Adding a Kubernetes Cluster

Updated

To protect all the applications that are hosted or managed by a cluster, add the cluster to the Commvault software. The best way to ensure that the entire cluster is protected entails exiting the guided setup as described in the procedure.

The cluster can be in any environment type:

  • A fully managed cloud service (Azure AKS, Amazon EKS, Google GKE)

  • Self-built on a fully managed cloud infrastructure (Azure VM, Amazon EC2, Google VM)

  • Self-built on-premises

You can add multiple Kubernetes clusters with the same kube-apiserver endpoint and/or service account, but with different names.

Before You Begin

Procedure

  1. From the navigation pane, go to Protect > Kubernetes.

    The Applications page appears.

  2. In the upper-right area of the page, click Add cluster.

    The Configure Kubernetes page appears.

  3. From the Access nodes list, select the access nodes to use for the cluster.

    To ensure high availability for data management operations, select multiple access nodes. With multiple access nodes, Commvault performs load balancing and automatically recovers from access node outages. For optimal performance of data management operations, select access nodes that have a round trip time (RTT) between the access nodes and the Kubernetes cluster of less than 1 millisecond.

  4. To add a Windows x86 64-bit Windows access node, click the add button .

    The Commvault software downloads and installs the Virtual Server package that is required for Kubernetes access nodes.

  5. If the access nodes that you want to select are not listed, click the refresh button .

  6. Click Next.

    The Select plan page appears.

  7. Select a server plan.

    The following steps direct you to exit the guided setup, which causes your selection of a server plan to not be preserved. Then you will select a server plain again, for the default application group that is created. If you create a new server plan at this point in the guided setup, you can select that server plan in the following steps when you select a server plan again.

  8. Click Next.

    The Add Cluster page appears.

  9. In the Kubernetes API server box, enter the API server URL and port number in the following format:

    https://servername:port

    To get the URL, run the following command:

    kubectl cluster-info

    In the following example output, the Kubernetes control plane is running at https://k8s-123-4.your.domain:6443, so you would enter https://k8s-123-4.your.domain:6443 in the Kubernetes API server box.

    If your control plane is running on port 443, you don't have to include the port number.

    Kubernetes control plane is running at https://k8s-123-4.your.domain:6443

    CoreDNS is running at https://k8s-123-4.your.domain:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
  10. In Name, enter a descriptive name for the cluster.

  11. For Authentication Type, leave Service account selected.

  12. In Service account, enter the name of a service account to access the cluster for backups and other operations.

  13. In Service token, enter the service account token.

  14. If you want to verify that you selected the correct access nodes and server plan for the cluster, click the Previous button.

    After you click Next, you the Commvault software adds the cluster, and you can't change the access nodes or server plan until after you complete the guided setup.

  15. Click Next.

    The Commvault software adds the cluster. To view the cluster, go to Protect > Kubernetes.

    The Add Application Group page appears.

    Note: If you receive an "Unable to create a cluster with the details provided" error, do the following:

    • Verify that you entered the API server endpoint, service account, and service account token values correctly.

    • Verify that the access nodes you selected can access the API server endpoint. To check connectivity to the endpoint for an access node, log onto the access node, and then—using a browser or curl—connect to the kube-apiserver endpoint.

      The best way to ensure that the entire cluster is protected is to exit the guided setup at this point. When you exit the guided setup, the Commvault software creates a "default" application group that uses namespace-centric protection to protect the entire cluster.

  16. On the Add Application group page, click Cancel.

    A confirmation message appears.

  17. Click Exit Wizard.

    The cluster is added to the Commvault software, and an application group named "default" is created.

    The cluster overview page appears.

  18. On the cluster overview page, click the Application groups tab.

  19. Click the default application group.

    The default application group overview page appears.

  20. In the Summary section, for Plan, click Edit, and then select the server plan that you want to use for the application group.

    You can use region-based storage with Kubernetes. If you use region-based storage, you must update the Workload region setting for the cluster.

Protecting an Air-Gapped Kubernetes Cluster