From 6b9e18126336f43b9eff13be7b34a973685820fc Mon Sep 17 00:00:00 2001 From: Tim Park Date: Wed, 8 May 2019 07:24:20 -0700 Subject: [PATCH] Add Velero Fabrikate definition; --- definitions/velero/README.md | 23 ++ definitions/velero/chart/Chart.yaml | 2 + .../velero/chart/templates/00-deployment.yaml | 63 ++++++ .../velero/chart/templates/00-prereqs.yaml | 208 ++++++++++++++++++ .../velero/chart/templates/00-secret.yaml | 12 + .../templates/05-backupstoragelocation.yaml | 27 +++ .../templates/06-volumesnapshotlocation.yaml | 24 ++ .../chart/templates/20-restic-daemonset.yaml | 65 ++++++ definitions/velero/chart/values.yaml | 9 + definitions/velero/component.yaml | 3 + 10 files changed, 436 insertions(+) create mode 100644 definitions/velero/README.md create mode 100644 definitions/velero/chart/Chart.yaml create mode 100644 definitions/velero/chart/templates/00-deployment.yaml create mode 100644 definitions/velero/chart/templates/00-prereqs.yaml create mode 100644 definitions/velero/chart/templates/00-secret.yaml create mode 100644 definitions/velero/chart/templates/05-backupstoragelocation.yaml create mode 100644 definitions/velero/chart/templates/06-volumesnapshotlocation.yaml create mode 100644 definitions/velero/chart/templates/20-restic-daemonset.yaml create mode 100644 definitions/velero/chart/values.yaml create mode 100644 definitions/velero/component.yaml diff --git a/definitions/velero/README.md b/definitions/velero/README.md new file mode 100644 index 0000000..b4853c4 --- /dev/null +++ b/definitions/velero/README.md @@ -0,0 +1,23 @@ +# velero + +This [Fabrikate](https://github.com/microsoft/fabrikate) definition generates the Kubernetes resource manifests for [Velero](https://github.com/heptio/velero). + +## Usage + +Follow the [Velero instructions](https://heptio.github.io/velero/v0.11.0/install-overview) for installing Velero and collect for the configuration you need to use Velero on your target cloud platform. + +For example, for the Azure cloud platform you will need to apply the following configuration to Velero as part of a config file (where `velero` is the subcomponent): + +``` +velero: + config: + azure: + clientId: + clientSecret: + subscriptionId: + tenantId: + + storageResourceGroup: + storageAccount: + container: +``` diff --git a/definitions/velero/chart/Chart.yaml b/definitions/velero/chart/Chart.yaml new file mode 100644 index 0000000..d66e786 --- /dev/null +++ b/definitions/velero/chart/Chart.yaml @@ -0,0 +1,2 @@ +name: velero +version: 1.0.0 diff --git a/definitions/velero/chart/templates/00-deployment.yaml b/definitions/velero/chart/templates/00-deployment.yaml new file mode 100644 index 0000000..e12f707 --- /dev/null +++ b/definitions/velero/chart/templates/00-deployment.yaml @@ -0,0 +1,63 @@ +# Copyright 2017 the Velero contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + namespace: velero + name: velero +spec: + replicas: 1 + template: + metadata: + labels: + component: velero + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8085" + prometheus.io/path: "/metrics" + spec: + restartPolicy: Always + serviceAccountName: velero + containers: + - name: velero + image: gcr.io/heptio-images/velero:v1.0.0-alpha.1 + ports: + - name: metrics + containerPort: 8085 + command: + - /velero + args: + - server + ## uncomment following line and specify values if needed for multiple provider snapshot locations + # - --default-volume-snapshot-locations= + envFrom: + - secretRef: + name: cloud-credentials + env: + - name: VELERO_SCRATCH_DIR + value: /scratch + volumeMounts: + - name: plugins + mountPath: /plugins + - name: scratch + mountPath: /scratch + volumes: + - name: plugins + emptyDir: {} + - name: scratch + emptyDir: {} + nodeSelector: + beta.kubernetes.io/os: linux diff --git a/definitions/velero/chart/templates/00-prereqs.yaml b/definitions/velero/chart/templates/00-prereqs.yaml new file mode 100644 index 0000000..247b91e --- /dev/null +++ b/definitions/velero/chart/templates/00-prereqs.yaml @@ -0,0 +1,208 @@ +# Copyright 2017 the Velero contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: backups.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: backups + kind: Backup + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: schedules.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: schedules + kind: Schedule + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: restores.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: restores + kind: Restore + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: downloadrequests.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: downloadrequests + kind: DownloadRequest + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: deletebackuprequests.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: deletebackuprequests + kind: DeleteBackupRequest + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: podvolumebackups.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: podvolumebackups + kind: PodVolumeBackup + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: podvolumerestores.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: podvolumerestores + kind: PodVolumeRestore + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: resticrepositories.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: resticrepositories + kind: ResticRepository + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: backupstoragelocations.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: backupstoragelocations + kind: BackupStorageLocation + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: volumesnapshotlocations.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: volumesnapshotlocations + kind: VolumeSnapshotLocation + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: serverstatusrequests.velero.io + labels: + component: velero +spec: + group: velero.io + version: v1 + scope: Namespaced + names: + plural: serverstatusrequests + kind: ServerStatusRequest +--- +apiVersion: v1 +kind: Namespace +metadata: + name: velero + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: velero + namespace: velero + labels: + component: velero + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: velero + labels: + component: velero +subjects: + - kind: ServiceAccount + namespace: velero + name: velero +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io diff --git a/definitions/velero/chart/templates/00-secret.yaml b/definitions/velero/chart/templates/00-secret.yaml new file mode 100644 index 0000000..60895d7 --- /dev/null +++ b/definitions/velero/chart/templates/00-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cloud-credentials + namespace: velero +type: Opaque +data: + AZURE_SUBSCRIPTION_ID: {{.Values.azure.subscriptionId | b64enc | quote }} + AZURE_TENANT_ID: {{.Values.azure.tenantId | b64enc | quote }} + AZURE_CLIENT_ID: {{.Values.azure.clientId | b64enc | quote }} + AZURE_CLIENT_SECRET: {{.Values.azure.clientSecret | b64enc | quote }} + AZURE_RESOURCE_GROUP: {{.Values.azure.clusterResourceGroup| b64enc | quote }} diff --git a/definitions/velero/chart/templates/05-backupstoragelocation.yaml b/definitions/velero/chart/templates/05-backupstoragelocation.yaml new file mode 100644 index 0000000..ea291b6 --- /dev/null +++ b/definitions/velero/chart/templates/05-backupstoragelocation.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 the Velero contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +apiVersion: velero.io/v1 +kind: BackupStorageLocation +metadata: + name: default + namespace: velero +spec: + provider: azure + objectStorage: + bucket: {{.Values.azure.container}} + config: + resourceGroup: {{.Values.azure.storageResourceGroup}} + storageAccount: {{.Values.azure.storageAccount}} diff --git a/definitions/velero/chart/templates/06-volumesnapshotlocation.yaml b/definitions/velero/chart/templates/06-volumesnapshotlocation.yaml new file mode 100644 index 0000000..6e85702 --- /dev/null +++ b/definitions/velero/chart/templates/06-volumesnapshotlocation.yaml @@ -0,0 +1,24 @@ +# Copyright 2018 the Velero contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +apiVersion: velero.io/v1 +kind: VolumeSnapshotLocation +metadata: + name: azure-default + namespace: velero +spec: + provider: azure + config: + apiTimeout: "2m0s" diff --git a/definitions/velero/chart/templates/20-restic-daemonset.yaml b/definitions/velero/chart/templates/20-restic-daemonset.yaml new file mode 100644 index 0000000..2e0c331 --- /dev/null +++ b/definitions/velero/chart/templates/20-restic-daemonset.yaml @@ -0,0 +1,65 @@ +# Copyright 2018 the Velero contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: restic + namespace: velero +spec: + selector: + matchLabels: + name: restic + template: + metadata: + labels: + name: restic + spec: + serviceAccountName: velero + securityContext: + runAsUser: 0 + volumes: + - name: host-pods + hostPath: + path: /var/lib/kubelet/pods + - name: scratch + emptyDir: {} + containers: + - name: velero + image: gcr.io/heptio-images/velero:v1.0.0-alpha.1 + command: + - /velero + args: + - restic + - server + volumeMounts: + - name: host-pods + mountPath: /host_pods + mountPropagation: HostToContainer + - name: scratch + mountPath: /scratch + envFrom: + - secretRef: + name: cloud-credentials + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: VELERO_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: VELERO_SCRATCH_DIR + value: /scratch diff --git a/definitions/velero/chart/values.yaml b/definitions/velero/chart/values.yaml new file mode 100644 index 0000000..5257fe1 --- /dev/null +++ b/definitions/velero/chart/values.yaml @@ -0,0 +1,9 @@ +# azure: +# subscriptionId: +# tenantId: +# clientId: +# clientSecret: +# clusterResourceGroup: +# storageResourceGroup: +# storageAccount: +# container: diff --git a/definitions/velero/component.yaml b/definitions/velero/component.yaml new file mode 100644 index 0000000..5ad889e --- /dev/null +++ b/definitions/velero/component.yaml @@ -0,0 +1,3 @@ +name: velero +generator: "helm" +path: "./chart"