• EN
Solved

Does K10 cluster-scoped resource backup include IngressClasses?

D
Userlevel 2

Does K10 cluster-scoped resource backup include IngressClasses? Tried searching for an answer to this question but no dice.

The reason is because our company re-installed an on-premises Rancher RKE2 cluster from scratch as part of a DR drill using Kasten K10 for data and application recovery. The recovery process was mostly smooth with a few minor gotchas but in particular, it seems that the cluster-scoped resource capture skipped the existing GitLab NGINX IngressClass despite having no resource filters applied - after restoring both cluster-scoped resources and our GitLab Chart, the IngressClass installed as part of the chart was missing causing the GitLab ingress controller to return NGINX 404 errors, which was solved with a manual Helm upgrade reusing the existing chart version and values.

While this is a minor issue with a relatively simple workaround, we’d like to know whether K10 includes IngressClasses in its cluster-scoped resource backup by default, and if not, is there a way to explicitly include those API resources for backup?

icon

Best answer by jaiganeshjk 4 January 2024, 12:35

View original

6 comments

jaiganeshjk
Userlevel 6
Badge +2

@donaldleung Thanks for opening this topic.
I don’t have the exhaustive list of the cluster-scoped resources that K10 backs up. 

But I might have a way to add include filters for certain CRDs along with the defaults.

I will share the details here shortly on how to do that. 

PS: I am also working on publishing a KB article with these details along with the list cluster-scoped resources that K10 backups by default. I will publish that quickly so that it can be of help here. 

Jaiganesh
D
Userlevel 2

Thanks for the prompt reply, looking forward to the details and associated KB article 😁

jaiganeshjk
Userlevel 6
Badge +2

Thanks for your patience.

I found that we only backup ClusterRoles, ClusterRolebindings, StorageClass and CRDs as a part of cluster-scoped resources. And anything else needed should be explicitly included using filters.

 

By default, Include filters will only include the resource that you add as a part of the filter.

In this case, if you add an include filter for an ingressClass resource, only it will be included.

However, there is a way to add another filter to include the default resources backed up as a part of cluster-scoped resource backup. You will have to add an include filter entry for Group: actions.kio.kasten.io and Resource: defaults.

 

Below is a screenshot showing how to add an include filter for a cluster-scoped resource to include the ingressClasses and the defaults.

 

 

Jaiganesh
jaiganeshjk
Userlevel 6
Badge +2

Here is the result of artifacts from the ClusterRestorepoint before and after adding the include filter for ingressClasses.

Before adding the filter

After adding the filter

 

Jaiganesh
jaiganeshjk
Userlevel 6
Badge +2

Below is the sample YAML reference to the policy if you prefer to edit the manifest to add the filters instead of UI form.

kind: Policy
apiVersion: config.kio.kasten.io/v1alpha1
metadata:
  name: jai-test-cluster-scoped-policy
  namespace: kasten-io
spec:
  frequency: "@onDemand"
  selector:
    matchExpressions:
      - key: k10.kasten.io/appNamespace
        operator: In
        values:
          - kasten-io-cluster
  actions:
    - action: backup
      backupParameters:
        filters:
          includeClusterResources:
            - group: networking.k8s.io
              version: v1
              resource: ingressclasses
            - group: actions.kio.kasten.io
              resource: defaults

 

Jaiganesh
D
Userlevel 2

Thank you, we have edited the policy as instructed and can confirm that our GitLab NGINX ingress class is now included in the backup along with other cluster-scoped resources.

Comment


Terms & Conditions