KubeForge — Hands-on Kubernetes & EKS Learning

Scenario

The `production` namespace was accidentally deleted. A scheduled Velero backup from earlier today exists on S3. You need to: (1) Create a Velero Backup object scoped to the `production` namespace, (2) Create a Restore from that backup. The starter Backup incorrectly includes `staging` instead of `production`.

Why Velero

Kubernetes etcd stores object definitions, not the data inside PVCs. Velero provides cluster-level backup and restore by:

Snapshotting Kubernetes object manifests (via the API server) to object storage.
Triggering volume snapshots (via CSI or provider-specific hooks) for PVC data.
Restoring objects into the same or a different cluster.

Backup CRD

apiVersion: velero.io/v1
kind: Backup
metadata:
  name: production-backup
  namespace: velero
spec:
  includedNamespaces:
  - production
  excludedResources:
  - events
  - events.events.k8s.io
  storageLocation: default   # BackupStorageLocation name
  ttl: 720h                  # 30 days
  snapshotVolumes: true

Key fields:

Field	Purpose
`includedNamespaces`	Scope the backup. Omit to back up everything.
`excludedResources`	Skip ephemeral types — events are noisy and useless to restore.
`storageLocation`	Which `BackupStorageLocation` (S3 bucket/prefix) to use.
`ttl`	Auto-delete after this duration.

Restore CRD

apiVersion: velero.io/v1
kind: Restore
metadata:
  name: production-restore
  namespace: velero
spec:
  backupName: production-backup
  includedNamespaces:
  - production
  restorePVs: true

Velero restores objects in dependency order (Namespaces first, then ConfigMaps/Secrets, then Deployments, etc.).

Scheduled Backups

apiVersion: velero.io/v1
kind: Schedule
metadata:
  name: daily-production
  namespace: velero
spec:
  schedule: "0 2 * * *"    # 2 AM daily
  template:
    includedNamespaces: [production]
    ttl: 168h               # keep 7 daily backups

Disaster Recovery Runbook

Check backup status: kubectl get backup -n velero
Verify backup contents: velero backup describe production-backup --details
Create Restore: velero restore create --from-backup production-backup
Monitor: velero restore describe production-restore --details

Restore a namespace from a Velero backup

intermediate~25 min

manifest.yamlYAML

Cluster loading…