#1 Global Leader in Data Resilience
#1 Global Leader in Data Resilience
BACK TO KB LIST

How to Exclude Applications from Dashboard & Compliance Reporting

KB ID: 4624
Product: Veeam Kasten for Kubernetes
Published: 2024-06-14
Last Modified: 2024-06-14
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please, try again later.

Purpose

This article provides steps to exclude system namespaces from the Veeam Kasten for Kubernetes dashboard and compliance reporting.

Solution

Explanation

Veeam Kasten for Kubernetes automatically discovers all application namespaces of the cluster on which it is deployed. Each of these discovered applications is listed on the Applications page within the Dashboard, along with its current Compliance status. Compliance metrics are also made available through built-in Veeam Kasten for Kubernetes Reports and Prometheus/Grafana. 

Specific namespaces can be hidden both from the UI and compliance reporting. For instance, cluster infrastructure-related namespaces are typically not protected by Veeam Kasten for Kubernetes and are instead restored via Infrastructure as Code tools or scripts (e.g., operators). Doing so may provide more meaningful compliance reporting, whereas Unmanaged namespaces could lead to additional investigation to ensure applications are adequately protected.

NOTE: An Unmanaged status indicates that an application is not protected by any Veeam Kasten for Kubernetes policy. A Compliant status indicates that one or more policies protect an application and that the available RestorePoints meet the specified frequency and retention. A Non-Compliant status would indicate an issue, such as policy runs failing due to an infrastructure problem. 

Helm-based Installation of Veeam Kasten for Kubernetes

For a Helm installation of K10 (assumes default k10 release name and kasten-io namespace): 

# Export current Helm values to YAML file 
helm get values k10 --output yaml --namespace=kasten-io > k10_val.yaml
Edit the generated k10_val.yaml to append excludedApps: with the list of namespaces as an inline or multi-line YAML array (inline shown): 
excluded
Save the file, and apply the updated YAML values:  
# Set --version <current K10 version> to prevent unintended upgrade 
helm upgrade k10 kasten/k10 --namespace=kasten-io -f k10_val.yaml --version <current K10 version>

Predefined App Exclusion Examples

Certain distributions, such as Red Hat OpenShift and vSphere Tanzu produce many “system” namespaces which can be excluded if needed.

The following commands can be used to quickly populate a list and append to the k10_val.yaml file:

  • Kubernetes
# Append list of all namespaces that begin with "kube" as excludedApps 
# CAUTION: Existing user applications that begin with "kube" will also be identified/added using this command 
kubectl get ns --no-headers=true | awk '/^kube/{print $1}' | awk 'BEGIN { printf "excludedApps: [" } NR > 1 { printf(", ") } { printf("\"%s\"", $1, $2) } END { print "]" }' >> k10_val.yaml
  • Openshift
# Append list of all namespaces that begin with "openshift" as excludedApps 
# CAUTION: Existing user applications that begin with "openshift" will also be identified/added using this command 
oc get ns --no-headers=true | awk '/^openshift/{print $1}' | awk 'BEGIN { printf "excludedApps: [" } NR > 1 { printf(", ") } { printf("\"%s\"", $1, $2) } END { print "]" }' >> k10_val.yaml
  • Tanzu
# Append list of all namespaces that begin with "tanzu-" OR "tkg-" as excludedApps 
# CAUTION: Existing user applications that begin with "tanzu-" OR "tkg-" will also be identified/added using this command 
kubectl get ns --no-headers=true | awk '/^tanzu-|^tkg-/{print $1}' | awk 'BEGIN { printf "excludedApps: [" } NR > 1 { printf(", ") } { printf("\"%s\"", $1, $2) } END { print "]" }' >> k10_values.yaml

Operator-based Installation of Veeam Kasten for Kubernetes

In the OpenShift console, under Installed Operators, select the YAML tab of the K10 instance. 

Search for excludedApps: and specify the list of namespaces as an inline or multi-line YAML array: 

ops

Click Save to apply. 

The following command can be used to quickly populate a list properly formatted to copy/paste into the YAML form in the OpenShift console: 

# Generate list of all namespaces that begin with "openshift" as excludedApps 
# CAUTION: Existing user applications that begin with "openshift" they will also be identified/added using this command 
oc get ns --no-headers=true | awk 'BEGIN { print " excludedApps:" } /^openshift/{print "   -",$1}'
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please, try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Start using Veeam:
Download the product
&
Activate the license key
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please, try again later.