PowerProtect Data Manager protects Kubernetes workloads and ensures that the data is protected and recoverable. PowerProtect Data Manager can be deployed using an Open Virtualization Appliance (OVA) or a machine image and is integrated with PowerProtect DD series appliances as protection storage for backups. See  Dell PowerProtect Data Manager Deployment Guide for details on PowerProtect Data Manager deployment methods.

PowerProtect Data Manager can be integrated with RKE2 downstream cluster through Kubernetes APIs to discover protectable resources such as namespaces and PVCs. PowerProtect Data Manager discovers the Kubernetes clusters using the IP address or FQDN. PowerProtect Data Manager uses the discovery service account and the token kubeconfig file to integrate with kube-apiserver.

The following high-level architecture diagram shows the data protection for SUSE Rancher-managed RKE2 downstream single node and downstream cluster with PowerProtect Data Manager:

Figure 10.   High-level RKE2 downstream single node and downstream cluster data protection overview with PowerProtect Data Manager

Once the Kubernetes cluster is added as an asset source in PowerProtect Data Manager and discovery is complete, the associated namespaces are available as assets for protection. PowerProtect Data Manager protects the following two types of Kubernetes cluster assets - Namespaces and PersistentVolumeClaims (PVCs).

During the discovery process, PowerProtect Data Manager creates the following namespaces in the cluster: 

• Velero-ppdm: This namespace contains a Velero pod to backup metadata and stage to target storage in Bare Metal environments. It performs PVC snapshot and metadata backup if there is a VMware cloud native storage.
• PowerProtect: This namespace contains a PowerProtect controller pod to drive persistent volume claim snapshot and backup and send the backups to the target storage using dynamically deployed cProxy pods.

Kubernetes uses persistent volumes to store persisted application data. Persistent volumes are created on external storage and then attached to a particular pod using PVCs. PVCs are included along with other namespaces in PowerProtect Data Manager backup and recovery operations.