fleet: init backup plugin api #378
Conversation
|
@Xieql: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
✅ Deploy Preview for kurator-dev ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Xieql
force-pushed
the
velero-plugin-api
branch
from
e7b0153
to
5264c2a
Compare
Signed-off-by: Xieql <xieqianglong@huawei.com>
Xieql
force-pushed
the
velero-plugin-api
branch
from
5264c2a
to
8b6a06d
Compare
Signed-off-by: Xieql <xieqianglong@huawei.com>
Xieql
force-pushed
the
velero-plugin-api
branch
from
1f7e532
to
112e907
Compare
|
/label tide/merge-method-squash |
Signed-off-by: Xieql <xieqianglong@huawei.com>
|
@hzxuzhonghu PTAL |
pkg/apis/fleet/v1alpha1/types.go
Outdated
| // SecretName represents the name of the secret containing the object store credentials. | ||
| // To access the backup storage location, the secret must include the following keys: | ||
| // | ||
| // - `s3-access-key`: The access key ID for S3 authentication. |
There was a problem hiding this comment.
it is the name from minio .
"A MinIO user consists of a unique access key (username) and corresponding secret key (password)."
(see https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management/minio-user-management.html#minio-idp-service-account),
or we can just use s3-username and s3-password
There was a problem hiding this comment.
What are your thoughts on this
pkg/apis/fleet/v1alpha1/types.go
Outdated
| // To access the backup storage location, the secret must include the following keys: | ||
| // | ||
| // - `s3-access-key`: The access key ID for S3 authentication. | ||
| // - `s3-secret-key`: The secret access key for S3 authentication. |
pkg/apis/fleet/v1alpha1/types.go
Outdated
| // - `s3-secret-key`: The secret access key for S3 authentication. | ||
| // | ||
| // - `username`: The access-key/account/username for authentication. | ||
| // - `password`: The secret-key/password for authentication. |
There was a problem hiding this comment.
for what storage do we need username password?
There was a problem hiding this comment.
Velero can back up various types of Kubernetes resources, but when it comes to storing these backup data, Velero only supports object storage. Object storage solutions, such as AWS S3, Google Cloud Storage, Azure Blob Storage, and many others, often require authentication to ensure data security and integrity. This authentication is typically done using an access key or username, along with a secret key or password.
By providing the username and password (or equivalently, access key and secret key) in the BackupStorage configuration, we are ensuring that Velero can authenticate with the object storage solution and gain the necessary permissions to read and write backup data.
There was a problem hiding this comment.
I mean username password are common used for accessing obs storage? Please do not paste AI generated text without matching the question
There was a problem hiding this comment.
we had discussed “A MinIO user consists of a unique access key (username) and corresponding secret key (password).”
velero use minio as example,and the name in aws (aws_access_key_id)is already discussed.
I am really not sure what “for what storage do we need username password?” means.
AI generation just for the text is well-reading,
There was a problem hiding this comment.
accessKey and secretKey may be more common used for accessing obs storage.
Minio :
access key + secret key
see https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management/minio-user-management.html#minio-idp-service-account
s3 in AWS :
access key ID + secret access key
see https://docs.aws.amazon.com/powershell/latest/userguide/pstools-appendix-sign-up.html
OBS in HuaweiCloud:
Access Key Id(AK) + Secret Access Key(SK)
see https://support.huaweicloud.com/productdesc-obs/obs_03_0208.html
OSS in Aliyun:
AccessKey ID + AccessKey Secret
see https://help.aliyun.com/zh/oss/product-overview/what-is-oss?spm=a2c4g.11174283.0.i2
There was a problem hiding this comment.
so i think we need to say access-key and secret-key instead of user or passwd
Xieql
force-pushed
the
velero-plugin-api
branch
from
a9ab316
to
baaa9d8
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hzxuzhonghu The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind api-change
/kind design
/kind documentation
What this PR does / why we need it:
init api that support user install Velero with fleet.
part of #374
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: