I want to be able to backup only the secrets on a GKE cluster and nothing else.
The pricing on GKE backup seems pretty steep if your backup includes pods.
Since I only want to backup the secrets on my clusters, my bill shouldn’t be very high.
So far I haven’t been able to figure out a way to only backup the secrets.
One method I tried was to create a protected application that only matched the type secrets like this.
apiVersion: gkebackup.gke.io/v1alpha2
kind: ProtectedApplication
metadata:
name: my-secret-backup-plan-test
namespace: staging
spec:
resourceSelection:
type: Selector
selector:
matchLabels:
type: secret
But when I try create a backup plan that only backs up the protected application that I created (which only includes secrets) then I can’t unselect the option that says “Kubernetes Resources are included in all backups” see this screenshot:
From my understanding that would then also include pods. For my use case I really only want to backup the secrets on the cluster and nothing else.
Has anyone been able to achieve this to only backup the secrets on a cluster and nothing else?
This seems like a very ordinary use case to me that many people could benefit from.