. This gives Velero access to read and write to the COS bucket that you created.
- Target the classic cluster.
ibmcloud ks cluster config --cluster <classic-cluster>
- Install Velero on the classic cluster. If you selected a different region for the COS instance, adjust the command with the appropriate endpoints. By default, this will target all storage in the cluster for backup.
velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.9.0 \
--use-node-agent \
--bucket <bucket-name> \
--default-volumes-to-fs-backup \
--backup-location-config region=us-geo,s3ForcePathStyle="true",s3Url=https://s3.us.cloud-object-storage.appdomain.cloud \
--secret-file <hmac-credentials-file>
- Check the Velero pod status.
kubectl get pods -n velero
- Create a backup in the classic cluster. This command backs up all PVCs, PVs, and pods in the default namespace. You can also apply filters to target specific resources or namespaces.
velero backup create backup-classic-vpc --include-resources pvc,pv,pod --default-volumes-to-fs-backup --snapshot-volumes=false --include-namespaces default
- Check the backup status.
velero backup describe backup-classic-vpc
- Target the VPC cluster.
ibmcloud ks cluster config --cluster <vpc-cluster>
- Install Velero on the VPC cluster.
velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.9.0 \
--use-node-agent \
--bucket classic-to-vpc \
--default-volumes-to-fs-backup \
--backup-location-config region=us-geo,s3ForcePathStyle="true",s3Url=https://s3.us.cloud-object-storage.appdomain.cloud \
--secret-file <hmac-credentials-file>
- Check the Velero pod status.
kubectl get pods -n velero
- Create a configmap to map classic to VPC storage classes. Because VPC and classic object storage use different storage classes, you must map each storage class you use in classic to a desired storage class in VPC. An example of this is below. Change the fields in the data section to match your desired storage classes.
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: ConfigMap
metadata:
# any name can be used; Velero uses the labels (below)
# to identify it rather than the name
name: change-storage-class-config
# must be in the velero namespace
namespace: velero
# the below labels should be used verbatim in your
# ConfigMap.
labels:
# this value-less label identifies the ConfigMap as
# config for a plugin (i.e. the built-in change storage
# class restore item action plugin)
velero.io/plugin-config: ""
# this label identifies the name and kind of plugin
# that this ConfigMap is for.
velero.io/change-storage-class: RestoreItemAction
data:
# add 1+ key-value pairs here, where the key is the old
# storage class name and the value is the new storage
# class name.
ibmc-block-bronze: ibmc-vpc-block-5iops-tier
ibmc-block-retain-silver: ibmc-vpc-block-retain-5iops-tier
ibmc-block-gold: ibmc-vpc-block-10iops-tier
EOF
- Restore the storage backup to the VPC cluster.
velero restore create restore-classic-vpc --from-backup backup-classic-vpc --restore-volumes=true
- Check restore status.
velero restore describe restore-classic-vpc
- Delete restored pods if they are unneeded.
kubectl delete pod <pod>
- Uninstall Velero on the clusters.
velero uninstall
You have now migrated your PVCs, PVs and data from your classic Kubernetes cluster to your VPC Kubernetes cluster in IBM Cloud. You can migrate workloads, run tests against your data, and continue your journey to leveraging the advanced networking and security features of VPC.