AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    Stash

    Backup and Recovery Solution for Kubernetes

    KubeVault

    Run Production-Grade Vault on Kubernetes

    Voyager

    Secure Ingress Controller for Kubernetes

    ConfigSyncer

    Kubernetes Configuration Syncer

    Guard

    Kubernetes Authentication WebHook Server

    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • check-boxLower administrative burden
    • check-boxNative Kubernetes Support
    • check-boxPerformance
    • check-boxAvailability and durability
    • check-boxManageability
    • check-boxCost-effectiveness
    • check-boxSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • check-boxVault Kubernetes Deployment
    • check-boxAuto Initialization & Unsealing
    • check-boxVault Backup & Restore
    • check-boxConsume KubeVault Secrets with CSI
    • check-boxManage DB Users Privileges
    • check-boxStorage Backend
    • check-boxAuthentication Method
    • check-boxDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • check-boxHTTP & TCP
    • check-boxSSL
    • check-boxPlatform support
    • check-boxHAProxy
    • check-boxPrometheus
    • check-boxLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • check-boxConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • check-boxIdentity Providers
    • check-boxCLI
    • check-boxRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
configsyncer
github-icon twitterx-icon
TRY NOW FREE
You are looking at the documentation of a prior release. To read the documentation of the latest release, please visit here.

New to Kubed? Please start here.

Kubernetes Recycle Bin

Kubed provides a recycle bin for deleted and/or updated Kubernetes objects. Once activated, any deleted and/or updated object is stored in YAML format in folder mounted inside Kubed pod. This tutorial will show you how to use Kubed to setup a recycle bin for Kubernetes cluster objects.

Before You Begin

At first, you need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using Minikube.

Deploy Kubed

To enable config syncer, you need a cluster config like below.

$ cat ./docs/examples/recycle-bin/config.yaml

clusterName: unicorn
recycleBin:
  handleUpdates: false
  path: /tmp/kubed/trash
  ttl: 168h
KeyDescription
recycleBin.pathRequired. Path to folder where deleted and/or updated objects are stored.
recycleBin.ttlRequired. Duration for which deleted and/or updated objects are stored before purging.
recycleBin.handleUpdatesOptional. If set to true, past version of supported objects are stored when updated. We recommend that you keep this set to false on an active cluster.
clusterNameOptional. A meaningful identifer for cluster. This cluster name will be prefixed to any notification sent via Email/SMS/Chat so that you can identify the source easily.

Now, create a Secret with the Kubed cluster config under config.yaml key.

$ kubectl create secret generic kubed-config -n kube-system \
    --from-file=./docs/examples/recycle-bin/config.yaml
secret "kubed-config" created

# apply app=kubed label to easily cleanup later
$ kubectl label secret kubed-config app=kubed -n kube-system
secret "kubed-config" labeled

$ kubectl get secret kubed-config -n kube-system -o yaml
apiVersion: v1
data:
  config.yaml: bm90aWZpZXJTZWNyZXROYW1lOiBrdWJlZC1ub3RpZmllcgpyZWN5Y2xlQmluOgogIGhhbmRsZV91cGRhdGU6IGZhbHNlCiAgcGF0aDogL3RtcC9rdWJlZAogIHJlY2VpdmVyOgogICAgbm90aWZpZXI6IG1haWxndW4KICAgIHRvOgogICAgLSBvcHNAZXhhbXBsZS5jb20KICB0dGw6IDE2OGgK
kind: Secret
metadata:
  creationTimestamp: 2017-07-26T18:55:54Z
  labels:
    app: kubed
  name: kubed-config
  namespace: kube-system
  resourceVersion: "32920"
  selfLink: /api/v1/namespaces/kube-system/secrets/kubed-config
  uid: 0d3aa21b-7234-11e7-af79-08002738e55e
type: Opaque

Now, deploy Kubed operator in your cluster following the steps here. Once the operator pod is running, go to the next section.

Using Recycle Bin

In this tutorial, a ConfigMap will be used to show how recycle bin feature can be used.

To keep things isolated, this tutorial uses a separate namespace called demo throughout this tutorial. Run the following command to prepare your cluster for this tutorial:

$ kubectl create namespace demo
namespace "demo" created

~ $ kubectl get namespaces
NAME          STATUS    AGE
default       Active    6h
kube-public   Active    6h
kube-system   Active    6h
demo          Active    4m

Create a ConfigMap called omni in the demo namespace.

$ kubectl create configmap omni -n demo --from-literal=hello=world
configmap "omni" created

$ kubectl get configmaps omni -n demo -o yaml
apiVersion: v1
data:
  hello: world
kind: ConfigMap
metadata:
  creationTimestamp: 2017-07-26T19:18:40Z
  name: omni
  namespace: demo
  resourceVersion: "34414"
  selfLink: /api/v1/namespaces/demo/configmaps/omni
  uid: 3b77f592-7237-11e7-af79-08002738e55e

Now, delete the ConfigMap omni. Kubed operator pod will notice this and stored the deleted object in YAML format in a file matching the selfLink for that object inside the recycleBin.path folder.

# Exec into kubed operator pod
$ kubectl exec -it $(kubectl get pods --all-namespaces -l app=kubed -o jsonpath={.items[0].metadata.name}) -n kube-system sh

# running inside kubed operator pod
/ # find /tmp/kubed/trash/
/tmp/kubed/trash/
/tmp/kubed/trash/api
/tmp/kubed/trash/api/v1
/tmp/kubed/trash/api/v1/namespaces
/tmp/kubed/trash/api/v1/namespaces/demo
/tmp/kubed/trash/api/v1/namespaces/demo/configmaps
/tmp/kubed/trash/api/v1/namespaces/demo/configmaps/omni.20170726T193302.yaml

/ # cat /tmp/kubed/trash/api/v1/namespaces/demo/configmaps/omni.20170726T193302.yaml
apiVersion: v1
data:
  hello: world
kind: ConfigMap
metadata:
  creationTimestamp: 2017-07-26T19:33:02Z
  name: omni
  namespace: demo
  resourceVersion: "35481"
  selfLink: /api/v1/namespaces/demo/configmaps/omni
  uid: 3d50fba0-7239-11e7-af79-08002738e55e

Supported Kubernetes Objects

Following Kubernetes objects are supported by recycle bin:

  • v1:
    • ComponentStatus
    • ConfigMap
    • Endpoints
    • Event
    • LimitRange
    • Namespace
    • Node
    • PersistentVolume
    • PersistentVolumeClaim
    • Pod
    • ReplicationController
    • Secret
    • Service
    • ServiceAccount
  • apps/v1beta1:
    • Deployment
    • StatefulSet
  • batch/v1:
    • Job
  • batch/v2alpha1:
    • CronJob
  • extensions/v1beta1:
    • DaemonSet
    • Deployment
    • Ingress
    • ReplicaSet
    • ThirdPartyResource
  • kubedb/v1alpha1:
    • DormantDatabase
    • Elasticsearch
    • Postgres
    • Snapshot
  • monitoring.coreos.com:
    • Prometheus
    • ServiceMonitor
  • rbac/v1alpha1:
    • ClusterRole
    • ClusterRoleBinding
    • Role
    • RoleBinding
  • rbac/v1:
    • ClusterRole
    • ClusterRoleBinding
    • Role
    • RoleBinding
  • monitoring.appscode.com/v1alpha1:
    • ClusterAlert
    • NodeAlert
    • PodAlert
  • kubed.appscode.com/v1alpha1:
    • Restic
  • storage/v1:
    • StorageClass
  • storage/v1beta1:
    • StorageClass
  • voyager.appscode.com/v1beta1:
    • Certificate
    • Ingress

To add support for additional object types, please file an issue. We are exploring ways to watch for any object deletion here.

Using Persistent Storage

The installation scripts for Kubed mounts an emptyDir under /tmp path. This tutorial used /tmp/kubed/trash to store objects in recycle bin. If you want to use a PersistentVolume to recycle bin data, mount a PV and updated the recycleBin.path accordingly.

Disable Recycle Bin

If you would like to disable this feature, remove the recyclebin portion of your Kubed cluster config. Then update the kubed-config Secret and restart Kubed operator pod(s).

Cleaning up

To cleanup the Kubernetes resources created by this tutorial, run the following commands:

$ kubectl delete ns demo
namespace "demo" deleted

To uninstall Kubed operator, please follow the steps here.

Next Steps

  • Learn how to use Kubed to take periodic snapshots of a Kubernetes cluster here.
  • Backup your persistent volumes with Stash.
  • Need to keep configmaps/secrets synchronized across namespaces or clusters? Try Kubed config syncer.
  • Want to keep an eye on your cluster with automated notifications? Setup Kubed event forwarder.
  • Out of disk space because of too much logs in Elasticsearch or metrics in InfluxDB? Configure janitors to delete old data.
  • Wondering what features are coming next? Please visit here.
  • Want to hack on Kubed? Check our contribution guidelines.

What's on this Page

Search
Improve This Page