Skip to content

Commit

Permalink
feat: add velero to platform apps (#903)
Browse files Browse the repository at this point in the history 
Enable admins to perform backup of platform apps and/or team apps

Co-authored-by: oshah97 <oshah97@outlook.com>
Co-authored-by: Jehoszafat Zimnowoda <jehoszafat.zimnowoda@redkubes.com>
  • Loading branch information
@srodenhuis @oshah97 @j-zimnowoda
3 people committed Sep 20, 2022
1 parent a6f8576 commit 897bfba
Show file tree
Hide file tree
Showing 45 changed files with 5,731 additions and 10 deletions.
1 change: 1 addition & 0 deletions .cspell.json
View file
Expand Up @@ -149,6 +149,7 @@
"textconv",
"unencrypted",
"untrusted",
"velero",
"xlarge"
]
}
3 changes: 2 additions & 1 deletion README.md
View file
Expand Up @@ -2,7 +2,7 @@
<img src="https://otomi.io/img/otomi-logo.svg" width="224px"/><br/>
Self-hosted DevOps Platform for Kubernetes
</h1>
<p align="center"><b>Start deploying your apps on Kubernetes today </b></p>
<p align="center"><b>Start deploying your apps on Kubernetes today</b></p>

<p align="center">
<a href="https://github.com/redkubes/otomi-core/releases/"><img alt="Releases" src="https://img.shields.io/github/v/release/redkubes/otomi-core" /></a>
Expand Down Expand Up @@ -118,6 +118,7 @@ Otomi installs, configures, integrates and automates all of your favorite techno
Learn more about all the integrated technologies:

- [Istio](https://github.com/istio/istio): The service mesh framework with end-to-end transit encryption
- [Velero](https://github.com/vmware-tanzu/velero): Back up and restore your Kubernetes cluster resources and persistent volumes
- [Argo CD](https://github.com/argoproj/argo-cd): Declarative continuous deployment
- [KubeClarity](https://github.com/openclarity/kubeclarity): Detect vulnerabilities of container images
- [Knative](https://github.com/knative/serving): Deploy and manage serverless workloads
Expand Down
12 changes: 12 additions & 0 deletions apps.yaml
View file
Expand Up @@ -224,3 +224,15 @@ appsInfo:
license: MPL-2.0
about: Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
integration: Vault has been made team aware. When enabled, a space will automatically be created for each team, and only team members are allowed access. Vault is automatically configured to use Otomi's Keycloak OIDC settings for SSO. Vault runs natively on Kubernetes. To prevent data from Vault being lost during a rolling cluster upgrade, data persistence can be configured in combination with external (blob) storage.
velero:
title: Velero
appVersion: 1.9.0
repo: https://github.com/vmware-tanzu/velero
maintainers: VMware Tanzu
relatedLinks:
- https://otomi.io/docs/apps/velero
- https://velero.io/docs/v1.9/
- https://velero.io/docs/main/restic/
license: Apache 2.0
about: Velero is a tool to back up and restore Kubernetes cluster resources and persistent volumes.
integration: When enabled, Velero can be used to automatically create backups of Otomi platform services. Based on the selected provider, Otomi installs required plug-ins. Otomi also installs the Restic integration for Velero to back up and restore almost any type of Kubernetes volume.
2 changes: 1 addition & 1 deletion chart/otomi/values.yaml
View file
Expand Up @@ -18,7 +18,7 @@ cluster: {}
# name: 'dev'

## Set provider
## Can be one of aws|azure|google|digitalocean|custom
## Can be one of aws|azure|google|digitalocean|ovh|vultr|custom
## Choose 'custom' for Minikube and any other K8s cluster.
##
# provider: 'custom'
Expand Down
19 changes: 19 additions & 0 deletions charts/velero/Chart.yaml
View file
@@ -0,0 +1,19 @@
apiVersion: v2
appVersion: 1.9.0
kubeVersion: ">=1.16.0-0"
description: A Helm chart for velero
name: velero
version: 2.30.1
home: https://github.com/vmware-tanzu/velero
icon: https://cdn-images-1.medium.com/max/1600/1*-9mb3AKnKdcL_QD3CMnthQ.png
sources:
- https://github.com/vmware-tanzu/velero
maintainers:
- name: jenting
email: hsiaoairplane@gmail.com
- name: sseago
email: sseago@redhat.com
- name: reasonerjt
email: jiangd@vmware.com
- name: ywk253100
email: yinw@vmware.com
509 changes: 509 additions & 0 deletions charts/velero/crds/backups.yaml
View file

Large diffs are not rendered by default.

183 changes: 183 additions & 0 deletions charts/velero/crds/backupstoragelocations.yaml
View file
@@ -0,0 +1,183 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
component: velero
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: backupstoragelocations.velero.io
spec:
group: velero.io
names:
kind: BackupStorageLocation
listKind: BackupStorageLocationList
plural: backupstoragelocations
shortNames:
- bsl
singular: backupstoragelocation
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Backup Storage Location status such as Available/Unavailable
jsonPath: .status.phase
name: Phase
type: string
- description: LastValidationTime is the last time the backup store location was
validated
jsonPath: .status.lastValidationTime
name: Last Validated
type: date
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: Default backup storage location
jsonPath: .spec.default
name: Default
type: boolean
name: v1
schema:
openAPIV3Schema:
description: BackupStorageLocation is a location where Velero stores backup
objects
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BackupStorageLocationSpec defines the desired state of a
Velero BackupStorageLocation
properties:
accessMode:
description: AccessMode defines the permissions for the backup storage
location.
enum:
- ReadOnly
- ReadWrite
type: string
backupSyncPeriod:
description: BackupSyncPeriod defines how frequently to sync backup
API objects from object storage. A value of 0 disables sync.
nullable: true
type: string
config:
additionalProperties:
type: string
description: Config is for provider-specific configuration fields.
type: object
credential:
description: Credential contains the credential information intended
to be used with this location
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
default:
description: Default indicates this location is the default backup
storage location.
type: boolean
objectStorage:
description: ObjectStorageLocation specifies the settings necessary
to connect to a provider's object storage.
properties:
bucket:
description: Bucket is the bucket to use for object storage.
type: string
caCert:
description: CACert defines a CA bundle to use when verifying
TLS connections to the provider.
format: byte
type: string
prefix:
description: Prefix is the path inside a bucket to use for Velero
storage. Optional.
type: string
required:
- bucket
type: object
provider:
description: Provider is the provider of the backup storage.
type: string
validationFrequency:
description: ValidationFrequency defines how frequently to validate
the corresponding object storage. A value of 0 disables validation.
nullable: true
type: string
required:
- objectStorage
- provider
type: object
status:
description: BackupStorageLocationStatus defines the observed state of
BackupStorageLocation
properties:
accessMode:
description: "AccessMode is an unused field. \n Deprecated: there
is now an AccessMode field on the Spec and this field will be removed
entirely as of v2.0."
enum:
- ReadOnly
- ReadWrite
type: string
lastSyncedRevision:
description: "LastSyncedRevision is the value of the `metadata/revision`
file in the backup storage location the last time the BSL's contents
were synced into the cluster. \n Deprecated: this field is no longer
updated or used for detecting changes to the location's contents
and will be removed entirely in v2.0."
type: string
lastSyncedTime:
description: LastSyncedTime is the last time the contents of the location
were synced into the cluster.
format: date-time
nullable: true
type: string
lastValidationTime:
description: LastValidationTime is the last time the backup store
location was validated the cluster.
format: date-time
nullable: true
type: string
message:
description: Message is a message about the backup storage location's
status.
type: string
phase:
description: Phase is the current state of the BackupStorageLocation.
enum:
- Available
- Unavailable
type: string
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
83 changes: 83 additions & 0 deletions charts/velero/crds/deletebackuprequests.yaml
View file
@@ -0,0 +1,83 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
component: velero
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: deletebackuprequests.velero.io
spec:
group: velero.io
names:
kind: DeleteBackupRequest
listKind: DeleteBackupRequestList
plural: deletebackuprequests
singular: deletebackuprequest
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The name of the backup to be deleted
jsonPath: .spec.backupName
name: BackupName
type: string
- description: The status of the deletion request
jsonPath: .status.phase
name: Status
type: string
name: v1
schema:
openAPIV3Schema:
description: DeleteBackupRequest is a request to delete one or more backups.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DeleteBackupRequestSpec is the specification for which backups
to delete.
properties:
backupName:
type: string
required:
- backupName
type: object
status:
description: DeleteBackupRequestStatus is the current status of a DeleteBackupRequest.
properties:
errors:
description: Errors contains any errors that were encountered during
the deletion process.
items:
type: string
nullable: true
type: array
phase:
description: Phase is the current state of the DeleteBackupRequest.
enum:
- New
- InProgress
- Processed
type: string
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

0 comments on commit 897bfba

Please sign in to comment.