My situation

I’ve been using k3s for a while now and I’m really happy with it. It’s a lightweight Kubernetes distribution that is easy to install and manage. It’s perfect for my homelab and I’ve been using it for a while to run a few services (Harbor, Grafana, Prometheus, …), including Longhorn, a distributed block storage system for Kubernetes. It has replication of the volumes across nodes and it’s easy to configure. However, replication (or even RAID for that matter) is not a backup! My NAS has backups configured to a Backblaze S3 and self-hosted MinIO server and I wanted to do the same for Longhorn, since it supports S3 as a backup target. I thought it would be a straightforward process, but not quite. I had to do a few things to make it work, and I even found an article that helped a lot. I decided to write this article to help others that might be in the same situation.

TL;DR

It all comes down to adjust the URL to match the format of a typical S3 URL and a small configuration on the longhorn front-end configuration panel.

Create a k8s secret with the credentials:

apiVersion: v1
kind: Secret
metadata:
  name: backup-secret
  namespace: longhorn-system
type: Opaque
data:
  AWS_ENDPOINTS: ENCODED_AWS_ENDPOINT_URL
  AWS_ACCESS_KEY_ID: ENCODED_ACCESS_KEY_ID
  AWS_SECRET_ACCESS_KEY: ENCODED_SECRET_ACCESS_KEY

Where AWS_ENDPOINTS is the URL of MinIO of Backblaze in HTTP format. For example, a MinIO URL can look like this:

http://192.168.1.30:9000

And a Backblaze URL:

https://s3.us-east-005.backblazeb2.com

The AWS_ACCESS_KEY_ID and AWS_ACCESS_SECRET_KEY should be the credentials of the MinIO or Backblaze provided by them.

Then, on the Longhorn front-end, go to the Backup Target tab and add a new backup target. The URL must be like this:

longhorn target url format

Where dummyregion is just something to fill the region field. It’s not used by Longhorn when using MinIO or Backblaze. Make sure to create a folder inside the bucket to store the backups and use that folder name on the URL, just like the example above (longhorn).

Don’t forget to select the secret you created on the previous step.

longhorn secret name

Just save the configuration and you’re good to go! If you go to the backups tab, no error message should appear.