[v1.4.0-beta.1] Unable to restore restic data with custom certificate option. #2562
Comments
|
Ah. I see what's going on here. While we're correctly passing the I'll work on a fix for this. |
|
@leitaof if you're available, it'd be great to have you test out a fix for this. I should have a docker image up shortly that you can use. |
|
@skriss Sure, will test it this after noon whit the new docker image. |
|
Awesome, thanks! OK, the image with the fix is: |
|
I have tried the restore but my pod is unable to find the fixed image because hes searching in the velero repo instead of steveheptio 29m Warning Failed pod/nexus-694dff6965-cbh6p Failed to pull image "velero/velero-restic-restore-helper:fix-2562": rpc error: code = Unknown desc = Error response from daemon: manifest for velero/velero-restic-restore-helper:fix-2562 not found |
|
Ah, shoot. I retagged the image with the fix as You'll have to delete the partially-restored workload and try again after updating the images. |
|
Still same error 2m55s Normal Pulling pod/nexus-694dff6965-cbh6p Pulling image "velero/velero-restic-restore-helper:fix-2562" Events from updated image |
|
Did you delete this pod: |
|
yes I have deleted the namespace and just to be sure I have delete again and did a restore again. LAST SEEN TYPE REASON OBJECT MESSAGE |
|
OK, here's the other way to work around this: you can override which image it tries to pull for the restic restore helper by providing a configmap that specifies the specific image to use: kubectl -n velero create configmap restic-restore-action-config --from-literal=image=velero/velero-restic-restore-helper:v1.4.0-beta.1
kubectl -n velero label configmap restic-restore-action-config velero.io/plugin-config=
kubectl -n velero label configmap restic-restore-action-config velero.io/restic=RestoreItemActionAfter setting this up, you'll need to (a) delete the partially-restored workload/namespace in your cluster, and (b) try a new restore. Thanks for the patience! |
|
Ah, I think I see why you were still getting the issue with pulling the |
|
@leitaof we went ahead and merged the code change since it seemed straight-forward and low-risk, but we'd still like to have your verification! |
|
No problem but i will test it tomorrow and give you feedback after. |
|
I have tested the restore whit the latest v1.4.0 and it work properly. |
|
awesome, thanks again for the testing and feedback! |
What steps did you take and what happened:
I have deployed the latest beta version to use custom ca cert. The backups is performed properly with restic and I see the data in minio under mybubket/restic
But when trying to restore restic fails whit x509: certificate signed by unknown authority
What did you expect to happen:
The connection should work for the restic restore as the same for the restic backup.
The output of the following commands will help us better understand what's going on:
(Pasting long output into a GitHub gist or other pastebin is fine.)
kubectl logs deployment/velero -n velerodeployment_velero.log
velero backup describe <backupname>orkubectl get backup/<backupname> -n velero -o yamlvelero_backup_describe.log
velero backup logs <backupname>velero_backup.log
velero restore describe <restorename>orkubectl get restore/<restorename> -n velero -o yamlvelero_restore_describe.log
velero restore logs <restorename>velero_restore.log
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
Velero version (use
velero version):Client:
Version: v1.4.0-beta.1
Git commit: 8bf75bd
Server:
Version: v1.4.0-beta.1
Velero features (use
velero client config get features):features:
Kubernetes version (use
kubectl version):Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.11", GitCommit:"d94a81c724ea8e1ccc9002d89b7fe81d58f89ede", GitTreeState:"clean", BuildDate:"2020-03-12T21:08:59Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.11", GitCommit:"d94a81c724ea8e1ccc9002d89b7fe81d58f89ede", GitTreeState:"clean", BuildDate:"2020-03-12T21:00:06Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}
Kubernetes installer & version:
rke v1.0.6
Cloud provider or hardware configuration:
hardware
OS (e.g. from
/etc/os-release):kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ltec-fil-m-01 Ready controlplane,etcd 245d v1.15.11 10.195.177.52 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-m-02 Ready controlplane,etcd 245d v1.15.11 10.195.177.53 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-m-03 Ready controlplane,etcd 245d v1.15.11 10.195.177.54 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-01 Ready worker 245d v1.15.11 10.195.177.55 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-02 Ready worker 245d v1.15.11 10.195.177.56 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-03 Ready worker 207d v1.15.11 10.195.177.57 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-99 Ready worker 121d v1.15.11 10.195.200.99 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
The text was updated successfully, but these errors were encountered: