NetBackup™ for Kubernetes Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (11.0)
  1. Overview of NetBackup for Kubernetes
    1.  
      Overview
    2.  
      Features of NetBackup support for Kubernetes
  2. Deploying and configuring the NetBackup Kubernetes operator
    1.  
      Prerequisites for NetBackup Kubernetes Operator deployment
    2.  
      Deploy service package on NetBackup Kubernetes operator
    3.  
      Port requirements for Kubernetes operator deployment
    4.  
      Upgrade the NetBackup Kubernetes operator
    5.  
      Delete the NetBackup Kubernetes operator
    6.  
      Configure NetBackup Kubernetes data mover
    7.  
      Automated configuration of NetBackup protection for Kubernetes
    8. Customize Kubernetes workload
      1.  
        Prerequisites for backup from snapshot and restore from backup operations
      2.  
        DTE client settings supported in Kubernetes
      3.  
        Customization of datamover properties
    9.  
      Troubleshooting NetBackup servers with short names
    10.  
      Data mover pod schedule mechanism support
    11.  
      Validating accelerator storage class
  3. Deploying certificates on NetBackup Kubernetes operator
    1.  
      Deploy certificates on the Kubernetes operator
    2.  
      Perform Host-ID-based certificate operations
    3.  
      Perform ECA certificate operations
    4.  
      Identify certificate types
  4. Managing Kubernetes assets
    1.  
      Add a Kubernetes cluster
    2. Configure settings
      1.  
        Change resource limits for Kuberentes resource types
      2.  
        Configure autodiscovery frequency
      3.  
        Configure permissions
      4.  
        Asset cleanup
    3.  
      Add protection to the assets
    4. Scan for malware
      1.  
        Assets by workload type
  5. Managing Kubernetes intelligent groups
    1.  
      About intelligent group
    2.  
      Create an intelligent group
    3.  
      Delete an intelligent group
    4.  
      Edit an intelligent group
  6. Managing Kubernetes policies
    1.  
      Create a policy
  7. Protecting Kubernetes assets
    1.  
      Protect an intelligent group
    2.  
      Remove protection from an intelligent group
    3.  
      Configure backup schedule
    4.  
      Configure backup options
    5.  
      Configure backups
    6.  
      Configure Auto Image Replication (A.I.R.) and duplication
    7.  
      Configure storage units
    8.  
      Volume mode support
    9.  
      Configure application consistent backup
  8. Managing image groups
    1. About image groups
      1.  
        Image expire
      2.  
        Image copy
  9. Protecting Rancher managed clusters in NetBackup
    1.  
      Add Rancher managed RKE cluster in NetBackup using automated configuration
    2.  
      Add Rancher managed RKE cluster manually in NetBackup
  10. Recovering Kubernetes assets
    1.  
      Explore and validate recovery points
    2.  
      Restore from snapshot
    3.  
      Restore from backup copy
  11. About incremental backup and restore
    1.  
      Incremental backup and restore support for Kubernetes
  12. Enabling accelerator based backup
    1.  
      About NetBackup Accelerator support for Kubernetes workloads
    2.  
      Controlling disk space for track logs on primary server
    3.  
      Effect of storage class behavior on Accelerator
    4.  
      About Accelerator forced rescan
    5.  
      Warnings and probable reason for Accelerator backup failures
  13. Enabling FIPS mode in Kubernetes
    1.  
      Enable Federal Information Processing Standards (FIPS) mode in Kubernetes
  14. About Openshift Virtualization support
    1.  
      OpenShift Virtualization support
    2.  
      Application consistent virtual machines backup
    3.  
      Troubleshooting for virtualization
  15. Troubleshooting Kubernetes issues
    1.  
      Error during the primary server upgrade: NBCheck fails
    2.  
      Error during an old image restore: Operation fails
    3.  
      Error during persistent volume recovery API
    4.  
      Error during restore: Final job status shows partial failure
    5.  
      Error during restore on the same namespace
    6.  
      Datamover pods exceed the Kubernetes resource limit
    7.  
      Error during restore: Job fails on the highly loaded cluster
    8.  
      Custom Kubernetes role created for specific clusters cannot view the jobs
    9.  
      Openshift creates blank non-selected PVCs while restoring applications installed from OperatorHub
    10.  
      NetBackup Kubernetes operator become unresponsive if PID limit exceeds on the Kubernetes node
    11.  
      Failure during edit cluster in NetBackup Kubernetes 10.1
    12.  
      Backup or restore fails for large sized PVC
    13.  
      Restore of namespace file mode PVCs to different file system partially fails
    14.  
      Restore from backup copy fails with image inconsistency error
    15.  
      Connectivity checks between NetBackup primary, media, and Kubernetes servers.
    16.  
      Error during accelerator backup when there is no space available for track log
    17.  
      Error during accelerator backup due to track log PVC creation failure
    18.  
      Error during accelerator backup due to invalid accelerator storage class
    19.  
      Error occurred during track log pod start
    20.  
      Failed to setup the data mover instance for track log PVC operation
    21.  
      Error to read track log storage class from configmap

Restore from backup copy

A NetBackup restore from backup happens in parallel if there are multiple PVCs in the selected namespace. When you start a restore the job creates a parent-child hierarchy (if the namespace has at least one PVC to restore). The parent job acts as an orchestrator and monitors the status of child jobs. The first child job restores the metadata, after which PVCs are restored in parallel.

Note:

If metadata restore fails, no further jobs are submitted for restore operation. Once metadata is restored successfully, PVCs are restored parallel in batches.

You can follow the same procedure that is explained in restoring from snapshot, select the copy type as Backup. You can also restore to alternate target cluster.

To restore from a backup copy

  1. On the left, click Workloads > Kubernetes.
  2. On the Namespace tab, click the namespace of the asset that you want to recover. Click the Recovery pointstab.
  3. The Recovery points tab shows you all the recovery points with the date, time, and copies of the backup. You can set filters to filter the displayed recovery points. Click the date in the Date column to view the details of the recovery point. The Recovery points details dialog shows the resources that were backed up, like ConfigMaps, secrets, persistent volumes, pod, and so on. For details about these resources, see https://kubernetes.io/docs/reference.
  4. Locate the recovery point that you want to restore.
  5. In the Copies column, click the # copies button. For example, if there are two copies, the button displays as 2 copies.
  6. In the list of copies, locate the Backup copy. Then click Actions > Restore.

    Note:

    Enable the Restore option for all infected copies by selecting the Allow the selection of recovery points that are malware-affected option.

  7. In the Recovery target page, to recover the asset to the same cluster source are auto populated. Click Next.
  8. Under Specify destination namespace, select from the options:

    • Select Use original namespace to use the original namespace.

    • Select Use alternate namespace and enter the alternate namespace.

      Click Next.

  9. Under Select resource types to recover, select from the following resource types:

    • Select All resource types to recover all resource types.

    • Select Recover selected resource types to recover only the selected resource types.

  10. Under Select Persistent volume claims to recover, select from the following options:

    • Select All Persistent volume claims to recover all persistent volume claims.

    • Select Recover selected Persistent volume claims to recover selected persistent volume claims.

    Note:

    If you do not select any option in Recover selected resource types, then include empty persistent volume claims option is selected and no persistent volume claims are restored.

    If you do not select any options in the Recover selected persistent volume claims, then in the Recovery options section it includes empty persistent volume claims and no persistent volume claims are restored.

    Note:

    Restore only persistent volume enables the toggle in the selected persistent volume claims to restore only the persistent volume. This setting does not create a corresponding persistent volume claim.

  11. Click on the Failure strategy section to view the failure strategy options to recover.
  12. Under Select failure strategy to recover, select any of the following failure strategies to recover:

    Note:

    On occurrence of any failure while restoring metadata or PVCs, a restore job runs as per the failure strategy selected.

    • Fail Fast to terminate the restore for any failure occurrence.

      • This restore failure strategy helps you to terminate the restore job when the first failure occurs.

      • All the remaining active restore jobs in the current batch are allowed to complete and no further batches are submitted for restore.

    • Proceed Ahead to continue restoring the next PVC. If the parent image (first image) restore fails, then the restore job terminates.

      • This strategy helps you to proceed ahead with the restore of remaining PVCs, if any of the PVC restores fail for the ongoing batch.

      • If metadata restore fails, the final job is marked as failed and no PVCs are submitted for restore.

      • In this case, the final job status which is marked as partial success and a list of PVCs with failed status appears in the Activity Monitor tab for the parent job.

    • Retry to specify a retry count for metadata or PVC restore. If the restore fails even after retries, then the restore job terminates.

      • This failure strategy helps you to retry the restore job of failed PVC/metadata which is configurable at the start of the restore job.

      • If the restore job fails despite the maximum number of retries, the job which is marked as failed and no further batches are submitted for restore.

      Note:

      The selected failure strategy is displayed in the Activity monitor.

    • Click Next.

  13. Click Start recovery to submit the recovery entry.
  14. In the Activity monitor, click the Job ID to view the restore job details.
  15. On the Job Details page, click the Details tab. The restore job sequence (pre-restore, data movement, and then the post-restore job) is displayed.

Note:

You can cancel the parent job to cancel the restore operation. The parent job terminates all the active child restore jobs.

Configuration change

The batch size for parallel PVC restore is configurable in bp.conf. User can add the key KUBERNETES_RESTORE_FROM_BACKUP_COPY_PARALLEL_RESTORE_BATCH_SIZE in bp.conf file to set the desired batch size. This key is optional and has the value of 5 if it is not defined.

The minimum value that can be assigned for batch size is 1, whereas the maximum value is 100.

You can use the bpsetconfig command on the NetBackup primary server to update the batch size.