Stay organized with collections
Save and categorize content based on your preferences.
Kubernetes was designed for extensibility. You can add new APIs such as the Backup and GKE Backup Agent APIs to a Kubernetes cluster.
These APIs conform to a uniform API model, the Kubernetes Resource Model (KRM).
These APIs use Kubernetes custom resources and rely on the KRM.
The APIs are used to manage the lifecycle of backups, and to create backup repositories, policies, and plans.
Service endpoints
The following URL is the API endpoint for the Backup KRM API:
Replace MANAGEMENT_API_SERVER_ENDPOINT with the endpoint of the
Management API server.
Discovery document
Use the kubectl proxy --port=8001 command to open a proxy to the API server on
your local machine. From there, you can access the discovery document at one of
the following URLs:
http://127.0.0.1:8001/apis/backup.gdc.goog/v1
http://127.0.0.1:8001/apis/gkebackup.gke.io/v1
Example ClusterBackupPlan resource
Here is an example of a ClusterBackupPlan resource:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eKubernetes' extensibility allows for the addition of new APIs, such as the Backup and GKE Backup Agent APIs, which adhere to the Kubernetes Resource Model (KRM).\u003c/p\u003e\n"],["\u003cp\u003eThese APIs, namely the Backup KRM API and the GKE Backup Agent API, manage the lifecycle of backups and the creation of backup repositories, policies, and plans within a Kubernetes cluster.\u003c/p\u003e\n"],["\u003cp\u003eThe Backup KRM API endpoint is \u003ccode\u003ehttps://<MANAGEMENT_API_SERVER_ENDPOINT>/apis/backup.gdc.goog/v1\u003c/code\u003e, and the GKE Backup Agent API endpoint is \u003ccode\u003ehttps://<MANAGEMENT_API_SERVER_ENDPOINT>/apis/gkebackup.gke.io/v1\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eDiscovery documents for these APIs can be accessed locally via a proxy using the \u003ccode\u003ekubectl proxy --port=8001\u003c/code\u003e command at \u003ccode\u003ehttp://127.0.0.1:8001/apis/backup.gdc.goog/v1\u003c/code\u003e and \u003ccode\u003ehttp://127.0.0.1:8001/apis/gkebackup.gke.io/v1\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe documents offer examples of resources that can be created using the APIs, such as \u003ccode\u003eClusterBackupPlan\u003c/code\u003e, \u003ccode\u003eProtectedApplication\u003c/code\u003e, and \u003ccode\u003eClusterBackupRepository\u003c/code\u003e resources, each outlining specific configurations.\u003c/p\u003e\n"]]],[],null,["# Backup API overview\n\nKubernetes was designed for extensibility. You can add new APIs such as the Backup and GKE Backup Agent APIs to a Kubernetes cluster.\nThese APIs conform to a uniform API model, the Kubernetes Resource Model (KRM).\n\nThese APIs use Kubernetes custom resources and rely on the KRM.\nThe APIs are used to manage the lifecycle of backups, and to create backup repositories, policies, and plans.\n\nService endpoints\n-----------------\n\nThe following URL is the API endpoint for the Backup KRM API: \n\n https://\u003cvar translate=\"no\"\u003eMANAGEMENT_API_SERVER_ENDPOINT\u003c/var\u003e/apis/backup.gdc.goog/v1\n\nThe following URL is the API endpoint for the GKE Backup Agent API: \n\n https://\u003cvar translate=\"no\"\u003eMANAGEMENT_API_SERVER_ENDPOINT\u003c/var\u003e/apis/gkebackup.gke.io/v1\n\nReplace \u003cvar translate=\"no\"\u003eMANAGEMENT_API_SERVER_ENDPOINT\u003c/var\u003e with the endpoint of the\nManagement API server.\n\nDiscovery document\n------------------\n\nUse the `kubectl proxy --port=8001` command to open a proxy to the API server on\nyour local machine. From there, you can access the discovery document at one of\nthe following URLs:\n\n- `http://127.0.0.1:8001/apis/backup.gdc.goog/v1`\n- `http://127.0.0.1:8001/apis/gkebackup.gke.io/v1`\n\nExample `ClusterBackupPlan` resource\n------------------------------------\n\nHere is an example of a `ClusterBackupPlan` resource: \n\n apiVersion: backup.gdc.goog/v1\n kind: ClusterBackupPlan\n metadata:\n name: backup-plan\n namespace: project-namespace\n spec:\n targetCluster:\n targetClusterType: UserCluster\n targetClusterName:\n kind: \"Cluster\"\n name: \"cluster-sample\"\n backupSchedule:\n cronSchedule: \"*/30 * * * *\"\n paused: false\n clusterBackupConfig:\n backupScope:\n selectedNamespaces:\n namespaces: [\"nginx\"]\n clusterBackupRepositoryName: backup-repository\n retentionPolicy:\n backupDeleteLockDays: 10\n backupRetainDays: 10\n\nExample `ProtectedApplication` resource\n---------------------------------------\n\nHere is an example of a `ProtectedApplication` resource: \n\n apiVersion: gkebackup.gke.io/v1\n kind: ProtectedApplication\n metadata:\n name: protected-application-test\n namespace: applications\n spec:\n applicationName: protectedApplication\n resourceSelection:\n type: Selector\n selector:\n matchLabels:\n app: protected\n components:\n - name: protect-application-deployment\n resourceKind: Deployment\n resourceNames:\n - protected-application-deployment\n strategy:\n type: BackupAllRestoreAll\n\nExample `ClusterBackupRepository` resource\n------------------------------------------\n\nHere is an example of a `ClusterBackupRepository` resource: \n\n apiVersion: backup.gdc.goog/v1\n kind: ClusterBackupRepository\n metadata:\n name: user-1-user\n namespace: user-1-user-cluster\n spec:\n secretReference:\n namespace: \"object-storage-secret-ns\"\n name: \"object-storage-secret\"\n endpoint: \"https://objectstorage.google.gdch.test\"\n type: \"S3\"\n s3Options:\n bucket: \"fully-qualified-bucket-name\"\n region: \"us-east-1\"\n forcePathStyle: true\n importPolicy: \"ReadWrite\""]]