• Stars
    star
    335
  • Rank 125,904 (Top 3 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created over 4 years ago
  • Updated about 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Automated backups of PersistentVolumeClaims in Kubernetes using VolumeSnapshots
Gemini Logo

Version CircleCI Go Report Card Codecov

Gemini is a Kubernetes CRD and operator for managing VolumeSnapshots. This allows you to create a snapshot of the data on your PersistentVolumes on a regular schedule, retire old snapshots, and restore snapshots with minimal downtime.

Installation

The Gemini Helm chart will install both the CRD and the operator into your cluster

kubectl create ns gemini
helm repo add fairwinds-stable https://charts.fairwinds.com/stable
helm install gemini fairwinds-stable/gemini --namespace gemini

Prerequisites

You'll need to have the VolumeSnapshot API available in your cluster. This API is in beta as of Kubernetes 1.17, and was introduced as alpha in 1.12.

To check if your cluster has VolumeSnapshots available, you can run

kubectl api-resources | grep volumesnapshots
  • To enable on v1.12-16, set the flag --feature-gates=VolumeSnapshotDataSource=true on the API server binary source
  • To enable VolumeSnapshots on kops, see our instructions here
  • Depending on your environment, you may need to configure the VolumeSnapshot API as well as the CSI. Fortunately, some managed Kubernetes providers like DigitalOcean support VolumeSnapshots by default, even on older versions

Before getting started with Gemini, it's a good idea to make sure you're able to create a VolumeSnapshot manually.

Upgrading to V2

Version 2.0 of Gemini updates the CRD from v1beta1 to v1. There are no substantial changes, but v1 adds better support for PersistentVolumeClaims on Kubernetes 1.25.

If you want to keep the v1beta1 CRD available, you can run:

kubectl apply -f https://raw.githubusercontent.com/FairwindsOps/gemini/main/pkg/types/snapshotgroup/v1beta1/crd-with-beta1.yaml

before upgrading, and add --skip-crds when running helm install.

Usage

Snapshots

Gemini can schedule snapshots for an existing PVC, or create a new PVC to back up.

Schedules

The schedule parameter tells Gemini how often to create snapshots, and how many historical snapshots to keep.

For example, the following schedule tells Gemini to create a snapshot every day, keeping two weeks worth of history:

apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
  name: test-volume
spec:
  persistentVolumeClaim:
    claimName: postgres
  schedule:
    - every: day
      keep: 14

For a more complex example, Gemini can create new snapshots every 10 minutes, always keep the last 3 snapshots, and preserve historical hourly, daily, monthly, and yearly snapshots.

apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
  name: test-volume
spec:
  persistentVolumeClaim:
    claimName: postgres
  schedule:
    - every: 10 minutes
      keep: 3
    - every: hour
      keep: 1
    - every: day
      keep: 1
    - every: month
      keep: 1
    - every: year
      keep: 1

Note that keep specifies how many historical snapshots you want, in addition to the most recent snapshot. This way the schedule

- every: 10 minutes
  keep: 3

will always give you at least 30 minutes of snapshot coverage. But you will see four snapshots at any given time. E.g. right after a new snapshot is created, you'll see snapshots for

  • 0m ago
  • 10m ago
  • 20m ago
  • 30m ago

Using an Existing PVC

See the extended example The following example schedules snapshots every 10 minutes for a pre-existing PVC named postgres.

apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
  name: test-volume
spec:
  persistentVolumeClaim:
    claimName: postgres
  schedule:
    - every: 10 minutes
      keep: 3

Creating a New PVC

You can also specify an entire PVC spec inside the SnapshotGroup if you'd like Gemini to create the PVC for you.

apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
  name: test-volume
spec:
  persistentVolumeClaim:
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
  schedule:
    - every: 10 minutes
      keep: 3

The PVC will have the same name as the SnapshotGroup, (in this example, test-volume)

Snapshot Spec

You can use the spec.template field to set the template for any VolumeSnapshots that get created, most notably the name of the snapshot class you want to use.

apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
  name: test-volume
spec:
  persistentVolumeClaim:
    claimName: postgres
  schedule:
    - every: "10 minutes"
      keep: 3
  template:
    spec:
      volumeSnapshotClassName: test-snapshot-class      

Restore

Caution: you cannot alter a PVC without some downtime! You can restore your PVC to a particular point in time using an annotation.

First, check out what VolumeSnapshots are available:

$ kubectl get volumesnapshot
NAME                           AGE
test-volume-1585945609         15s

Next, you'll need to remove any Pods that are using the PVC:

$ kubectl scale all --all --replicas=0

Then, copy the timestamp from the first step, and use that to annotate the SnapshotGroup:

$ kubectl annotate snapshotgroup/test-volume --overwrite \
  "gemini.fairwinds.com/restore=1585945609"

Finally, you can scale your Pods back up:

$ kubectl scale all --all --replicas=1

End-to-End Example

To see gemini working end-to-end, check out the CodiMD example

Caveats

  • Like the VolumeSnapshot API it builds on, Gemini is currently in beta
  • Be sure to test out both the snapshot and restore process to ensure Gemini is working properly
  • VolumeSnapshots simply grab the current state of the volume, without respect for things like in-flight database transactions. You may find you need to stop the application in order to get a consistently usable VolumeSnapshot.

Join the Fairwinds Open Source Community

The goal of the Fairwinds Community is to exchange ideas, influence the open source roadmap, and network with fellow Kubernetes users. Chat with us on Slack join the user group to get involved!

Love Fairwinds Open Source? Share your business email and job title and we'll send you a free Fairwinds t-shirt!

Other Projects from Fairwinds

Enjoying Gemini? Check out some of our other projects:

  • Polaris - Audit, enforce, and build policies for Kubernetes resources, including over 20 built-in checks for best practices
  • Goldilocks - Right-size your Kubernetes Deployments by compare your memory and CPU settings against actual usage
  • Pluto - Detect Kubernetes resources that have been deprecated or removed in future versions
  • Nova - Check to see if any of your Helm charts have updates available
  • rbac-manager - Simplify the management of RBAC in your Kubernetes clusters

More Repositories

1

polaris

Validation of best practices in your Kubernetes clusters
Go
3,172
star
2

goldilocks

Get your resource requests "Just Right"
Go
2,511
star
3

pluto

A cli tool to help discover deprecated apiVersions in Kubernetes
Go
2,119
star
4

rbac-manager

A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.
Go
1,468
star
5

rbac-lookup

Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster
Go
870
star
6

nova

Find outdated or deprecated Helm charts running in your cluster.
Go
709
star
7

reckoner

Declaratively install and manage multiple Helm chart releases
Go
338
star
8

rok8s-scripts

Opinionated scripts for managing application deployment lifecycle in Kubernetes
Shell
298
star
9

pentagon

A framework for building repeatable, containerized, cloud-based infrastructure as code with Kubernetes.
Python
183
star
10

charts

Fairwinds helm chart repository
Mustache
141
star
11

k8s-workshop

Fairwinds k8s-workshop
Shell
138
star
12

gonogo

[alpha] Tool to evaluate upgrade confidence for Kubernetes cluster addons
Go
131
star
13

saffire

[alpha] Controller to override image sources in the event that an image cannot be pulled.
Go
113
star
14

apprentice-learning-plan

The curriculum for apprentice-level engineers at FairWinds Ops
93
star
15

astro

[alpha] Emit Datadog monitors based on Kubernetes state.
Go
85
star
16

terraform-vpc

Terraform module to create an AWS VPC
HCL
60
star
17

autohelm

Helm tool to simplify management and installation of multiple releases.
Python
48
star
18

bif

Fairwinds Base Image Finder CLI
Go
34
star
19

terraform-bastion

A bastion instance to proxy SSH and API access to a private Kubernetes cluster.
HCL
23
star
20

terraform-gke

A set of terraform modules for building GKE clusters.
HCL
20
star
21

advanced-kubernetes-workshop

Shell
16
star
22

azure-terraform-modules

A home for Azure specific Terraform modules
HCL
11
star
23

terraform-gcp-vpc-native

A GCP VPC module intended for VPC native public clusters.
HCL
10
star
24

consul8s

Tool to integrate Kubernetes and Consul services
Python
9
star
25

insights-plugins

A repository of plugins for the Insights Agent
Go
7
star
26

tethys

ReactiveOps Candidate Technical Challenge
Python
7
star
27

lambda-kube-aws-rtsync

Lambda function that will sync Kubernetes static routes to all private route tables within a VPC
Python
7
star
28

elements

Fariwinds Elements is a suite of open source software to help manage Kubernetes infrastructure at enterprise scale
7
star
29

controller-utils

A library of helpful functions for building Kubernetes controllers.
Go
6
star
30

canary-deploy-demo

5
star
31

iam-waiter

Python
5
star
32

how-to-kube

Content used in our Fairwinds How to Kube series videos
Shell
5
star
33

klustered

Go
5
star
34

helm-release-pruner

Script for automatically deleting old helm releases
Shell
5
star
35

asdf-pluto

asdf plugin for Pluto
Shell
4
star
36

terraform-gcp-gke-shared-vpc

A terraform module that configures necessary resources for GKE to work in a shared VPC
HCL
4
star
37

go-targetprocess

Go library for interacting with the TargetProcess API
Go
4
star
38

insights-cli

A command line tool for Fairwinds Insights
Go
4
star
39

reckoner-demo

Shell
3
star
40

agones-demo

A Demo of Running Agones and GCGS
Shell
3
star
41

ansible-framework

Python
3
star
42

kube-ip-purge

Helpful pod for purging stale IP leases from Kubernetes Weave IPAM
Shell
3
star
43

vaultutil

A go module containing cloud-provider helpers for use with Hashicorp Vault
Go
3
star
44

release.sh

Release scripts for our repositories
Shell
3
star
45

ansible-jumpcloud

3
star
46

agones-allocator-client

A test/demo client for agones game servers
Go
3
star
47

vault-token-injector

A daemon to automatically inject and rotate your vault tokens in CircleCI.
Go
2
star
48

gists

PUBLIC GIST REPO for Reactiveops
Shell
2
star
49

ansible-manage-elasticache

Python
2
star
50

sonar-scanner-ci

sonar-scanner container packaged with golang and other tools
Dockerfile
2
star
51

asdf-agones-allocator-client

asdf plugin for agones-allocator-client
Shell
2
star
52

ansible-get-vpc-facts

Ansible role to set facts about a VPC.
Makefile
2
star
53

ansible-manage-rds

2
star
54

public-cicd-test

HTML
2
star
55

st2-pack-omnia

Python
2
star
56

asdf-reckoner

asdf plugin for Reckoner
Shell
2
star
57

autospotting-ci

Example CI for autospotting
Dockerfile
2
star
58

ansible-iam-role

2
star
59

ansible-packer

ansible role to install packer
2
star
60

homebrew-tap

Homebrew Formulae for Fairwinds binaries, powered by @goreleaser
Ruby
2
star
61

.github

2
star
62

docker-curator

Elasticsearch Curator
Shell
2
star
63

cicd-test

HTML
2
star
64

ansible-vpn-stack

2
star
65

ansible-acm

Ansible wrapper for working with AWS ACM
2
star
66

resources-demo

A demo of what happens when resource requests and limits are incorrect
JavaScript
2
star
67

staging-ci-test

Mustache
2
star
68

nginx-scaling

A repo with tools for testing nginx at larger scale.
Python
2
star
69

ansible-postgresql-client

Makefile
1
star
70

pack-omnia

1
star
71

ansible-role-oauth2-proxy

Shell
1
star
72

ansible-volumes

Create filesystems and mount volumes
Makefile
1
star
73

ansible-haproxy

1
star
74

insights-ci-demo

1
star
75

ansible-stackstorm

1
star
76

ansible-manage-es

1
star
77

terraform-alicloud-slb

HCL
1
star
78

ansible-manage-asg

Manage AWS Launch Configurations and Autoscaling Groups for Omnia-based deployments.
1
star
79

disableit

A simple loop to disable some executable
Shell
1
star
80

ansible-manage-elb

ELBs for the Omnia framework
1
star
81

ansible-filebeat

1
star
82

terraform-alicloud-vpc

Terraform module to create a VPC in Alibaba Cloud
HCL
1
star
83

insights-docs

Documentation for Fairwinds Insights
Shell
1
star
84

ansible-omnia-control

Additional role for Omnia compatibility with a control server such as stackstorm
1
star
85

ansible-swap-deploy

Shell
1
star
86

ansible-role-supervisor

1
star
87

terraform-alicloud-ess

HCL
1
star
88

ci-images

Various docker images for CI systems
1
star
89

asdf-polaris

asdf plugin for Polaris
Shell
1
star
90

asdf-gonogo

asdf plugin for GoNoGo
1
star
91

asdf-crictl

asdf plugin for crictl
Shell
1
star
92

asdf-calicoctl

asdf plugin for calicoctl
Shell
1
star