Operator Configuration Reference
The k8up operator can be configured in two ways:
-
Per namespace backups. Optimal for shared clusters.
-
Global settings with namespaced schedules. Optimal for private clusters.
Arguments and Environment Variables
You need to define BACKUP_OPERATOR_NAMESPACE (or --operator-namespace respectively), but everything else can be left to their default values.
See k8up operator --help for all the options:
NAME:
k8up operator
USAGE:
k8up operator [command options] [arguments...]
DESCRIPTION:
Start k8up in operator mode
OPTIONS:
--annotation value the annotation to be used for filtering (default: "k8up.io/backup") [$BACKUP_ANNOTATION]
--backupcommandannotation value set the annotation name that identify the backup commands on Pods (default: "k8up.io/backupcommand") [$BACKUP_BACKUPCOMMANDANNOTATION]
--fileextensionannotation value set the annotation name where the file extension is stored for backup commands (default: "k8up.io/file-extension") [$BACKUP_FILEEXTENSIONANNOTATION]
--global-failed-jobs-history-limit value set the number of old, failed jobs to keep when cleaning up, applies to all job types (default: 3) [$BACKUP_GLOBAL_FAILED_JOBS_HISTORY_LIMIT]
--global-successful-jobs-history-limit value set the number of old, successful jobs to keep when cleaning up, applies to all job types (default: 3) [$BACKUP_GLOBAL_SUCCESSFUL_JOBS_HISTORY_LIMIT]
--global-concurrent-archive-jobs-limit value set the limit of concurrent archive jobs (default: unlimited) [$BACKUP_GLOBAL_CONCURRENT_ARCHIVE_JOBS_LIMIT]
--global-concurrent-backup-jobs-limit value set the limit of concurrent backup jobs (default: unlimited) [$BACKUP_GLOBAL_CONCURRENT_BACKUP_JOBS_LIMIT]
--global-concurrent-check-jobs-limit value set the limit of concurrent check jobs (default: unlimited) [$BACKUP_GLOBAL_CONCURRENT_CHECK_JOBS_LIMIT]
--global-concurrent-prune-jobs-limit value set the limit of concurrent prune jobs (default: unlimited) [$BACKUP_GLOBAL_CONCURRENT_PRUNE_JOBS_LIMIT]
--global-concurrent-restore-jobs-limit value set the limit of concurrent restore jobs (default: unlimited) [$BACKUP_GLOBAL_CONCURRENT_RESTORE_JOBS_LIMIT]
--globalrestores3accesskeyid value set the global restore S3 accessKeyID for restores [$BACKUP_GLOBALRESTORES3ACCESKEYID] / [$BACKUP_GLOBALRESTORES3ACCESSKEYID]
--globalrestores3bucket value set the global restore S3 bucket for restores [$BACKUP_GLOBALRESTORES3BUCKET]
--globalrestores3endpoint value set the global restore S3 endpoint for the restores (needs the scheme 'http' or 'https') [$BACKUP_GLOBALRESTORES3ENDPOINT]
--globalrestores3secretaccesskey value set the global restore S3 SecretAccessKey for restores [$BACKUP_GLOBALRESTORES3SECRETACCESSKEY]
--globalrepopassword value set the restic repository password to be used globally [$BACKUP_GLOBALREPOPASSWORD]
--globalaccesskeyid value set the S3 access key id to be used globally [$BACKUP_GLOBALACCESSKEYID]
--globalsecretaccesskey value set the S3 secret access key to be used globally [$BACKUP_GLOBALSECRETACCESSKEY]
--globals3bucket value set the S3 bucket to be used globally [$BACKUP_GLOBALS3BUCKET]
--globals3endpoint value set the S3 endpoint to be used globally [$BACKUP_GLOBALS3ENDPOINT]
--global-cpu-request value set the CPU request for scheduled jobs [$BACKUP_GLOBAL_CPU_REQUEST]
--global-cpu-limit value set the CPU limit for scheduled jobs [$BACKUP_GLOBAL_CPU_LIMIT]
--global-memory-request value set the memory request for scheduled jobs [$BACKUP_GLOBAL_MEMORY_REQUEST]
--global-memory-limit value set the memory limit for scheduled jobs [$BACKUP_GLOBAL_MEMORY_LIMIT]
--image value URL of the restic image (default: "ghcr.io/k8up-io/k8up:latest") [$BACKUP_IMAGE]
--command-restic value [ --command-restic value ] The command that is executed for restic backups. (default: "/usr/local/bin/k8up", "restic") [$BACKUP_COMMAND_RESTIC]
--restic-options value [ --restic-options value ] Pass custom restic options in the form 'key=value,key2=value2'. See https://restic.readthedocs.io/en/stable/manual_rest.html?highlight=--option#usage-help [$BACKUP_RESTIC_OPTIONS]
--datapath value, --mountpath value to which path the PVCs should get mounted in the backup container (default: "/data") [$BACKUP_DATAPATH]
--globalstatsurl value set the URL to post metrics globally [$BACKUP_GLOBALSTATSURL]
--metrics-bindaddress value set the bind address for the prometheus endpoint (default: ":8080") [$BACKUP_METRICS_BINDADDRESS]
--promurl value set the operator wide default prometheus push gateway (default: "http://127.0.0.1/") [$BACKUP_PROMURL]
--restartpolicy value set the RestartPolicy for the backup jobs. According to https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/, this should be 'OnFailure' for jobs that terminate (default: "OnFailure") [$BACKUP_RESTARTPOLICY]
--podfilter value the filter used to find the backup pods (default: "backupPod=true") [$BACKUP_PODFILTER]
--podexecaccountname value, --serviceaccount value set the service account name that should be used for the pod command execution (default: "pod-executor") [$BACKUP_PODEXECACCOUNTNAME]
--podexecrolename value set the role name that should be used for pod command execution (default: "pod-executor") [$BACKUP_PODEXECROLENAME]
--enable-leader-election enable leader election within the operator Pod (default: enabled) [$BACKUP_ENABLE_LEADER_ELECTION]
--checkschedule value the default check schedule (default: "0 0 * * 0") [$BACKUP_CHECKSCHEDULE]
--operator-namespace value set the namespace in which the K8up operator itself runs [$BACKUP_OPERATOR_NAMESPACE]
--help, -h show help (default: false)Global Settings
Each variable starting with BACKUP_GLOBAL* can be used to declare a global default for all namespaces.
For example, if you configure the S3 bucket and credentials here, you won’t have to specify them in the Schedule or Backup resource definitions.
| It is always possible to overwrite the global settings. Simply declare the specific setting in the relevant resource definition and it will be applied instead of the global default. |