Skip to main content

Does K10 cluster-scoped resource backup include IngressClasses? Tried searching for an answer to this question but no dice.

The reason is because our company re-installed an on-premises Rancher RKE2 cluster from scratch as part of a DR drill using Kasten K10 for data and application recovery. The recovery process was mostly smooth with a few minor gotchas but in particular, it seems that the cluster-scoped resource capture skipped the existing GitLab NGINX IngressClass despite having no resource filters applied - after restoring both cluster-scoped resources and our GitLab Chart, the IngressClass installed as part of the chart was missing causing the GitLab ingress controller to return NGINX 404 errors, which was solved with a manual Helm upgrade reusing the existing chart version and values.

While this is a minor issue with a relatively simple workaround, we’d like to know whether K10 includes IngressClasses in its cluster-scoped resource backup by default, and if not, is there a way to explicitly include those API resources for backup?

@donaldleung Thanks for opening this topic.
I don’t have the exhaustive list of the cluster-scoped resources that K10 backs up. 

But I might have a way to add include filters for certain CRDs along with the defaults.

I will share the details here shortly on how to do that. 

PS: I am also working on publishing a KB article with these details along with the list cluster-scoped resources that K10 backups by default. I will publish that quickly so that it can be of help here. 


Thanks for the prompt reply, looking forward to the details and associated KB article 😁


Thanks for your patience.

I found that we only backup ClusterRoles, ClusterRolebindings, StorageClass and CRDs as a part of cluster-scoped resources. And anything else needed should be explicitly included using filters.

 

By default, Include filters will only include the resource that you add as a part of the filter.

In this case, if you add an include filter for an ingressClass resource, only it will be included.

However, there is a way to add another filter to include the default resources backed up as a part of cluster-scoped resource backup. You will have to add an include filter entry for Group: actions.kio.kasten.io and Resource: defaults.

 

Below is a screenshot showing how to add an include filter for a cluster-scoped resource to include the ingressClasses and the defaults.

 

 


Here is the result of artifacts from the ClusterRestorepoint before and after adding the include filter for ingressClasses.

Before adding the filter

After adding the filter

 


Below is the sample YAML reference to the policy if you prefer to edit the manifest to add the filters instead of UI form.

kind: Policy
apiVersion: config.kio.kasten.io/v1alpha1
metadata:
name: jai-test-cluster-scoped-policy
namespace: kasten-io
spec:
frequency: "@onDemand"
selector:
matchExpressions:
- key: k10.kasten.io/appNamespace
operator: In
values:
- kasten-io-cluster
actions:
- action: backup
backupParameters:
filters:
includeClusterResources:
- group: networking.k8s.io
version: v1
resource: ingressclasses
- group: actions.kio.kasten.io
resource: defaults

 


Thank you, we have edited the policy as instructed and can confirm that our GitLab NGINX ingress class is now included in the backup along with other cluster-scoped resources.


Comment