Review the following prerequisites before adding an enabling a Kubernetes cluster as an asset source in
PowerProtect Data Manager.
OpenShift cluster protection
PowerProtect Data Manager uses the OpenShift API for Data Protection (OADP) operator to set up and install Velero on the OpenShift platform. Dell Technologies recommends checking for any existing instances of the OADP operator in the OpenShift cluster that
PowerProtect Data Manager has not deployed, and uninstalling these instances.
Pulling images from Docker Hub to a local registry
By default, the following images are pulled from Docker Hub at
https://hub.docker.com/ after a successful discovery of the Kubernetes cluster asset source,
PowerProtect Data Manager:
dellemc/powerprotect-k8s-controller
dellemc/powerprotect-cproxy, which is pulled during the first backup
dellemc/powerprotect-velero-dd
velero/velero
vsphereveleroplugin/velero-plugin-for-vsphere (for Kubernetes clusters on vSphere that use VMware CSI)
vsphereveleroplugin/backup-driver (if using a private registry, this image must be pulled manually to the registry).
NOTE You can obtain the tags for the containers that
PowerProtect Data Manager uses from the
/usr/local/brs/lib/cndm/config/k8s-image-versions.info file in the
PowerProtect Data Manager appliance.
If a Kubernetes cluster cannot access these sites due to firewall or other restrictions, you can pull these images to a local registry that the cluster can access. Ensure that you keep the image names and version tags the same in the local registry as they appear in Docker Hub. Also, if pulling the images to a private registry in environments that do not have an Internet connection, verify that
PowerProtect Data Manager supports the version of the external image tags. The
PowerProtect Data Manager Compatibility Matrix at
E-Lab Navigator provides more information.
After pulling the images to a local registry, you must configure
PowerProtect Data Manager to use the local registry when creating deployment resources.
To specify an internal registry for each Kubernetes cluster, see the section "Configuring internal registry per asset source" under
Back up and restore Kubernetes in the
PowerProtect Data Manager Public REST API documentation.
If all the Kubernetes clusters protected by
PowerProtect Data Manager use the same internal registry, perform the following steps before the Kubernetes cluster discovery:
Create an
application.properties file
/usr/local/brs/lib/cndm/config/application.properties on the
PowerProtect Data Manager appliance with the following contents:
k8s.docker.registry=fqdn:port. For example,
k8s.docker.registry=artifacts.example.com:8446
k8s.image.pullsecrets=secret resource name. Specify this entry only if you require an image pull secret.
NOTE If using
application.properties to specify an internal registry, and you perform a
PowerProtect Data Manager disaster recovery, repeat these steps after the recovery.
You can now add the Kubernetes cluster as an asset source in the
PowerProtect Data Manager UI. If you already added the Kubernetes cluster as an asset source, perform these steps and then initiate a manual discovery of the Kubernetes cluster asset source to update the cluster. The
configmap and
deployment resources in the
powerprotect namespace, and the deployment resource in the
velero-ppdm namespace, automatically update to use the new images upon successful discovery.
NOTE After you add and successfully discover the Kubernetes cluster asset source in
PowerProtect Data Manager, if only
k8s.image.pullsecrets is updated, a restart of the
powerprotect-controller pod on the cluster is required in order to pick up the new
pullsecrets.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\