Cluster-Scoped Resources
Cluster-scoped resources are Kubernetes resources that are not namespaced. Cluster-scoped resources may be part of the Kubernetes cluster configuration or may be part of one or more applications. K10 can protect and restore cluster-scoped resources together with or separately from applications.
When K10 protects cluster-scoped resources, by default all instances of StorageClasses, CustomResourceDefinitions, ClusterRoles, and ClusterRoleBindings are captured in a cluster restore point. Resource filtering can be used to restrict which cluster-scoped resource instances are captured or restored.
Protecting Cluster-Scoped Resources
K10 protects cluster-scoped resources in the same way that it protects applications, with snapshot policies, backups, and manual snapshots.
This section demonstrates specifically how to use these to protect cluster-scoped resources. Refer to Protecting Applications for common policy details such as scheduling, retention, exceptions, and resource filtering.
Snapshot Policies for Cluster-Scoped Resources
To create a policy that protects only cluster-scoped resources,
click Create New Policy
on the Policies card, select
Snapshot
action, None
for applications, and toggle
Snapshot Cluster-Scoped Resources
.
Choose All Cluster-Scoped Resources
to snapshot all instances of
StorageClasses, CustomResourceDefinitions, ClusterRoles, and
ClusterRoleBindings. Choose Filter Cluster-Scoped Resources
to
select resources to be captured using include and exclude filters.
When this policy runs, it will create a cluster restore point with artifacts that capture the state of the cluster-scoped resources.
Snapshot Policies for Application and Cluster-Scoped Resources
Some applications have cluster-scoped resources such as StorageClasses or CustomResourceDefinitions as well as namespaced components such as StatefulSets. To create a policy that protects the entire application, create a policy that protects both the application and its associated cluster-scoped resources.
When this policy runs, it will create both a restore point for the
my-app
application and a cluster restore point with artifacts that
capture the application's cluster-scoped resources.
If the policy sets Enable backups by exporting snapshots
, any
restore points and the cluster restore point will be exported.
Manual Snapshots of Cluster-Scoped Resources
Cluster-scoped resources are accessible from the Applications card:
A manual snapshot of cluster-scoped resources is initiated by hovering
over the Cluster-Scoped Resources card and clicking
the snapshot
icon:
This brings up the Snapshot Cluster Resources dialog with options that include whether to apply filters. By default all instances of StorageClasses, CustomResourceDefinitions, ClusterRoles, and ClusterRoleBindings are captured.
Restoring Cluster-Scoped Resources
Once cluster-scoped resources have been protected via a policy or a manual action, it is possible to restore them from a cluster restore point.
Restoring cluster-scoped resources is accomplished via the Cluster-Scoped Resources card on the Applications card.
One needs to simply hover and click the restore
icon.
At this point, one has the option to pick a cluster restore point. As seen above, this view distinguishes manually generated restore points from automated policy-generated ones.
It also distinguishes between snapshots and backups. When both are present, a layered box is shown to indicate more than one kind of cluster restore point is present for the same data. Clicking on the layered cluster restore point will present an option to select between the local snapshot and exported backup.
Note
While the UI uses the Export
term for backups, no
Import
policy is needed to restore from a backup. Import
policies are only needed when you want to restore the application
into a different cluster.
Selecting a cluster restore point will bring up a side-panel
containing more details for you to preview, if needed, before
you initiate a restore.
You may select or deselect artifacts to be restored individually
or by type. Click Restore
to recover the selected cluster-scoped
resources.
Import Policies and Cluster-Scoped Resources
Import polices that import from a location containing a cluster restore point will import the cluster restore point as well as any restore points in the location. Cluster-scoped resources can be restored manually from an imported cluster restore point.
An import policy with the Restore After Import
option will import
both cluster restore points and restore points. The policy will only
automatically restore cluster-scoped resources if the
Restore cluster-scoped resources
option is explicitly selected.