快速入门:使用 Azure 资源管理器为 Azure Kubernetes 服务 (AKS) 群集配置备份

本快速入门介绍如何使用 Azure 资源管理器为 Azure Kubernetes 服务 (AKS) 群集配置备份。

适用于 AKS 的 Azure 备份是一种以应用程序为中心的企业级云原生备份服务,让你能够快速配置 AKS 群集的备份。通过 Azure 备份,你可以采用多种方式(例如使用 Azure 门户、PowerShell、CLI、Azure 资源管理器 (ARM)、Bicep 等)备份 AKS 群集。 本快速入门介绍如何使用 Azure 资源管理器模板和 Azure PowerShell 备份 AKS 群集。 有关开发 ARM 模板的详细信息,请参阅 Azure 资源管理器文档

Azure 资源管理器模板是定义项目基础结构和配置的 JavaScript 对象表示法 (JSON) 文件。 模板使用声明性语法。 你可以在不编写用于创建部署的编程命令序列的情况下,描述预期部署。

先决条件

若要设置环境以进行 Bicep 开发,请参阅安装 Bicep 工具

注意

如文章中所述,安装最新的 Azure PowerShell 模块和 Bicep CLI。

查看模板

使用此模板可以配置 AKS 群集的备份。 在此模板中,我们将创建一个备份保管库,并在其中包含 AKS 群集的备份策略,计划每四小时备份一次,且保持期为七天

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "resourceGroupName": { "type": "string" },
    "resourceGroupLocation": { "type": "string" },
    "backupResourceGroupName": { "type": "string" },
    "backupResourceGroupLocation": { "type": "string" },
    "aksClusterName": { "type": "string" },
    "dnsPrefix": { "type": "string" },
    "nodeCount": { "type": "int" },
    "backupVaultName": { "type": "string" },
    "datastoreType": { "type": "string" },
    "redundancy": { "type": "string" },
    "backupPolicyName": { "type": "string" },
    "backupExtensionName": { "type": "string" },
    "backupExtensionType": { "type": "string" },
    "storageAccountName": { "type": "string" }
  },
  "variables": {
    "backupContainerName": "tfbackup"
  },
  "resources": [
    {
      "type": "Microsoft.Resources/resourceGroups",
      "apiVersion": "2021-04-01",
      "location": "[parameters('resourceGroupLocation')]",
      "name": "[parameters('resourceGroupName')]"
    },
    {
      "type": "Microsoft.Resources/resourceGroups",
      "apiVersion": "2021-04-01",
      "location": "[parameters('backupResourceGroupLocation')]",
      "name": "[parameters('backupResourceGroupName')]"
    },
    {
      "type": "Microsoft.ContainerService/managedClusters",
      "apiVersion": "2023-05-01",
      "location": "[parameters('resourceGroupLocation')]",
      "name": "[parameters('aksClusterName')]",
      "properties": {
        "dnsPrefix": "[parameters('dnsPrefix')]",
        "agentPoolProfiles": [
          {
            "name": "agentpool",
            "count": "[parameters('nodeCount')]",
            "vmSize": "Standard_D2_v2",
            "type": "VirtualMachineScaleSets",
            "mode": "System"
          }
        ],
        "identity": {
          "type": "SystemAssigned"
        },
        "networkProfile": {
          "networkPlugin": "kubenet",
          "loadBalancerSku": "standard"
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]",
        "[resourceId('Microsoft.Resources/resourceGroups', parameters('backupResourceGroupName'))]"
      ]
    },
    {
      "type": "Microsoft.DataProtection/backupVaults",
      "apiVersion": "2023-01-01",
      "location": "[parameters('resourceGroupLocation')]",
      "name": "[parameters('backupVaultName')]",
      "identity": {
        "type": "SystemAssigned"
      },
      "properties": {
        "dataStoreType": "[parameters('datastoreType')]",
        "redundancy": "[parameters('redundancy')]"
      },
      "dependsOn": [
        "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]"
      ]
    },
    {
      "type": "Microsoft.DataProtection/backupVaults/backupPolicies",
      "apiVersion": "2023-01-01",
      "name": "[concat(parameters('backupVaultName'), '/', parameters('backupPolicyName'))]",
      "properties": {
        "backupRepeatingTimeIntervals": ["R/2024-04-14T06:33:16+00:00/PT4H"],

        "defaultRetentionRule": {
          "lifeCycle": {
            "duration": "P7D",
            "dataStoreType": "OperationalStore"
          }
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.DataProtection/backupVaults', parameters('backupVaultName'))]"
      ]
    },
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2022-05-01",
      "location": "[parameters('backupResourceGroupLocation')]",
      "name": "[parameters('storageAccountName')]",
      "sku": {
        "name": "Standard_LRS"
      },
      "kind": "StorageV2",
      "dependsOn": [
        "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]"
      ]
    },
    {
      "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
      "apiVersion": "2021-04-01",
      "name": "[concat(parameters('storageAccountName'), '/default/', variables('backupContainerName'))]",
      "properties": {
        "publicAccess": "None"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
      ]
    },
    {
      "type": "Microsoft.KubernetesConfiguration/extensions",
      "apiVersion": "2023-05-01",
      "name": "[concat(parameters('aksClusterName'), '/', parameters('backupExtensionName'))]",
      "properties": {
        "extensionType": "[parameters('backupExtensionType')]",
        "configurationSettings": {
          "configuration.backupStorageLocation.bucket": "[variables('backupContainerName')]",
          "configuration.backupStorageLocation.config.storageAccount": "[parameters('storageAccountName')]",
          "configuration.backupStorageLocation.config.resourceGroup": "[parameters('backupResourceGroupName')]",
          "configuration.backupStorageLocation.config.subscriptionId": "[subscription().subscriptionId]",
          "credentials.tenantId": "[subscription().tenantId]"
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Storage/storageAccounts/blobServices/containers', parameters('storageAccountName'), 'default', variables('backupContainerName'))]"
      ]
    }
  ],
  "outputs": {
    "aksClusterId": {
      "type": "string",
      "value": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]"
    },
    "backupVaultId": {
      "type": "string",
      "value": "[resourceId('Microsoft.DataProtection/backupVaults', parameters('backupVaultName'))]"
    }
  }
}

部署模板

要部署模板,请将模板存储在 GitHub 存储库中,然后将以下 PowerShell 脚本粘贴到 shell 窗口中。

$projectName = Read-Host -Prompt "Enter a project name (limited to eight characters) that is used to generate Azure resource names"
$location = Read-Host -Prompt "Enter the location (for example, chinanorth2)"

$resourceGroupName = "${projectName}rg"
$templateUri = "https//templateuri"

New-AzResourceGroup -Name $resourceGroupName -Location $location
New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateUri $templateUri -projectName 

后续步骤