Configuring Global Filters on KubeArchive

KubeArchive allows cluster owners to configure global filters using the ClusterKubeArchiveConfig custom resource. These filters apply to all namespaces that have a KubeArchiveConfig resource.

For detailed information about ClusterKubeArchiveConfig, including examples and field descriptions, see Configuring Cluster-Wide KubeArchive Policies.

Quick Start

To configure global filters create a ClusterKubeArchiveConfig custom resource. Only one ClusterKubeArchiveConfig resource is allowed, and it must be named "kubearchive":

---
apiVersion: kubearchive.org/v1
kind: ClusterKubeArchiveConfig
metadata:
  name: kubearchive
spec:
  resources:
    - selector:
        apiVersion: v1
        kind: Pod
      archiveOnDelete: "true"

Supported Fields

ClusterKubeArchiveConfig supports these fields for defining cluster-wide policies:

  • archiveWhen - CEL expression for when to archive resources (processed by controller and vacuums)

  • deleteWhen - CEL expression for when to delete resources (processed by controller only)

  • archiveOnDelete - CEL expression for archiving resources on deletion (processed by controller only)

  • keepLastWhen - Array of rules for keeping only the last N resources (processed by vacuums only)

See Configuring Cluster-Wide KubeArchive Policies for detailed descriptions, examples, and usage notes for each field.

Interaction With Local Filters

Global filters only work in namespaces containing a KubeArchiveConfig custom resource. These can be understood as "local" filters in opposition with global filters. Both global and local filters are combined with an "OR" type of logic and used for that specific namespace.

For example, the following KubeArchiveConfig in the namespace "my-team" archives jobs as long as they have status.startTime and deletes them when they have status.completionTime. However KubeArchive also archives pods when they are about to be deleted, as configured in the global ClusterKubeArchiveConfig in the previous section:

---
apiVersion: kubearchive.org/v1
kind: KubeArchiveConfig
metadata:
  name: kubearchive
  namespace: my-team
spec:
  resources:
    - selector:
        apiVersion: batch/v1
        kind: Job
      archiveWhen: has(status.startTime)
      deleteWhen: has(status.completionTime)

For example the following KubeArchiveConfig in the namespace "production" KubeArchive only archives pods when they are about to be deleted, as configured in the global ClusterKubeArchiveConfig in the previous section:

---
apiVersion: kubearchive.org/v1
kind: KubeArchiveConfig
metadata:
  name: kubearchive
  namespace: production
spec: {}

All ClusterKubeArchiveConfig and KubeArchiveConfig resources must be named "kubearchive".