> Commvault Cloud > Kubernetes > Configuration

Configuring Backups for a Kubernetes Cluster Across a Local Network Using a Backup Gateway

Commvault Cloud uses one or many Kubernetes backup gateways to discover, back up, and restore your Kubernetes applications. Backup gateways run backups and other operations.

You must have at least 1 backup gateway for Kubernetes. In environments that require high availability for Kubernetes data management activities, having at least 2 backup gateways is recommended. A single backup gateway can protect multiple Kubernetes clusters. Commvault Cloud automatically load balances across available backup gateways, and restarts data management activities that are interrupted when an backup gateway becomes unavailable. If you do not have existing backup gateways in proximity to your Kubernetes cluster, you can add servers as backup gateways. Backup gateways run backups and other operations.

You can configure backups for a Kubernetes cluster that you want to back up across a local network using a backup gateway.

To protect your Azure Kubernetes Service (AKS) or Amazon Elastic Kubernetes Service (EKS) clusters which are publicly accessible, you can configure backups using the Commvault Cloud infrastructure. For more information, see Configuring Backups for Kubernetes Using the Commvault Cloud Infrastructure.

Scaling Guidelines for Kubernetes Backup Gateways

For high availability and improved concurrent throughput of backups and other operations, instead of increasing the hardware specifications of your backup gateway, add more backup gateways (with identical hardware specifications) to your Kubernetes cluster. You can also add multiple backup gateways to a server group, and then assign that server group to your Kubernetes cluster or application group.

The read speed from disks, the network throughput from worker nodes, and the network throughput on your backup gateways affect the amount of data that is transferred in the backup window.

In managed cloud infrastructures, the underlying CPU and network credits that are granted to control plane nodes limit the amount of data that can be transferred concurrently. If you are reaching cloud-based resource quotas, consider scaling the control plane with additional nodes to support required backup throughput.

Prepare for the Configuration

Start the Configuration Wizard

  1. From the navigation pane, go to Protect > Kubernetes.

    The Overview page appears.

  2. In the upper-right area of the page, click Add cluster.

    The Select Kubernetes service or distribution page appears.

  3. Select Other CNCF or on-premise Kubernetes clusters.

  4. Click Next.

    The Backup method overview page appears.

  5. Click Next.

    The Backup Gateway page of the configuration wizard appears.

Backup Gateway

A backup gateway is required to back up clusters without egress charges. Backup gateways run backups and other operations. To ensure high availability for data management operations, select multiple backup gateways. With multiple backup gateways, Commvault Cloud performs load balancing and automatically recovers from backup gateway outages.

  1. Select an existing backup gateway or create a new backup gateway.

    Steps to create a backup gateway

    1. Click the add button add/plus button - gray - no border.

      The Add new backup gateway dialog box appears.

    2. Click Download.

      The backup gateway installer is downloaded. The file name of the installer is BackupGateway64.exe.

    3. On the computer that you will use as the backup gateway, install the software:

      1. Right-click the installation file, and then select Run as administrator.

        The Custom Package Manager dialog box appears.

      2. Extract the files.

        The Commvault Cloud installer appears.

      3. In the Installation Path box, enter the path to install the backup gateway (default path is C:\Program Files\Metallic\ContentStore) and then click Next.

        The Data Directory Path screen appears.

      4. In the Select data directory path box, enter the path on the dedicated data disk for the deduplication database, index cache, and job results folder.

        By default, a non-OS drive with the largest amount of available space is selected as the data directory path. For example, E:\Metallic\Data.

        Important

        Because the data disk is used for intensive I/O operations such as deduplication, job results, and index caching, use either a separate data disk or virtual drives using a storage pool.

      5. Click Next to start the installation.

        After the software is installed, the Server Authentication dialog box appears.

      6. Click Enter Credentials, and then enter the credentials that you use to log on to the Command Center.

      7. If you are an MFA-enabled customer, when prompted, enter the authcode that was displayed on the download screen.

        To view the authcode, go to Manage > Company.

      8. Click Next.

      9. Before leaving the installer, copy the fully qualified domain name (FQDN) of the backup gateway.

    4. Return to the Select backup gateway page.

    5. In the Backup gateway hostname box, enter the FQDN of the backup gateway.

    6. Click Submit.

      The backup gateway registers with Commvault Cloud.

    7. Return to Commvault Cloud.

    8. Refresh the list of backup gateways, and then select the backup gateway that you created.

  2. Click Next.

    The Local Storage page of the configuration wizard appears.

Local Storage

For optimal performance, store a primary copy locally and a secondary copy in a cloud location. If you back up directly to cloud, without a local copy, you might experience sub-optimal performance.

  1. Decide whether to use local storage:

    • To store the primary backup only in the cloud, move the Backup to cloud storage only toggle key to the right.

    • To store the primary backup locally, select existing local storage location or create a new local storage.

      Steps to create local storage
      1. Click the add button add/plus button - gray - no border, and then select Disk or S3 Local Storage.

      Disk Local Storage

      1. Select Disk.

        The Add local storage dialog box appears.

      2. In Name, enter a descriptive name for the local storage.

      3. Click Add.

        The Add backup location dialog box appears.

      4. From the Backup gateway list, select the backup gateway to use.

      5. For Backup location, enter the path to store the backup in.

      6. Click Add.

      7. Click Save.

      S3 Local Storage

      1. Select S3 Local Storage.

        The Add S3 local storage dialog box appears.

      2. From the Type drop-down list, select the required storage, and then enter the necessary values.

        Storage provider

        Values

        • Dell EMC ECS (S3-compatible)

        • Fujitsu Storage ETERNUS CD10000

        • Hitachi Content Platform for Cloud Scale

        • NetApp StorageGRID

        • Nutanix Objects

        • Pure Storage FlashBlade

        • S3 Compatible Storage

        Name: Enter a descriptive name for the S3 local storage.

        Service host: Enter the local storage host.

        Credentials: Select existing credentials. To create a new credential, click + icon and provide required information.

        Bucket: Click the Detect button to detect an existing bucket.

        Alternatively, type the name of the bucket that you want to use, and click add bucket_name in the displayed prompt. The system will automatically use the existing bucket if it is available or create a new bucket if it is not available.

        Hitachi Content Platform

        Name: Enter a descriptive name for the S3 local storage.

        Service host: Enter the local storage host.

        Credentials: Select existing credentials. To create a new credential, click + icon and provide required information.

        Namespace: Click the Detect button to detect the namespace using the credential.

        Alternatively, type the namespace of the existing user account that you want to use, and click add namespace in the displayed prompt. The system will automatically use the existing namespace if it is available or create a new one if it is not available.

        HPE Catalyst Storage

        Name: Enter a descriptive name for the S3 local storage.

        StoreOnce Host: Enter the IP address or COFC identifier in case of Fibre Channel associated with the HPE StoreOnce device.

        User name: Username used to access StoreOnce management console.

        Password: Password used to access StoreOnce management console.

        Store: Click the Detect button to detect an existing store on the StoreOnce management console.

        Alternatively, type the name of the store that you want to use, and click add store in the displayed prompt. The system will automatically use the existing store if it is available or create a new store if it is not available.

      3. Click Save.

  2. Click Next.

    The Cloud Storage page of the configuration wizard appears.

Cloud Storage

  1. Decide whether to use cloud storage:

    • If you specified local storage, and you don't want to use cloud storage, move the Only use on-premises storage toggle key to the right.

    • Select existing cloud storage or create new cloud storage.

      If you are creating new cloud storage, you will need to configure access to the cloud storage.

      Steps to create cloud storage

      1. Click the add button add/plus button - gray - no border.

        The Add cloud storage dialog box appears.

      2. From Type, select the storage provider, and then enter the necessary values.

        Storage provider

        Values

        Amazon S3

        • Name: Enter a descriptive name for the cloud storage.

        • Storage class: Select the storage class for the type of access that you want to have for the data.

        • Region: Select the region for the cloud storage.

        • Service host: The Commvault Cloud software populates the default value.

        • Authentication: Select the type of authentication to use.

        • Credentials: Select existing credentials or create new credentials.

        • Bucket: Enter the name of the bucket.

        Air Gap Protect

        • Cloud storage provider: Select Azure Blob Storage or OCI Object Storage.

        • Storage class: Select the storage class for the type of access that you want to have for the data.

        • Region: Select the region for the cloud storage.

        Microsoft Azure Storage

        • Name: Enter a descriptive name for the cloud storage.

        • Storage class: Select the storage class for the type of access that you want to have for the data.

        • Region: Select the region for the cloud storage.

        • Service host: The Commvault Cloud software populates the default value.

        • Authentication: Select the type of authentication to use.

          • Access key and Account name

          • IAM AD application

          • IAM VM role

        • Account name: Enter the name of the Microsoft Azure Storage account.

        • Credentials: Select existing credentials or create new credentials.

        • Container: Enter the name of the container. For example, enter bucket_name.

        Oracle Cloud Infrastructure Object Storage

        • Name: Enter a descriptive name for the cloud storage.

        • Storage class: Select the storage class for the type of access that you want to have for the data.

        • Region: Select the region for the cloud storage.

        • Service host: The Commvault Cloud software populates the default value.

        • Credentials: Select the credentials to use.

        • Compartment name: Enter the name of the compartment.

        • Bucket: Enter the name of the bucket.

      3. Click Save.

  2. Click Next.

    The Plan page of the configuration wizard appears.

Plan

A backup plan specifies the storage to back up the data to and other settings such as recovery point objective (RPO) settings.

  1. Select an existing backup plan or create a new backup plan.

    Steps to create a backup plan

    1. Click the add button add/plus button - gray - no border.

      The Add plan dialog box appears.

    2. In the Plan name box, enter a descriptive name for the backup plan.

    3. For the backup plan settings, select pre-defined settings or create custom settings:

      • To select pre-defined settings, under Retention rules, select one of the following:

        • Select Standard retention to retain the incremental backups for 1 month.

        • Select Extended retention for optimized storage where the incremental backups of primary and secondary copies are retained for 1 month, and extended retention for monthly and yearly full backups.

          Note

          The Extended retention option is available only when the secondary copy backup is selected.

      • To create custom settings, select Custom plan, and then specify the following:

        • For Retention, specify the amount of time to retain the backup jobs.

        • For Retention monthly full (Secondary copy), specify the amount of time to retain the monthly full backup on secondary copy.

        • For Retention yearly full (Secondary copy), specify the amount of time to retain the yearly full backup on secondary copy.

        • For Backups run every, specify how often to run backups.

    4. Click Done.

  2. Click Next.

    The Add Cluster page of the configuration wizard appears.

Add Cluster

  1. In the Kubernetes API server box, enter the API server URL and port number in the following format:

    https://servername:port

    To get the URL, run the following command: 

    kubectl cluster-info

    In the following example output, the Kubernetes control plane is running at https://k8s-123-4.your.domain:6443, so you would enter https://k8s-123-4.your.domain:6443 in the Kubernetes API server box.

    If your control plane is running on port 443, you don't have to include the port number.

     
    Kubernetes control plane is running at https://k8s-123-4.your.domain:6443
CoreDNS is running at https://k8s-123-4.your.domain:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

  2. In Name, enter a descriptive name for the cluster.

  3. For Authentication Type, leave Service account selected.

  4. In Service account, enter the name of a service account to access the cluster for backups and other operations.

    To generate the service token script, click Create Service Account. In the Get Kubernetes service token script window, do the following:

    1. In Namespace, specify the namespace where you want to create the service account.

    2. In ClusterRoleBinding name, specify a name.

    3. In Secret, specify a secret name for service account.

    4. Copy the script using the Copy to clipboard button.

    5. Run the script on Kubernetes cluster to create the Service Account, ClusterRolebinding and Service Account Secret. Copy the service account token generated.

  5. In Service token, enter the service account token.

  6. Click Next.

    The Commvault Cloud software adds the cluster. To view the cluster, go to Protect > Kubernetes.

    The Add Application Group page of the configuration wizard appears.

    Note

    If you receive an "Unable to create a cluster with the details provided" error, verify that you entered the API server endpoint, service account, and service account token values correctly.

Add Application Group

  1. In Application group name, enter a descriptive name for the application group.

  2. Browse for and then select the applications to back up.

  3. Click Next.

    The Summary page of the configuration wizard appears.

Summary

  1. Review the summary.

  2. Click Finish.

Loading...