Configure backups of Mirantis Kubernetes Engine

This section covers the configuration of backups of Mirantis Kubernetes Engine (MKE) on management and MOSK clusters using the backup custom resources provided by the MOSK management API. Using the backup custom resources, you can:

• Create a single MKE backup

• Schedule MKE backups

• Encrypt MKE backups

• Upload MKE backups to remote storage

MKE backups are performed automatically before and after updates of management and MOSK clusters. You can also create manual backups using the ClusterBackup object and schedule backups using the ClusterBackupSchedule object.

Mirantis highly recommends that you encrypt backup data and use remote backup storage for production environments. For backup encryption, use the KeyEncryptionKey object. For remote backup storage, you can use either NFS or Amazon Simple Storage Service (S3). For NFS, configure it to allow mounting backup files onto the cluster manager nodes. For S3, use the RCloneCredential object.

For the description of backup custom resources, see Cluster backup resources.

You should back up MKE on management and MOSK clusters regularly, especially after any major action. For example, after any of the following operations:

• Deployment of a management cluster and its MOSK cluster

• Adding or redeploying nodes, including host operating system operations using HostOSConfiguration objects

• Changing the operating system distribution

• Reconfiguration of a cluster, for example:

  • Switching to a new container runtime

  • Configuring proxy

  • Updating MKE or Keycloak certificates

• Minor cluster changes, for example:

  • Adding or removing node labels

  • Creating or removing UpdateGroup objects

The following sections describe how to create and schedule MKE backups, configure backup encryption and remote storage, restore MKE from a backup, and delete a backup from remote storage.

• Create backups of Mirantis Kubernetes Engine
• Restore Mirantis Kubernetes Engine from a backup