From eebf58dc141f8c9a71008cd626e8eae0e04a9346 Mon Sep 17 00:00:00 2001 From: Michael Thomson Date: Thu, 23 May 2024 11:45:36 -0400 Subject: [PATCH] velero --- .../helmrepository-vmware-tanzu.yaml | 8 +++ .../kustomizations/kustomization-velero.yaml | 18 +++++++ bootstrap/namespaces/namespace-velero.yaml | 4 ++ velero/helmrelease-velero.yaml | 54 +++++++++++++++++++ velero/sealedsecret-velero-secret.yaml | 21 ++++++++ 5 files changed, 105 insertions(+) create mode 100644 bootstrap/helmrepositories/helmrepository-vmware-tanzu.yaml create mode 100644 bootstrap/kustomizations/kustomization-velero.yaml create mode 100644 bootstrap/namespaces/namespace-velero.yaml create mode 100644 velero/helmrelease-velero.yaml create mode 100644 velero/sealedsecret-velero-secret.yaml diff --git a/bootstrap/helmrepositories/helmrepository-vmware-tanzu.yaml b/bootstrap/helmrepositories/helmrepository-vmware-tanzu.yaml new file mode 100644 index 0000000..3343ea4 --- /dev/null +++ b/bootstrap/helmrepositories/helmrepository-vmware-tanzu.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: vmware-tanzu + namespace: flux-system +spec: + interval: 15m + url: https://vmware-tanzu.github.io/helm-charts/ diff --git a/bootstrap/kustomizations/kustomization-velero.yaml b/bootstrap/kustomizations/kustomization-velero.yaml new file mode 100644 index 0000000..0e237d7 --- /dev/null +++ b/bootstrap/kustomizations/kustomization-velero.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: velero + namespace: flux-system +spec: + interval: 15m + path: ./velero + prune: true # remove any elements later removed from the above path + timeout: 2m # if not set, this defaults to interval duration, which is 1h + sourceRef: + kind: GitRepository + name: flux-system + healthChecks: + - apiVersion: helm.toolkit.fluxcd.io/v2beta1 + kind: HelmRelease + name: velero + namespace: velero diff --git a/bootstrap/namespaces/namespace-velero.yaml b/bootstrap/namespaces/namespace-velero.yaml new file mode 100644 index 0000000..b442fae --- /dev/null +++ b/bootstrap/namespaces/namespace-velero.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: velero diff --git a/velero/helmrelease-velero.yaml b/velero/helmrelease-velero.yaml new file mode 100644 index 0000000..858aeff --- /dev/null +++ b/velero/helmrelease-velero.yaml @@ -0,0 +1,54 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: velero + namespace: velero +spec: + chart: + spec: + chart: velero + version: 0.6.x + sourceRef: + kind: HelmRepository + name: vmware-tanzu + namespace: flux-system + interval: 15m + timeout: 5m + releaseName: velero + values: + initContainers: + - name: velero-plugin-for-aws + image: velero/velero-plugin-for-aws:v1.9.0 + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /target + nameconfiguration: + backupStorageLocation: + # name is the name of the backup storage location where backups should be stored. If a name is not provided, + # a backup storage location will be created with the name "default". Optional. + - name: backblaze + # provider is the name for the backup storage location provider. + provider: aws + # bucket is the name of the bucket to store backups in. Required. + bucket: mthomson-cluster-backup + credential: + # name of the secret used by this backupStorageLocation. + name: velero-secret + # name of key that contains the secret data to be used. + key: cloud + # Additional provider-specific configuration. See link above + # for details of required/optional fields for your provider. + config: + region: us-west-004 + s3Url: "https://s3.us-west-004.backblazeb2.com" + schedules: + daily-backup: + disabled: false + schedule: "0 0 * * *" # once a day, at midnight + useOwnerReferencesInBackup: false + template: + ttl: "240h" + storageLocation: backblaze # use the same name you defined above in backupStorageLocation + excludedNamespaces: + - media + diff --git a/velero/sealedsecret-velero-secret.yaml b/velero/sealedsecret-velero-secret.yaml new file mode 100644 index 0000000..c74d61e --- /dev/null +++ b/velero/sealedsecret-velero-secret.yaml @@ -0,0 +1,21 @@ +{ + "kind": "SealedSecret", + "apiVersion": "bitnami.com/v1alpha1", + "metadata": { + "name": "velero-secret", + "namespace": "velero", + "creationTimestamp": null + }, + "spec": { + "template": { + "metadata": { + "name": "velero-secret", + "namespace": "velero", + "creationTimestamp": null + } + }, + "encryptedData": { + "cloud": "AgA6/cVE000P6q1AT0bgnrMRavJZUehzZaei7kfbChNUovc94JOFAHtTQs/NyODoYkPYqnhBWyjWCagdk0LmL1moXdqCLKtLSVFy4zxtXBjqbJlE3CyaD5nOJN0ZW/Fln4jXTlV/4378i2K601T7+PaUHo8neP2hRN6LQfuTI6qA8R9MKM4wtn605uJ4oh+0+sEISKa6Zp888jX5qzJ/iRzZnFejx4zZF8x+SSnenVFbrcry4Z/aksXFozrCfWa6+lJEiExUZK2jt3xe9Mvr9YgmIbZ2V9pSEHX71rGTK4m4NJ6ZnQYvI661f0RJOk4pRDKMhLqrFrLst5uXF1FX1A5UJunuPNu+0iGGWGCX8x5JBkmyygQxPQQqTraAyx2gU5OL9bbDA1PivvQJ4thCzqi6BW8pIAiFQZmnhfb31tJgm/hq7l9ye5cHJ2ujjKUvfDWIFu+lhzsu4EfdIz0txnkNQz+C+TcBdYTiHM3228xSnJURX+eRiIcY1pWW0nw7XhLglE/stau/akzz/xx1Is4i12+JRxa4pj1Ke6ShaXZehuB1pCswvdgAimOxG3o1jSjm8ynySD1xjdStHf3l5bdxbN/76GbpgEkPijcpQoeZsmndWC/leGiGfd4J0C7Pi+IWA9MgV06A1fMXlSWO/hfvMbZmu3lDXj4rqqVRn4GQyQvk0vm4GhJSnDckXZk5JMv+FFimfAbfW+jd8Nlp1exqeQaqwTASvTsyYp7952DH0+5ffNcOPT20KJmPos5JgELQt/ZsRxTl+JLFq18P9i62FkUf7O5+c8LAvCgqRLKjXqsLb8w2DW3GPlzkVyF7Sh75GuIBnubCMlXcaGWWzpcy" + } + } +}