Backup considerations

Observe the following considerations prior to performing an MKE backup.

Limitations

  • MKE does not support using a backup that runs an earlier version of MKE to restore a cluster that runs a later version of MKE.

  • MKE does not support performing two backups at the same time. If a backup is attempted while another backup is in progress, or if two backups are scheduled at the same time, a message will display indicating that the second backup failed because another backup is in progress.

  • MKE may not be able to back up a cluster that has crashed. Mirantis recommends that you perform regular backups to avoid encountering this scenario.

  • MKE backups do not include Swarm workloads.

MKE backup contents

The following backup contents are stored in a .tar file. Backups contain MKE configuration metadata for recreating configurations such as LDAP, SAML, and RBAC.

Data

Backed up

Description

Configurations

Yes

MKE configurations, including Mirantis Container Runtime license, Swarm, and client CAs.

Access control

Yes

Swarm resource permissions for teams, including collections, grants, and roles.

Certificates and keys

Yes

Certificates, public and private keys used for authentication and mutual TLS communication.

Metrics data

Yes

Monitoring data gathered by MKE.

Organizations

Yes

Users, teams, and organizations.

Volumes

Yes

All MKE-named volumes including all MKE component certificates and data.

Overlay networks

No

Swarm mode overlay network definitions, including port information.

Configs, secrets

No

MKE configurations and secrets. Create a Swarm backup to back up these data.

Services

No

MKE stacks and services are stored in Swarm mode or SCM/config management.

ucp-metrics-data

No

Metrics server data.

ucp-node-certs

No

Certs used to lock down MKE system components.

Routing mesh settings

No

Interlock layer 7 ingress configuration information. A manual backup and restore process is possible and should be performed.

Note

Because Kubernetes stores the state of resources on etcd, a backup of etcd is sufficient for stateless backups.

Kubernetes settings, data, and state

MKE backups include all Kubernetes declarative objects, including secrets, and are stored in the ucp-kv etcd database.

Note

You cannot back up Kubernetes volumes and node labels. When you restore MKE, Kubernetes objects and containers are recreated and IP addresses are resolved.

For more information, refer to Backing up an etcd cluster.