Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

PowerProtect Data Manager 19.10 Kubernetes User Guide

Prerequisites to Kubernetes cluster discovery

Review the following prerequisites before adding an enabling a Kubernetes cluster as an asset source in PowerProtect Data Manager.

OpenShift cluster protection

PowerProtect Data Manager uses the OpenShift API for Data Protection (OADP) operator to set up and install Velero on the OpenShift platform. Dell Technologies recommends checking for any existing instances of the OADP operator in the OpenShift cluster that PowerProtect Data Manager has not deployed, and uninstalling these instances.

Pulling images from Docker Hub to a local registry

By default, the following images are pulled from Docker Hub at https://hub.docker.com/ after a successful discovery of the Kubernetes cluster asset source, PowerProtect Data Manager:

  • dellemc/powerprotect-k8s-controller
  • dellemc/powerprotect-cproxy, which is pulled during the first backup
  • dellemc/powerprotect-velero-dd
  • velero/velero
  • vsphereveleroplugin/velero-plugin-for-vsphere (for Kubernetes clusters on vSphere that use VMware CSI)
  • vsphereveleroplugin/backup-driver (if using a private registry, this image must be pulled manually to the registry).
NOTE You can obtain the tags for the containers that PowerProtect Data Manager uses from the /usr/local/brs/lib/cndm/config/k8s-image-versions.info file in the PowerProtect Data Manager appliance.

If a Kubernetes cluster cannot access these sites due to firewall or other restrictions, you can pull these images to a local registry that the cluster can access. Ensure that you keep the image names and version tags the same in the local registry as they appear in Docker Hub. Also, if pulling the images to a private registry in environments that do not have an Internet connection, verify that PowerProtect Data Manager supports the version of the external image tags. The PowerProtect Data Manager Compatibility Matrix at E-Lab Navigator provides more information.

After pulling the images to a local registry, you must configure PowerProtect Data Manager to use the local registry when creating deployment resources.

To specify an internal registry for each Kubernetes cluster, see the section "Configuring internal registry per asset source" under Back up and restore Kubernetes in the PowerProtect Data Manager Public REST API documentation.

If all the Kubernetes clusters protected by PowerProtect Data Manager use the same internal registry, perform the following steps before the Kubernetes cluster discovery:

  1. Create an application.properties file /usr/local/brs/lib/cndm/config/application.properties on the PowerProtect Data Manager appliance with the following contents:
    • k8s.docker.registry=fqdn:port. For example, k8s.docker.registry=artifacts.example.com:8446
    • k8s.image.pullsecrets=secret resource name. Specify this entry only if you require an image pull secret.

      The section Pull images from Docker Hub as authenticated user if Docker pull limits reached provides information about specifying image pull secrets for the powerprotect-controller and Velero deployment.

  2. Run cndm restart to apply the properties.
NOTE If using application.properties to specify an internal registry, and you perform a PowerProtect Data Manager disaster recovery, repeat these steps after the recovery.

You can now add the Kubernetes cluster as an asset source in the PowerProtect Data Manager UI. If you already added the Kubernetes cluster as an asset source, perform these steps and then initiate a manual discovery of the Kubernetes cluster asset source to update the cluster. The configmap and deployment resources in the powerprotect namespace, and the deployment resource in the velero-ppdm namespace, automatically update to use the new images upon successful discovery.

NOTE After you add and successfully discover the Kubernetes cluster asset source in PowerProtect Data Manager, if only k8s.image.pullsecrets is updated, a restart of the powerprotect-controller pod on the cluster is required in order to pick up the new pullsecrets.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\