Updated tutorial with latest versions

README.adoc

@@ -15,14 +15,14 @@ One of the most common questions we got from companies moving to Kubernetes has
 
 This situation is so common that we https://vshn.ch/[VSHN] decided to tackle it with our own Kubernetes operator for backups, which we called https://k8up.io/[**K8up**].
 
-[NOTE]
-====
-This tutorial is available in three versions, each in its own branch of the https://github.com/vshn/k8up-tutorial[GitHub repository] bundled with this text:
+// [NOTE]
+// ====
+// This tutorial is available in three versions, each in its own branch of the https://github.com/vshn/k8up-tutorial[GitHub repository] bundled with this text:
 
-* https://github.com/kubernetes/minikube[Minikube] in the https://github.com/vshn/k8up-tutorial[`master` branch].
-* https://k3s.io/[k3s] in the https://github.com/vshn/k8up-tutorial/tree/k3d[`k3d` branch].
-* https://developers.redhat.com/products/codeready-containers[Red Hat CodeReady Containers] (OpenShift 4.3) in the https://github.com/vshn/k8up-tutorial/tree/openshift[`openshift` branch].
-====
+// * https://github.com/kubernetes/minikube[Minikube] in the https://github.com/vshn/k8up-tutorial[`master` branch].
+// * https://k3s.io/[k3s] in the https://github.com/vshn/k8up-tutorial/tree/k3d[`k3d` branch].
+// * https://developers.redhat.com/products/codeready-containers[Red Hat CodeReady Containers] (OpenShift 4.3) in the https://github.com/vshn/k8up-tutorial/tree/openshift[`openshift` branch].
+// ====
 
 == What is K8up?
 
@@ -52,10 +52,9 @@ NOTE: All the scripts and YAML files are available in GitHub: https://github.com
 
 This tutorial has been tested in both Linux (Ubuntu 18.04) and macOS (10.15 Catalina.) Please install the following software packages before starting:
 
-* Make sure PyYAML 5.1 or later is installed: `pip install PyYAML==5.1`
 * The `kubectl` command.
 * The https://restic.net/[Restic] backup application.
-* The latest version of https://github.com/rancher/k3d[k3d] (1.7.0 at the time of this writing.)
+* The latest version of https://github.com/rancher/k3d[k3d] (4.4.8 at the time of this writing.)
 * https://helm.sh/[Helm], required to install K8up in your cluster.
 * https://k9scli.io/[k9s] to display the contents of our clusters on the terminal.
 * https://stedolan.github.io/jq/[jq], a lightweight and flexible command-line JSON processor.
@@ -79,7 +78,7 @@ Let's get started!
 NOTE: The operations of this step can be executed at once using the `scripts/1_setup.sh` script.
 
 . Start your k3d instance:
-* `k3d create`
+* `k3d cluster create --config ./scripts/k3d-config.yaml`
 
 IMPORTANT: On some laptops, running k3d on battery power severely undermines its performance, and pods can take really long to start. Make sure to be plugged in to power before starting this tutorial.
 
@@ -97,9 +96,10 @@ IMPORTANT: On some laptops, running k3d on battery power severely undermines its
 * `kubectl apply -k wordpress`
 
 . Install K8up:
+* `kubectl apply -f https://github.com/vshn/k8up/releases/download/v1.1.0/k8up-crd.yaml`
 * `helm repo add appuio https://charts.appuio.ch`
 * `helm repo update`
-* `helm install appuio/k8up --generate-name --set k8up.backupImage.tag=v0.1.8-root`
+* `helm install k8up appuio/k8up --namespace k8up-operator --create-namespace`
 
 After finishing all these steps, check that everything is running; the easiest way is to launch `k9s` and leave it running in its own terminal window, and of course you can use the usual `kubectl get pods`.
 
@@ -108,20 +108,14 @@ TIP: In `k9s` you can easily delete a pod by going to the "Pods" view (type kbd:
 .Deleting a pod with k9s
 image::k9s-delete.png[]
 
-The https://asciinema.org/[asciinema] movie below shows all of these steps in real time.
-
-++++
-<script id="asciicast-FuXTxaHMsZZWqnkETvFgVmHy7" src="https://asciinema.org/a/FuXTxaHMsZZWqnkETvFgVmHy7.js" async></script>
-++++
-
 [[step_2]]
 === Viewing Minio and WordPress on a browser
 
 NOTE: The operations of this step can be executed at once using the `scripts/2_browser.sh` script.
 
 . Open WordPress in your default browser with the "EXTERNAL-IP" provided by the `kubectl get services` command, running in port 8080. You should see the WordPress installation wizard appearing on your browser window.
 
-. Open Minio in your default browser with the "EXTERNAL-IP" provided by the `kubectl get services` command, running in port 9000.
+. Open the Minio console in your default browser with the "EXTERNAL-IP" provided by the `kubectl get services` command, running in port 9001.
 * You can login into minio with these credentials: access key `minio`, secret key `minio123`.
 
 ==== Setting up the new blog
@@ -153,52 +147,7 @@ NOTE: The operations of this step can be executed at once using the `scripts/3_b
 
 To trigger a backup, use the command `kubectl apply -f k8up/backup.yaml`. You can see the job in the "Jobs" section of `k9s`.
 
-Running the `logs` command on a backup pod brings the following information:
-
-....
-$ kubectl logs backupjob-1564752600-6rcb4
-No repository available, initialising...
-created restic repository edaea22006 at s3:http://minio:9000/backups
-
-Please note that knowledge of your password is required to access
-the repository. Losing your password means that your data is
-irrecoverably lost.
-Removing locks...
-created new cache in /root/.cache/restic
-successfully removed locks
-Listing all pods with annotation appuio.ch/backupcommand in namespace default
-Adding default/mariadb-9588f5d7d-xmbc7 to backuplist
-Listing snapshots
-snapshots command:
-0 Snapshots
-backing up via mariadb stdin...
-Backup command: /bin/bash, -c, mysqldump -uroot -p"${MARIADB_ROOT_PASSWORD}" --all-databases
-done: 0.00%
-backup finished! new files: 1 changed files: 0 bytes added: 4184711
-Listing snapshots
-snapshots command:
-1 Snapshots
-sending webhook Listing snapshots
-snapshots command:
-1 Snapshots
-backing up...
-Starting backup for folder wordpress-pvc
-done: 0.00%
-backup finished! new files: 1932 changed files: 0 bytes added: 44716176
-Listing snapshots
-snapshots command:
-2 Snapshots
-sending webhook Listing snapshots
-snapshots command:
-2 Snapshots
-Removing locks...
-successfully removed locks
-Listing snapshots
-snapshots command:
-2 Snapshots
-....
-
-If you look at the Minio browser window, there should be now a set of folders that appeared out of nowhere. That's your backup in Restic format!
+If you look at the Minio browser window, there should be now a "backups" bucket that appeared out of nowhere. That's your backup repository in Restic format!
 
 .Minio browser showing backup repository
 image::minio-browser.png[]
@@ -239,7 +188,7 @@ backend:
     name: backup-repo
     key: password
   s3:
-    endpoint: http://minio:9000
+    endpoint: http://minio-api:9000
     bucket: backups
     accessKeyIDSecretRef:
       name: minio-credentials
@@ -274,8 +223,8 @@ To restore using Restic, set these variables (in a Unix-based system; for Window
 
 [source,bash]
 ....
-export KUBECONFIG="$(k3d get-kubeconfig --name='k3s-default')"
-export RESTIC_REPOSITORY=s3:http://$(kubectl get services | grep minio | awk '{print $3}'):9000/backups/
+export KUBECONFIG="$(k3d kubeconfig write k8s-tutorial)"
+export RESTIC_REPOSITORY=s3:http://$(kubectl get services | grep minio-api | awk '{print $4}' | cut -f 1 -d ","):9000/backups/
 export RESTIC_PASSWORD=p@ssw0rd
 export AWS_ACCESS_KEY_ID=minio
 export AWS_SECRET_ACCESS_KEY=minio123
@@ -287,39 +236,9 @@ With these variables in your environment, run the command `restic snapshots` to
 
 ==== Restoring the WordPress PVC
 
-K8up is able to restore data directly on specified PVCs. This requires some manual steps.
-
-. Using the steps in the previous section, "Restore Locally," check the ID of the snapshot you would like to restore:
-
-....
-$ source scripts/environment.sh
-$ restic snapshots
-$ restic snapshots XXXXXXXX --json | jq -r '.[0].id'
-....
-
-[start=2]
-. Use that long ID in your restore YAML file `k8up/restore/wordpress.yaml`:
-* Make sure the `restoreMethod:folder:claimName:` value corresponds to the `Paths` value of the snapshot you want to restore.
-* Replace the `snapshot` key with the long ID you just found:
-
-[source,yaml]
-....
-apiVersion: backup.appuio.ch/v1alpha1
-kind: Restore
-metadata:
-  name: restore-wordpress
-spec:
-  snapshot: 00e168245753439689922c6dff985b117b00ca0e859cc69cc062ac48bf8df8a3
-  restoreMethod:
-    folder:
-      claimName: wordpress-pvc
-  backend:
-....
+K8up is able to restore data directly on specified PVCs. Use the following command: `kubectl apply -f k8up/restore-wordpress.yaml`
 
-[start=3]
-. Apply the changes:
-* `kubectl apply -f k8up/restore/wordpress.yaml`
-* Use the `kubectl get pods` commands to see when your restore job is done.
+Use the `kubectl get pods` commands to see when your restore job has finished.
 
 TIP: If you use the `kubectl get pods --sort-by=.metadata.creationTimestamp` command to order the pods in descending age order; at the bottom of the list you will see the restore job pod.
 
@@ -331,7 +250,7 @@ Follow these steps to restore the database:
 
 . Retrieve the ID of the MariaDB snapshot:
 +
-`restic snapshots --json --last --path /default-mariadb | jq -r '.[0].id'`
+`restic snapshots --json --latest 1 --path /default-mariadb | jq -r '.[0].id'`
 
 . Save the contents of the backup locally:
 +
@@ -370,7 +289,7 @@ Instead of performing backups manually, you can also set a schedule for backups.
 backup:
   schedule: '*/2 * * * *'    # backup every 2 minutes
   keepJobs: 4
-  promURL: http://minio:9000
+  promURL: http://minio-api:9000
 ....
 
 TIP: Use https://crontab.guru/[crontab.guru] to help you set up complex schedule formats in `cron` syntax.
@@ -383,7 +302,7 @@ archive:
   schedule: '0 0 1 * *'       # archive every week
   restoreMethod:
     s3:
-      endpoint: http://minio:9000
+      endpoint: http://minio-api:9000
       bucket: archive
       accessKeyIDSecretRef:
         name: minio-credentials
@@ -393,7 +312,7 @@ archive:
         key: password
 check:
   schedule: '0 1 * * 1'      # monthly check
-  promURL: http://minio:9000
+  promURL: http://minio-api:9000
 ....
 
 Run the `kubectl apply -f k8up/schedule.yaml` command. This will setup an automatic schedule to backup the PVCs every 5 minutes (for minutes that are divisors of 5).
@@ -407,7 +326,7 @@ TIP: Running the `watch restic snapshots` command will give you a live console w
 
 NOTE: The operations of this step can be executed at once using the `scripts/6_stop.sh` script.
 
-When you are done with this tutorial, just execute the `k3d stop` command to shut the cluster down. You can also `k3d delete` it, if you would like to get rid of it completely.
+When you are done with this tutorial, just execute the `k3d cluster delete k8s-tutorial` command.
 
 == Conclusion
 

k8up/backup.yaml

@@ -4,13 +4,13 @@ metadata:
   name: backup-test
 spec:
   keepJobs: 4
-  promURL: http://minio:9000
+  promURL: http://minio-api:9000
   backend:
     repoPasswordSecretRef:
       name: backup-repo
       key: password
     s3:
-      endpoint: http://minio:9000
+      endpoint: http://minio-api:9000
       bucket: backups
       accessKeyIDSecretRef:
         name: minio-credentials

k8up/restore/wordpress.yaml → k8up/restore-wordpress.yaml

@@ -3,7 +3,6 @@ kind: Restore
 metadata:
   name: restore-wordpress
 spec:
-  snapshot: SNAPSHOT_ID
   restoreMethod:
     folder:
       claimName: wordpress-pvc
@@ -12,7 +11,7 @@ spec:
       name: backup-repo
       key: password
     s3:
-      endpoint: http://minio:9000
+      endpoint: http://minio-api:9000
       bucket: backups
       accessKeyIDSecretRef:
         name: minio-credentials

k8up/schedule.yaml

@@ -8,7 +8,7 @@ spec:
       name: backup-repo
       key: password
     s3:
-      endpoint: http://minio:9000
+      endpoint: http://minio-api:9000
       bucket: backups
       accessKeyIDSecretRef:
         name: minio-credentials
@@ -20,7 +20,7 @@ spec:
     schedule: '0 0 1 * *'       # archive every week
     restoreMethod:
       s3:
-        endpoint: http://minio:9000
+        endpoint: http://minio-api:9000
         bucket: archive
         accessKeyIDSecretRef:
           name: minio-credentials
@@ -31,10 +31,10 @@ spec:
   backup:
     schedule: '*/2 * * * *'    # backup every 2 minutes
     keepJobs: 4
-    promURL: http://minio:9000
+    promURL: http://minio-api:9000
   check:
     schedule: '0 1 * * 1'      # monthly check
-    promURL: http://minio:9000
+    promURL: http://minio-api:9000
   prune:
     schedule: '0 1 * * 0'      # monthly prune
     retention:

mariadb/deployment.yaml

@@ -23,8 +23,6 @@ spec:
       - image: mariadb/server:10.3
         name: mariadb
         readinessProbe:
-          timeoutSeconds: 1
-          initialDelaySeconds: 5
           exec:
             command:
             - "/bin/sh"

mariadb/kustomization.yaml

@@ -1,4 +1,5 @@
 resources:
+  - credentials.yaml
   - deployment.yaml
   - pvc.yaml
   - service.yaml

minio/deployment.yaml

@@ -22,32 +22,23 @@ spec:
         volumeMounts:
         - name: data
           mountPath: "/data"
-        image: minio/minio
+        image: quay.io/minio/minio:RELEASE.2021-09-18T18-09-59Z.fips
         args:
         - server
+        - "--console-address"
+        - ":9001"
         - /data
         env:
-        - name: MINIO_ACCESS_KEY
+        - name: MINIO_ROOT_USER
           valueFrom:
             secretKeyRef:
               name: minio-credentials
               key: username
-        - name: MINIO_SECRET_KEY
+        - name: MINIO_ROOT_PASSWORD
           valueFrom:
             secretKeyRef:
               name: minio-credentials
               key: password
         ports:
         - containerPort: 9000
-        readinessProbe:
-          httpGet:
-            path: /minio/health/ready
-            port: 9000
-          initialDelaySeconds: 120
-          periodSeconds: 20
-        livenessProbe:
-          httpGet:
-            path: /minio/health/live
-            port: 9000
-          initialDelaySeconds: 120
-          periodSeconds: 20
+        - containerPort: 9001

minio/kustomization.yaml

@@ -2,3 +2,4 @@ resources:
   - pvc.yaml
   - deployment.yaml
   - service.yaml
+  - credentials.yaml

minio/service.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: minio
+  name: minio-api
 spec:
   type: LoadBalancer
   ports:
@@ -10,3 +10,16 @@ spec:
       protocol: TCP
   selector:
     app: minio
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: minio-console
+spec:
+  type: LoadBalancer
+  ports:
+    - port: 9001
+      targetPort: 9001
+      protocol: TCP
+  selector:
+    app: minio