1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
|
// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.gkebackup.v1;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/cloud/gkebackup/v1/common.proto";
import "google/protobuf/timestamp.proto";
option csharp_namespace = "Google.Cloud.GkeBackup.V1";
option go_package = "google.golang.org/genproto/googleapis/cloud/gkebackup/v1;gkebackup";
option java_multiple_files = true;
option java_outer_classname = "RestoreProto";
option java_package = "com.google.cloud.gkebackup.v1";
option php_namespace = "Google\\Cloud\\GkeBackup\\V1";
option ruby_package = "Google::Cloud::GkeBackup::V1";
// Represents both a request to Restore some portion of a Backup into
// a target GKE cluster and a record of the restore operation itself.
// Next id: 18
message Restore {
option (google.api.resource) = {
type: "gkebackup.googleapis.com/Restore"
pattern: "projects/{project}/locations/{location}/restorePlans/{restore_plan}/restores/{restore}"
};
// Possible values for state of the Restore.
enum State {
// The Restore resource is in the process of being created.
STATE_UNSPECIFIED = 0;
// The Restore resource has been created and the associated RestoreJob
// Kubernetes resource has been injected into target cluster.
CREATING = 1;
// The gkebackup agent in the cluster has begun executing the restore
// operation.
IN_PROGRESS = 2;
// The restore operation has completed successfully. Restored workloads may
// not yet be operational.
SUCCEEDED = 3;
// The restore operation has failed.
FAILED = 4;
// This Restore resource is in the process of being deleted.
DELETING = 5;
}
// Output only. The full name of the Restore resource.
// Format: projects/*/locations/*/restorePlans/*/restores/*
string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Server generated global unique identifier of
// [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier) format.
string uid = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The timestamp when this Restore resource was created.
google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The timestamp when this Restore resource was last
// updated.
google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
// User specified descriptive string for this Restore.
string description = 5;
// Required. Immutable. A reference to the [Backup][google.cloud.gkebackup.v1.Backup] used as the source from which this Restore
// will restore. Note that this Backup must be a sub-resource of the
// RestorePlan's [backup_plan][google.cloud.gkebackup.v1.RestorePlan.backup_plan].
// Format: projects/*/locations/*/backupPlans/*/backups/*.
string backup = 6 [
(google.api.field_behavior) = IMMUTABLE,
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "gkebackup.googleapis.com/Backup"
}
];
// Output only. The target cluster into which this Restore will restore data.
// Valid formats:
//
// - projects/*/locations/*/clusters/*
// - projects/*/zones/*/clusters/*
//
// Inherited from parent RestorePlan's [cluster][google.cloud.gkebackup.v1.RestorePlan.cluster] value.
string cluster = 7 [
(google.api.field_behavior) = OUTPUT_ONLY,
(google.api.resource_reference) = {
type: "container.googleapis.com/Cluster"
}
];
// Output only. Configuration of the Restore. Inherited from parent RestorePlan's
// [restore_config][google.cloud.gkebackup.v1.RestorePlan.restore_config].
RestoreConfig restore_config = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
// A set of custom labels supplied by user.
map<string, string> labels = 9;
// Output only. The current state of the Restore.
State state = 10 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Human-readable description of why the Restore is in its current state.
string state_reason = 11 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Timestamp of when the restore operation completed.
google.protobuf.Timestamp complete_time = 12 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Number of resources restored during the restore execution.
int32 resources_restored_count = 13 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Number of resources excluded during the restore execution.
int32 resources_excluded_count = 14 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Number of resources that failed to be restored during the restore
// execution.
int32 resources_failed_count = 15 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Number of volumes restored during the restore execution.
int32 volumes_restored_count = 16 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. `etag` is used for optimistic concurrency control as a way to help
// prevent simultaneous updates of a restore from overwriting each other.
// It is strongly suggested that systems make use of the `etag` in the
// read-modify-write cycle to perform restore updates in order to avoid
// race conditions: An `etag` is returned in the response to `GetRestore`,
// and systems are expected to put that etag in the request to
// `UpdateRestore` or `DeleteRestore` to ensure that their change will be
// applied to the same version of the resource.
string etag = 17 [(google.api.field_behavior) = OUTPUT_ONLY];
}
// Configuration of a restore.
// Next id: 9
message RestoreConfig {
// Defines how volume data should be restored
enum VolumeDataRestorePolicy {
// Unspecified (illegal).
VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED = 0;
// For each PVC to be restored, will create a new underlying volume (and PV)
// from the corresponding VolumeBackup contained within the Backup.
RESTORE_VOLUME_DATA_FROM_BACKUP = 1;
// For each PVC to be restored, attempt to reuse the original PV contained
// in the Backup (with its original underlying volume). Note that option
// is likely only usable when restoring a workload to its original cluster.
REUSE_VOLUME_HANDLE_FROM_BACKUP = 2;
// For each PVC to be restored, PVCs will be created without any particular
// action to restore data. In this case, the normal Kubernetes provisioning
// logic would kick in, and this would likely result in either dynamically
// provisioning blank PVs or binding to statically provisioned PVs.
NO_VOLUME_DATA_RESTORATION = 3;
}
// Defines the behavior for handling the situation where cluster-scoped
// resources being restored already exist in the target cluster.
enum ClusterResourceConflictPolicy {
// Unspecified. Only allowed if no cluster-scoped resources will be
// restored.
CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED = 0;
// Do not attempt to restore the conflicting resource.
USE_EXISTING_VERSION = 1;
// Delete the existing version before re-creating it from the Backup.
// Note that this is a dangerous option which could cause unintentional
// data loss if used inappropriately - for example, deleting a CRD will
// cause Kubernetes to delete all CRs of that type.
USE_BACKUP_VERSION = 2;
}
// Defines the behavior for handling the situation where sets of namespaced
// resources being restored already exist in the target cluster.
enum NamespacedResourceRestoreMode {
// Unspecified (invalid).
NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED = 0;
// When conflicting top-level resources (either Namespaces or
// ProtectedApplications, depending upon the scope) are encountered, this
// will first trigger a delete of the conflicting resource AND ALL OF ITS
// REFERENCED RESOURCES (e.g., all resources in the Namespace or all
// resources referenced by the ProtectedApplication) before restoring the
// resources from the Backup. This mode should only be used when you are
// intending to revert some portion of a cluster to an earlier state.
DELETE_AND_RESTORE = 1;
// If conflicting top-level resources (either Namespaces or
// ProtectedApplications, depending upon the scope) are encountered at the
// beginning of a restore process, the Restore will fail. If a conflict
// occurs during the restore process itself (e.g., because an out of band
// process creates conflicting resources), a conflict will be reported.
FAIL_ON_CONFLICT = 2;
}
// This is a direct map to the Kubernetes GroupKind type
// [GroupKind](https://godoc.org/k8s.io/apimachinery/pkg/runtime/schema#GroupKind)
// and is used for identifying specific "types" of resources to restore.
message GroupKind {
// API group string of a Kubernetes resource, e.g.
// "apiextensions.k8s.io", "storage.k8s.io", etc.
// Note: use empty string for core API group
string resource_group = 1;
// Kind of a Kubernetes resource, e.g.
// "CustomResourceDefinition", "StorageClass", etc.
string resource_kind = 2;
}
// Identifies the cluster-scoped resources to restore from the Backup.
message ClusterResourceRestoreScope {
// A list of "types" of cluster-scoped resources to be restored from the
// Backup. An empty list means that NO cluster-scoped resources will be
// restored. Note that Namespaces and PersistentVolume restoration is
// handled separately and is not governed by this field.
repeated GroupKind selected_group_kinds = 1;
}
// A transformation rule to be applied against Kubernetes resources as they
// are selected for restoration from a Backup. A rule contains both filtering
// logic (which resources are subject to substitution) and substitution logic.
message SubstitutionRule {
// (Filtering parameter) Any resource subject to substitution must be
// contained within one of the listed Kubernetes Namespace in the Backup.
// If this field is not provided, no namespace filtering will be performed
// (all resources in all Namespaces, including all cluster-scoped resources,
// will be candidates for substitution).
// To mix cluster-scoped and namespaced resources in the same rule, use an
// empty string ("") as one of the target namespaces.
repeated string target_namespaces = 1;
// (Filtering parameter) Any resource subject to substitution must belong to
// one of the listed "types".
// If this field is not provided, no type filtering will be performed (all
// resources of all types matching previous filtering parameters will be
// candidates for substitution).
repeated GroupKind target_group_kinds = 2;
// Required. This is a [JSONPath]
// (https://kubernetes.io/docs/reference/kubectl/jsonpath/)
// expression that matches specific fields of candidate
// resources and it operates as both a filtering parameter (resources that
// are not matched with this expression will not be candidates for
// substitution) as well as a field identifier (identifies exactly which
// fields out of the candidate resources will be modified).
string target_json_path = 3 [(google.api.field_behavior) = REQUIRED];
// (Filtering parameter) This is a [regular expression]
// (https://en.wikipedia.org/wiki/Regular_expression)
// that is compared against the fields matched by the target_json_path
// expression (and must also have passed the previous filters).
// Substitution will not be performed against fields whose
// value does not match this expression. If this field is NOT specified,
// then ALL fields matched by the target_json_path expression will undergo
// substitution. Note that an empty (e.g., "", rather than unspecified)
// value for for this field will only match empty fields.
string original_value_pattern = 4;
// This is the new value to set for any fields that pass the filtering and
// selection criteria. To remove a value from a Kubernetes resource, either
// leave this field unspecified, or set it to the empty string ("").
string new_value = 5;
}
// Specifies the mechanism to be used to restore volume data.
// Default: VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED (will be treated as
// NO_VOLUME_DATA_RESTORATION).
VolumeDataRestorePolicy volume_data_restore_policy = 1;
// Defines the behavior for handling the situation where cluster-scoped
// resources being restored already exist in the target cluster. This MUST be
// set to a value other than CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED if
// [cluster_resource_restore_scope][google.cloud.gkebackup.v1.RestoreConfig.cluster_resource_restore_scope] is not empty.
ClusterResourceConflictPolicy cluster_resource_conflict_policy = 2;
// Defines the behavior for handling the situation where sets of namespaced
// resources being restored already exist in the target cluster. This MUST be
// set to a value other than NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED.
NamespacedResourceRestoreMode namespaced_resource_restore_mode = 3;
// Identifies the cluster-scoped resources to restore from the Backup.
// Not specifying it means NO cluster resource will be restored.
ClusterResourceRestoreScope cluster_resource_restore_scope = 4;
// Specifies the namespaced resources to restore from the Backup.
// Only one of the entries may be specified. If not specified, NO namespaced
// resources will be restored.
oneof namespaced_resource_restore_scope {
// Restore all namespaced resources in the Backup if set to "True".
// Specifying this field to "False" is an error.
bool all_namespaces = 5;
// A list of selected Namespaces to restore from the Backup. The listed
// Namespaces and all resources contained in them will be restored.
Namespaces selected_namespaces = 6;
// A list of selected ProtectedApplications to restore. The listed
// ProtectedApplications and all the resources to which they refer will be
// restored.
NamespacedNames selected_applications = 7;
}
// A list of transformation rules to be applied against Kubernetes resources
// as they are selected for restoration from a Backup. Rules are executed in
// order defined - this order matters, as changes made by a rule may impact
// the filtering logic of subsequent rules. An empty list means no
// substitution will occur.
repeated SubstitutionRule substitution_rules = 8;
}
|
