xref: /aosp_15_r20/external/googleapis/google/cloud/gkebackup/v1/backup_plan.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.cloud.gkebackup.v1;
18
19import "google/api/field_behavior.proto";
20import "google/api/resource.proto";
21import "google/cloud/gkebackup/v1/common.proto";
22import "google/protobuf/duration.proto";
23import "google/protobuf/timestamp.proto";
24import "google/type/date.proto";
25import "google/type/dayofweek.proto";
26import "google/type/timeofday.proto";
27
28option csharp_namespace = "Google.Cloud.GkeBackup.V1";
29option go_package = "cloud.google.com/go/gkebackup/apiv1/gkebackuppb;gkebackuppb";
30option java_multiple_files = true;
31option java_outer_classname = "BackupPlanProto";
32option java_package = "com.google.cloud.gkebackup.v1";
33option php_namespace = "Google\\Cloud\\GkeBackup\\V1";
34option ruby_package = "Google::Cloud::GkeBackup::V1";
35
36// Defines the configuration and scheduling for a "line" of Backups.
37message BackupPlan {
38  option (google.api.resource) = {
39    type: "gkebackup.googleapis.com/BackupPlan"
40    pattern: "projects/{project}/locations/{location}/backupPlans/{backup_plan}"
41  };
42
43  // RetentionPolicy defines a Backup retention policy for a BackupPlan.
44  message RetentionPolicy {
45    // Optional. Minimum age for Backups created via this BackupPlan (in days).
46    // This field MUST be an integer value between 0-90 (inclusive).
47    // A Backup created under this BackupPlan will NOT be deletable until it
48    // reaches Backup's (create_time + backup_delete_lock_days).
49    // Updating this field of a BackupPlan does NOT affect existing Backups
50    // under it. Backups created AFTER a successful update will inherit
51    // the new value.
52    //
53    // Default: 0 (no delete blocking)
54    int32 backup_delete_lock_days = 1 [(google.api.field_behavior) = OPTIONAL];
55
56    // Optional. The default maximum age of a Backup created via this
57    // BackupPlan. This field MUST be an integer value >= 0 and <= 365. If
58    // specified, a Backup created under this BackupPlan will be automatically
59    // deleted after its age reaches (create_time + backup_retain_days). If not
60    // specified, Backups created under this BackupPlan will NOT be subject to
61    // automatic deletion. Updating this field does NOT affect existing Backups
62    // under it. Backups created AFTER a successful update will automatically
63    // pick up the new value. NOTE: backup_retain_days must be >=
64    // [backup_delete_lock_days][google.cloud.gkebackup.v1.BackupPlan.RetentionPolicy.backup_delete_lock_days].
65    // If
66    // [cron_schedule][google.cloud.gkebackup.v1.BackupPlan.Schedule.cron_schedule]
67    // is defined, then this must be
68    // <= 360 * the creation interval. If
69    // [rpo_config][google.cloud.gkebackup.v1.BackupPlan.Schedule.rpo_config] is
70    // defined, then this must be
71    // <= 360 * [target_rpo_minutes][Schedule.rpo_config.target_rpo_minutes] /
72    // (1440minutes/day).
73    //
74    // Default: 0 (no automatic deletion)
75    int32 backup_retain_days = 2 [(google.api.field_behavior) = OPTIONAL];
76
77    // Optional. This flag denotes whether the retention policy of this
78    // BackupPlan is locked.  If set to True, no further update is allowed on
79    // this policy, including the `locked` field itself.
80    //
81    // Default: False
82    bool locked = 3 [(google.api.field_behavior) = OPTIONAL];
83  }
84
85  // Defines scheduling parameters for automatically creating Backups
86  // via this BackupPlan.
87  message Schedule {
88    // Optional. A standard [cron](https://wikipedia.com/wiki/cron) string that
89    // defines a repeating schedule for creating Backups via this BackupPlan.
90    // This is mutually exclusive with the
91    // [rpo_config][google.cloud.gkebackup.v1.BackupPlan.Schedule.rpo_config]
92    // field since at most one schedule can be defined for a BackupPlan. If this
93    // is defined, then
94    // [backup_retain_days][google.cloud.gkebackup.v1.BackupPlan.RetentionPolicy.backup_retain_days]
95    // must also be defined.
96    //
97    // Default (empty): no automatic backup creation will occur.
98    string cron_schedule = 1 [(google.api.field_behavior) = OPTIONAL];
99
100    // Optional. This flag denotes whether automatic Backup creation is paused
101    // for this BackupPlan.
102    //
103    // Default: False
104    bool paused = 2 [(google.api.field_behavior) = OPTIONAL];
105
106    // Optional. Defines the RPO schedule configuration for this BackupPlan.
107    // This is mutually exclusive with the
108    // [cron_schedule][google.cloud.gkebackup.v1.BackupPlan.Schedule.cron_schedule]
109    // field since at most one schedule can be defined for a BackupPLan. If this
110    // is defined, then
111    // [backup_retain_days][google.cloud.gkebackup.v1.BackupPlan.RetentionPolicy.backup_retain_days]
112    // must also be defined.
113    //
114    // Default (empty): no automatic backup creation will occur.
115    RpoConfig rpo_config = 3 [(google.api.field_behavior) = OPTIONAL];
116
117    // Output only. Start time of next scheduled backup under this BackupPlan by
118    // either cron_schedule or rpo config.
119    google.protobuf.Timestamp next_scheduled_backup_time = 4
120        [(google.api.field_behavior) = OUTPUT_ONLY];
121  }
122
123  // BackupConfig defines the configuration of Backups created via this
124  // BackupPlan.
125  message BackupConfig {
126    // This defines the "scope" of the Backup - which namespaced
127    // resources in the cluster will be included in a Backup.
128    // Exactly one of the fields of backup_scope MUST be specified.
129    oneof backup_scope {
130      // If True, include all namespaced resources
131      bool all_namespaces = 1;
132
133      // If set, include just the resources in the listed namespaces.
134      Namespaces selected_namespaces = 2;
135
136      // If set, include just the resources referenced by the listed
137      // ProtectedApplications.
138      NamespacedNames selected_applications = 3;
139    }
140
141    // Optional. This flag specifies whether volume data should be backed up
142    // when PVCs are included in the scope of a Backup.
143    //
144    // Default: False
145    bool include_volume_data = 4 [(google.api.field_behavior) = OPTIONAL];
146
147    // Optional. This flag specifies whether Kubernetes Secret resources should
148    // be included when they fall into the scope of Backups.
149    //
150    // Default: False
151    bool include_secrets = 5 [(google.api.field_behavior) = OPTIONAL];
152
153    // Optional. This defines a customer managed encryption key that will be
154    // used to encrypt the "config" portion (the Kubernetes resources) of
155    // Backups created via this plan.
156    //
157    // Default (empty): Config backup artifacts will not be encrypted.
158    EncryptionKey encryption_key = 6 [(google.api.field_behavior) = OPTIONAL];
159  }
160
161  // State
162  enum State {
163    // Default first value for Enums.
164    STATE_UNSPECIFIED = 0;
165
166    // Waiting for cluster state to be RUNNING.
167    CLUSTER_PENDING = 1;
168
169    // The BackupPlan is in the process of being created.
170    PROVISIONING = 2;
171
172    // The BackupPlan has successfully been created and is ready for Backups.
173    READY = 3;
174
175    // BackupPlan creation has failed.
176    FAILED = 4;
177
178    // The BackupPlan has been deactivated.
179    DEACTIVATED = 5;
180
181    // The BackupPlan is in the process of being deleted.
182    DELETING = 6;
183  }
184
185  // Output only. The full name of the BackupPlan resource.
186  // Format: `projects/*/locations/*/backupPlans/*`
187  string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
188
189  // Output only. Server generated global unique identifier of
190  // [UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier) format.
191  string uid = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
192
193  // Output only. The timestamp when this BackupPlan resource was created.
194  google.protobuf.Timestamp create_time = 3
195      [(google.api.field_behavior) = OUTPUT_ONLY];
196
197  // Output only. The timestamp when this BackupPlan resource was last
198  // updated.
199  google.protobuf.Timestamp update_time = 4
200      [(google.api.field_behavior) = OUTPUT_ONLY];
201
202  // Optional. User specified descriptive string for this BackupPlan.
203  string description = 5 [(google.api.field_behavior) = OPTIONAL];
204
205  // Required. Immutable. The source cluster from which Backups will be created
206  // via this BackupPlan. Valid formats:
207  //
208  // - `projects/*/locations/*/clusters/*`
209  // - `projects/*/zones/*/clusters/*`
210  string cluster = 6 [
211    (google.api.field_behavior) = IMMUTABLE,
212    (google.api.field_behavior) = REQUIRED,
213    (google.api.resource_reference) = {
214      type: "container.googleapis.com/Cluster"
215    }
216  ];
217
218  // Optional. RetentionPolicy governs lifecycle of Backups created under this
219  // plan.
220  RetentionPolicy retention_policy = 7 [(google.api.field_behavior) = OPTIONAL];
221
222  // Optional. A set of custom labels supplied by user.
223  map<string, string> labels = 8 [(google.api.field_behavior) = OPTIONAL];
224
225  // Optional. Defines a schedule for automatic Backup creation via this
226  // BackupPlan.
227  Schedule backup_schedule = 9 [(google.api.field_behavior) = OPTIONAL];
228
229  // Output only. `etag` is used for optimistic concurrency control as a way to
230  // help prevent simultaneous updates of a backup plan from overwriting each
231  // other. It is strongly suggested that systems make use of the 'etag' in the
232  // read-modify-write cycle to perform BackupPlan updates in order to avoid
233  // race conditions: An `etag` is returned in the response to `GetBackupPlan`,
234  // and systems are expected to put that etag in the request to
235  // `UpdateBackupPlan` or `DeleteBackupPlan` to ensure that their change
236  // will be applied to the same version of the resource.
237  string etag = 10 [(google.api.field_behavior) = OUTPUT_ONLY];
238
239  // Optional. This flag indicates whether this BackupPlan has been deactivated.
240  // Setting this field to True locks the BackupPlan such that no further
241  // updates will be allowed (except deletes), including the deactivated field
242  // itself. It also prevents any new Backups from being created via this
243  // BackupPlan (including scheduled Backups).
244  //
245  // Default: False
246  bool deactivated = 11 [(google.api.field_behavior) = OPTIONAL];
247
248  // Optional. Defines the configuration of Backups created via this BackupPlan.
249  BackupConfig backup_config = 12 [(google.api.field_behavior) = OPTIONAL];
250
251  // Output only. The number of Kubernetes Pods backed up in the
252  // last successful Backup created via this BackupPlan.
253  int32 protected_pod_count = 13 [(google.api.field_behavior) = OUTPUT_ONLY];
254
255  // Output only. State of the BackupPlan. This State field reflects the
256  // various stages a BackupPlan can be in
257  // during the Create operation. It will be set to "DEACTIVATED"
258  // if the BackupPlan is deactivated on an Update
259  State state = 14 [(google.api.field_behavior) = OUTPUT_ONLY];
260
261  // Output only. Human-readable description of why BackupPlan is in the current
262  // `state`
263  string state_reason = 15 [(google.api.field_behavior) = OUTPUT_ONLY];
264
265  // Output only. A number that represents the current risk level of this
266  // BackupPlan from RPO perspective with 1 being no risk and 5 being highest
267  // risk.
268  int32 rpo_risk_level = 16 [(google.api.field_behavior) = OUTPUT_ONLY];
269
270  // Output only. Human-readable description of why the BackupPlan is in the
271  // current rpo_risk_level and action items if any.
272  string rpo_risk_reason = 17 [(google.api.field_behavior) = OUTPUT_ONLY];
273}
274
275// Defines RPO scheduling configuration for automatically creating
276// Backups via this BackupPlan.
277message RpoConfig {
278  // Required. Defines the target RPO for the BackupPlan in minutes, which means
279  // the target maximum data loss in time that is acceptable for this
280  // BackupPlan. This must be at least 60, i.e., 1 hour, and at most 86400,
281  // i.e., 60 days.
282  int32 target_rpo_minutes = 1 [(google.api.field_behavior) = REQUIRED];
283
284  // Optional. User specified time windows during which backup can NOT happen
285  // for this BackupPlan - backups should start and finish outside of any given
286  // exclusion window. Note: backup jobs will be scheduled to start and
287  // finish outside the duration of the window as much as possible, but
288  // running jobs will not get canceled when it runs into the window.
289  // All the time and date values in exclusion_windows entry in the API are in
290  // UTC.
291  // We only allow <=1 recurrence (daily or weekly) exclusion window for a
292  // BackupPlan while no restriction on number of single occurrence
293  // windows.
294  repeated ExclusionWindow exclusion_windows = 2
295      [(google.api.field_behavior) = OPTIONAL];
296}
297
298// Defines a time window during which no backup should
299// happen. All time and date are in UTC.
300message ExclusionWindow {
301  // Holds repeated DaysOfWeek values as a container.
302  message DayOfWeekList {
303    // Optional. A list of days of week.
304    repeated google.type.DayOfWeek days_of_week = 1
305        [(google.api.field_behavior) = OPTIONAL];
306  }
307
308  // Required. Specifies the start time of the window using time of the day in
309  // UTC.
310  google.type.TimeOfDay start_time = 1 [(google.api.field_behavior) = REQUIRED];
311
312  // Required. Specifies duration of the window. Restrictions for duration based
313  // on the recurrence type to allow some time for backup to happen:
314  // - single_occurrence_date:  no restriction, but UI may warn about this when
315  // duration >= target RPO
316  // - daily window: duration < 24 hours
317  // - weekly window:
318  //   - days of week includes all seven days of a week: duration < 24 hours
319  //   - all other weekly window: duration < 168 hours (i.e., 24 * 7 hours)
320  google.protobuf.Duration duration = 2
321      [(google.api.field_behavior) = REQUIRED];
322
323  // Required. Specifies the day(s) on which the exclusion window takes
324  // effect. Exactly one of the fields MUST be specified.
325  oneof recurrence {
326    // No recurrence. The exclusion window occurs only once and on this
327    // date in UTC.
328    google.type.Date single_occurrence_date = 3;
329
330    // The exclusion window occurs every day if set to "True".
331    // Specifying this field to "False" is an error.
332    bool daily = 4;
333
334    // The exclusion window occurs on these days of each week in UTC.
335    DayOfWeekList days_of_week = 5;
336  }
337}
338