NetBackup™ for Kubernetes Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (10.5)
  1. Overview of NetBackup for Kubernetes
    1.  
      Overview
    2.  
      Features of NetBackup support for Kubernetes
  2. Deploying and configuring the NetBackup Kubernetes operator
    1.  
      Prerequisites for NetBackup Kubernetes Operator deployment
    2.  
      Deploy service package on NetBackup Kubernetes operator
    3.  
      Port requirements for Kubernetes operator deployment
    4.  
      Upgrade the NetBackup Kubernetes operator
    5.  
      Delete the NetBackup Kubernetes operator
    6.  
      Configure NetBackup Kubernetes data mover
    7.  
      Automated configuration of NetBackup protection for Kubernetes
    8. Configure settings for NetBackup snapshot operation
      1.  
        Kubernetes operators supported configuration parameters
      2.  
        Prerequisites for backup from snapshot and restore from backup operations
      3.  
        DTE client settings supported in Kubernetes
      4.  
        Customization of datamover properties
    9.  
      Troubleshooting NetBackup servers with short names
    10.  
      Data mover pod schedule mechanism support
    11.  
      Validating accelerator storage class
  3. Deploying certificates on NetBackup Kubernetes operator
    1.  
      Deploy certificates on the Kubernetes operator
    2.  
      Perform Host-ID-based certificate operations
    3.  
      Perform ECA certificate operations
    4.  
      Identify certificate types
  4. Managing Kubernetes assets
    1.  
      Add a Kubernetes cluster
    2. Configure settings
      1.  
        Change resource limits for Kuberentes resource types
      2.  
        Configure autodiscovery frequency
      3.  
        Configure permissions
    3.  
      Add protection to the assets
    4. Scan for malware
      1.  
        Assets by workload type
  5. Managing Kubernetes intelligent groups
    1.  
      About intelligent group
    2.  
      Create an intelligent group
    3.  
      Delete an intelligent group
    4.  
      Edit an intelligent group
  6. Managing Kubernetes policies
    1.  
      Create a policy
  7. Protecting Kubernetes assets
    1.  
      Protect an intelligent group
    2.  
      Remove protection from an intelligent group
    3.  
      Configure backup schedule
    4.  
      Configure backup options
    5.  
      Configure backups
    6.  
      Configure Auto Image Replication (A.I.R.) and duplication
    7.  
      Configure storage units
    8.  
      Volume mode support
    9.  
      Configure application consistent backup
  8. Managing image groups
    1. About image groups
      1.  
        Image expire
      2.  
        Image copy
  9. Protecting Rancher managed clusters in NetBackup
    1.  
      Add Rancher managed RKE cluster in NetBackup using automated configuration
    2.  
      Add Rancher managed RKE cluster manually in NetBackup
  10. Recovering Kubernetes assets
    1.  
      Explore and validate recovery points
    2.  
      Restore from snapshot
    3.  
      Restore from backup copy
  11. About incremental backup and restore
    1.  
      Incremental backup and restore support for Kubernetes
  12. Enabling accelerator based backup
    1.  
      About NetBackup Accelerator support for Kubernetes workloads
    2.  
      Controlling disk space for track logs on primary server
    3.  
      Effect of storage class behavior on Accelerator
    4.  
      About Accelerator forced rescan
    5.  
      Warnings and probable reason for Accelerator backup failures
  13. Enabling FIPS mode in Kubernetes
    1.  
      Enable Federal Information Processing Standards (FIPS) mode in Kubernetes
  14. About Openshift Virtualization support
    1.  
      OpenShift Virtualization support
    2.  
      Application consistent virtual machines backup
    3.  
      Troubleshooting for virtualization
  15. Troubleshooting Kubernetes issues
    1.  
      Error during the primary server upgrade: NBCheck fails
    2.  
      Error during an old image restore: Operation fails
    3.  
      Error during persistent volume recovery API
    4.  
      Error during restore: Final job status shows partial failure
    5.  
      Error during restore on the same namespace
    6.  
      Datamover pods exceed the Kubernetes resource limit
    7.  
      Error during restore: Job fails on the highly loaded cluster
    8.  
      Custom Kubernetes role created for specific clusters cannot view the jobs
    9.  
      Openshift creates blank non-selected PVCs while restoring applications installed from OperatorHub
    10.  
      NetBackup Kubernetes operator become unresponsive if PID limit exceeds on the Kubernetes node
    11.  
      Failure during edit cluster in NetBackup Kubernetes 10.1
    12.  
      Backup or restore fails for large sized PVC
    13.  
      Restore of namespace file mode PVCs to different file system partially fails
    14.  
      Restore from backup copy fails with image inconsistency error
    15.  
      Connectivity checks between NetBackup primary, media, and Kubernetes servers.
    16.  
      Error during accelerator backup when there is no space available for track log
    17.  
      Error during accelerator backup due to track log PVC creation failure
    18.  
      Error during accelerator backup due to invalid accelerator storage class
    19.  
      Error occurred during track log pod start
    20.  
      Failed to setup the data mover instance for track log PVC operation
    21.  
      Error to read track log storage class from configmap

Data mover pod schedule mechanism support

Specify the following fields in the backup server ConfigMap to schedule data mover pods on the nodes.

  1. nodeSelector: nodeSelector is the effortless way to constrain pods to the nodes with specific labels.

    Example: 

    apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.nodeSelector: | 

    kubernetes.io/hostname: test1-l94jm-worker-k49vj 

    topology.rook.io/rack: rack1 

  version: "1"

  2. nodeName: nodeName is a direct form of node selection than affinity or nodeSelector. It allows you to specify a node on which a pod is scheduled for backup, overriding the default schedule mechanism.

    Example: 

    apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.nodeName : test1-l94jm-worker-hbblk 

  version: "1"

  3. Taint and Toleration: Toleration allows you to schedule the pods with similar taints. Taint and toleration work together to ensure that the pods are scheduled onto appropriate nodes. If one or more taints are applied to a node. Then that node must not accept any pods which does not tolerate the taints.

    Example: 

    apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.tolerations: | 

    - key: "dedicated" 

      operator: "Equal" 

      value: "experimental" 

      effect: "NoSchedule" 

  version: "1"

  4. Affinity and Anti-affinity: Node affinity functions like the nodeSelector field but it is more expressive and allows you to specify soft rules. Inter-pod affinity/anti-affinity allows you to constrain pods against labels on the other pods.

    Examples:

    • Node Affinity: 

      apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.affinity: | 

    nodeAffinity: 

      requiredDuringSchedulingIgnoredDuringExecution: 

        nodeSelectorTerms: 

        - matchExpressions: 

          - key: kubernetes.io/hostname 

            operator: In 

            values: 

            - test1-l94jm-worker-hbblk 

      preferredDuringSchedulingIgnoredDuringExecution: 

      - weight: 1 

        preference: 

          matchExpressions: 

          - key: beta.kubernetes.io/arch 

            operator: In 

            values: 

            - amd64 

  version: "1"

    • Pod Affinity

      apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.affinity: | 

    podAffinity: 

      requiredDuringSchedulingIgnoredDuringExecution: 

      - labelSelector: 

          matchExpressions: 

          - key: component 

            operator: In 

            values: 

            - netbackup 

        topologyKey: kubernetes.io/hostname 

  version: "1"

  5. topologySpreadConstraints: Topology spread constraints are used to control the behavior of the pods that are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains.

    Example: 

    apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover. hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.topologySpreadConstraints : | 

    - maxSkew: 1 

      topologyKey: kubernetes.io/hostname 

      whenUnsatisfiable: DoNotSchedule 

  version: "1"

    • Labels: Labels are the key/value pairs attached to the objects, such as pods. Labels intends to identify the attributes of an object which are significant and relevant to users. Labels can organize and select subsets of objects. Labels which are attached to objects at creation time are subsequently added and modified at any time.

      Example:

      apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.labels: | 

    env: test 

    pod: datamover 

  version: "1"

    • Annotations: User can use either labels or annotations to attach metadata to Kubernetes objects. You cannot use Annotations to identify and select objects.

      Example:

      apiVersion: v1 

kind: ConfigMap 

metadata: 

  name: backupserver.sample.domain.com 

  namespace: netbackup 

data: 

  datamover.hostaliases: | 

    10.20.12.13=backupserver.sample.domain.com 

    10.21.12.13=mediaserver.sample.domain.com 

  datamover.properties: | 

    image=reg.domain.com/datamover/image:latest 

  datamover.annotations: | 

    buildinfo: |- 

      [{ 

            "name": "test", 

            "build": "1" 

      }] 

    imageregistry: "https://reg.domain.com/" 

  version: "1"