Home > Data Protection > PowerProtect Data Manager Appliance > Dell PowerProtect Data Manager Appliance: Protection for Existing and Modern Workloads > Discovering Kubernetes clusters
An asset source must be enabled in the Data Manager Appliance before you can add and register the asset source for the protection of assets. You can enable the Kubernetes asset source from the Data Manager Appliance UI.
Adding a Kubernetes cluster as an asset source in the Data Manager Appliance enables you to protect namespaces and Persistent Volume Claims (PVCs) within the cluster.
You can use the Asset Sources window in the Data Manager Appliance UI to add a Kubernetes cluster asset source to the Data Manager Appliance environment.
Note: The use of any port other than 443 or 6443 requires opening the port on the Data Manager Appliance.
Note: The admin-user service account in the kube-system namespace contains all these privileges. You can provide the token of this account, or an existing similar service account. Alternatively, create a service account that is bound to a cluster role that contains these privileges, and then provide the token of this service account.
If you do not want to provide a service account with cluster-admin privileges, download the yaml files from the Data Manager Appliance UI Downloads window by clicking the System Settings icon and selecting Downloads. These files provide the definition of the cluster role with the required privileges required for the Data Manager Appliance. Follow the instructions in the README.txt file within the tar file to create the required clusterroles and clusterrolebindings, and to provide the token of the service account created in the yaml files. The README.txt file also provides instructions for manually creating the secret for ppdm-discovery-serviceaccount, which is required in Kubernetes versions 1.24 and later.
See PowerProtect Data Manager Appliance Administrator Guide for pre-requisites and more detailed steps about adding a Kubernetes cluster to the Data Manager Appliance.
When adding the Kubernetes cluster as an asset source, a PowerProtect controller is installed on the cluster. This controller is also used to install Velero with the DD object-store plug-in and the vSphere plug-in.
Within the Data Manager appliance UI, you can add controller configurations for a Kubernetes cluster.
When adding Network Interface Cards (NICs), setting DNS configuration for pods, or creating custom ports, you might want to update the PowerProtect Controller, Velero, and cProxy pod configurations to apply additional attributes or change existing attributes.
When adding the Kubernetes cluster as an asset source, you can use the Data Manager Appliance UI to update the PowerProtect Controller configuration, Velero configuration, or cProxy configuration fields, which you can use to add NICs or set the DNS configuration for pods.
In the Data Manager Appliance UI, pod information is specified in ’Advanced Options’ when adding or editing the Kubernetes cluster asset source.
Starting with Data Manager Appliance version 5.14.0.0, the Data Manager Appliance will schedule jobs in each Kubernetes cluster based on the concurrency configuration of the cluster. Concurrency can be set using the controller configuration parameters ppdm.backup.concurrency and ppdm.restore.concurrency.
The number of concurrent namespace backup jobs per cluster: The default value is 5, the minimum value is 1, and the maximum value is 50.
The number of concurrent namespace restore jobs per cluster: The default value is 2, the minimum value is 1, and the maximum value is 20.
Note: Increasing the value increases the load on the Kubernetes cluster.
You can select the file system agent instead of the default VMware Virtual Disk Development Kit (VDDK) by setting the controller configuration parameter k8s.ppdm.vspherecsi.use.fsagent.
Note: This functionality is supported with vSphere 7.0U3 or later and vSphere CSI Driver version 2.5.0 or later is required.
Starting from Data Manager appliance version 5.15.0.0, Data Manager appliance can protect Kubernetes non-snapshot Container Storage Interface (CSI) storage volumes in cases where the CSI driver does not support snapshots.
To enable protection and movement of data that is stored in CSI solutions with no snapshot capability add the controller configuration key “k8s.ppdm.csi.nonsnapshot.storageclasses” along with value as non-snapshot CSI storage class names.
This key can be configured under the advanced options when adding the Kubernetes cluster asset source in the Data Manager appliance UI as given below: