NetBackup™ Web UI Kubernetes Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (10.3)
Platform: Linux,UNIX,Windows
  1. Overview of NetBackup for Kubernetes
    1.  
      Overview
    2.  
      Features of NetBackup support for Kubernetes
  2. Deploying and configuring the NetBackup Kubernetes operator
    1.  
      Prerequisites for NetBackup Kubernetes Operator deployment
    2.  
      Deploy service package on NetBackup Kubernetes operator
    3.  
      Port requirements for Kubernetes operator deployment
    4.  
      Upgrade the NetBackup Kubernetes operator
    5.  
      Delete the NetBackup Kubernetes operator
    6.  
      Configure NetBackup Kubernetes data mover
    7.  
      Automated configuration of NetBackup protection for Kubernetes
    8. Configure settings for NetBackup snapshot operation
      1.  
        Kubernetes operators supported configuration parameters
      2.  
        Prerequisites for backup from snapshot and restore from backup operations
      3.  
        DTE client settings supported in Kubernetes
      4.  
        Customization of datamover properties
    9.  
      Troubleshooting NetBackup servers with short names
    10.  
      Data mover pod schedule mechanism support
  3. Deploying certificates on NetBackup Kubernetes operator
    1.  
      Deploy certificates on the Kubernetes operator
    2.  
      Perform Host-ID-based certificate operations
    3.  
      Perform ECA certificate operations
    4.  
      Identify certificate types
  4. Managing Kubernetes assets
    1.  
      Add a Kubernetes cluster
    2. Configure settings
      1.  
        Change resource limits for Kuberentes resource types
      2.  
        Configure autodiscovery frequency
      3.  
        Configure permissions
    3.  
      Add protection to the assets
  5. Managing Kubernetes intelligent groups
    1.  
      About intelligent group
    2.  
      Create an intelligent group
    3.  
      Delete an intelligent group
    4.  
      Edit an intelligent group
  6. Protecting Kubernetes assets
    1.  
      Protect an intelligent group
    2.  
      Remove protection from an intelligent group
    3.  
      Configure backup schedule
    4.  
      Configure backup options
    5.  
      Configure backups
    6.  
      Configure Auto Image Replication (AIR) and duplication
    7.  
      Configure storage units
    8.  
      Volume mode support
    9.  
      Configure application consistent backup
  7. Managing image groups
    1. About image groups
      1.  
        Image expire
      2.  
        Image copy
  8. Protecting Rancher managed clusters in NetBackup
    1.  
      Add Rancher managed RKE cluster in NetBackup using automated configuration
    2.  
      Add Rancher managed RKE cluster manually in NetBackup
  9. Recovering Kubernetes assets
    1.  
      Explore and validate recovery points
    2.  
      Restore from snapshot
    3.  
      Restore from backup copy
  10. Enabling FIPS mode in Kubernetes
    1.  
      Enable Federal Information Processing Standards (FIPS) mode in Kubernetes
  11. Troubleshooting Kubernetes issues
    1.  
      Error during the primary server upgrade: NBCheck fails
    2.  
      Error during an old image restore: Operation fails
    3.  
      Error during persistent volume recovery API
    4.  
      Error during restore: Final job status shows partial failure
    5.  
      Error during restore on the same namespace
    6.  
      Datamover pods exceed the Kubernetes resource limit
    7.  
      Error during restore: Job fails on the highly loaded cluster
    8.  
      Custom Kubernetes role created for specific clusters cannot view the jobs
    9.  
      Openshift creates blank non-selected PVCs while restoring applications installed from OperatorHub
    10.  
      NetBackup Kubernetes operator become unresponsive if PID limit exceeds on the Kubernetes node
    11.  
      Failure during edit cluster in NetBackup Kubernetes 10.1
    12.  
      Restore from snapshot fails for large sized PVC
    13.  
      Restore of namespace file mode PVCs to different file system partially fails
    14.  
      Restore from backup copy fails with image inconsistency error
    15.  
      Connectivity checks between NetBackup primary, media, and Kubernetes servers.

Automated configuration of NetBackup protection for Kubernetes

Pre-requisites

Before configuring the NetBackup on the Kubernetes workload, you must run a NetBackup server with access to ports 443, 1556, and 13724.

NetBackup Kubernetes operator and data mover images must be uploaded to container registry accessible from the Kubernetes cluster.

You need to create a secret to be consumed for automated deployment.

To create a new API key, from NetBackup web UI.

  1. Go to Security > Access keys > Add. Enter the username and select the validity as one day to avoid misuse of API key.
  2. On the Kubernetes cluster, create a new secret, nb-config-deploy-secret.yaml, with the following content.
    apiVersion: v1
kind: Secret
metadata:
  name: <kops-namespace>-nb-config-deploy-secret
  namespace: <kops-namespace>
type: Opaque
stringData:
  apikey: <Enter the value of API key from the earlier step>
  3. Apply the secret. run the command kubectl apply -f nb-config-deploy-secret.yaml

Pre-installation

  1. Edit the following fields in netbackupkops-helm-chart/values.yaml

    • containers.manager.image: Container registry URL for pulling NetBackup Kubernetes controller image

    • imagePullSecrets: name: name of image pull secret if container registry requires authentication to pull images.

    • nbprimaryserver: Configured name of NetBackup primary server.

    • nbsha256fingerprint: Fetch sha256 fingerprint from the NetBackup web UI. Go to Security > Certificates > Certificate Authority

    • k8sCluster: FQDN for Kubernetes cluster API server.

    • k8sPort: Port on which the Kubernetes API server is listed.

    The information is available on the UI console of Kubernetes cluster.

  2. If it is not present, run the following command to get Kubernetes cluster and Kubernetes port# kubectl cluster-infoKubernetes control plane runs at https://<Kubernetes FQDN>:6443

    • datamoverimage: Container registry URL to pull data mover image.

    • Storage parameters are required for snapshot and backup from snapshot operations. At least one of the Block or Filesystem storage parameters are mandatory.

  3. To get the storage classes, run the command # kubectl get storageclasses

    • storageclassblock: Storage class used for provisioning block volumes.

    • storageclassfilesystem: Storage class used for provisioning filesystem volumes.

  4. To get the volume snapshot class, run the command # kubectl get volumesnapshotclasses

    • volumesnapshotclassblock: Volume snapshot class for creating block volume snapshots.

    • volumesnapshotclassfilesystem: Volume snapshot class for creating filesystem volume snapshots.

    • waitTimeBeforeCleanupMinutes: Time in minutes to wait before configuration deployment is deleted in case of success. Max value can be set to 129600 (90 days). In case of failure, NetBackup resources of security token and credentials are deleted automatically but deployment runs to debug the failure.

Install

To install helm, run the command# helm install veritas-netbackupkops <path to netbackupkops-helm-chart> -n <kops namespace>

Debug

To get the config-deploy pod from the Kubernetes operator namespace, run the command# kubectl get pod -n <kops namespace> | grep "config-deploy"

Logs

To check logs from the pod <namespace>-netbackup-config-deploy, run the command# kubectl logs <pod-name> -n <kops namespace>

Note:

For more details, refer the Netbackup Kubernetes Quick Start Guide Release 10.3.