Journal of a guy in IT

How would Velero help when you are running kubernetes?

Velero is an open source tool that came with Heptio to VMware when they acquired the company. Currently it can be found on github in the VMware Tanzu organization together with several other Open Source tools like Octant and Sonobuoy. It’s interesting to see these tools move under the wing of VMware and I’m curious to the progression and future development of these tools.

While I was thinking with a cloud native hat and having some experience with kubernetes, I wondered in what circumstances would it be helpful to have this tool available in your environment. And with what type of problems will it help that you couldn’t already solve by having your code safely in source control combined with a decent deployment mechanism to redeploy your containers.

The first thing that comes to mind is data. This is confirmed when I look at the website where three main benefits are called out:

Reading these points, benefitting Velero alludes to having an environment where not only 12 factor applications are running. Applications that are not 12 factor compliant running on kubernetes? But does that not hurt more than it solves? In many organizations the move to 12 factor application development is a long term investment. And to get going you need to start somewhere. Not all application teams are up to the level of adhering to all 12 factors while building their application.

It could also be that during the move or replatforming of existing applications onto kubernetes, compromises were made.

Then there are the teams running stateful apps on kubernetes, this is where you make a conscious decision and already know the benefit of implementing Velero.

But are there more scenarios where Velero can help? It turns out it does. It can help to migrate resources between clusters. Or replicate a production cluster to a test cluster for troubleshooting.

One of the key points is that Velero uses the kubernetes API to capture the state of the cluster. And does not require direct access to the etcd databse.

This allows you to capture subsets of the cluster with filter capabilities ranging from namespace to label selectors. Providing you with great flexibilty of what is backed up and restored.

Another key point is that it allows you to capture an applications persistant storage and configuration. By using the platforms native snapshot capabilities or with the intergrated file-level backup tool restic.

Github repository where Velero is maintained:

Velero website:

Intergrated backup tool restic: