Backup API overview

Kubernetes was designed for extensibility. You can add new APIs such as the Backup, GKE Backup Agent, and Backup Control Plane APIs to a Kubernetes cluster. These APIs conform to a uniform API model, the Kubernetes Resource Model (KRM).

These APIs use Kubernetes custom resources and rely on the KRM. The APIs are used to manage the lifecycle of backups, and to create backup repositories, policies, and plans.

Service endpoints

The following URLs are the API endpoints for the Backup KRM API:

https://GDC_API_SERVER_ENDPOINT/apis/backup.gdc.goog/v1

The following URL is the API endpoint for the GKE Backup Agent API:

https://GDC_API_SERVER_ENDPOINT/apis/gkebackup.gke.io/v1

The following URL is the API endpoint for the Backup Control Plane API:

https://GDC_API_SERVER_ENDPOINT/apis/backup.gdc.goog/v1

Replace GDC_API_SERVER_ENDPOINT with the endpoint of the GDC API server.

Discovery document

Use the kubectl proxy --port=8001 command to open a proxy to the API server on your local machine. From there, you can access the discovery document at one of the following URLs:

  • http://127.0.0.1:8001/apis/backup.gdc.goog/v1
  • http://127.0.0.1:8001/apis/gkebackup.gke.io/v1

Example BackupPlan resource

Here is an example of a BackupPlan resource:

    apiVersion: backup.gdc.goog/v1
    kind: BackupPlan
    metadata:
      name: backup-plan
      namespace: default
    spec:
      clusterName: "cluster-sample"
      backupSchedule:
        cronSchedule: "*/30 * * * *"
        paused: false
      backupConfig:
        backupScope:
          selectedNamespaces:
            namespaces: ["nginx"]
        backupRepository: "backup-repository"
      retentionPolicy:
        backupDeleteLockDays: 10
        backupRetainDays: 10

Example ProtectedApplication resource

Here is an example of a ProtectedApplication resource:

    apiVersion: gkebackup.gke.io/v1
    kind: ProtectedApplication
    metadata:
      name: protected-application-test
      namespace: applications
    spec:
      applicationName: protectedApplication
      resourceSelection:
        type: Selector
        selector:
          matchLabels:
            app: protected
      components:
        - name: protect-application-deployment
          resourceKind: Deployment
          resourceNames:
            - protected-application-deployment
          strategy:
            type: BackupAllRestoreAll

Example BackupRepositoryManager resource

Here is an example of a BackupRepositoryManager resource:

apiVersion: backup.gdc.goog/v1
kind: BackupRepositoryManager
metadata:
  name: backup-repository-gcs
spec:
  readWriteCluster:
    name: user-1-user
    namespace: user-1-user-cluster
  backupRepositorySpec:
    secretReference:
      namespace: "gcs-secret-ns"
      name: "gcs-secret"
    endpoint: "http://storage.googleapis.com"
    type: "S3"
    s3Options:
      bucket: "bucket-name"
      region: "us-east-1"
      forcePathStyle: true
    importPolicy: "ReadWrite"