Applies to: Only on-premises environments and self-managed cloud environments
You can restore the etcdctl snapshot and the etcd SSL certificates from the active etcd worker node to a Commvault access node. Access nodes are virtual machines, cloud instances, or physical servers that run backups and other operations.
After the etcd snapshot and (optionally) the SSL certificates are restored, the Kubernetes infrastructure administrator can schedule the recovery or repair of etcd state on the cluster.
To avoid potentially affecting running applications and services on the Kubernetes cluster, Commvault supports restoring etcd to a Commvault access node rather than to the running cluster. etcd is a distributed key-value store, so recovery of etcd snapshots affects all control plane nodes in the cluster.
For information about the etcd v3.5 snapshot and restores, see Restoring an etcd cluster in the Kubernetes documentation.
From the navigation pane, go to Protect > Kubernetes.
The Applications page appears.
On the Application groups tab, in the row for the etcd (system generated) application group, click the action button , and then select Restore.
The Restore page appears.
To select a specific backup copy to restore from, do the following:
By default, Commvault restores content from the first available, valid backup copy that it finds.
In the upper-right corner of the page, click Settings.
The Settings dialog box appears.
From the MediaAgent list, select the access node that contains the backup copy.
From the Source list, select the backup copy.
In the Name column, select the content that you want to restore:
To restore the entire etcd pod, select the check box for the pod.
To restore only some of the etcd content, do the following:
Click the name of the etcd pod.
The etcd-certs and etcd-data folders appear.
Select a folder, or continue drilling down to the content that you want to restore.
The Restore options dialog box appears.
On the File system destination tab, from the Destination client list, select a single access node that has low latency (less than 1 millisecond round trip time) to the Kubernetes cluster and the backup copy.
The software incorrectly shows access node groups in Destination client list. For the restore to complete successfully, you must select a single access node, not a group.
The software incorrectly shows the Impersonate user settings. Commvault restores the application manifests as the root user on a temporary Commvault worker pod. Don't enter credentials in the Impersonate user settings.
For Path, do the following:
Click the Browse button.
You cannot enter a path by typing in the Path box.
The Select a path dialog box appears.
Select an existing folder or, to create a new folder, in the lower area of the page, click New folder.
To delete and overwrite existing data, move the Unconditionally overwrite if it already exists toggle key to the right, and then click Yes in the confirmation dialog box.
If any data matching the restore data exists in the destination, Commvault deletes the existing data before starting the restore process.