Policy Presets

A PolicyPreset custom resource (CR) is used to save and reuse configuration of K10 Policies. Follow this page to learn more about using K10 Policy Presets.

A PolicyPreset specifies schedule, retention, location and infrastructure information, while Policy that uses a preset is supposed to specify application specific information. A detailed description of the schedule settings can be found in the Policy Scheduling section.

For complete documentation of the PolicyPreset CR, refer to PolicyPreset API Type.

Example PolicyPreset Operations

Create a PolicyPreset

The following example illustrates how to create a preset for policies which execute hourly, retain 24 hourly and 7 daily snapshots and export every daily snapshot with the same retention schedule as for snapshots (i.e. retain 7 daily exported snapshots).

$ cat > sample-policy-preset.yaml <<EOF
apiVersion: config.kio.kasten.io/v1alpha1
kind: PolicyPreset
metadata:
  name: sample-policy-preset
  namespace: kasten-io
spec:
  comment: My sample policy preset
  backup:
    frequency: '@hourly'
    retention:
      hourly: 24
      daily: 7
  export:
    frequency: '@daily'
    exportData:
      enabled: true
    profile:
      name: my-location-profile
      namespace: kasten-io
EOF

$ kubectl apply -f sample-policy-preset.yaml
policypreset.config.kio.kasten.io/sample-policy-preset created

# make sure it initializes and validates properly
$ kubectl get policypresets.config.kio.kasten.io --namespace kasten-io -w
NAME                   STATUS   AGE
sample-policy-preset   Success  32s

Update a PolicyPreset

To update a PolicyPreset, edit the spec portion of a PolicyPreset CR using your preferred method of submitting resource changes with kubectl.

$ kubectl apply -f sample-policy-preset-changed.yaml
policypreset.config.kio.kasten.io/sample-policy-preset configured

Once the change is submitted, K10 will re-validate the PolicyPreset and update .status.validation accordingly.

$ kubectl get policypresets.config.kio.kasten.io --namespace kasten-io -w
NAME                    STATUS   AGE
sample-policy-preset    Failed   48s
sample-policy-preset    Success  50s

Since K10 processes API object changes asynchronously, to avoid confusion with a previous PolicyPreset status, it is recommended as convention that the status portion of the PolicyPreset is omitted when submitting changes.

Warning

Every preset's validation status change entails a revalidation of all the policies that use this preset.
If the preset becomes invalid, the dependent policies also become invalid, and thus their runs will be skipped.
Changing the preset's type (from being a backup only to backup+export and vice versa) also entails policies revalidation.

Delete a PolicyPreset

You can delete a PolicyPreset using the following command.

# delete policypreset "sample-policy-preset" for K10 installed in "kasten-io"
$ kubectl delete policypresets.config.kio.kasten.io sample-policy-preset --namespace kasten-io
policypreset.config.kio.kasten.io "sample-policy-preset" deleted

Warning

All the policies that use the deleted preset will be automatically marked as invalid.

PolicyPreset API Type

The following is a complete specification of the PolicyPreset CR.

# Standard Kubernetes API Version declaration. Required.
apiVersion: config.kio.kasten.io/v1alpha1
# Standard Kubernetes Kind declaration. Required.
kind: PolicyPreset
# Standard Kubernetes metadata. Required.
metadata:
  # PolicyPreset name. May be any valid Kubernetes object name. Required.
  # PolicyPreset name is not mutable once created.
  name: sample-backup-preset
  # PolicyPreset namespace. Required. Must be namespace where K10 is installed.
  namespace: kasten-io
# PolicyPreset parameters. Required.
spec:
  # User friendly comment describing the policy preset. Optional.
  comment:
  # Backup settings. Required.
  backup:
    # Execution frequency. Required.
    # Allowable values: '@hourly', '@daily', '@weekly', '@monthly', '@yearly'
    frequency:
    # Execution frequency modifier. Optional.
    # subFrequency specifies when to run and how many times to run within frequency.
    subFrequency:
      # minutes within hour (0-59). Optional.
      # Multiple minutes valid only for '@hourly' frequency.
      # Multiple minutes values must all be multiples of 5 minutes.
      # First entry determines minute of daily and longer retention.
      # minutes are not allowed when backupWindow is set.
      minutes: [0,30]
      # hours within day (0-23). Optional.
      # Multiple hours valid only for '@daily' frequency.
      # First entry determines hour of weekly and longer retention.
      # hours are not allowed when backupWindow is set.
      hours: [0]
      # days within week (0-7 (Sun-Sun)). Optional.
      # weekdays not valid for '@monthly' or '@yearly' frequencies.
      # Multiple weekdays valid only for '@weekly' frequency. With '@weekly'
      # frequency, first entry determines day of monthly and yearly retention.
      weekdays: [0]
      # days within month (1-31). Optional.
      # days not valid for '@weekly' frequency.
      # Multiple days valid only for '@monthly' frequency.
      # First entry determines day of monthly and yearly retention.
      days: [1]
      # months within year (1-12). Optional.
      # Multiple months valid only for '@yearly' frequency.
      # First entry determines month of yearly retention.
      # Valid for '@yearly' frequency.
      months: [1]
    # Backup window. Optional.
    # backupWindow specifies the time period of the day when runs can occur within frequency and subFrequency.
    backupWindow:
      # Start of the window. Required.
      start:
        # Hour within a day (0-23).
        hour: 22
        # Minute within an hour (0-59). Must be a multiple of 5.
        minute: 0
      # End of the window. Required.
      end:
        # Hour within a day (0-23).
        hour: 6
        # Minute within an hour (0-59). Must be a multiple of 5.
        minute: 30
    # Staggering can be enabled only when backupWindow is set. Optional.
    enableStaggering: false
    # Number of retained artifacts for different frequencies. Required.
    # The number of retained artifacts can only be specified for frequencies
    # of the same or lower granularity than the policy frequency. For example,
    # if the policy frequency is '@daily', then retention can have values for
    # 'daily', 'weekly', 'monthly' and 'yearly', but not for 'hourly'.
    # If the policy frequency is 'hourly', then all retention values are allowed.
    retention:
      hourly: 24
      daily: 7
      weekly: 4
      monthly: 12
      yearly: 5
    # Optional: K10 Location Profile that is used for this backup.
    # Profile used for Kanister-enabled operations and Generic Storage Backups.
    profile:
      name: my-profile
      namespace: kasten-io
  # Export settings. Optional.
  export:
    # How often should a backup be exported. This frequency has to be less
    # or equal than the backup frequency. Optional.
    # If not specified, the backup frequency is used.
    frequency: '@hourly'
    # Optional exported artifact retention. If not provided, exported
    # artifacts are retained by the backup retention table.
    # The number of retained artifacts can only be specified for frequencies
    # of the same or lower granularity than the export frequency.
    # If export frequency is set, but export retention is omitted,
    # the backup retention must be specified also for the export frequency granularity.
    retention:
      hourly: 24
      daily: 7
      weekly: 4
      monthly: 12
      yearly: 5
    # K10 Location Profile that is used for export. Required.
    profile:
      name: my-profile
      namespace: kasten-io
    # The blockModeProfile is a reference to a profile that supports block based backup.
    # Optional. If set then a block mode backup of snapshot data will be performed
    # instead of a filesystem backup.
    # This should only be used when the infrastructure also supports block based backup.
    blockModeProfile:
      name: my-block-mode-profile
      namespace: kasten-io
    # Backup portability setting.
    # Convert volume snapshots into an infrastructure-independent format. Required.
    exportData:
      # Default setting for all storage classes. Required.
      enabled: true
      # Storage class to use for any temporary PVCs created
      # during the snapshot conversion process. If not specified, the
      # storage class of the source volume is used. Optional.
      exporterStorageClassName: gp2
      # Overrides for the default exportData setting specified above.
      # Use this if you want to modify the defaults for a PVC that
      # has a specific storage class. Optional.
      overrides:
          # Override setting of a specific storage class.
        - storageClassName: gp2
          enabled: false
        - storageClassName: gp2-eu-west-1a
          enabled: true
          exporterStorageClassName: io1
    # Volume snapshot destination region and account. Optional, or
    # with one of awsEbs or azure only. Non-portable export only.
    volumeSnapshots:
      awsEbs:
        regions:
          - us-east-1
        # Destination Account name.
        destinationAccount: sample-destination-account
      azure:
        regions:
          - eastus
# Status of the PolicyPreset. Users should not set any data here.
status:
  # Validation status of the PolicyPreset
  # Valid values are:
  #   # Success - successfully initialized and validated
  #   # Failed - not properly initialized or validated
  # Only policy presets which have status of Success will be used by the system
  validation: Success
  # An array of any validation or initialization errors encountered.
  error: null
  # Detected type of the PolicyPreset
  # Valid values are:
  #  # unknown - 'spec' is empty
  #  # backup - only 'backup' portion of 'spec' is specified
  #  # backup-export - both 'backup' and 'export' portions of 'spec' are specified
  type: backup-export