Sales Inquiry

Data Protection and Kubernetes

Jun 07, 2022

Demo Setup Instructions

I used a Linux Ubuntu 20.04 VM running in vSphere you might need to adjust some settings if done with a different OS or operating environment.


Download and install K3S:

sudo curl -sfL | sh -s - --write-kubeconfig-mode 644

Create a “.kube” folder in your user home folder and copy the default configuration file to that location. Change the ownership and group to your username:

mkdir /home/[username]/.kube

sudo cp /etc/rancher/k3s/k3s.yaml /home/[username]/.kube/config

sudo chown [username]:[username] /home/[username]/.kube/config

Test to see if you can see the single node cluster up and running:

kubectl get nodes


Install helm

sudo snap install helm --classic

Create a test deployment which we will backup:

Kubectl create ns nginx

Open your favorite text editor and paste this deployment yaml into it and save as nginxdeploy.yaml

kind: PersistentVolumeClaim
apiVersion: v1
name: nginxpvcclaim
namespace: nginx
- ReadWriteOnce
storage: 1Gi


apiVersion: apps/v1
kind: Deployment
creationTimestamp: null
app: nginx
name: nginx
namespace: nginx
replicas: 1
app: nginx
strategy: {}
 creationTimestamp: null
app: nginx
- name: storage
claimName: nginxpvcclaim
- image: nginx
name: nginx

- containerPort: 80
name: "http-server"
- mountPath: "/usr/share/nginx/html"
name: storage


Now create the deployment

kubectl create -f nginxdeploy.yaml

Now install Kasten with the following commands

helm install k10 kasten/k10 --namespace=kasten-io --set ingress.create=true --set ingress.class=traefik --set injectKanisterSidecar.enabled=true --set-string injectKanisterSidecar.namespaceSelector.matchLabels.k10/injectKanisterSidecar=true --set auth.tokenAuth.enabled=true



We need to wait for all the pods to come up:

watch kubectl get po -n kasten-io

Ctrl-c to break out of the watch command.

 Now let’s check to see that our ingress has been created

kubectl get ing -n kasten-io

In our browser we should be able to get to the dashboard now by typing our address in the above output:


We will need to click on advanced and proceed:

We have access to the dashboard!


To get the authentication token type in the following:

sa_secret=$(kubectl get serviceaccount k10-k10 -o jsonpath="{.secrets[0].name}" --namespace kasten-io)

and then:

kubectl get secret $sa_secret --namespace kasten-io -ojsonpath="{.data.token}{'\n'}" | base64 –decode

Copy everything after the word decode and before you’re your normal prompt (in my case [email protected]:~$

Paste into the window:

You will have to type and an email and company name but afterwards you should be greeted by the Kasten Dashboard:


In order to perform generic backups, we need to label the namespace where we want Kasten to inject a sidecar container:

Kubectl label ns nginx k10/injectKanisterSidecar=true


We will also have to create a local Minio S3 instance to act as a Location profile. In production you would not want to have this location profile on the same cluster. We will launch a Minio docker container:

mkdir /data

docker run -d \
-p 9000:9000 \
-p 9001:9001 \

 minio/minio server /data --console-address ":9001"


Then go to http://your-ip:9001 and you should be able to login with the

Username: minioadmin
Password: minioadmin


In Kasten create a location profile pointing to that location:







Now let’s backup our nginx deployment:

Create a policy like this one:










We can now press run once and the backup will run:


We can go back to the Dashboard and click on the policy running and watch its progress until it completes successfully:





Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.

We hate SPAM. We will never sell your information, for any reason.