Skip to main content

How can we help you?

Druva Documentation

Deploy Druva Backup Operator (Kubernetes Admin)

Readiness Check

  1. Using terminal console ensure all prerequisites are met on the Kubernetes cluster to be backed up
  2. Verify that the following prerequisites are installed:
    • kubectl (v 1.19 and later), Kubernetes CLI tool
    • Helm (v 3.6.0), the package manager 
    • AWS Command Line Interface (CLI) v2, a unified tool to manage your AWS services
    • Generate the IAM keys from your AWS Management Console and configure them (IAM users will need the requisite permissions)
    • CSI External-Snapshotter (v 4.1.0)
    • The latest CSI driver for Amazon EBS, note that this driver must be installed after installation of external snapshotter
    • Cert Manager (v 1.1.0 and later)
    • Service Catalog
  3. Log in to the Druva CloudRanger console and navigate to Resources Kubernetes. Click Register New Cluster.
  4. Follow the instructions to deploy the connection router to your cluster's VPC. Click Test Connection to test your network access.

Install Druva Backup Operator/DBO

Note: During installation, you may need to toggle between terminal console and the Druva CloudRanger web console.

1. Enable OCI support:


2. Authenticate with container registry where DBO and associated Helm charts are available for download:

aws ecr get-login-password --region <Region> | helm registry login --username AWS --password-stdin <Registry>

3. Pull Helm charts:

helm chart pull <Registry>/<Chart_Tag>`
  • Druva Backup Operator:

helm chart pull <Registry>/<Chart_Tag>
  • MySQL App consistent snapshot (optional)

4. Export pulled Helm charts

helm chart export <Registry>/<Chart_Tag>`
  • Druva Backup Operator:
helm chart export <Registry>/<Chart_Tag>
  • MySQL App consistent snapshot (optional):
 helm chart export <Registry>/<Chart_Tag>

Registry indicates the AWS ECR registry
Chart_Tag indicates the Helm chart tag

5. Deploy Druva Backup CRDs in druva-system namespace:

helm install druva-backup-crds./druva-backup-crds --namespace druva-system --create-namespace

6. Deploy Druva Backup Operator chart in druva-system namespace.
To do this, copy the command syntax displayed in step 4. Execute the following Helm command to install Druva Backup Operator, paste on the terminal console, and verify parameters and their values before pressing Enter key.

The command syntax is as follows:

helm install druva-backup-operator ./druva-backup-operator \
--namespace druva-system \
--atomic --render-subchart-notes \
--set druva-backup-config.nameOverride=druva-backup-config \
--set global.image.registry=<Registry> --set global.image.tag=<Image_Tag> \
--set bootstrap.token=<Registration_Token> \
--set bootstrap.clusterURI=<Cluster_URI> --set bootstrap.clusterURL=<Cluster_URL> \
--set prometheus.monitoring.enabled=false \
--set catalogue.url=<CR_Catalgoue_URL>

Registration Token indicates the bootstrap token to authenticate your Kubernetes cluster with Druva CloudRanger
Image_Tag indicates the version of the image
Cluster_URL indicates the API Server endpoint of Kubernetes Cluster
Cluster_URI indicates the unique identifier for the Cluster
Catalogue_URL indicates the CloudRanger catalogue endpoint for cluster registration

Note: Contact your CR cloud admin for token, ClusterURL, ClusterURI, CatalogueURL parameters

  1. To verify the installation of Druva Backup Operator, run the following command:

kubectl get cluster druva-cluster -n druva-system

8. Proceed with druva-mysql chart installation: Execute the following command if you wish to protect your MySQL application workload data. Installing the druva-mysql Helm chart will ensure that snapshots are application-consistent

helm install druva-standalone-mysql-application ./druva-mysql-application 
--namespace druva-system 
--atomic --render-subchart-notes 
--set architecture=standalone  
--set image.registry=<Registry> 
--set image.tag=<Image_Tag> 
--set secret.passwordKey=mysql-root-password

Note: This chart is provided by Druva, with the passwordKey set to mysql-root-password.

Next Steps

Post DBO installation, there are a few additional tasks that the Kubernetes Admin might want to perform. 

  • The Kubernetes Admin assigns ApplicationGroup definitions to Application Admins as appropriate. Druva Backup Operator creates an ApplicationGroup object in every namespace. This DBO-created ApplicationGroup object allows Kubernetes Admin and/or AppAdmin to perform backup of the entire namespace, as long as the required permissions are granted to the AppAdmin role.
  • The ApplicationGroup object is created by the name of the namespace. When the Kubernetes Admin creates a new namespace, DBO creates an associated ApplicationGroup object and prepares the newly created namespace for backup. 

To verify ApplicationGroup objects creation, perform the following steps:

  • Run the following command to print a list of ApplicationGroups created in all the namespaces in the cluster.
kubectl get applicationgroup -A --

A sample output is shown below:

default      default    9dff8c58-f886-4175-be7e-804a3f99a7ab                                                      false
  • Create a namespace:

$ kubectl create ns apps

Execute the following command:

$ kubectl get applicationgroup -A --

A sample output is shown below:

apps        apps       02581432-603c-4a1e-a10b-6b29b728be74                                                   false
default     default    9dff8c58-f886-4175-be7e-804a3f99a7ab                                                   false
  • Execute command:
$ kubectl get applicationgroup default -n default -o yaml

A sample of the output displayed:

kind: ApplicationGroup
  annotations: '{"username":"system:serviceaccount:druva-system:druva-backup-operator","uid":"8d3ecd24-274f-4b65-b873-499e04babc3b","groups":["system:serviceaccounts","system:serviceaccounts:druva-system","system:authenticated"]}' "true"
  creationTimestamp: "2021-10-21T13:07:39Z"
  generation: 2
  name: default
  namespace: default
  resourceVersion: "2674"
  uid: 528b5fd4-f2f8-4a58-8c01-890e6d6963e1
  applicationGroupDetail: {}
  applicationGroupID: 81f48534-2b7c-458c-b929-c72e22c88c00
  failedBackupsHistoryLimit: 1
  successfulBackupsHistoryLimit: 0
  suspendBackups: false
  - lastTransitionTime: "2021-10-21T13:08:06Z"
    message: installed service credentials
    observedGeneration: 1
    reason: Registered
    status: "True"
    type: Available
  - lastTransitionTime: "2021-10-21T13:08:06Z"
    message: attached servicebinding
    observedGeneration: 1
    reason: RegistrationBound
    status: "True"
    type: InProgress

3. As a Kubernetes Admin, you may want to download and install the druvactl tool provided by Druva.

  • Download and install the latest RPM/DEB package from the Kubernetes Downloads page.
  • For any help with the tool, simply run the help command:
$kubectl druva --help 

Note: The tool druvactl will integrate DBO-related administrative operations into kubectl. A sub-menu druva gets added to the kubectl command. Refer kubectl druva --help for more information.

For more information, see Druvactl Utility.

  • Was this article helpful?