Modifying Default T4K Configuration

This page describes how to make changes to default configurations for various components of the Trilio for Kubernetes application.

Main Configuration Types

There are different types of configuration for T4K which are helpful in tuning T4K as per requirements/cluster constraints. The available configurations are:
  • InstanceName and LogLevel
  • Job Resource Requirements
  • Scheduling Configuration
  • Application Scope
  • Ingress Configuration
  • CSI Configuration

InstanceName and LogLevel

T4K configuration is used to:
  • provide the InstanceName for the T4K installation.
  • configure the logLevel across the product.
  • configure the datamoverLogLevel for Datamover jobs. Datamover jobs are responsible for performing backup and restore of the data part of an application. Refer the backup and restore details here.
  • the available log levels are as follows:
    1. 1.
    2. 2.
    3. 3.
    4. 4.
    5. 5.
      Info (default value)
    6. 6.
    7. 7.

Job Resource Requirements

Job Resource Requirement is used to modify the default resources requirements like CPU and memory for all the pods which are created as part of product installation as well as backup and restore operation. There are different fields for setting resource requirements for different types of pods.
  • metadataJobResources - Specifies the resource requirements for all meta-data related and target mounting jobs like target-validator, meta-snapshot, pre-restore-validation, meta-restore, etc
  • dataJobResources : Specifies the resource requirements for Datamover jobs
  • deploymentLimits : Specifies limits for helm chart deployments. Not applicable for OCP

Scheduling Configuration

T4K provides a way to put a constraint on the pods it creates by itself and schedule those pods on a specific set of nodes in the cluster. T4K leverages the existing kubernetes scheduling mechanisms to schedule its pods.
There are three fields to put scheduling constraints on pods of T4K, they are:
  1. 1.
    NodeSelector: User can specify matching node-labels to schedule pods on a particular node or set of nodes. Refer to the official Kubernetes documentation on Node Selection for more information.
  2. 2.
    Affinity: Affinity is used when a pod should schedule or prefer to schedule on a particular set of nodes. Affinity is of two types viz. - Node Affinity and Pod Affinity. On the other hand, Pod Anti-Affinity is opposite of Pod Affinity where a pod should not or prefer not to schedule on a particular set of nodes. User can specify both the Affinity and Anti-Affinity. Refer to the official Kubernetes documentation on Affinity and anti-affinity for more information.
  3. 3.
    Toleration: Kubernetes allows nodes to add taints so that nodes can repel a set of pods which do not tolerate the given taints. To tolerate a taint, a pod must specify toleration. User can specify the tolerations with matching taints, so that T4K pods will be able to schedule themselves in a cluster with tainted nodes. Refer to the official Kubernetes documentation on Taints and Tolerations for more information.

Application Scope

Application Scope denotes T4K installation scope. Installation scope can be of two types - Cluster and Namespaced. When T4K is installed in Namespaced scope, the cluster scoped CRDs will not be installed. The cluster scoped CRDs are:
  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
In namespaced scope installation, the cluster scoped features such as - multi-namespace backup and restore and continuous-restore won't be enabled for use. The working of T4K will be restricted to it's installation namespace only.

Ingress Configuration

User can configure the external access to T4K services using the Ingress through HTTP or HTTPS. There four configurable fields related to Ingress. They are:
  1. 1.
    IngressClass: Name of the IngressClass resource which contains additional information regarding Ingress' parameters and the name of the controller that implements this particular IngressClass.
  2. 2.
    Annotations: Extra annotations to be added on the required Ingress resource.
  3. 3.
    Host: Name based virtual host against the IP address on which the external traffic will be received.
  4. 4.
    TLSSecretName: Name of the TLS secret that contains a private key and certificate. When TLS secret name is specified, the external traffic to Ingress will use HTTPS protocol (port 443). The TLS secret should be present in the namespace where T4K is to be installed.
The fields IngressClass and Annotations fields should be empty when componentConfiguration.ingress-controller map contains key-value enabled: "true" .

CSI Configuration

CSI configuration is used to configure the CSI provisioners which do not support Volume Snapshot functionality. For full details about this, refer to T4K For Volumes with Generic Storage. To enable this configuration there are 3 lists:
  • default CSI Provisioner list: Known list of CSI provisioners which do not support Volume Snapshot. Maintained by T4K. This list will be updated as and when new non-snapshot CSI provisioners are discovered.
  • include CSI Provisioner list: User given list of CSI provisioners which do not support Volume Snapshot.
  • exclude CSI Provisioner list: User given list of CSI provisioners which need to be ignored from Default list.

Changing the Configuration

Input for the aforementioned T4K configuration is provided through the TVM CR. The following section explains how to modify the T4K configuration:
apiVersion: triliovault.trilio.io/v1
kind: TrilioVaultManager
triliovault: k8s
name: sample-triliovaultmanager
applicationScope: Namespaced
tvkInstanceName: "tvk"
cpu: 1500m
memory: 5Gi
cpu: 100m
memory: 800Mi
cpu: 500m
memory: 1024Mi
cpu: 10m
memory: 10Mi
ingressClass: alb # specify `ingressClass` only when you are not using trilio's ingress controller
alb.ingress.kubernetes.io/load-balancer-name: trilio-load-balancer
host: "trilio.com"
tlsSecretName: "tls-secret"
host: Linux
arch: x86
- matchExpressions:
- key: host
operator: In
- Linux
- weight: 1
- key: arch
operator: Exists
- x86
- matchExpressions:
- key: host
operator: In
- Linux
topologyKey: topology.kubernetes.io/zone
- weight: 100
- key: host
operator: In
- Windows
topologyKey: topology.kubernetes.io/zone
- key: "key1"
operator: "Equal"
value: "value1"
- key: "key2"
value: "Exists"
value: "value2"
logLevel: Info
datamoverLogLevel: Info
- example.provisioner.csi
- test.provisioner.csi
Job Resource Requirements:
  • Set spec.dataJobResources for data job resource requirements
  • Set spec.metadataJobResources for meta job resource requirements
T4K Configuration:
  • Set spec.logLevel for logLevel. Default is Info
  • Set spec.datamoverLogLevel for datamover jobs logLevel. Default is Info
  • Set spec.tvkInstanceName for T4K instance name
Scheduling Configuration
  • Set spec.nodeSelector for running pods on a particular set of nodes
  • Set spec.affinity.nodeAffinity for scheduling pods with node affinity
  • Set spec.affinity.podAffinity for scheduling pods with pod affinity
  • Set spec.affinity.podAntiAffinity for scheduling pods with anti affinity
  • Set spec.tolerations to make pods tolerant of the taints mentioned on nodes
Application Scope
  • Set spec.applicationScope to set the scope of T4K installation. Default is Namespaced
Ingress Configuration
  • Set spec.ingressConfig.ingressClass to set the IngressClass resource
  • Set spec.ingressConfig.host to set the host name to route external HTTP(S) traffic
  • Set spec.ingressConfig.annotations to add extra annotations on the Ingress resource
  • Set spec.ingressConfig.tlsSecretName to set the TLS secret to use the TLS port 443 for external Ingress traffic.
CSI Configuration:
  • Set spec.csiConfig.include list for including the CSI provisioners in the non-snapshot functionality category
  • Set spec.csiConfig.exclude list for excluding the CSI provisioners from the non-snapshot functionality category