Quick Start Guide to Kubernetes Protection
Druva CloudRanger offers comprehensive data protection of your production workloads deployed on Kubernetes from one unified interface.
This guide will help you get started with configuring and managing your Kubernetes clusters.
The overall data protection and restore workflow of your Kubernetes clusters and application groups is illustrated below:
Step 1: Initial configuration and prerequisites
Ensure all prerequisites are met on the Kubernetes cluster to be backed up.
For more information, see Prerequisites.
Step 2: Installation and deployment
Register Clusters on Druva CloudRanger and deploy Druva Backup Operator using the terminal console.
Note: During installation, you may need to toggle between the terminal console and the Druva CloudRanger Web console.
- To begin registering a new Kubernetes cluster, you need to grant CloudRanger permissions for cluster discovery. To do this, create or update your CloudFormation template to provision access to your Kubernetes environment. For more information, see Register New Clusters.
- Proceed with deploying Druva Backup Operator. For step-by-step instructions, see Deploy Druva Backup Operator.
The druvactl utility is a standalone Druva Backup Operator management CLI tool. It supports Red Hat and Debian-based Linux distributions and can be independently downloaded from the Kubernetes Downloads page. For more information, see Druvactl Utility.
Step 3: Define Application Groups and Recipes
An Application Group is a Kubernetes application, as defined by the Application Admin, that is eligible for backup. The Application Group includes an Application Group Name and an Application Group ID. To prepare for application data backup, you must first define the Application Groups and the associated Recipes.
For more information, see Application Group Definition and Recipe Definition.
Step 4: Application backup and restore
- Application backup and restore workflow on Druva CloudRanger:
You can choose to automate your backup process for Kubernetes application groups using backup policies. A backup policy specifies the backup schedule and retention criteria for backup jobs. For more information, see Manage Backup Policies.
You may also generate a manual backup of a specific Kubernetes application group on Druva CloudRanger. For more information, see Backup Application Groups. You can then restore your Kubernetes application groups from backup sets generated. For more information, see Restore Application Groups.
- Application backup and restore workflow via CLI (Kubernetes Admin)
Upon creating an Application Group, Druva Backup Operator registers the Application Group with the backup catalog and installs a secret containing the Application Group credentials, which are required to initiate the backup and then create a Restore Point.
For information on backup of stateful applications, see Trigger Backups Using Command Line Interface. Once the backup generates successfully, the Restore Point is created in the same namespace as the Application Group. For a detailed restore workflow via CLI, see Restore Workflow Using Command Line Interface.
The Kubernetes Admin will need to assign the requisite role and permissions to the Application Admin to enable backup and restore of stateful applications. The Application Admin can then log into the cluster and administer the namespace belonging to their applications.
Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within your organization. RBAC authorization uses the rbac.authorization.k8s.io API group to drive authorization decisions, allowing you to dynamically configure policies through the Kubernetes API. An RBAC Role or ClusterRole contains rules that represent a set of permissions. For more information on Roles and Permissions, see Access control.
Druva CloudRanger provides an integrated view of all UI-triggered scheduled and maintenance activities on the Jobs page. Each job is identified by a unique Job ID and holds a specific status, and the job progress can be tracked via the progress log. For more information, see Jobs.