Enabling Kubernetes etcd Key Value Store Backups

Enable the etcd protection setting to protect the etcd database in on-premises environments and self-managed cloud environments.

Kubernetes operational best practices recommend protecting etcd if you are responsible for the availability of the Kubernetes cluster and the built-in etcd store. For more information, see Operating etcd clusters for Kubernetes in the Kubernetes documentation.

Etcd can be deployed in single-node, stacked HA (high availability) cluster, and external HA cluster configurations. Commvault supports the etcd protection setting when etcd runs within the Kubernetes cluster that is protected by Commvault or within a stacked etcd topology. For more information, see Options for Highly Available Topology in the Kubernetes documentation.

Commvault recommends the use of a stacked etcd topology with a load balancer that directs incoming control plane requests to an available kube-apiserver.

While etcd is a distributed or replicated key-value store, with copies existing on all control plane nodes, Commvault recommends enabling etcd backup to allow recovery from etcd corruption or loss.

Commvault does not protect etcd in Kubernetes environments where etcd is not exposed as a running Pod.

When enabled, etcd protection performs the following:

  • Scheduled etcd snapshot backups using etcdctl.

  • Scheduled etcd SSL certificate backups for the active etcd node.

  • Encrypted etcd database backups for the Red Hat OpenShift Container Platform (RHOCP) cluster.

Before You Begin

The Kubernetes access nodes must be at Commvault Platform Release 2022E or a more recent release.

Procedure

  1. From the navigation pane, go to Protect > Kubernetes.

    The Overview page appears.

  2. On the Clusters tab, click the cluster that you want to enable etcd protection for.

  3. On the Configuration tab, in the etcd protection section, move the etcd protection toggle key to the right.

    The etcd protection backup plan dialog box appears.

  4. From the Plan list, select the backup plan to use for the etcd (system generated) application group that the Commvault software will create to protect etcd.

  5. Click Save.

    The etcd database will be automatically backed up according to the backup plan that you selected.

  6. To back up the etcd database immediately, do the following:

    1. On the Application groups tab, in the etcd (system generated) row, click the action button action_button, and then select Back up.

      If you don't see the etcd (system generated) application group, refresh the page.

      The Select backup level dialog box appears.

    2. Select Full as the backup type, and then click OK.

Results

Commvault creates an application group with the name etcd (system generated) and assigns the backup plan that you select to the etcd (system generated) application group.

Loading...