KubeVirt VM Backup & Restore

Introduction

CloudCasa provides backup, restore, and migration services for virtual machines (VMs) running on Kubernetes clusters under KubeVirt or KubeVirt-based systems such as SUSE Harvester and Red Hat OpenShift Virtualization. CloudCasa agent compatibility has been verified with KubeVirt version v1.0.0 and above, and CDI version v1.57.0 and above. CloudCasa has also been tested with SUSE Harvester versions 1.3.1 & 1.3.2, and Red Hat OpenShift Virtualization 4.16.10.

VM Backup

Backing up KubeVirt VMs requires no more configuration than backing up any other Kubernetes cluster. Detection of VMs is automatic. The entire cluster can be backed up, or specific VMs can be selected by using namespaces and/or labels.

The VMs tab in the in the Activity details pane for the backup job will show the status of VM backups, both while the job is in progress and after it has completed.

The Guest Agent

The QEMU Guest Agent (GA), running inside the VM, enables the execution of “freeze” and “unfreeze” hooks within the VM’s operating system. These hooks are used to prepare the filesystem by momentarily halting I/O operations, ensuring that the volume state is stable at the time of the backup. The GA will be used automatically if it is configured on a VM. If the GA is not installed the VM will still be backed up, but without executing the freeze operations. We recommend installing the GA on your VMs to help guarantee backup consistency.

VM Restore

CloudCasa restores of KubeVirt VMs are performed the same as restores of any other Kubernetes resources.

To restore a single VM, use the normal CloudCasa resource filtering options in the restore wizard to target only that VM and its dependencies. A virtual machine and its dependent resources are like any other resources in a Kubernetes cluster, so the resource filtering rules that we already have apply here as well.

Key Considerations:

  1. Namespace: Determine the namespace where the VM is located. If the namespace only contains the target VM, you could use a namespace filter alone.

  2. Multiple VMs in the Same Namespace: If other VMs or resources exist in the same namespace, you’ll need additional filters to restoring unintended resources. Resource label filtering is a good option here, and can be used in tandem with resource type filtering.

  3. Dependent Resources: If resource type filtering is used, then to restore the VM correctly you must include all associated resources such as PVCs, DataVolumes, ConfigMaps, and Secrets.

For KubeVirt VMs, the list of resources could include, but is not limited to:

  • VirtualMachine (VM): The primary VM definition in KubeVirt.

  • VirtualMachineInstance (VMI): Represents the running instance of a VM.

  • DataVolume: DataVolumes are used to define persistent storage for VMs in KubeVirt, managed by CDI.

  • PersistentVolumeClaim (PVC): PVCs linked to the DataVolumes and used as storage for VM data.

  • Pods: Associated with the VM

  • Secrets: Secrets linked to the VM, such as SSH keys or credentials.

  • ConfigMaps: Configurations that the VM might require on boot or runtime.

CDI and KubeVirt must be installed prior to restoring a VM backup created with Velero and the KubeVirt plugin. These components provide the essential CRDs (Custom Resource Definitions) and controllers required for managing VM and data volume objects. If CDI and KubeVirt are not pre-installed, the restore process will fail because the necessary Kubernetes objects and functionality (like DataVolumes) will be missing.

It is highly recommended to deploy CDI and KubeVirt separately before running restores. However, CDI is not required if the virtual machines themselves are not consuming any virtual disks.

More about CDI

Container Data Importer (CDI) is a KubeVirt subcomponent specifically designed to handle data import, export, and cloning of Persistent Volume Claims (PVCs). CDI is primarily used to import external disk images into Kubernetes as PVCs. This is essential when initially provisioning VMs from existing disk images, such as those in the QCOW2 or RAW format. In the context of backup and restore, CDI ensures that any PVCs associated with VMs (such as data volumes) are properly managed and restored. For instance, when the agent performs a restore operation, CDI helps to rehydrate or re-import the VM disk images into Kubernetes PVCs from the backed-up data.