- Notes, cautions, and warnings
- Preface
- PowerProtect Data Manager for Kubernetes Overview
- About asset sources, assets, and storage
- Prerequisites
- Supported Internet Protocol versions
- Encryption in-flight
- Roadmap for Kubernetes cluster protection
- Roadmap for Tanzu Kubernetes guest cluster protection
- Updating PowerProtect Data Manager from version 19.13 or earlier to the latest version in a Kubernetes environment
- Security configuration
- Enabling the Kubernetes Cluster
- Adding a Kubernetes cluster asset source
- Prerequisites to Tanzu Kubernetes guest cluster protection
- Prerequisites to Kubernetes cluster discovery
- Enable an asset source
- Delete an asset source
- Add a VMware vCenter Server
- Add a Kubernetes cluster
- Controller Configurations
- Customizing the PowerProtect Data Manager pod configuration
- Add a VM Direct Engine
- Managing Storage, Assets, and Protection for Kubernetes Clusters
- Protection policies for Kubernetes namespace protection
- Supported protection policy purposes
- Supported protection policy objectives
- Replication triggers
- Roadmap for planning a protection policy
- Before you add a protection policy for Kubernetes namespace protection
- Add a protection policy for Kubernetes namespace protection
- Extended retention for protection policies
- Add a service-level agreement
- Protection rules
- Edit the retention period for asset copies
- Delete asset backup copies
- Export data for deleted backup copies
- Remove asset copy records from the PowerProtect Data Manager database
- Using the PowerFlex volumegroup snapshot extension
- Protecting PVCs in PowerScale access zones
- Protection policies for Kubernetes namespace protection
- Restoring Kubernetes Namespaces and PVCs
- Kubernetes Cluster Best Practices and Troubleshooting
- PPDMK8SDIAG diagnostics tool
- Configuration changes required for use of optimized data path and first class disks
- Recommendations and considerations when using a Kubernetes cluster
- Support Network File System (NFS) root squashing
- Update the Velero or OADP version used by PowerProtect Data Manager
- VM Direct protection engine overview
- Troubleshooting network setup issues
- Troubleshooting Kubernetes cluster issues
- Restore to original cannot be completed when datastore containing FCD is shared across vCenters
- Specify volumesnapshotclass for v1 CSI snapshots
- Enabling protection when the vSphere CSI driver is installed as a process
- Considerations when protecting nonsnapshot CSI volumes
- Pod configuration not updated in Velero deployment when field is omitted from patch string
- Backups fail or hang on OpenShift after a new PowerProtect Data Manager deployment
- Restore of imagestream and imagestreamtags cannot be completed on OpenShift
- Data protection operations for high availability Kubernetes cluster might fail when API server not configured to send ROOT certificate
- Kubernetes cluster on Amazon Elastic Kubernetes Service certificate considerations
- Removing PowerProtect Data Manager components from a Kubernetes cluster
- Increase the number of worker threads in Supervisor cluster backup-driver if Velero timeout occurs
- Velero pod backup and restore might fail if namespace being protected contains a large number of resources
- vSphere CSI backups might fail when the File System agent is used as the data mover
- Pull images from Docker Hub as authenticated user if Docker pull limits reached
- Warning displays when temporary persistent volumes not deleted by CSI driver before timeout
- Application-Consistent Database Backups in Kubernetes
- About application-consistent database backups in Kubernetes
- Obtain and deploy the CLI package
- About application templates
- Deploy application templates
- Perform application-consistent backups
- Verify application-consistent backups
- Disaster recovery considerations
- Granular-level restore considerations
- Log truncation considerations
- Glossary
PowerProtect Data Manager 19.16 Kubernetes User Guide
Public key for verifying container image signatures
In PowerProtect Data Manager 19.16 and later, Kubernetes container images are signed. A public key is required to verify the container image signature for the following:
- dellemc/powerprotect-k8s-controller
- dellemc/powerprotect-cproxy
- dellemc/powerprotect-velero-dd
The content for the public key is as follows:
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAsa2FVXnzfIa6uteQiltcXYPYj0XR02n9FNKsBTWMuR4e9vAlZFkESKuKCDNsnWk+tpUN3TYKLEFw3B6nH4SeQWZbbHcGi7i0dvDdHPBWulRlq3b/FLQ6ABw9fMI4kRlCszjh4kf5gRag3YPS5D0CfgnOaWA8E0tVsjcsgZuIp15nD3kmcV7uV5ONcnSwJjqPr9yIr8X0xtYKvFo1eOjjnM6Mz7FGS3DFsb/j33LNNwqtkkF/wxOH4Tf+uZmPpzlwWwxJHD8M/+aSV+/Q+grP 4fwt0P4bDtqu0AlbAOoIGX572D39p1w8p9YmTcBFHsNqFBBUnyLL81WdH0l8JSO+SANOvLYAQtSaoxmLsO1oZTlJJ+9EHOogQSkyRGjaxvQBNeq3sl8r+u8ZWKmc4p3yu0OxacFZWleuS6Y3xjtr/2Vjqan7FT6ZZnBZAVKW9uuamsArp/OWUD1ghT8iI+zpquRjFckjfE0qunuLKLpdlM5rafD9wHwG8IEjFFPYJRa3AgMBAAE= -----END PUBLIC KEY-----
Container images for Kubernetes backups are signed using cosign. Note that third-party images are not signed.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\