Installing and deploying Kubernetes Backup Support images

Before you can back up and restore persistent volumes that are attached to your containers, you must install and deploy Kubernetes Backup Support images.

Complete the following steps on the command line in the Kubernetes environment:

1. Log in to the operating system on the master node of the Kubernetes cluster that is used as the installation node.
2. Unpack the installation package (installer-10.1.5.tar.gz) by entering the following command:

   tar -xvf installer-10.1.5.tar.gz

   This command extracts a folder that is named installer.
3. Go to the installer directory by entering the following command:

   cd installer

4. Run the following two commands to obtain the Classless Inter-Domain Routing (CIDR) method for the cluster and the IP address and port for the cluster API server. The values are used in Step 5.
   1. Obtain the CIDR for the cluster by issuing the following command:

      kubectl cluster-info dump | grep -m 1 cluster-cidr

      The CIDR is provided in the output in the following format:

      --cluster-cidr=xxx.yyy.0.0/zz

      The CIDR is similar to the following example:

      198.51.0.0/24

   2. Obtain the IP address and server port for the cluster API server by issuing the following command:

      kubectl config view|awk '/cluster\:/,/server\:/' | grep server\: | awk '{print $2}'

      The result is a URL that is composed of an IP address and port number, as shown in the following example:

      https://192.0.2.0:6443

      where 192.0.2.0 is the cluster API server IP address and 6443 is the port address.
5. Edit the baas_config.cfg file with a text editor and modify the configuration parameters by providing the appropriate values for your environment. Enclose the values in quotation marks, as shown in the following example.

   BAAS_ADMIN="sppadmin"

   For parameters that contain a list of values, provide the list of values in a comma-separated format that is enclosed in quotation marks, as shown in the following example:

   SPP_VSNAP_IP_ADDRESSES="192.0.2.0,192.0.2.1"

   The following table contains the parameters that you must modify:

   Table 1. Specifications for the baas_config.cfg configuration file

   Parameter	Description
   BAAS_ADMIN	The user ID of the IBM Spectrum Protect Plus administrator.
   BAAS_PASSWORD	The IBM Spectrum Protect Plus password. For increased security, specify an empty string (""). You are prompted for the password when you run the deployment script. If you must specify a password in the configuration file for automated test deployments, ensure that the file is stored in a secure location.
   DATAMOVER_USER	The IBM Spectrum Protect Plus application host user name. You can use the default data mover name or specify a different name. This user account is automatically configured and used in the data mover container.
   DATAMOVER_PASSWORD	The IBM Spectrum Protect Plus application host password. For increased security, specify an empty string (""). You are prompted for the password when you run the deployment script. If you must specify a password in the configuration file for automated test deployments, ensure that the file is stored in a secure location.
   CLUSTER_CIDR	The CIDR for the cluster. Enter the CDIR that was obtained in Step 4.a.
   CLUSTER_API_SERVER_IP_ADDRESS	The IP address for the cluster API server. Enter the IP address that was obtained in Step 4.b.
   CLUSTER_API_SERVER_PORT	The port address for the cluster API server. Enter the port address that was obtained in Step 4.b.
   SPP_IP_ADDRESSES	The IBM Spectrum Protect Plus server IP address.
   SPP_VSNAP_IP_ADDRESSES	The IP address for the IBM Spectrum Protect Plus vSnap server. You can obtain this address from the IBM Spectrum Protect Plus user interface by clicking System Configuration > Backup Storage > Disk > Disk Storage. This parameter can contain more than one IP address. Provide the list of values in a comma-separated format that is enclosed in quotation marks, as shown in the following example: SPP_VSNAP_IP_ADDRESSES="192.0.2.0,192.0.2.1"
   PRODUCT_IMAGE_REGISTRY	The Docker registry address and port that hosts the containers. Enter the address in the ip_address:port format.
   PRODUCT_IMAGE_REGISTRY_NAMESPACE	The Docker registry namespace that hosts the containers.
   PRODUCT_IMAGE_REGISTRY_SECRET_NAME	The name of the Kubernetes image-pull secret that contains the credentials for the registry. The secret must be in the namespace that is specified by the PRODUCT_IMAGE_REGISTRY_NAMESPACE parameter. If you are using an internal registry, enter an empty string (""). For the data mover container to run, the image-pull secret must be in every namespace of each persistent volume claim (PVC) to be backed up and restored.

   Restrictions:

   • The following parameters and values are reserved for Kubernetes Backup Support. Keep them as is.

     PRODUCT_NAMESPACE="baas"
     PRODUCT_TARGET_PLATFORM="K8S"

   • The SPP_PORT value specifies the port for the Kubernetes Backup Support user interface. Do not change the default value of 443.
   • Kubernetes Backup Support is available only in English in IBM Spectrum Protect Plus Version 10.1.5. For this reason, do not change the PRODUCT_LOCALIZATION="en_US" setting.
   Your specifications are automatically inserted into the ConfigMap (baas-configmap) during the deployment.
6. Start the installation and deployment by issuing the following command.

   ./baas_install.sh -i

   All container images are in the image registry and are running.

   When prompted, enter yes to continue.

   A project namespace for the Kubernetes Backup Support deployment called "baas" is created. This project is created before the images are pushed into the image registry, which is identified by the namespace.

   Depending on your environment, it might take several minutes to load and deploy the package.

7. To verify that the Kubernetes Backup Support components are properly installed, issue the following command:

   ./baas_install.sh -s

   If the installation fails, the missing components are listed in the MISSING section of the output.

   Tip: You can also check the status of the installation with the ./helm status baas command.

kubectl get pods

kubectl describe pod pod_name

kubectl get pods -n baas

NAME                                               READY     STATUS    RESTARTS   AGE
baas-controller-59dbcf7f94-c6zjr                   1/1       Running   0          3h56m
baas-datamover-b44f755c5-k5g2f                     1/1       Running   0          22h
baas-etcd-client-59bd5d647f-k76b                   1/1       Running   0          2d21h
baas-scheduler-55944fbbb6-b96lw                    1/1       Running   0          3h56m
baas-transaction-manager-856b7fd6c94h558           1/1       Running   0          3h32m
baas-etcd-spp-job-control-store-65d9dfb84d-vlqb5   1/1       Running   2          2d17h

kubectl get services -n baas

NAME                              TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
baas-etcd-client                  ClusterIP   10.103.44.178   <none>        2379/TCP   2d21h
baas-etcd-spp-job-control-store   ClusterIP   10.100.229.67   <none>        2379/TCP   2d21h
baas-scheduler                    ClusterIP   10.96.33.79     <none>        8000/TCP   2d21h
baas-transaction-manager          ClusterIP   10.106.230.11   <none>        5000/TCP   2d21h

kubectl get networkpolicies -n baas

NAME                             POD-SELECTOR                                                AGE
baas-ctl-networkpolicy           app=baas,component=controller,release=baas                  2d21h
baas-etcd-networkpolicy          app=baas,component=etcd-client,release=baas                 2d21h
baas-etcd-spp-job-control-store  app=baas,component=etcd-spp-job-control-store,release=baas  2d21h
baas-scheduler                   app=baas,component=scheduler,release=baas                   2d21h
baas-transaction-manager         app=baas,component=transaction-manager,release=baas         2d21h

./baas_install.sh -u