You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/reference-guides/backup-restore-configuration/backup-configuration.md
+18Lines changed: 18 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,6 +25,24 @@ Select the first option to perform a one-time backup, or select the second optio
25
25
|`schedule`| Provide the cron string for scheduling recurring backups. |
26
26
|`retentionCount`| Provide the number of backup files to be retained. |
27
27
28
+
## ResourceSet
29
+
30
+
While you can create your own ResourceSets to back up custom applications, two ResourceSets specifically for backing up Rancher are officially maintained and created by default by the `rancher-backup` operator. We refer to these as `rancher-resource-set-basic` and `rancher-resource-set-full`. The difference between them is whether they include secrets or not in the backups.
31
+
32
+
`rancher-resource-set-basic` does not include any secrets in the backup files to safeguard confidential information. You are responsible for recording any secrets and redeploying them safely.
33
+
34
+
`rancher-resource-set-full` includes all essential secrets in the backup files to ensure Rancher continues running smoothly after a restore or migration. To avoid storing sensitive information in plain text, we strongly advise you to enable encryption with a strong key.
35
+
36
+
:::note Important:
37
+
38
+
`rancher-resource-set` is also included by default with the `rancher-backup` operator. However, this ResourceSet is deprecated and is only being kept for backwards compatibility reasons. `rancher-resource-set` will be removed in Rancher v2.12. Please update your Backup custom resources to use either `rancher-resource-set-full` or `rancher-resource-set-basic`.
39
+
40
+
:::
41
+
42
+
| YAML Directive Name | Description |
43
+
| ---------------- | ---------------- |
44
+
|`resourceSetName`| Provide the name of the ResourceSet to define which resources will be included in this backup. |
45
+
28
46
## Encryption
29
47
30
48
The rancher-backup gathers resources by making calls to the kube-apiserver. Objects returned by apiserver are decrypted, so even if [encryption at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/) is enabled, even the encrypted objects gathered by the backup will be in plaintext.
0 commit comments