Backup API overview

Kubernetes was designed for extensibility. You can add new APIs such as the Backup and GKE Backup Agent APIs to a Kubernetes cluster. These APIs conform to a uniform API model, the Kubernetes Resource Model (KRM).

These APIs use Kubernetes custom resources and rely on the KRM. The APIs are used to manage the lifecycle of backups, and to create backup repositories, policies, and plans.

Service endpoints

The following URL is the API endpoint for the Backup KRM API:

https://MANAGEMENT_API_SERVER_ENDPOINT/apis/backup.gdc.goog/v1

The following URL is the API endpoint for the GKE Backup Agent API:

https://MANAGEMENT_API_SERVER_ENDPOINT/apis/gkebackup.gke.io/v1

Replace MANAGEMENT_API_SERVER_ENDPOINT with the endpoint of the Management API server.

Discovery document

Use the kubectl proxy --port=8001 command to open a proxy to the API server on your local machine. From there, you can access the discovery document at one of the following URLs:

  • http://127.0.0.1:8001/apis/backup.gdc.goog/v1
  • http://127.0.0.1:8001/apis/gkebackup.gke.io/v1

Example ClusterBackupPlan resource

Here is an example of a ClusterBackupPlan resource:

apiVersion: backup.gdc.goog/v1
kind: ClusterBackupPlan
metadata:
  name: backup-plan
  namespace: project-namespace
spec:
  targetCluster:
    targetClusterType: UserCluster
    targetClusterName:
      kind: "Cluster"
      name: "cluster-sample"
  backupSchedule:
    cronSchedule: "*/30 * * * *"
    paused: false
  clusterBackupConfig:
    backupScope:
      selectedNamespaces:
        namespaces: ["nginx"]
    clusterBackupRepositoryName: backup-repository
  retentionPolicy:
    backupDeleteLockDays: 10
    backupRetainDays: 10

Example ProtectedApplication resource

Here is an example of a ProtectedApplication resource:

apiVersion: gkebackup.gke.io/v1
kind: ProtectedApplication
metadata:
  name: protected-application-test
  namespace: applications
spec:
  applicationName: protectedApplication
  resourceSelection:
    type: Selector
    selector:
      matchLabels:
        app: protected
  components:
    - name: protect-application-deployment
      resourceKind: Deployment
      resourceNames:
        - protected-application-deployment
      strategy:
        type: BackupAllRestoreAll

Example ClusterBackupRepository resource

Here is an example of a ClusterBackupRepository resource:

apiVersion: backup.gdc.goog/v1
kind: ClusterBackupRepository
metadata:
  name: user-1-user
  namespace: user-1-user-cluster
spec:
    secretReference:
        namespace: "object-storage-secret-ns"
        name: "object-storage-secret"
    endpoint: "https://objectstorage.google.gdch.test"
    type: "S3"
    s3Options:
      bucket: "fully-qualified-bucket-name"
      region: "us-east-1"
      forcePathStyle: true
    importPolicy: "ReadWrite"