Installing K10 on VMware vSphere

Prerequisites

Before installing K10 on VMware vSphere, please ensure that the install prerequisites are met.

Persistent Volumes must be provisioned using the vSphere CSI provisioner or one of the other supported storage providers.

Installing K10

To backup volumes provisioned by the vSphere CSI driver, credentials must be provided. These credentials can be supplied either via Helm parameters or using a vSphere Infrastructure Profile.

Providing vSphere credentials using Helm

Setting up vSphere credentials requires configuring all of the following Helm flags during the execution of helm install or helm upgrade:

--set secrets.vsphereUsername=<vsphere username> \
--set secrets.vspherePassword=<vsphere password> \
--set secrets.vsphereEndpoint=<vsphere ip or hostname>

Also, it is possible to use an existing secret instead of setting credentials through Helm parameters:

--set secrets.vsphereClientSecretName=<secret name>

Note

Please ensure that the secret exists in the namespace where K10 is installed. The default namespace assumed throughout this documentation is kasten-io.

apiVersion: v1
kind: Secret
metadata:
  name: my-vsphere-creds
  namespace: kasten-io
data:
  vsphere_endpoint: MjMzODAyNWMEXAMPLEENDPOINT
  vsphere_username: UlVMOFF+dnpwM1EXAMPLEUSERNAME
  vsphere_password: YmEwN2JhEXAMPLEPASSWORD
type: Opaque

Providing credentials via vSphere Infrastructure Profile

$ helm install k10 kasten/k10 --namespace=kasten-io

Creation of a vSphere Infrastructure Profile is required to backup volumes provisioned by the vSphere CSI driver. Additional information related to the management of vSphere volumes is also found in the same section.

If a Veeam Repository will be used to export snapshot data of vSphere CSI volumes then configuring Change Tracking on the nodes would enable more efficient incremental backups. Refer to this or later Knowledge Base articles for details.

Validating the Install

To validate that K10 has been installed properly, the following command can be run in K10's namespace (the install default is kasten-io) to watch for the status of all K10 pods:

$ kubectl get pods --namespace kasten-io --watch

It may take a couple of minutes for all pods to come up but all pods should ultimately display the status of Running.

$ kubectl get pods --namespace kasten-io
NAMESPACE     NAME                                    READY   STATUS    RESTARTS   AGE
kasten-io     aggregatedapis-svc-b45d98bb5-w54pr      1/1     Running   0          1m26s
kasten-io     auth-svc-8549fc9c59-9c9fb               1/1     Running   0          1m26s
kasten-io     catalog-svc-f64666fdf-5t5tv             2/2     Running   0          1m26s
...

In the unlikely scenario that pods that are stuck in any other state, please follow the support documentation to debug further.

Validate Dashboard Access

By default, the K10 dashboard will not be exposed externally. To establish a connection to it, use the following kubectl command to forward a local port to the K10 ingress port:

$ kubectl --namespace kasten-io port-forward service/gateway 8080:80

The K10 dashboard will be available at http://127.0.0.1:8080/k10/#/.

For a complete list of options for accessing the Kasten K10 dashboard through a LoadBalancer, Ingress or OpenShift Route you can use the instructions here.