- Notes, cautions, and warnings
- Preface
- PowerProtect Data Manager for Kubernetes Overview
- Enabling the Kubernetes Cluster
- Adding a Kubernetes cluster asset source
- Prerequisites to Tanzu Kubernetes guest cluster protection
- Prerequisites to Kubernetes cluster discovery
- Enable an asset source
- Delete an asset source
- Add a VMware vCenter Server
- Add a Kubernetes cluster
- Controller Configurations
- Customizing the PowerProtect Data Manager Appliance pod configuration
- Add a VM Direct Engine
- Managing Storage, Assets, and Protection for Kubernetes Clusters
- Protection policies for Kubernetes namespace protection
- Supported protection policy purposes
- Supported protection policy objectives
- Replication triggers
- Roadmap for planning a protection policy
- Before you add a protection policy for Kubernetes namespace protection
- Add a protection policy for Kubernetes namespace protection
- Add a service-level agreement
- Protection rules
- Edit the retention period for asset copies
- Delete asset backup copies
- Export data for deleted backup copies
- Remove asset copy records from the PowerProtect Data Manager Appliance database
- Using the PowerFlex volumegroup snapshot extension
- Protecting PVCs in PowerScale access zones
- Protection policies for Kubernetes namespace protection
- Restoring Kubernetes Namespaces and PVCs
- Kubernetes Cluster Best Practices and Troubleshooting
- PPDMK8SDIAG diagnostics tool
- Configuration changes required for use of optimized data path and first class disks
- Recommendations and considerations when using a Kubernetes cluster
- Support Network File System (NFS) root squashing
- Update the Velero or OADP version used by PowerProtect Data Manager Appliance
- VM Direct protection engine overview
- Troubleshooting Kubernetes cluster issues
- Restore to original cannot be completed when datastore containing FCD is shared across vCenters
- Specify volumesnapshotclass for v1 CSI snapshots
- Enabling protection when the vSphere CSI driver is installed as a process
- Considerations when protecting nonsnapshot CSI volumes
- Pod configuration not updated in Velero deployment when field is omitted from patch string
- Backups fail or hang on OpenShift after a new PowerProtect Data Manager Appliance deployment
- Restore of imagestream and imagestreamtags cannot be completed on OpenShift
- Data protection operations for high availability Kubernetes cluster might fail when API server not configured to send ROOT certificate
- Kubernetes cluster on Amazon Elastic Kubernetes Service certificate considerations
- Removing PowerProtect Data Manager Appliance components from a Kubernetes cluster
- Increase the number of worker threads in Supervisor cluster backup-driver if Velero timeout occurs
- Velero pod backup and restore might fail if namespace being protected contains a large number of resources
- vSphere CSI backups might fail when the File System agent is used as the data mover
- Pull images from Docker Hub as authenticated user if Docker pull limits reached
- Warning displays when temporary persistent volumes not deleted by CSI driver before timeout
- Application-Consistent Database Backups in Kubernetes
- About application-consistent database backups in Kubernetes
- Obtain and deploy the CLI package
- About application templates
- Deploy application templates
- Perform application-consistent backups
- Verify application-consistent backups
- Disaster recovery considerations
- Granular-level restore considerations
- Log truncation considerations
- Glossary
PowerProtect Data Manager Appliance 5.16.0.0 Kubernetes User Guide
Protection policies for Kubernetes namespace protection
Protection policies define sets of objectives that apply to specific periods of time. These objectives drive configuration, active protection, and copy-data-management operations that satisfy the business requirements for the specified data. Each policy type has its own set of user objectives.
Only the Administrator role can create or edit protection policies.
The next topics discuss protection policy terminology, concepts, and available options for planning protection policies. All protection policies require a primary backup or retention objective. The remaining objectives are optional.
A Kubernetes protection policy enables you to select namespaces in the Kubernetes cluster that you want to back up. When PowerProtect Data Manager Appliance backs up a Kubernetes namespace, the following items are included in the protection policy backup:
- Kubernetes resources, in addition to the contents of the persistent volumes bound to PVCs in that namespace. Kubernetes resources are backed up using Velero. Upstream Kubernetes resources such as Deployments, StatefulSets, DaemonSets, Pods, Secrets, ConfigMap, Custom Resources, Service, ServiceAccount, Role, and RoleBinding are backed up as part of the Kubernetes resources.
- Cluster resources are backed up automatically as part of the Kubernetes protection policy. These resources are the cluster roles, cluster role bindings, and custom resource definitions (CRDs) that are associated with namespace-scoped resources.
Any CRDs that are associated with the namespace are only backed up if a corresponding Custom Resource for that CRD exists in the namespace.
- For OpenShift, OpenShift-specific resources such as DeploymentConfig, BuildConfig, and ImageStream are also protected using the
Velero OpenShift plug-in.
Container images are not protected as part of the ImageStream resource.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\