fix velero

2025-02-26 23:22:26 -05:00
parent 5955654189
commit 7f41e57435
1 changed files with 34 additions and 40 deletions
--- a/system-apps/velero/values.yaml
+++ b/system-apps/velero/values.yaml
@@ -107,12 +107,12 @@ dnsPolicy: ClusterFirst
 # Init containers to add to the Velero deployment's pod spec. At least one plugin provider image is required.
 # If the value is a string then it is evaluated as a template.
 initContainers:
-  # - name: velero-plugin-for-aws
-  #   image: velero/velero-plugin-for-aws:v1.10.0
-  #   imagePullPolicy: IfNotPresent
-  #   volumeMounts:
-  #     - mountPath: /target
-  #       name: plugins
+  - name: velero-plugin-for-aws
+    image: velero/velero-plugin-for-aws:v1.10.0
+    imagePullPolicy: IfNotPresent
+    volumeMounts:
+      - mountPath: /target
+        name: plugins

 # SecurityContext to use for the Velero deployment. Optional.
 # Set fsGroup for `AWS IAM Roles for Service Accounts`
@@ -181,7 +181,25 @@ extraVolumes: []
 extraVolumeMounts: []

 # Extra K8s manifests to deploy
-extraObjects: []
+extraObjects:
+  - apiVersion: external-secrets.io/v1beta1
+    kind: ExternalSecret
+    metadata:
+      name: minio-credentials
+      namespace: velero
+    spec:
+      refreshInterval: 1h
+      secretStoreRef:
+        name: weyma-vault
+        kind: ClusterSecretStore
+      target:
+        name: minio-credentials
+        creationPolicy: Owner
+      data:
+      - secretKey: credentials
+        remoteRef:
+          key: velero
+          property: credentials
  # - apiVersion: secrets-store.csi.x-k8s.io/v1
  #   kind: SecretProviderClass
  #   metadata:
@@ -318,11 +336,11 @@ configuration:
  backupStorageLocation:
    # name is the name of the backup storage location where backups should be stored. If a name is not provided,
    # a backup storage location will be created with the name "default". Optional.
-  - name:
+  - name: weyma-truenas
    # provider is the name for the backup storage location provider.
-    provider:
+    provider: velero.io/aws
    # bucket is the name of the bucket to store backups in. Required.
-    bucket:
+    bucket: weyma-talos-velero
    # caCert defines a base64 encoded CA bundle to use when verifying TLS connections to the provider. Optional.
    caCert:
    # prefix is the directory under which all Velero data should be stored within the bucket. Optional.
@@ -336,12 +354,15 @@ configuration:
    accessMode: ReadWrite
    credential:
      # name of the secret used by this backupStorageLocation.
-      name:
+      name: minio-credentials
      # name of key that contains the secret data to be used.
-      key:
+      key: credentials
    # Additional provider-specific configuration. See link above
    # for details of required/optional fields for your provider.
-    config: {}
+    config:
+      region: us-east-1
+      s3Url: 10.69.42.20:9000
+      insecureSkipTLSVerify: true
    #  region:
    #  s3ForcePathStyle:
    #  s3Url:
@@ -361,33 +382,6 @@ configuration:
    # annotations allows adding arbitrary annotations to this BackupStorageLocation resource. Optional.
    annotations: {}

-  # Parameters for the VolumeSnapshotLocation(s). Configure multiple by adding other element(s) to the volumeSnapshotLocation slice.
-  # See https://velero.io/docs/v1.6/api-types/volumesnapshotlocation/
-  volumeSnapshotLocation:
-    # name is the name of the volume snapshot location where snapshots are being taken. Required.
-  - name:
-    # provider is the name for the volume snapshot provider.
-    provider:
-    credential:
-      # name of the secret used by this volumeSnapshotLocation.
-      name:
-      # name of key that contains the secret data to be used.
-      key:
-    # Additional provider-specific configuration. See link above
-    # for details of required/optional fields for your provider.
-    config: {}
-  #    region:
-  #    apiTimeout:
-  #    resourceGroup:
-  #    The ID of the subscription where volume snapshots should be stored, if different from the cluster’s subscription. If specified, also requires `configuration.volumeSnapshotLocation.config.resourceGroup`to be set. (Azure only)
-  #    subscriptionId:
-  #    incremental:
-  #    snapshotLocation:
-  #    project:
-
-    # annotations allows adding arbitrary annotations to this VolumeSnapshotLocation resource. Optional.
-    annotations: {}
-
  # These are server-level settings passed as CLI flags to the `velero server` command. Velero
  # uses default values if they're not passed in, so they only need to be explicitly specified
  # here if using a non-default value. The `velero server` default values are shown in the