Skip to main content
Version: 2.7

Backup and restore VMs with KubeVirt

Portworx Backup now enables you to backup and restore KubeVirt Virtual Machines (VMs) running on Kubernetes clusters in an enterprise environment. Furthermore, this feature allows you to backup and restore VMs migrated from VMware environments and VMs running on OpenShift Virtualization. Portworx Backup detects these VMs to provide end to end data protection for VMs, VM disks, resource configuration, and network configuration data.

KubeVirt is Virtual Machine management add-on to provide a unified platform for VM workloads in the Kubernetes environment and allows VMs to run parallel with containers on Kubernetes, OpenShift, and other environments. With KubeVirt, you can run VM workloads and Kubernetes native workloads without requiring additional management tools or dedicated pipelines.

Prerequisites

Make sure that:

  • KubeVirt v1.0.0 or below and its dependent modules are installed on all managed Kubernetes clusters, source and destination clusters

  • qemu-guest-agent is installed on all the VMs to add KubeVirt specific pre-exec and post-exec rules

  • Stork version 24.1.0 and above is installed on all application clusters

Following table lists out the the backup and restore workflows along with the scenarios supported by Portworx Backup as part of this feature:

Resource typesSupport
ClustersBackup and restore on OCP, EKS, GKE, and Kubernetes Vanilla clusters
Backup locationsBackup and restore of VMs on S3 compliant object store and NFS backup locations
Cloud accountsAll the cloud accounts that Portworx Backup currently supports
Pre-exec and post-exec rulesFreeze/thaw (unfreeze) rules for crash consistent backups
Backup typesManual and scheduled backups
Backups and restores
  • Data volumes with VolumeMode set to block and file system
  • Portworx Enterprise backed data volumes
  • Non-Portworx Enterprise backed data volumes that support CSI snapshots
  • Cross-region and cross-cloud backups and restores
  • note

    Portworx Backup does not support 3-2-1 backup strategy for volumes with VolumeMode configured to block.


    Backup and restore workflows supported by Portworx Backup for the VM resources is outlined in the following table:
    VM resourcesSupport
    PVCs (CSI-based and non-CSI based)Yes
    Hotplug volumesYes
    (Supports hotplug volumes with persist enabled)
    Kubernetes secrets (used as startup scripts, networkDataSecretRef)Yes
    (Manual selection of these resources are required during creation of backup)
    NetworkAttachmentDefinitionNo
    Network Policy
    Service object
    Data volumes (DV)No
    (Supports backup and restores of PVCs associated with data volumes only)
    Data volume template (serves as a template to create data volume for a VM)No
    (Supports backup and restores of PVCs associated with data volume templates only)
  • InstanceTypes
  • Preferences
  • Presets
  • Templates
  • No
    note
    • Portworx Backup does not support backup and restore of VM instances configured with multiple network interfaces and VMs created with virtualMachineInstance without VirtualMachine object.

    • Portworx Backup creates a backup of VM resources with auto selection of all the resources with few exceptions outlined in the table above. Dependent VirtualMachine resources that are not part of VirtualMachine configuration will not be auto selected. For example, Network Policy, Service, and so on.

    • If you intend to use CLI, you can use the existing namespace based backup approach by adding freeze/thaw rules explicitly as pre/post exec rules.

    📄️ KDMP backups and restores with KubeVirt VMs

    On all SELinux enabled clusters, KubeVirt deviates from the default behavior of setting security context MCS levels on the files. On an OCP cluster, each pod runs with scc.mcs levels that are configured in the project or namespace that it runs in. However, the same is not applicable in the OpenShift Virtualization environment. The virt-launcher pod that spins up the VMs run on their own scc.mcs levels to ensure right protection or isolation is implemented between the VMs running in the same project or namespace.

    Was this page helpful?