NetBackup™ for Kubernetes Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (11.0)
  1. Overview of NetBackup for Kubernetes
    1.  
      Overview
    2.  
      Features of NetBackup support for Kubernetes
  2. Deploying and configuring the NetBackup Kubernetes operator
    1.  
      Prerequisites for NetBackup Kubernetes Operator deployment
    2.  
      Deploy service package on NetBackup Kubernetes operator
    3.  
      Port requirements for Kubernetes operator deployment
    4.  
      Upgrade the NetBackup Kubernetes operator
    5.  
      Delete the NetBackup Kubernetes operator
    6.  
      Configure NetBackup Kubernetes data mover
    7.  
      Automated configuration of NetBackup protection for Kubernetes
    8. Customize Kubernetes workload
      1.  
        Prerequisites for backup from snapshot and restore from backup operations
      2.  
        DTE client settings supported in Kubernetes
      3.  
        Customization of datamover properties
    9.  
      Troubleshooting NetBackup servers with short names
    10.  
      Data mover pod schedule mechanism support
    11.  
      Validating accelerator storage class
  3. Deploying certificates on NetBackup Kubernetes operator
    1.  
      Deploy certificates on the Kubernetes operator
    2.  
      Perform Host-ID-based certificate operations
    3.  
      Perform ECA certificate operations
    4.  
      Identify certificate types
  4. Managing Kubernetes assets
    1.  
      Add a Kubernetes cluster
    2. Configure settings
      1.  
        Change resource limits for Kuberentes resource types
      2.  
        Configure autodiscovery frequency
      3.  
        Configure permissions
      4.  
        Asset cleanup
    3.  
      Add protection to the assets
    4. Scan for malware
      1.  
        Assets by workload type
  5. Managing Kubernetes intelligent groups
    1.  
      About intelligent group
    2.  
      Create an intelligent group
    3.  
      Delete an intelligent group
    4.  
      Edit an intelligent group
  6. Managing Kubernetes policies
    1.  
      Create a policy
  7. Protecting Kubernetes assets
    1.  
      Protect an intelligent group
    2.  
      Remove protection from an intelligent group
    3.  
      Configure backup schedule
    4.  
      Configure backup options
    5.  
      Configure backups
    6.  
      Configure Auto Image Replication (A.I.R.) and duplication
    7.  
      Configure storage units
    8.  
      Volume mode support
    9.  
      Configure application consistent backup
  8. Managing image groups
    1. About image groups
      1.  
        Image expire
      2.  
        Image copy
  9. Protecting Rancher managed clusters in NetBackup
    1.  
      Add Rancher managed RKE cluster in NetBackup using automated configuration
    2.  
      Add Rancher managed RKE cluster manually in NetBackup
  10. Recovering Kubernetes assets
    1.  
      Explore and validate recovery points
    2.  
      Restore from snapshot
    3.  
      Restore from backup copy
  11. About incremental backup and restore
    1.  
      Incremental backup and restore support for Kubernetes
  12. Enabling accelerator based backup
    1.  
      About NetBackup Accelerator support for Kubernetes workloads
    2.  
      Controlling disk space for track logs on primary server
    3.  
      Effect of storage class behavior on Accelerator
    4.  
      About Accelerator forced rescan
    5.  
      Warnings and probable reason for Accelerator backup failures
  13. Enabling FIPS mode in Kubernetes
    1.  
      Enable Federal Information Processing Standards (FIPS) mode in Kubernetes
  14. About Openshift Virtualization support
    1.  
      OpenShift Virtualization support
    2.  
      Application consistent virtual machines backup
    3.  
      Troubleshooting for virtualization
  15. Troubleshooting Kubernetes issues
    1.  
      Error during the primary server upgrade: NBCheck fails
    2.  
      Error during an old image restore: Operation fails
    3.  
      Error during persistent volume recovery API
    4.  
      Error during restore: Final job status shows partial failure
    5.  
      Error during restore on the same namespace
    6.  
      Datamover pods exceed the Kubernetes resource limit
    7.  
      Error during restore: Job fails on the highly loaded cluster
    8.  
      Custom Kubernetes role created for specific clusters cannot view the jobs
    9.  
      Openshift creates blank non-selected PVCs while restoring applications installed from OperatorHub
    10.  
      NetBackup Kubernetes operator become unresponsive if PID limit exceeds on the Kubernetes node
    11.  
      Failure during edit cluster in NetBackup Kubernetes 10.1
    12.  
      Backup or restore fails for large sized PVC
    13.  
      Restore of namespace file mode PVCs to different file system partially fails
    14.  
      Restore from backup copy fails with image inconsistency error
    15.  
      Connectivity checks between NetBackup primary, media, and Kubernetes servers.
    16.  
      Error during accelerator backup when there is no space available for track log
    17.  
      Error during accelerator backup due to track log PVC creation failure
    18.  
      Error during accelerator backup due to invalid accelerator storage class
    19.  
      Error occurred during track log pod start
    20.  
      Failed to setup the data mover instance for track log PVC operation
    21.  
      Error to read track log storage class from configmap

Features of NetBackup support for Kubernetes

Table: NetBackup for Kubernetes

Feature

Description

Auto NetBackup Kubernetes Agent Configuration

Adds Kubernetes cluster and configurations such as storage class and volume snapshot class, and data mover configuration can be done with automated deployment supported.

Integration with NetBackup role-based access control (RBAC)

The NetBackup web UI provides RBAC roles to control which NetBackup users can manage Kubernetes operations in NetBackup. The user does not need to be a NetBackup administrator to manage Kubernetes operations.

Licensing

Capacity-based licensing.

Protection plans

The following benefits are included:

  • Use a single protection plan to protect multiple Kubernetes namespaces. The assets can be spread over multiple clusters.

  • You are not required to know the Kubernetes commands to protect the Kubernetes assets.

Intelligent management of Kubernetes assets

NetBackup automatically discovers the namespaces, persistent volumes, persistent volume claims, and so on, in the Kubernetes clusters. You can also perform manual discovery. After the assets are discovered, the Kubernetes workload administrator can select one or more protection plans to protect them.

Note:

In case of Auto Image Replication (AIR), the imported namespace of target primary server displays imported time as Last Discovered time.

Kubernetes specific credentials

Kubernetes service accounts used to authenticate and manage the clusters.

Discovery

  • Full discovery

  • Incremental discovery

Discovery using Discover now option is always a full discovery.

Discovery when a new cluster is added to the NetBackup is always a full discovery. 

Once the Kubernetes cluster is added, auto discovery cycle is triggered to discover all the assets available on the Kubernetes cluster. The first auto discovery of the day is a full discovery and subsequent auto discoveries are incremental. 

Backup features

  • Snapshot only backups

  • Backup from snapshot

The following features are available for backup:

  • Backups are managed entirely by the NetBackup server from a central location. Administrators can schedule automatic, unattended backups for namespaces on different Kubernetes clusters.

  • The NetBackup web UI supports backup and restore of namespaces from one interface.

  • Backup schedule configuration for full backups.

  • Manual backups and snapshot only backups.

  • Resource throttling for each cluster to improve the performance of backups.

  • NetBackup can perform backups of Kubernetes namespaces with snapshot methodology, achieving faster recovery time objectives.

Restore features

  • Restore from snapshot

  • Restore from backup copy

The following features are available for restore:

  • Restore Kubernetes namespaces and persistent volumes to different locations.

  • Restore to a different Kubernetes cluster flavor using restore from backup copy with parallel restore jobs.

Client side data deduplication support

Client side data deduplication support feature is enabled for Kubernetes.

For more details, refer to the About client-side deduplication section in the NetBackup Deduplication Guide.

Auto Image Replication (AIR)

The backups that are generated in one NetBackup Kubernetes cluster can be replicated to storage in one or more target NetBackup domains. This also is referred to as AIR. The ability to replicate backups to storage in other NetBackup domains.

The Auto Image Replication (A.I.R.) is supported for all schedule types.

Protection of Stateful applications

Kubernetes application using persistent volumes to maintain there states can be protected. Backup and restore of Persistent Volume Claims (PVCs) of mode file system and/or block for the Container Storage Interface (CSI) providers which supports the following features:

  • PVC snapshot capability

  • PVC volume provisioning based on the Network File System (NFS) or other non-block storage

  • Backup and restore of a namespace with mixed volumes (VolumeMode: Filesystem and Block) is supported for NetBackup 10.3 and later.

Import and verify

Import is a two step operation, the first step recreates the catalog entries for the backups that are on the specified media. Once the second phase import has been completed catalog entries for files were backed up by those images will be created.

Verify: NetBackup can verify the contents of a backup by comparing its contents to what is recorded in the NetBackup catalog.

Federal Information Processing Standards (FIPS) support for Red Hat platforms

NetBackup Kubernetes on Red Hat platform provides support to FIPS compliant communication.

Accelerator backup support for Kubernetes

NetBackup supports accelerator backup for Kubernetes workloads and it reduces the backup time.

Support for malware scan

NetBackup version 10.4 and later provides support for scanning Kubernetes assets for malware through the Kubernetes workload.

OpenShift Virtualization support for Kubernetes workload

NetBackup version 10.4.1 and later, provides backup and restore support for namespaces with one or more virtual machines running on Kubernetes clusters.