Parameters

The parent key for all of the following parameters is backup_k8up.

charts

type

dict

default

See class/defaults.yml

The default K8up Helm chart version to use.

images

type

dict

default

See class/defaults.yml

The default Docker image location and tag to use for K8up (key k8up) and kubectl (key kubectl).

Entries in this dict should be dictionaries with keys registry, repository, and tag. This structure provides the basis for dependency maintenance with Renovate.

Please customize K8up image location and tag in this dict instead of directly in helmValues.

The value of k8up.tag in this dict is used by the component to select the CRD YAML to download.

The component passes field kubectl to the Helm chart in value cleanup. This allows users to control which container image is used by the cleanup job.

helmValues

type

dict

default

See class/defaults.yaml

Values passed to Helm. See github.com/appuio/charts/tree/master/k8up

namespace

type

string

default

syn-backup-k8up

The namespace in which to deploy this component.

global_backup_config.enabled

type

bool

default

true

Enable global K8up configuration (via environment variables)

global_backup_config.default_backup_bucket

type

string

default

${cluster:name}-k8up-backups

global_backup_config.s3_credentials

type

dict

default

{'accesskey': '', 'secretkey': '', 'secretname': 'global-bucket-credentials', 'accesskeyname': 'username', 'secretkeyname': 'password'}

global_backup_config.backup_secret

type

dict

default

{'name': 'global-backup-password', 'password': '?{vaultkv:${cluster:tenant}/${cluster:name}/global-backup/password}'}

global_backup_config.s3restore_credentials

type

dict

default

{'accesskey': '', 'secretkey': '', 'secretname': 'global-restore-credentials', 'accesskeyname': 'username', 'secretkeyname': 'password'}

global_backup_config.restore_s3endpoint

type

string

default

null

global_backup_config.restore_bucket

type

string

default

null

global_backup_config.keepjobs

type

string

default

3

Sets the number of old jobs to keep when cleaning up, applies to all job types.

Deprecated: Use global_backup_config.successful_jobs_history_limit and global_backup_config.failed_jobs_history_limit instead, they override global_backup_config.keepjobs.

global_backup_config.successful_jobs_history_limit

type

string

default

null

Sets the number of old, successful jobs to keep when cleaning up, applies to all job types. Overrides global_backup_config.keepjobs. If neither global_backup_config.keepjobs nor this parameter are set, the K8up default value for the configuration is used.

global_backup_config.failed_jobs_history_limit

type

string

default

null

Sets the number of old, failed jobs to keep when cleaning up, applies to all job types. Overrides global_backup_config.keepjobs. If neither global_backup_config.keepjobs nor this parameter are set, the K8up default value for the configuration is used.

global_backup_config.stats_endpoint

type

string

default

null

global_backup_config.skip_without_annotation

type

bool

default

false

Skips backups for all PVCs that aren’t explicitly annotated with k8up.io/backup.

global_backup_config.s3_endpoint

type

string

default

null

backofflimit

type

string

default

2

annotation

type

string

default

k8up.syn.tools/backup

backupcommandannotation

type

string

default

k8up.syn.tools/backupcommand

alert_rule_filters

type

dict

default

`{'namespace': 'namespace=~"syn.*"'}

prometheus_push_gateway

type

string

default

'http://platform-prometheus-pushgateway.syn-synsights.svc:9091'

Set this parameter to null to configure the component to not set the pushgateway URL. Setting the parameter to null ensures that the environment variable BACKUP_PROMURL is never set for the K8up deployment and that the component library won’t set the field promURL in any K8up custom resources.

prometheus_name

type

string

default

'main'

PrometheusRule objects get the label prometheus. This label will be used by the Prometheus operator to select the rules to render for a prometheus instance. This parameter allows to set the value of that label.

If the component Synsights is being used, ensure that this value matches with parameters.synsights.prometheus.name. It’s suggested to do this within you global configuration hierarchy.

monitoring_enabled

type

bool

default

true

For most Kubernetes distributions, the component sets label SYNMonitoring=main on the namespace in which K8up is deployed. On OpenShift 4, the component sets label openshift.io/cluster-monitoring=true on the namespace instead, so that the K8up ServiceMonitor and PrometheusRule objects are picked up by the OpenShift 4 cluster monitoring stack.

alert_thresholds

type

dict

default
k8up_slow_backup_job_duration_seconds: 1200

Dict which holds configuration values for the alerts in monitoring_alerts. This allows users to make alert expressions configurable without having to copy-paste the entire Prometheus query.

  • k8up_slow_backup_job_duration_seconds configures the threshold in seconds above which alerts are generated for "slow" backup jobs.

job_failed_alerts_for

type

dict

valid keys

['archive', 'backup', 'check', 'prune', 'restore']

default

[See class/defaults.yml|https://github.com/projectsyn/component-backup-k8up/blob/master/class/defaults.yml]

Dict which controls the set of JobFailed alert rules to create. Valid keys are archive, backup, check, prune, and restore. The value for each key is expected to be a dict with keys enabled and overrides. The value for key enabled should be a boolean. This key controls whether the corresponding alert rule is created. The value for key overrides is merged with the object configured in job_failed_alert_template. When configuring overrides, Jsonnet merges arrays and objects from the template with their counterparts in overrides. This key allows users to customize any alert properties for individual JobFailed alerts. The fields are overridden before interpolating %(type)s.

job_failed_alert_template

type

dict

default

[See class/defaults.yml|https://github.com/projectsyn/component-backup-k8up/blob/master/class/defaults.yml]

The template for the JobFailed alert rules. %(type)s in alert and expr is replaced by the types defined in job_failed_alerts_for.

monitoring_alerts

type

dict

default

[See class/defaults.yml|https://github.com/projectsyn/component-backup-k8up/blob/master/class/defaults.yml]

Alert definitions to deploy in a PrometheusRule object. The dict is transformed to a list of alerting rules by the component. Keys in the dict are used to add the field alert: <key> to each resulting alerting rule. This structure is chosen to easily adjust individual alert configurations in the hierarchy. Individual alerts can be excluded by setting their value to null.

Example

namespace: example-namespace
global_backup_config:
  successful_jobs_history_limit: 1
  failed_jobs_history_limit: 1
  s3_credentials:
    accesskey: '?{vaultkv:${cluster:tenant}/${cluster:name}/global-backup/access-key}'
    secretkey: '?{vaultkv:${cluster:tenant}/${cluster:name}/global-backup/secret-key}'
  s3restore_credentials:
    accesskey: '?{vaultkv:${cluster:tenant}/${cluster:name}/global-backup/restore-access-key}'
    secretkey: '?{vaultkv:${cluster:tenant}/${cluster:name}/global-backup/restore-secret-key}'
  restore_s3endpoint: https://s3endpoint.example.com
  restore_bucket: example-restore-bucket
monitoring_alerts:
  K8upJobStuck:
    annotations:
      runbook_url: https://example.com/k8up_runbook.md