Default Pod Settings

This page describes how to configure the default settings for pods spawned by the operator.

There are multiple ways to configure the pods in the kannika-operator Helm chart:

config.pod: These settings apply to all Backup Pods and Restore Pods.
config.backup.pod: These settings apply to all Backup Pods.
config.restore.pod: These settings apply to all Restore Pods.

To specify settings for individual pods, check the Backup Pod and Restore Pod documentation.

Default Resource Requirements

To set the default resource requirements for all pods spawned by the operator, override the config.pod.resources object in the kannika-operator Helm chart:

config:
  pod:
    resources:
      requests:
        memory: "64Mi"
        cpu: "100m"
      limits:
        memory: "1Gi"
        cpu: "1000m"

To set the default resource requirements for backup pods, override the backup.config.pod.resources object:

backup:
  config:
    pod:
      resources:
        requests:
          memory: "64Mi"
          cpu: "100m"
        limits:
          memory: "1Gi"
          cpu: "1000m"

To set the default resource requirements for restore pods, override the restore.config.pod.resources object:

restore:
  config:
    pod:
      resources:
        requests:
          memory: "64Mi"
          cpu: "100m"
        limits:
          memory: "1Gi"
          cpu: "1000m"

Default Service Account Name

To set the default service account used by pods spawned by the operator, override the config.pod.serviceAccountName value in the kannika-operator Helm chart.

config:
  pod:
    serviceAccountName: "global-service-account"

To set the default service account used by backup pods, override backup.config.pod.serviceAccountName:

backup:
  config:
    pod:
      serviceAccountName: "backup-service-account"

To set the default service account used by restore pods, override restore.config.pod.serviceAccountName:

restore:
  config:
    pod:
      serviceAccountName: "restore-service-account"

Default Image Pull Secrets

Normally, image pull secrets are defined using the root imagePullSecrets or global.imagePullSecrets field in the Helm charts, as documented in the Private image registry support section.

However, if you wish to set different image pull secrets for pods spawned by the operator, it is possible to override the config.pod.imagePullSecrets value in the kannika-operator Helm chart.

config:
  pod:
    imagePullSecrets:
    - name: my-secret

To set the default image pull secrets used by backup pods, override backup.config.pod.imagePullSecrets:

backup:
  config:
    pod:
      imagePullSecrets:
      - name: my-secret

To set the default image pull secrets used by restore pods, override restore.config.pod.imagePullSecrets:

restore:
  config:
    pod:
      imagePullSecrets:
      - name: my-secret

Default Pod Security Context

To set the default security context for pods spawned by the operator, override the config.pod.securityContext object in the kannika-operator Helm chart.

Example:

config:
  pod:
    securityContext:
      runAsUser: 1000

To set the default security context for backup pods, override backup.config.pod.securityContext:

backup:
  config:
    pod:
      securityContext:
        runAsUser: 1000

To set the default security context for restore pods, override restore.config.pod.securityContext:

restore:
  config:
    pod:
      securityContext:
        runAsUser: 1000

Container Security Context

To set the default security context for containers spawned by the operator, override the config.container.pod.securityContext object in the kannika-operator Helm chart.

config:
  container:
    pod:
      securityContext:
        runAsUser: 1000

To set the default security context for backup containers, override config.backup.pod.container.securityContext:

config:
  backup:
    pod:
      container:
        securityContext:
          runAsUser: 1000

To set the default security context for restore containers, override config.restore.pod.container.securityContext:

config:
  restore:
    pod:
      container:
        securityContext:
          runAsUser: 1000

Default Tolerations

To set the default tolerations for pods spawned by the operator, override the config.pod.tolerations array in the kannika-operator Helm chart.

config:
  pod:
    tolerations:
    - key: "key"
      operator: "Equal"
      value: "value"
      effect: "NoSchedule"

To set the default tolerations for backup pods, override backup.config.pod.tolerations:

backup:
  config:
    pod:
      tolerations:
      - key: "key"
        operator: "Equal"
        value: "value"
        effect: "NoSchedule"

To set the default tolerations for restore pods, override restore.config.pod.tolerations:

restore:
  config:
    pod:
      tolerations:
      - key: "key"
        operator: "Equal"
        value: "value"
        effect: "NoSchedule"

Default Affinity

To set the default affinity for pods spawned by the operator, override the config.pod.affinity object in the kannika-operator Helm chart.

Example:

config:
  pod:
    affinity:
      nodeAffinity:
        requiredDuringSchedulingIgnoredDuringExecution:
          nodeSelectorTerms:
          - matchExpressions:
            - key: topology.kubernetes.io/zone
              operator: In
              values:
              - antarctica-east1
              - antarctica-west1

To set the default affinity for backup pods, override backup.config.pod.affinity:

backup:
  config:
    pod:
      affinity:
9 collapsed lines
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: topology.kubernetes.io/zone
                operator: In
                values:
                - antarctica-east1
                - antarctica-west1

To set the default affinity for restore pods, override restore.config.pod.affinity:

restore:
  config:
    pod:
      affinity:
9 collapsed lines
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: topology.kubernetes.io/zone
                operator: In
                values:
                - antarctica-east1
                - antarctica-west1

Default Node Selector

To set the default node selector for pods spawned by the operator, override the config.pod.nodeSelector object in the kannika-operator Helm chart.

config:
  pod:
    nodeSelector:
      location: the-moon

To set the default node selector for backup pods, override backup.config.pod.nodeSelector:

backup:
  config:
    pod:
      nodeSelector:
        location: the-moon

To set the default node selector for restore pods, override restore.config.pod.nodeSelector:

restore:
  config:
    pod:
      nodeSelector:
        location: the-moon

Probes

It is possible to override the default probes for backup and restore containers. By default, only a readiness and liveness probe is configured for the backup and restore containers, which checks the / path on port 9000 (the metrics port).

config:
  backup:
    pod:
      container:
        livenessProbe:
          initialDelaySeconds: 1
          periodSeconds: 60
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 3
          httpGet:
            path: /
            port: 9000
        # readinessProbe: ...
        # startupProbe: ...

  restore:
    pod:
      container:
        livenessProbe:
          initialDelaySeconds: 1
          periodSeconds: 60
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 3
          httpGet:
            path: /
            port: 9000
        # readinessProbe: ...
        # startupProbe: ...