User Permissions for Kubernetes Operations

To allow Commvault users and user groups to perform backups and other operations for Kubernetes, users and user groups must have the necessary permissions and must be associated with the entities that they want to back up.

Operation

Permission that users/user groups must have

Entities that users/user groups must be associated with

Back up Kubernetes application, manifests, and files

Data Protection/Management Operations

  • Backup set

  • Instance

  • Subclient

Restore application files to the original PersistentVolumeClaim (PVC)

In Place Recover

  • Client

  • Agent

Restore Kubernetes applications to the original cluster

In Place Full Machine Recovery

  • Client

  • Agent

Restore application files to a different Kubernetes cluster

Recover guest files and folders to a different destination client

  • Client

  • Agent

Restore Kubernetes applications to a different cluster

Out of Place Full Machine Recovery

  • Client

  • Agent

Browse Kubernetes applications, manifests, and file protected content

Browse

  • Client

  • Agent

  • Backup set

  • Instance

  • Subclient

Enable unconditional overwrite of Kubernetes applications, manifests, and files on restore

Overwrite on Restore

Client

Restore Considerations

The users performing a restore must either be listed as the owner of the Kubernetes cluster or be associated with it and must have the required restore permissions.

Enabling Users to Select Access Node for Restores

Commvault supports protection of up to 25,000 individual containerized applications in a single installation. To scale effectively to support large concurrent Kubernetes clusters, a set of access nodes are required per cluster or per site.

To enable users to select a preferred access node for restores, create a dedicated role with Use Proxy permission and assign or associate the user and access node with the role.

Loading...