Policy Presets
A PolicyPreset custom resource (CR) is used to save and reuse configuration of K10 Policies. Follow this page to learn more about using K10 Policy Presets.
A PolicyPreset specifies schedule, retention, location and infrastructure information, while Policy that uses a preset is supposed to specify application specific information. A detailed description of the schedule settings can be found in the Policy Scheduling section.
For complete documentation of the PolicyPreset CR, refer to PolicyPreset API Type.
Example PolicyPreset Operations
Create a PolicyPreset
The following example illustrates how to create a preset for policies which execute hourly, retain 24 hourly and 7 daily snapshots and export every daily snapshot with the same retention schedule as for snapshots (i.e. retain 7 daily exported snapshots).
$ cat > sample-policy-preset.yaml <<EOF
apiVersion: config.kio.kasten.io/v1alpha1
kind: PolicyPreset
metadata:
name: sample-policy-preset
namespace: kasten-io
spec:
comment: My sample policy preset
backup:
frequency: '@hourly'
retention:
hourly: 24
daily: 7
export:
frequency: '@daily'
exportData:
enabled: true
profile:
name: my-location-profile
namespace: kasten-io
EOF
$ kubectl apply -f sample-policy-preset.yaml
policypreset.config.kio.kasten.io/sample-policy-preset created
# make sure it initializes and validates properly
$ kubectl get policypresets.config.kio.kasten.io --namespace kasten-io -w
NAME STATUS AGE
sample-policy-preset Success 32s
Update a PolicyPreset
To update a PolicyPreset, edit the spec portion of a PolicyPreset CR using your preferred method of submitting resource changes with kubectl.
$ kubectl apply -f sample-policy-preset-changed.yaml
policypreset.config.kio.kasten.io/sample-policy-preset configured
Once the change is submitted, K10 will re-validate the PolicyPreset and update .status.validation accordingly.
$ kubectl get policypresets.config.kio.kasten.io --namespace kasten-io -w
NAME STATUS AGE
sample-policy-preset Failed 48s
sample-policy-preset Success 50s
Since K10 processes API object changes asynchronously, to avoid confusion with a previous PolicyPreset status, it is recommended as convention that the status portion of the PolicyPreset is omitted when submitting changes.
Warning
Delete a PolicyPreset
You can delete a PolicyPreset using the following command.
# delete policypreset "sample-policy-preset" for K10 installed in "kasten-io"
$ kubectl delete policypresets.config.kio.kasten.io sample-policy-preset --namespace kasten-io
policypreset.config.kio.kasten.io "sample-policy-preset" deleted
Warning
All the policies that use the deleted preset will be automatically marked as invalid.
PolicyPreset API Type
The following is a complete specification of the PolicyPreset CR.
# Standard Kubernetes API Version declaration. Required.
apiVersion: config.kio.kasten.io/v1alpha1
# Standard Kubernetes Kind declaration. Required.
kind: PolicyPreset
# Standard Kubernetes metadata. Required.
metadata:
# PolicyPreset name. May be any valid Kubernetes object name. Required.
# PolicyPreset name is not mutable once created.
name: sample-backup-preset
# PolicyPreset namespace. Required. Must be namespace where K10 is installed.
namespace: kasten-io
# PolicyPreset parameters. Required.
spec:
# User friendly comment describing the policy preset. Optional.
comment:
# Backup settings. Required.
backup:
# Execution frequency. Required.
# Allowable values: '@hourly', '@daily', '@weekly', '@monthly', '@yearly'
frequency:
# Execution frequency modifier. Optional.
# subFrequency specifies when to run and how many times to run within frequency.
subFrequency:
# minutes within hour (0-59). Optional.
# Multiple minutes valid only for '@hourly' frequency.
# Multiple minutes values must all be multiples of 5 minutes.
# First entry determines minute of daily and longer retention.
# minutes are not allowed when backupWindow is set.
minutes: [0,30]
# hours within day (0-23). Optional.
# Multiple hours valid only for '@daily' frequency.
# First entry determines hour of weekly and longer retention.
# hours are not allowed when backupWindow is set.
hours: [0]
# days within week (0-7 (Sun-Sun)). Optional.
# weekdays not valid for '@monthly' or '@yearly' frequencies.
# Multiple weekdays valid only for '@weekly' frequency. With '@weekly'
# frequency, first entry determines day of monthly and yearly retention.
weekdays: [0]
# days within month (1-31). Optional.
# days not valid for '@weekly' frequency.
# Multiple days valid only for '@monthly' frequency.
# First entry determines day of monthly and yearly retention.
days: [1]
# months within year (1-12). Optional.
# Multiple months valid only for '@yearly' frequency.
# First entry determines month of yearly retention.
# Valid for '@yearly' frequency.
months: [1]
# Backup window. Optional.
# backupWindow specifies the time period of the day when runs can occur within frequency and subFrequency.
backupWindow:
# Start of the window. Required.
start:
# Hour within a day (0-23).
hour: 22
# Minute within an hour (0-59). Must be a multiple of 5.
minute: 0
# End of the window. Required.
end:
# Hour within a day (0-23).
hour: 6
# Minute within an hour (0-59). Must be a multiple of 5.
minute: 30
# Staggering can be enabled only when backupWindow is set. Optional.
enableStaggering: false
# Number of retained artifacts for different frequencies. Required.
# The number of retained artifacts can only be specified for frequencies
# of the same or lower granularity than the policy frequency. For example,
# if the policy frequency is '@daily', then retention can have values for
# 'daily', 'weekly', 'monthly' and 'yearly', but not for 'hourly'.
# If the policy frequency is 'hourly', then all retention values are allowed.
retention:
hourly: 24
daily: 7
weekly: 4
monthly: 12
yearly: 5
# Optional: K10 Location Profile that is used for this backup.
# Profile used for Kanister-enabled operations and Generic Storage Backups.
profile:
name: my-profile
namespace: kasten-io
# Export settings. Optional.
export:
# How often should a backup be exported. This frequency has to be less
# or equal than the backup frequency. Optional.
# If not specified, the backup frequency is used.
frequency: '@hourly'
# Optional exported artifact retention. If not provided, exported
# artifacts are retained by the backup retention table.
# The number of retained artifacts can only be specified for frequencies
# of the same or lower granularity than the export frequency.
# If export frequency is set, but export retention is omitted,
# the backup retention must be specified also for the export frequency granularity.
retention:
hourly: 24
daily: 7
weekly: 4
monthly: 12
yearly: 5
# K10 Location Profile that is used for export. Required.
profile:
name: my-profile
namespace: kasten-io
# The blockModeProfile is a reference to a profile that supports block based backup.
# Optional. If set then a block mode backup of snapshot data will be performed
# instead of a filesystem backup.
# This should only be used when the infrastructure also supports block based backup.
blockModeProfile:
name: my-block-mode-profile
namespace: kasten-io
# Backup portability setting.
# Convert volume snapshots into an infrastructure-independent format. Required.
exportData:
# Default setting for all storage classes. Required.
enabled: true
# Storage class to use for any temporary PVCs created
# during the snapshot conversion process. If not specified, the
# storage class of the source volume is used. Optional.
exporterStorageClassName: gp2
# Overrides for the default exportData setting specified above.
# Use this if you want to modify the defaults for a PVC that
# has a specific storage class. Optional.
overrides:
# Override setting of a specific storage class.
- storageClassName: gp2
enabled: false
- storageClassName: gp2-eu-west-1a
enabled: true
exporterStorageClassName: io1
# Volume snapshot destination region and account. Optional, or
# with one of awsEbs or azure only. Non-portable export only.
volumeSnapshots:
awsEbs:
regions:
- us-east-1
# Destination Account name.
destinationAccount: sample-destination-account
azure:
regions:
- eastus
# Status of the PolicyPreset. Users should not set any data here.
status:
# Validation status of the PolicyPreset
# Valid values are:
# # Success - successfully initialized and validated
# # Failed - not properly initialized or validated
# Only policy presets which have status of Success will be used by the system
validation: Success
# An array of any validation or initialization errors encountered.
error: null
# Detected type of the PolicyPreset
# Valid values are:
# # unknown - 'spec' is empty
# # backup - only 'backup' portion of 'spec' is specified
# # backup-export - both 'backup' and 'export' portions of 'spec' are specified
type: backup-export