> Essential > Kubernetes > Configuration > Application Groups

Updating a Kubernetes Application Group

When you update a Kubernetes application group, you can update many settings, including the server plan, the applications that are backed up, roles and permissions, and access nodes.

Go to the Application Group

  1. From the navigation pane, go to Protect > Kubernetes.

    The Applications tab appears.

  2. On the Application groups tab, click the application group.

    The application group properties page appears.

Modify the Server Plan

  • On the Overview tab, in the Summary section, for Plan, click the edit button edit button outline grey/gray pencil, and then select the server plan to use for the application group.

The new server plan and schedule are applied to the application group. If any jobs associated with the previous server plan are running, they complete according to the previous server plan.

Specify the Time Zone

To have Commvault schedule data protection operations based on the time zone that your Kubernetes cluster is in, you can specify that time zone for the application group.

  • On the Overview tab, in the Summary section, for Time zone, click edit button edit button outline grey/gray pencil, and then select the time zone to use for the application group.

Modify the Applications That Are Backed Up

You can select resources to back up by application or by label.

For important information about application group types and the protection they provide, see Namespace-Centric and Application-Centric Protection for Kubernetes.

Select Resources to Back Up by Application

When you select by application, you can select the cluster, namespaces, Pods, DaemonSets, and other resources.

  1. On the Content tab, in the Content section, click the edit button edit button outline grey/gray pencil.

    The Manage content dialog box appears.

  2. Click Add, and then select Applications.

    The Add Kubernetes applications dialog box appears.

  3. From the Browse list, select the option that displays the resources/objects that you want to select:

    • Applications: Displays the cluster, each namespace, and Pods, DaemonSets, Deployments, StatefulSets, and Helm-deployed applications within the namespace.

    • Labels: Displays the cluster, each namespace, and any labels on Pods, Deployments, DaemonSets, StatefulSets, and Helm-deployed applications within the namespace.

      If a namespace does not contain any API resources/objects that have labels, the namespace is displayed as empty.

    • Volumes: Displays the cluster, each namespace, and any PersistentVolumeClaims (PVCs) within the namespace.

      If a namespace does not contain any PersistentVolumeClaim (PVC) objects, the namespace is displayed as empty.

      PersistentVolume (PV) objects that do not have an associated PersistentVolumeClaim (PVC) are not displayed.

      Important

      • If you select individual applications, labels, or PersistentVolumeClaims, new API resources/objects within the namespace are not backed up.

      • If you use Search to find resources/objects, you can search only for namespaces and applications. Applications are supported API resources/objects (such as Secrets, ConfigMaps, Namespaces, and StorageClasses) that can be listed, created, or re-created using the Kubernetes API server. The search function does not support wildcards and does not find PersistentVolumeClaim names or labels names or label values.

  4. Select the resources to back up.

  5. Click Done.

Select Resources to Back Up by Label

When you select by label, you can specify labels and values to select resources/objects that have those labels and values.

  1. On the Content tab, in the Content section, click the edit button edit button outline grey/gray pencil.

    The Manage content dialog box appears.

  2. Click Add, and then select Label selectors.

    The Add label selector dialog box appears.

  3. From the Type list, select Application, Namespace, or Volume.

  4. For Value, enter the label value.

    For example:

    • To search the default namespace, enter enable.backup=true.

    • To search all namespaces, enter enable.backup=true --all-namespaces.

    • To search a specific namespace, enter enable.backup=true -n namespace_name.

      Note

      Commvault does not support the following for label selectors:

      • Using -A as the short form of --all-namespaces. You must use --all-namespaces.

      • Using the --namespace parameter as the long form of -n. You must use -n.

  5. Select the resources to back up.

  6. Click Done.

Select Resources to Exclude from Backups

The resources that you want to exclude must already exist. You cannot exclude specific API resources or resources that have a label applied. For more information, see Restrictions and Known Issues for Kubernetes.

If you both add and exclude the same application, the application is not backed up. If you both add and exclude the same namespace, the namespace is backed up.

  1. On the Content tab, in the Content section, click the edit button edit button outline grey/gray pencil.

    The Manage content dialog box appears.

  2. Move the Exclude items toggle key to the right.

  3. Select the resources to exclude by application and/or by label using the same steps as above for selecting resources to back up.

  4. To exclude stateless applications (that is, applications that do not have any volumes), on the Content tab, move the Skip stateless applications toggle key to the right.

    Important

    Do not click the Preview button. In some cases, clicking the button generates an error message. This is a known issue.

  5. Click OK.

Assign Roles to Users or User Groups

To allow a user or user group to perform data management operations on a cluster, create a security association between the user or user group and one of the following pre-defined roles:

  • View: Provide read-only access to application group configuration, job history, and reporting data

  • VM End User: Provide self-service backup, recover both in-place and out-of-place

Procedure

  1. On the Configuration tab, in the Security section, click edit button edit button outline grey/gray pencil.

    The Security dialog box appears.

  2. On the Associations tab, enter the name of the user or user group, select the role to assign, and then click Add.

  3. Click Save.

Modify the Resource Limits for Commvault Temporary Pods

Applies to: On-premises access nodes only

You can specify the maximum and minimum CPU and memory limits for the temporary pods that Commvault spawns during backups and other operations for Kubernetes.

For backups, Commvault deploys one pod per PersistentVolumeClaim, within the namespace of the PersistentVolume that is being protected.

  1. On the Configuration tab, in the Options section, for Worker pod resource settings, click the edit button edit button outline grey/gray pencil.

    The Worker pod resource settings dialog box appears.

  2. Specify the settings as follows:

    • CPU request: The minimum CPU that Commvault temporary pods can use. For example, you can enter 1m.

    • CPU limit: The maximum CPU that Commvault temporary pods can use. For example, you can enter 250m.

    • Memory request: The maximum memory that Commvault temporary pods can use. For example, you can enter 16mi.

    • Memory limit: The minimum memory that Commvault temporary pods can use. For example, you can enter 1Gi.

  3. Click Save.

Converting Backups to Live Volume Backups When a Volumesnapshots Snapshot Fails or When a Volumesnapshots Snapshot Fails to Change to readyToUse:True State

Use this setting to fall back to live volume backups when the creation of a volumesnapshots snapshot fails or when the state of a volumesnapshots snapshot fails to change to the readyToUse:true state.

  • On the Configuration tab, in the Options section, move the Enable fallback to live volume backup toggle key to the right.

Disable Backups

  • On Configuration tab, in the Activity control section, move the Data backup toggle key to the left.

Modify the Access Nodes

Access nodes run backups and other operations. By default, application groups inherit access nodes from the cluster. If you want to control the access node resources that are used for a specific application group (for example, dedicated resources for mission-critical applications), you can specify different access nodes for the application group.

To ensure that multiple access nodes are available to perform backups and other operations, regardless of planned or unplanned outages for individual access nodes, use access node groups (also called server groups).

For the requirements for Kubernetes access nodes, see System Requirements for Kubernetes.

  1. On Configuration tab, in the Access node section, click Actions, and then select Edit.

    The Edit access node dialog box appears.

  2. Select the server group or the access nodes to use for the application group.

  3. Click OK.

Modify the Number of Readers for Parallel Operations

Each access node is responsible for 5 parallel backup or recovery threads (also called readers).

When a backup or restore is initiated, each namespace and application (Pod, Deployment, DaemonSet, StatefulSet, PersistentVolumeClaim, Helm-based application) consumes 1 reader. For example, if you have a namespace with 2 Pods and 3 PersistentVolumeClaims, then 6 readers are required to protect the namespace.

The default number of readers, 5, is tuned and validated by Commvault to function optimally with access nodes that meet the requirements for Kubernetes access nodes. If additional CPU and RAM are provisioned to your Kubernetes access nodes, you can increase the number of readers that your Kubernetes access nodes use.

  1. On Configuration tab, in the Options section, click the edit button edit button outline grey/gray pencil.

    The Edit options dialog box appears.

  2. In the No. of readers box, enter the number of readers to use.

  3. Click OK.

Modify the Time That Jobs Start

You can specify the time of day that you want scheduled jobs for the application group to start. By default, Commvault starts jobs based on the RPO (recovery point objective) settings of the server plan that is specified for the application group.

If you modify the Job start time value, but the time that you enter is not within the time period that is set in the backup window or the full backup window for the server plan, then Commvault starts jobs at the next available time within the window.

Set the Job start time in the local timezone of the Kubernetes cluster. Commvault uses the Time zone setting of the application group to ensure that jobs are started at the Job start time, in the local timezone of the Kubernetes cluster.

  • On Configuration tab, in the Options section, for Job start time, click the edit button edit button outline grey/gray pencil, and then enter the time.

Modify the Tags

If you have the Tag Management permission, you can create and apply tags to the application group. A tag is a key and an optional value that you can use to categorize application groups. Tags are useful for managing and reporting in large environments.

Note

On the Application groups page, the Tags column shows "No tags", even for application groups that have tags. To view the tags for an application group, go to the application group properties page. This is a known issue.

Procedure

  1. On Configuration tab, in the Tags section, click the edit button edit button outline grey/gray pencil.

    The Manage tags dialog box appears.

  2. In Tag name, enter a name for the tag.

  3. To assign a value, in Tag value, enter the value.

  4. Click Save.

Loading...