0% found this document useful (0 votes)

26 views

PowerProtect Data Manager Kubernetes Integration - Participant Guide

Uploaded by

Yousef Jafari

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

26 views

PowerProtect Data Manager Kubernetes Integration - Participant Guide

Uploaded by

Yousef Jafari

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 72

POWERPROTECT DATA

MANAGER KUBERNETES
INTEGRATION

PARTICIPANT GUIDE

PARTICIPANT GUIDE
PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page i

Table of Contents

PowerProtect Data Manager Kubernetes Integration ............................. 4

PowerProtect Data Manager Kubernetes Integration Introduction ........................................ 5

Kubernetes Overview ............................................................................... 6

Kubernetes Overview ........................................................................................................... 7

PowerProtect Data Manager with Kubernetes Integration Overview .. 15

PowerProtect Data Manager with Kubernetes Integration Features ................................... 16

PowerProtect Data Manager with Kubernetes Integration Requirements ........................... 22

Configuring Kubernetes Backup with PowerProtect Data Manager ... 24

Add Protection Storage to PowerProtect Data Manager..................................................... 25

Add Protection Storage to PowerProtect Data Manager..................................................... 26
Discover Kubernetes Namespaces .................................................................................... 31
Discover Kubernetes Namespaces .................................................................................... 32

Kubernetes Backup with PowerProtect Data Manager ........................ 35

PowerProtect Data Manager with Kubernetes Backup Operations ..................................... 36

Crash Consistent Protection Policy .................................................................................... 39
Add Crash Consistent Protection Policy ............................................................................. 40
Add Crash Consistent Protection Policy ............................................................................. 42
Start Crash Consistent Protection Policy from PowerProtect Data Manager ...................... 48
Start Crash Consistent Protection Policy from PowerProtect Data Manager ...................... 49
Agent-Less and Application-Consistent Backup Operations............................................... 52
Agent-Less and Application-Consistent Backup Operations............................................... 54

Kubernetes Restore with PowerProtect Data Manager ........................ 58

Restore Kubernetes Namespace with PowerProtect Data Manager .................................. 59

PowerProtect Data Manager Kubernetes Integration-SSP

Page ii © Copyright 2021 Dell Inc.

Restore Kubernetes Namespace with PowerProtect Data Manager .................................. 62
PowerProtect Data Manager Certification Map .................................................................. 67

Course Completion ................................................................................. 69

You Have Completed This eLearning................................................................................. 70

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page iii

PowerProtect Data Manager Kubernetes Integration

PowerProtect Data Manager Kubernetes Integration-SSP

Page 4 © Copyright 2021 Dell Inc.

PowerProtect Data Manager Kubernetes Integration
Introduction

Upon completion of this course, you should be able to:

→ Summarize PowerProtect Data Manager with Kubernetes integration
features.
→ Describe PowerProtect Data Manager with Kubernetes integration and
configuration steps.
→ Describe Kubernetes backup and restore workflows with PowerProtect Data
Manager.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 5

Kubernetes Overview

PowerProtect Data Manager Kubernetes Integration-SSP

Page 6 © Copyright 2021 Dell Inc.

Kubernetes Overview

Originally developed by Google, Kubernetes is an open-source container

orchestration platform that is designed to automate the deployment, scaling, and
management of containerized applications. Kubernetes has established itself as
the de-facto standard for container orchestration and is the flagship project of the
Cloud Native Computing Foundation (CNCF), backed by key players like Google,
AWS, Microsoft, IBM, Intel, Cisco, and Red Hat.

As applications grow to span multiple containers deployed across multiple servers,

operating them becomes more complex. To manage this complexity, Kubernetes
provides an open-source API that controls how and where those containers run.

It also provides the ability to orchestrate a cluster of virtual machines and schedule
containers to run on those virtual machines based on their available compute
resources and the resource requirements of each container. Containers are
grouped into pods, the basic operational unit for Kubernetes, which can be scaled
to your wanted state.

Learning to speak Kubernetes:

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 7

Cluster

Cluster: Kubernetes is designed as a highly available cluster of systems that are

connected to work as a single unit.

A Kubernetes Cluster is made up of many virtual or physical machines that each

serve a specialized function either as a master or as a node. Each node hosts
groups of one or more containers (which contain your applications), and the master
communicates with nodes about when to create or destroy containers.
Simultaneously, the master tells nodes how to reroute traffic based on new
container alignments.

Node

Master

Node Processes

Kubernetes Cluster

Container

Container: Containers are application-centric methods to deliver high-performing,

scalable applications on any infrastructure of your choice. Containers are best
suited to deliver microservices by providing portable, isolated virtual environments
for applications to run without interference from other running applications.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 8 © Copyright 2021 Dell Inc.

A Container is a standard unit of software that packages up code and all its
dependencies so the application runs quickly and reliably from one computing
environment to another. A Docker container image is a lightweight, stand-alone,
executable package of software that includes everything that is needed to run an
application: code, runtime, system tools, system libraries, and settings.

CSI

CSI: The Container Storage Interface (CSI) is a specification that is designed to

enable persistent storage volume management on Container Orchestrators (COs)
such as Kubernetes. The specification allows storage systems to integrate with
containerized workloads running on Kubernetes. With the adoption of the CSI, the
Kubernetes volume layer becomes truly extensible. Using CSI, third-party storage
providers can write and deploy plugins exposing new storage systems in
Kubernetes without ever having to touch the core Kubernetes code.

Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users

may use the CSI volume type to attach, mount, etc. the volumes exposed by the
CSI driver. The CSI volume type does not support direct reference from Pod and
may only be referenced in a Pod by a PersistentVolumeClaim object.

Typically, the storage vendors (such as Dell EMC) provide the CSI Driver. The CSI
drivers implement an interface between the Container Orchestrator and Dell EMC
arrays. It is a plug-in that is installed into a Kubernetes environment to provide
persistent storage using the Dell EMC storage system.

kubelet and kubectl

kubelet: kubelet is the primary “node agent” that runs on each node in the
Kubernetes cluster. kubelet ensure that Containers are running in a Kubernetes
Pod. Within a Kubernetes cluster, the kubelet functions as a local agent that
watches for pod specs by the Kubernetes API server. The kubelet is also
responsible for registering a node with a Kubernetes cluster, sending events and
pod status, and reporting resource utilization.

kubectl: kubectl is a command line interface for running commands against

Kubernetes clusters. You can use kubectl to deploy applications, inspect and
manage cluster resources, and view logs. You must use a kubectl version that is

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 9

within one minor version difference of your Kubernetes cluster. For example, a v1.2
client should work with v1.1, v1.2, and v1.3 master. Using the latest version of
kubectl helps avoid unforeseen issues.

Master

Master: Master components provide the cluster’s control plane. Master

components make global decisions about the cluster (for example, scheduling),
and they detect and respond to cluster events (for example, starting up a new pod
when a deployment’s replicas field is unsatisfied).

The Kubernetes Master is the access point (or the control plane) from which
administrators and other users interact with the cluster to manage the scheduling
and deployment of containers. A cluster will always have at least one Master, but
may have more depending on the cluster’s replication pattern.

Node

Master

Node Processes

Kubernetes Cluster

PowerProtect Data Manager Kubernetes Integration-SSP

Page 10 © Copyright 2021 Dell Inc.

Namespace

Namespace: A Kubernetes namespace is a way to divide cluster resources

between multiple users in the Kubernetes environment. Namespaces are used in a
Kubernetes environment with many users who are spread across multiple teams or
different projects. For Kubernetes clusters with a few to tens of users, you should
not need to create namespaces at all.

Namespaces provide a scope for names. Names of resources must be unique

within a namespace, but not across namespaces. Namespaces cannot be nested
inside one another and, each Kubernetes resource can only be in one namespace.
Namespaces assign resource quotas and logically isolate cluster resources.

Node

Node: A node is a worker machine in Kubernetes. A node may be a VM or physical

machine, depending on the cluster. Each node contains the services necessary to
run pods and is managed by the master components. The services on a node
include the container runtime, kubelet, and kube-proxy.

All nodes in a Kubernetes cluster must be configured with a container runtime,

which is typically Docker. The container runtime starts and manages the containers
as they are deployed to nodes in the cluster by Kubernetes. Your applications (web
servers, databases, API servers, etc.) run inside the containers.

Each Kubernetes node runs an agent process that is called a kubelet that is
responsible for managing the state of the node: starting, stopping, and maintaining
application containers based on instructions from the control plane. The kubelet
collects performance and health information from the node, pods, and containers it
runs and shares that information with the control plane to help it make scheduling
decisions.

A pod can define one or more volumes, such as a local disk or network disk, and
expose them to the containers in the pod, which allows different containers to share
storage space. For example, volumes can be used when one container downloads
content and another container uploads that content somewhere else.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 11

Node

Master

Node Processes

Kubernetes Cluster

Pod

Pod: A Pod is a collection of Containers, and a Pod is the basic execution unit of a
Kubernetes application. It is the smallest and simplest unit in the Kubernetes object
model that you create or deploy. A Pod represents processes running on your
Cluster.

A Pod encapsulates an application’s container (or, sometimes, multiple containers),

storage resources, a unique network IP, and options that govern how the
containers should run. A Pod represents a unit of deployment: a single instance of
an application in Kubernetes, which might consist of either a single container or a
few containers that are tightly coupled and that share resources.

Docker is the most common container runtime that is used in a Kubernetes Pod,
but Pods support other container runtimes as well.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 12 © Copyright 2021 Dell Inc.

Pods in a Kubernetes cluster can be used in two main ways:

• Pods that run a single container. The “one-container-per-Pod” model is the

most common Kubernetes use case; in this case, you can think of a Pod as a
wrapper around a single container, and Kubernetes manages the Pods rather
than the containers directly.

• Pods that run multiple containers that must work together. A Pod might
encapsulate an application that is composed of multiple co-located containers
that are tightly coupled and must share resources. These co-located containers
might form a single cohesive unit of service–one container serving files from a
shared volume to the public, while a separate “sidecar” container refreshes or
updates those files. The Pod wraps these containers and storage resources
together as a single manageable entity.

IP Address

Volume
Container

Pod 1 Pod 2 Pod 3 Pod 4

PV and PVC

PV: PersistentVolume (PV) is a piece of storage in the cluster that has been
provisioned by an administrator or dynamically provisioned using Storage Classes.
It is a resource in the cluster just like a node is a cluster resource. PVs are volume
plugins like Volumes but have a life cycle independent of any individual Pod that
uses the PV. This object captures the details of the implementation of the storage,
such as NFS, iSCSI, or a cloud provider-specific storage system.

PVC: PersistentVolumeClaim (PVC) is a request for storage by a user. It is similar

to a Pod. Pods consume node resources, and PVCs consume PV resources. Pods
can request specific levels of resources (CPU and Memory). Claims can request

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 13

specific size and access modes (for example they can be mounted once read and
write or many times read-only).

Service

Service: An abstract way to expose an application running on a set of Pods as a

network service. Kubernetes gives Pods their own IP addresses and a single DNS
name for a set of Pods, and can load-balance across them.

In Kubernetes, a Service is an abstraction which defines a logical set of Pods and a

policy by which to access them (sometimes this pattern is called a micro-service).
The set of Pods that are targeted by a Service is determined by a selector, which
allows users to filter a list of resources based on labels.

Service B

Service

Deployment

Service A

PowerProtect Data Manager Kubernetes Integration-SSP

Page 14 © Copyright 2021 Dell Inc.

PowerProtect Data Manager with Kubernetes
Integration Overview

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 15

PowerProtect Data Manager with Kubernetes Integration
Features

PowerProtect Data Manager supports the following Kubernetes protection features.

In the panel below, click the arrow key to advance through the series of slides for
more information.

VMware Velero Integrated

VMware Velero is an open-source tool to safely back up, recover, and migrate
Kubernetes clusters and persistent volumes. It works both on-premises and in a
public cloud. Velero consists of a server process running as a deployment in your
Kubernetes cluster and a command-line interface (CLI) with which DevOps teams
and platform operators configure scheduled backups, trigger manual backups, and
perform restores.

Velero uses the Kubernetes API to capture the state of cluster resources and to
restore them when necessary. Velero backups capture subsets of the cluster’s
resources, filtering by namespace, resource type, and label selector, which
provides a high degree of flexibility around what is backed up and restored. Also,
Velero enables you to back up and restore your applications’ persistent data
alongside their configurations, using either your storage platform’s native snapshot
capability or an integrated file-level backup tool.

PowerProtect Data Manager 19.8 incorporates Velero technology to enable data

protection for Kubernetes environments. PowerProtect Data Manager 19.8 UI is
used to provision protection storage and simplify many of the complex configuration
steps.

No PowerProtect backup agent must be installed on the Kubernetes pod -- all

necessary software components have been built into the PowerProtect Data
Manager.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 16 © Copyright 2021 Dell Inc.

Crash Consistent Protection

When PowerProtect Data Manager admins create a protection policy for

Kubernetes namespaces, the Crash Consistent policy enables PowerProtect Data
Manager to centrally manage the entire life cycle of data protection operations for
the Kubernetes namespaces.

The following data protection attributes are specified when the Centralized
protection policy is created: Application Type, Purpose, Assets, Backup Start and
End Time, Schedule, and SLA.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 17

Kubernetes Namespaces Discovered Automatically

After the Kubernetes cluster is added as Asset Sources. All Kubernetes

namespaces can be discovered by the PowerProtect Data Manager automatically.

Kubernetes Namespaces are Manually and Automatically Backed Up

PowerProtect Data Manager Kubernetes Integration-SSP

Page 18 © Copyright 2021 Dell Inc.

With PowerProtect Data Manager, the Kubernetes cluster protection task has been
transferred from a backup administrator to the Kubernetes administrator.
Kubernetes namespaces can be backed up through:

• Automatic backup by the PowerProtect Crash Consistent protection policy.

• Perform on-demand (ad hoc) backup from PowerProtect Data Manager UI.

Entire Life-Cycle Protection for Kubernetes Namespaces

PowerProtect Data Manager creates Kubernetes namespace backups and

manages remote replication copies based on the Protection Policy (PLC).
PowerProtect Data Manager performs the Kubernetes namespaces backup and
replication operations based on the protection policy and governed by the SLA.

Kubernetes backups can be moved from a PowerProtect DD system to the Cloud

through the PowerProtect Data Manager Cloud Tier.

Application Consistent Backup of Database Applications

The PowerProtect Data Manager supports agentless, application-consistent

backups of database applications that reside in Kubernetes pods.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 19

The Application Consistent backups are agentless, in that the PowerProtect Data
Manager can take a snapshot of containers without the need for agent software
installation in the database application environment. That snapshot is then backed
up to the PowerProtect DD system using the normal procedures for the Kubernetes
environment. PowerProtect Data Manager has pre-hook and post-hook actions to
quiesce the database before the backup and unquiesce the database after the
backup of all PVCs and namespace contents.

PowerProtect Data Manager supports the following databases with Application

Consistent backup:

• MySQL, in the following configurations:

− Standalone deployment in one pod.
− Cluster (primary/secondary) deployment with multiple StatefulSets or
ReplicaSets.
• PostgreSQL, in the following configurations:
− Standalone deployment in one pod.
− Cluster (primary/secondary) deployment with multiple StatefulSets.
• MongoDB, without shards.
• Cassandra, without shards.

Enhanced Kubernetes Protection within VMware

PowerProtect Data Manager supports backup and restore of Kubernetes

Containers reside on the VMware Cloud Native Storage (CNS).

PowerProtect Data Manager supports backup and restore of Kubernetes

containerized VMware First Class Disks (FCD).

PowerProtect Data Manager uses FCD Container Storage Interface (CSI) to do

backups for FCD disks. CSI does not support incremental backups, however,

PowerProtect Data Manager Kubernetes Integration-SSP

Page 20 © Copyright 2021 Dell Inc.

PowerProtect Data Manager supports Full and Incremental backups through
Changed Block Tracking (CBT).

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 21

PowerProtect Data Manager with Kubernetes Integration
Requirements

The following Kubernetes versions are supported by the PowerProtect Data

Manager 19.8:

Kubernetes Storage CSI Driver

Version

1.17 to 1.20 Any on-premises storage, AWS EBS, Driver supports CSI 1.0.0
Azure Disk, GCE Persistent Disk and higher with support for
which has CSI driver with snapshot CSI beta snapshots till 1.19
support. release and CSI GA
snapshots for 1.20.

1.17 to 1.20 vSPhere CNS storage for native vSphere CSI driver 2.0.1 and
Kubernetes clusters on vSphere 6.7 higher using FCD snapshots.
U3 and higher.

1.17 to 1.20 vSPhere CNS storage for Tanzu vSphere CSI driver 2.0.1 and
Kubernetes guest clusters on higher using FCD snapshots.
vSphere 7.0.U1 P02 and higher.

PowerProtect Data Manager 19.8 supports the following PowerProtect DD

appliances:

• PowerProtect DD Operating System (DDOS): 6.2.0 and later.

• PowerProtect DD Management Center (DDMC): 6.2.0 and later.
• PowerProtect DD Virtual Edition (DDVE): 4.0 and later.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 22 © Copyright 2021 Dell Inc.

Check CSI Driver documentation of storage vendor for supported
Operating Systems and Kubernetes versions.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 23

Configuring Kubernetes Backup with PowerProtect
Data Manager

PowerProtect Data Manager Kubernetes Integration-SSP

Page 24 © Copyright 2021 Dell Inc.

Add Protection Storage to PowerProtect Data Manager

The PowerProtect DD appliances can be discovered and added as Protection

Storage to the PowerProtect Data Manager.

The PowerProtect Data Manager 19.8 supports the following PowerProtect DD

appliances:

• PowerProtect DD Operating System (DDOS): 6.2.0 and later.

• PowerProtect DD Management Center (DDMC): 6.2.0 and later.
• PowerProtect DD Virtual Edition (DDVE): 4.0 and later.

The next page highlights the procedures to add Protection Storage to the
PowerProtect Data Manager. Scroll down each step to expand and view more
detailed information.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 25

Add Protection Storage to PowerProtect Data Manager

Step One

Log in to the PowerProtect Data Manager.

From the left navigation pane, select Infrastructure > Storage > Protection
Storage tab.

Click Add.

Step Two

Select the Data Domain System as Storage Type.

Specify the Name and the FQDN for the PowerProtect DD appliance.

Select Add Credentials to add the PowerProtect DD appliance credentials.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 26 © Copyright 2021 Dell Inc.

In the Add Credentials dialog box, add the PowerProtect DD appliance credentials
information.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 27

Step Three

Click Verify to verify the login credentials.

Click Accept to verify the Certificate.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 28 © Copyright 2021 Dell Inc.

Click Save to complete the configuration step.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 29

Step Four

The PowerProtect DD appliance is discovered and added to PowerProtect Data

Manager in a few minutes.

The PowerProtect DD appliance is listed under Infrastructure > Storage >

Protection Storage tab.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 30 © Copyright 2021 Dell Inc.

Discover Kubernetes Namespaces

PowerProtect Data Manager UI is used to discover the Kubernetes namespaces.

From the PowerProtect Data Manager left navigation pane, select Infrastructure >
Asset Sources. Select the Kubernetes asset type and click Enable Source.

After the Kubernetes asset type is enabled, select Infrastructure > Asset Sources
> Kubernetes tab. Click Add to add the Kubernetes cluster. Kubernetes cluster
master node's FQDN (or IP address) and credentials information is required to add
the Kubernetes cluster to PowerProtect Data Manager. In the case of a HA cluster,
the external IP of the load balancer must be used for the Asset Source.

A discovery of Kubernetes namespace assets starts automatically. If the discovery

does not start automatically, you can select the Kubernetes cluster and click
Discover.

The next page highlights the procedures to discover Kubernetes namespaces.

Scroll down each step to expand and view more detailed information.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 31

Discover Kubernetes Namespaces

Step One

Locate the Kubernetes option box, click Enable Source.

Step Two

From the left navigation pane, select Infrastructure > Asset Sources >
Kubernetes tab.

Click Add to add Kubernetes cluster.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 32 © Copyright 2021 Dell Inc.

Step Three

The automatic discovery process is initiated. Once it completes, the Discovery

Status displays OK.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 33

Step Four

Select Infrastructure > Assets > Kubernetes tab, all Kubernetes namespaces are
listed.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 34 © Copyright 2021 Dell Inc.

Kubernetes Backup with PowerProtect Data Manager

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 35

PowerProtect Data Manager with Kubernetes Backup
Operations

The following Kubernetes object can be discovered and added as Assets by the
PowerProtect Data Manager UI:

• Namespace.

PowerProtect Data Manager backs up Kubernetes at the namespace level, which

means it backs up Kubernetes resources in a namespace and the related PVCs.
Adding a Kubernetes cluster as an Asset Source in PowerProtect Data Manager
enables you to protect the namespace and its related PVCs within the namespace.

Only Kubernetes namespaces can be added as Assets into Kubernetes protection

policy, PVCs can NOT be added as Assets. However, PVCs can be excluded from
the backup during the protection policy creation.

PowerProtect Data Manager discovers Kubernetes namespaces that contain

volumes from both Container Storage Interface (CSI) and non-CSI-based storage.
However, PowerProtect Data Manager backup and recovery are supported only
from CSI-based storage. If you select a namespace from non-CSI-based storage,
the backup fails.

Kubernetes Protection Policy

PowerProtect Data Manager supports the following protection policies for

Kubernetes namespace:

PowerProtect Data Manager Kubernetes Integration-SSP

Page 36 © Copyright 2021 Dell Inc.

Backup Description
Purpose

Crash Select this option to snapshot the persistent volume bound to the
Consistent persistent volume claims in the Kubernetes namespace and back
them up to the PowerProtect DD system.

Exclusion Select this option to exclude the Kubernetes assets (for example,
PVC) in this group from the protection policy.

Kubernetes Backup Levels

PowerProtect Data Manager supports the following backup level for Kubernetes
namespaces:

Backup Description
Levels

Full Backs up the Kubernetes namespace metadata and persistent

volumes, and creates a new full backup.

Synthetic Backs up the Kubernetes namespace metadata, backs up the

Full changed blocks for persistent volumes on VMware first class disks,
backs up all other persistent volumes in full, and creates a new full
backup.

Kubernetes Backup Tools

Self-Service backup from Kubernetes cluster is not supported.

Kubernetes namespaces can be backed up with the following tools:

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 37

Manual Backup Scheduled Backup

PowerProtect Data Manager UI. PowerProtect Data Manager UI.

• Infrastructure > Assets > • Protection > Protection
Kubernetes > Back Up Now Policies
• Protection > Protection Policies >
Back Up Now

PowerProtect Data Manager Kubernetes Integration-SSP

Page 38 © Copyright 2021 Dell Inc.

Crash Consistent Protection Policy

The Crash Consistent protection policy enables PowerProtect Data Manager to

create a point-in-time copy of the Kubernetes namespaces and manage the entire
life cycle of the Kubernetes namespaces protection operations.

Crash consistent protection policy creates a snapshot of the Kubernetes

namespaces, it then copies the snapshot to the Protection Storage to create a
crash-consistent backup of the Kubernetes namespaces.

Use crash consistent protection policy to protect the Kubernetes namespaces and
their related PVCs.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 39

Add Crash Consistent Protection Policy

When the crash consistent protection policy is added, the following data protection
attributes can be specified:

• Assets.1
• Backup schedule2

1Specify the PowerProtect Assets that need to be protected. This could be Oracle
database, SAP HANA database, Kubernetes namespaces, Microsoft SQL
database, Microsoft Exchange database, VMware virtual machine, and
Linux/Windows file system.

2Specify the following: Frequency of the backup operation recurrence, the backup
operation starts and stops time, and the retention period for the backup data.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 40 © Copyright 2021 Dell Inc.

• SLA.3
• Backup storage.4

The next page highlights the procedures to add a crash consistent protection
policy. Scroll down each step to expand and view more detailed information.

3 Select the wanted SLA to associate with the Crash Consistent protection policy.

4 Select the wanted PowerProtect DD system.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 41

Add Crash Consistent Protection Policy

Step One

Log in to the PowerProtect Data Manager.

From the left navigation pane, select Protection > Protection Policies.

Click Add.

Step Two

Specify the name for the protection policy and select Kubernetes as policy type.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 42 © Copyright 2021 Dell Inc.

Step Three

Select Crash Consistent as the purpose of the protection policy.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 43

Step Four

Select the Kubernetes namespace (Assets) to protect.

Step Five

Click Add to add the primary backup.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 44 © Copyright 2021 Dell Inc.

Step Six

To create a new PowerProtect DD Storage Unit, select New on the Storage Unit
drop-down menu.

Specify the schedule attributes on the Schedules pane.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 45

Step Seven

Review the Crash Consistent protection policy, click Finish to create the protection
policy.

Step Eight

From the left navigation pane, click Jobs > Protection Jobs to verify that the crash
consistent protection policy completes successfully.

PowerProtect Data Manager Kubernetes Integration-SSP

Page 46 © Copyright 2021 Dell Inc.

PowerProtect Data Manager Kubernetes Integration-SSP

© Copyright 2021 Dell Inc. Page 47

Start Crash Consistent Protection Policy from PowerProtect
Data Manager

Once a crash consistent protection policy is added, you can perform a manual
backup by using the Protect Now option from the Protection > Protection
Policies page.

The Protect Now option on the Protection Policies page allows you to manually
start a backup operation to protect multiple Kubernetes namespaces that are in the
designated protection policy.

To start the Protect Now option on the Protection Policies page, the protection
policy must be enabled, and the protection policy purpose must be one of the
following -- Crash Consistent, Centralized Protection, and Application Aware.

The protection policy purpose must not be Exclusion or Self-Service

Protection.

The next page highlights the procedures to start the crash consistent protection
policy from PowerProtect Data Manager. Scroll down each step to expand and
view more detailed information.

PowerProtect Data Manager Kubernetes Integration-SSP

Start Crash Consistent Protection Policy from PowerProtect
Data Manager

Step One

From the left navigation pane, select Protection > Protection Policies.

Select the crash consistent protection policy that you created

(CrashConsistentProtection_K8S), click Protect Now.

Step Two

On the Assets Selection page, select the All assets defined in the Protection
Policy option.

PowerProtect Data Manager Kubernetes Integration-SSP

Step Three

On the Configuration page, keep the CrashConsistentProtection_K8S

protection policy settings:

• Full
• Keep For: 3 Days

Step Four

On the Summary page, review the configuration settings.

PowerProtect Data Manager Kubernetes Integration-SSP

Click Protect Now to start the backup.

Step Five

The crash consistent protection policy completes successfully in a few minutes.

PowerProtect Data Manager Kubernetes Integration-SSP

Agent-Less and Application-Consistent Backup Operations

PowerProtect Data Manager also supports Agent-less, Application-consistent

backups of the following database applications that reside in the Kubernetes pods.

• MySQL, in the following configurations:

− Standalone deployment in one pod.
− Cluster deployment with multiple StatefulSets or ReplicaSets.
• PostgreSQL, in the following configurations:
− Standalone deployment in one pod.
− Cluster deployment with multiple StatefulSets or ReplicaSets.
• MongoDB
− Without shards.
• Cassandra

− Without shards.
When PowerProtect Data Manager performs the application consistent backup, it
places the database in a quiescent state and then takes a snapshot of the
database. After the snapshot is taken, the database resumes normal operations
and PowerProtect Data Manager backs up the snapshot to the PowerProtect DD
system. Usually, the snapshot operation is instantaneous and the downtime is
minimal.

These backups are agentless, in that the PowerProtect Data Manager can take a
snapshot of containers without the need for software installation in the database
application. The snapshot is then backed up to the PowerProtect DD system using
the standard procedures for the Kubernetes environment.

PowerProtect Data Manager UI is used to configure the application consistent

backup of the supported database applications resided in the Kubernetes pods.
You must complete the following two tasks in order to perform the application
consistent backup of the supported database in the Kubernetes pods:

PowerProtect Data Manager Kubernetes Integration-SSP

1. Deploy a designated application template.
2. Create a Crash Consistent protection policy.

PowerProtect Data Manager Kubernetes Integration-SSP

Agent-Less and Application-Consistent Backup Operations

PowerProtect Data Manager provides a standardized way to quiesce a supported

database, back up the data from that database, and then return the database back
to operation. The Application Templates serve as a bridge between a specific
database environment and the Kubernetes backup architecture for the
PowerProtect Data Manager. The Application Templates translate the specific
configuration details and required interface steps for each database application
deployment to the standard PowerProtect Data Manager backup functionality for
Kubernetes.

To create the application templates for the supported databases, a separate

package that is called ppdmctl.tar.gz is required. The ppdmctl.tar.gz file contains
the ppdmctl control command and the configuration files (.yaml and .json) for the
application templates. The ppdmctl.tar.gz is on the PowerProtect Data Manager
virtual appliance host at /usr/local/brs/lib/cndm/misc directory.

The ppdmctl.tar.gz file must be extracted to your local system first and then copy
the related configuration files and the ppdmctl control command to the
Kubernetes host. The ppdmctl control command is used to deploy (create) and
administer the application template.

Prepare Configuration File

The .yaml and .json files under the ppdmctl/examples folder are not application
template. The .yaml and .json files contain the necessary information about how to
create the application template.

The default yaml file is used to create the application template for a single-instance
database. The customized yaml file (with the --inputfile parameter) is used in
an environment where the database running in a cluster.

The following two parameters should be modified based on your Kubernetes

environment:

PowerProtect Data Manager Kubernetes Integration-SSP

• namespace
• appLabel

Create Application Template

The ppdmctl command is used to create the application template. You can create
the application template from a customized yaml file (with the --inputfile
parameter) or from the default yaml file.

Run the following command to create a default application template for a specific
Kubernetes namespace:

• ppdmctl template create template-type --type=db-type --

namespace=user-namespace

Run the following command to create a customized application template for a

specific Kubernetes namespace:

• ppdmctl template create template-type --type=db-type --

namespace=user-namespace --inputfile=file.yaml

The parameters that you must specify:

PowerProtect Data Manager Kubernetes Integration-SSP

template-type is one of the following values: mysqltemplate, mongodbtemplate,
postgrestemplate, or cassandratemplate.

db-type is one of the following values: mysql, mongodb, postgresql, or cassandra.

user-namespace is a specific Kubernetes namespace.

file.yaml is the name of a customized yaml configuration file, where applicable.

Create Application Consistent Backup

After you create the application template, no special steps are required to perform
the application-consistent database backup.

PowerProtect Data Manager detects the presence of the deployed application

template and follows the application template instructions when backing up the
Kubernetes namespace to which the database application belongs.

From PowerProtect Data Manager UI, select Protection > Protection Policies >
Add option create Crash Consistent protection policy to back up the Kubernetes
namespace where the database application resides.

PowerProtect Data Manager Kubernetes Integration-SSP

Kubernetes Restore with PowerProtect Data Manager

PowerProtect Data Manager Kubernetes Integration-SSP

Restore Kubernetes Namespace with PowerProtect Data
Manager

The following Kubernetes objects can be restored by the PowerProtect Data

Manager:

• Namespace
• PersistentVolumeClaim (PVC)

PowerProtect Data Manager UI is used for Kubernetes namespace and PVC

restore operations. From the PowerProtect Data Manager UI, click the Recovery >
Assets > Kubernetes tab. Select the Kubernetes namespace and click Restore to
start the restore operation.

Kubernetes Restore Destination

PowerProtect Data Manager supports the following restore destinations:

• Restore to Original Namespace: This option restores the selected Kubernetes

object to the original namespace in the Kubernetes cluster. This option
overwrites your PVC.
• Restore to a New Namespace: This option restores the selected Kubernetes
object to a new namespace in the Kubernetes cluster. This option creates a
new Kubernetes namespace.
• Restore to an Existing Namespace: This option restores the selected
Kubernetes object to an existing namespace in the original Kubernetes cluster
or a different Kubernetes cluster.

PowerProtect Data Manager Kubernetes Integration-SSP

Kubernetes Restore Object

During the restore operation, you must select one of the following options on the
Purpose page from the PowerProtect Data Manager UI:

• Restore namespace and Select PVCs: This option restores namespace

resources and selected persistent volume claims (PVCs).
• Restore Only PVCs: This option restores PVCs without Kubernetes
namespace or Kubernetes cluster resources.

PowerProtect Data Manager Kubernetes Integration-SSP

Restore Kubernetes Namespace with PowerProtect Data
Manager

Step One

Log in to the PowerProtect Data Manager.

From the left navigation pane, select Recovery > Assets > Kubernetes tab.

Select the Kubernetes namespace to restore.

Click View Copies.

PowerProtect Data Manager Kubernetes Integration-SSP

Step Two

On the left pane, click DD. On the right pane, select the backup copy that you want
to restore.

Click Restore.

Step Three

On the Cluster page, select the destination Kubernetes cluster where you want to
restore to.

In this example, we restore back to the original Kubernetes cluster.

PowerProtect Data Manager Kubernetes Integration-SSP

Step Four

On the Purpose page, select what Kubernetes objects you want to restore.

In this example, we restore Kubernetes namespace and a subset of PVCs in the

namespace.

Step Five

On the Restore Type page, select the destination Kubernetes namespace where
you want to restore to.

PowerProtect Data Manager Kubernetes Integration-SSP

If you restore to a new namespace, specify the Kubernetes namespace's name
accordingly.

Step Six

On the PVCs page, select the wanted PVCs to restore.

Step Seven

On the Summary page, review the configuration settings.

PowerProtect Data Manager Kubernetes Integration-SSP

Click Restore to start the restore operation.

Step Eight

On the Jobs > Protection Jobs page, wait for the restore operation to complete
successfully.

PowerProtect Data Manager Kubernetes Integration-SSP

PowerProtect Data Manager Certification Map

The proven exam DES-3521 is required to earn the Specialist – Implementation

Engineer, PowerProtect Data Manager certification. The mentioned curriculum
includes on-demand courses and on-demand labs that enable you to acquires
various skills, such as deploy, configure, troubleshoot, integrate, and upgrade a
PowerProtect Data Manager solution.

You must complete 18 hours of on-demand courses and 4 hours of on-demand

labs before you attempt the DES-3521 proven exam. Also, when you register for
on-demand labs you get 24 hours access to complete each lab.

Product version in DES-3521 proven exam for PowerProtect Data Manager is 19.8.

PowerProtect Data Manager Kubernetes Integration-SSP

Error! No text of specified style in document.

Implementation Engineer, PowerProtect Data Manager

A. PowerProtect Concepts (C, VC, ODC)

B. PowerProtect Data Manager Concepts (C, VC, ODC)
C. PowerProtect Data Manager Features (C, VC, ODC)
D. PowerProtect Data Manager Implementation (C, VC, ODC)
E. PowerProtect Data Manager MS SQL Integration (C, VC, ODC)
F. PowerProtect Data Manager MS Exchange Integration (C, VC, ODC)
G. PowerProtect Data Manager VM Integration (C, VC, ODC)
H. PowerProtect Data Manager Oracle Integration (C, VC, ODC)
I. PowerProtect Data Manager SAP HANA Integration (C, VC, ODC)
J. PowerProtect Data Manager Kubernetes Integration (C, VC, ODC)
K. PowerProtect Data Manager Troubleshooting (C, VC, ODC)
L. PowerProtect Data Manager Upgrade (C, VC, ODC)
M. PowerProtect Data Manager Implementation On-Demand Lab (ODL)
N. PowerProtect Data Manager VM Integration On-Demand Lab (ODL)
O. PowerProtect Data Manager Oracle Integration On-Demand Lab (ODL)
P. PowerProtect Data Manager MS SQL Integration On-Demand Lab (ODL)
Q. PowerProtect Data Manager SAP HANA Integration On-Demand Lab (ODL)