Cluster-scoped resources are Kubernetes resources that are not namespaced. Cluster-scoped resources may be part of the Kubernetes cluster configuration or may be part of one or more applications. K10 can protect and restore cluster-scoped resources together with or separately from applications.
When K10 protects cluster-scoped resources, by default all instances of StorageClasses, CustomResourceDefinitions, ClusterRoles, and ClusterRoleBindings are captured in a cluster restore point. Resource filtering can be used to restrict which cluster-scoped resource instances are captured or restored.
Protecting Cluster-Scoped Resources
K10 protects cluster-scoped resources in the same way that it protects applications, with snapshot policies, backups, and manual snapshots.
This section demonstrates specifically how to use these to protect cluster-scoped resources. Refer to Protecting Applications for common policy details such as scheduling, retention, exceptions, and resource filtering.
Snapshot Policies for Cluster-Scoped Resources
To create a policy that protects only cluster-scoped resources,
Create New Policy on the Policies card, select
None for applications, and toggle
Snapshot Cluster-Scoped Resources.
All Cluster-Scoped Resources to snapshot all instances of
StorageClasses, CustomResourceDefinitions, ClusterRoles, and
Filter Cluster-Scoped Resources to
select resources to be captured using include and exclude filters.
When this policy runs, it will create a cluster restore point with artifacts that capture the state of the cluster-scoped resources.
Snapshot Policies for Application and Cluster-Scoped Resources
Some applications have cluster-scoped resources such as StorageClasses or CustomResourceDefinitions as well as namespaced components such as StatefulSets. To create a policy that protects the entire application, create a policy that protects both the application and its associated cluster-scoped resources.
When this policy runs, it will create both a restore point for the
my-app application and a cluster restore point with artifacts that
capture the application's cluster-scoped resources.
If the policy sets
Enable backups by exporting snapshots, any
restore points and the cluster restore point will be exported.
Manual Snapshots of Cluster-Scoped Resources
Cluster-scoped resources are accessible from the Options menu on the Applications page. A manual snapshot of cluster-scoped resources is initiated by clicking on Snapshot cluster-scoped resources:
This brings up the Snapshot Cluster Resources dialog with options that include whether to apply filters. By default all instances of StorageClasses, CustomResourceDefinitions, ClusterRoles, and ClusterRoleBindings are captured.
Restoring Cluster-Scoped Resources
Once cluster-scoped resources have been protected via a policy or a manual action, it is possible to restore them from a cluster restore point.
To restore cluster-scoped resources from a cluster, select the Restore cluster-scoped resources in the Options menu.
At this point, one has the option to pick a cluster restore point. As seen above, this view distinguishes manually generated restore points from automated policy-generated ones.
It also distinguishes between snapshots and backups. When both are present, a layered box is shown to indicate more than one kind of cluster restore point is present for the same data. Clicking on the layered cluster restore point will present an option to select between the local snapshot and exported backup.
While the UI uses the
Export term for backups, no
Import policy is needed to restore from a backup.
policies are only needed when you want to restore the application
into a different cluster.
Selecting a cluster restore point will bring up a side-panel
containing more details for you to preview, if needed, before
you initiate a restore.
You may select or deselect artifacts to be restored individually
or by type. Click
Restore to recover the selected cluster-scoped
Import Policies and Cluster-Scoped Resources
Import polices that import from a location containing a cluster restore point will import the cluster restore point as well as any restore points in the location. Cluster-scoped resources can be restored manually from an imported cluster restore point.
An import policy with the
Restore After Import option will import
both cluster restore points and restore points. The policy will only
automatically restore cluster-scoped resources if the
Restore cluster-scoped resources option is explicitly selected.