vmware-tanzu
Backup hooks fail on Sidecar Containers
What steps did you take and what happened:
When the Backup Hooks are configured to run on Sidecar Containers Velero complains about not being able to find the target container:
Errors:
Velero: message: /Error executing hook error: /no such container: "<container-name>"
message: /Error executing hook error: /no such container: "<container-name>"
What did you expect to happen:
As Sidecar containers are a special case of InitContainers with RestartPolicy set to Always, it would be reasonable to have the option to configure Backup Hooks as commands to be executed on them.
The following information will help us better understand what's going on:
Anything else you would like to add:
Environment:
velero version
Client:
Version: v1.17.0
Git commit: -
Server:
Version: 1.16.2
Vote on this issue!
This is an invitation to the Velero community to vote on issues, you can see the project's top voted issues listed here.
Use the "reaction smiley face" up to the right of this comment to vote.
- :+1: for "I would like to see this bug fixed as soon as possible"
- :-1: for "There are more important bugs to focus on right now"
First, I'd like to understand your specific use cases for hooks on sidecar containers. There hasn't been extensive prior discussion on sidecar containers, so understanding your usage and the role of hooks is essential.
Second, the sidecar container feature appears to be enabled by default in v1.29 and requires a pod-level restartPolicy. I'm unsure if this change will affect Velero's support for older Kubernetes versions.
First, I'd like to understand your specific use cases for hooks on sidecar containers. There hasn't been extensive prior discussion on sidecar containers, so understanding your usage and the role of hooks is essential.
Sounds reasonable. I have some Pods running Postgres as the main container and each of them mounts a set of Volumes for persistency. I want to use Velero to take backups of my entire cluster but I can't let it take snapshots of the Volumes before having performed a set of operations, which include stopping the Postgres execution to avoid potential inconsistencies in the resulting backups. For each PG Pod I'm configuring a Sidecar container to extend some functionalities and the application running in that container also exposes a specific command to perform the set of operations to let Velero take consistent backups of the volumes. In order to integrate this with Velero properly, I need to be able to configure Backup Hooks to be executed in the Sidecar container.
Second, the sidecar container feature appears to be enabled by default in v1.29 and requires a pod-level restartPolicy. I'm unsure if this change will affect Velero's support for older Kubernetes versions.
True, but for init-containers the restart policy needs to be explicitly set to Always at container-level to enable the Sidecar feature, regardless what is configured at pod-level. The container-level RestartPolicy was introduced in v1.28, so yeah, it probably means this cannot be back ported to every Velero's supported minor but curious about why you think this change would affect the support for older k8s versions.
I'm trying to understand in which Kubernetes version the sidecar container feature is enabled by default, and whether the change will be backward-compatible.
It seems the feature was GAed in Kubernetes v1.33.
The code only reads the container.RestartPolicy field and checks whether it's nil.
It seems there is no backward-compatibility issue.
Thanks for your contribution. I approved the PR.