New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[v1.4.0-beta.1] Unable to restore restic data with custom certificate option. #2562
Comments
Ah. I see what's going on here. While we're correctly passing the I'll work on a fix for this. |
@leitaof if you're available, it'd be great to have you test out a fix for this. I should have a docker image up shortly that you can use. |
@skriss Sure, will test it this after noon whit the new docker image. |
Awesome, thanks! OK, the image with the fix is:
|
I have tried the restore but my pod is unable to find the fixed image because hes searching in the velero repo instead of steveheptio 29m Warning Failed pod/nexus-694dff6965-cbh6p Failed to pull image "velero/velero-restic-restore-helper:fix-2562": rpc error: code = Unknown desc = Error response from daemon: manifest for velero/velero-restic-restore-helper:fix-2562 not found |
Ah, shoot. I retagged the image with the fix as
You'll have to delete the partially-restored workload and try again after updating the images. |
Still same error 2m55s Normal Pulling pod/nexus-694dff6965-cbh6p Pulling image "velero/velero-restic-restore-helper:fix-2562" Events from updated image |
Did you delete this pod: |
yes I have deleted the namespace and just to be sure I have delete again and did a restore again. LAST SEEN TYPE REASON OBJECT MESSAGE |
OK, here's the other way to work around this: you can override which image it tries to pull for the restic restore helper by providing a configmap that specifies the specific image to use: kubectl -n velero create configmap restic-restore-action-config --from-literal=image=velero/velero-restic-restore-helper:v1.4.0-beta.1
kubectl -n velero label configmap restic-restore-action-config velero.io/plugin-config=
kubectl -n velero label configmap restic-restore-action-config velero.io/restic=RestoreItemAction After setting this up, you'll need to (a) delete the partially-restored workload/namespace in your cluster, and (b) try a new restore. Thanks for the patience! |
Ah, I think I see why you were still getting the issue with pulling the |
@leitaof we went ahead and merged the code change since it seemed straight-forward and low-risk, but we'd still like to have your verification! |
No problem but i will test it tomorrow and give you feedback after. |
I have tested the restore whit the latest v1.4.0 and it work properly. |
awesome, thanks again for the testing and feedback! |
What steps did you take and what happened:
I have deployed the latest beta version to use custom ca cert. The backups is performed properly with restic and I see the data in minio under mybubket/restic
But when trying to restore restic fails whit x509: certificate signed by unknown authority
What did you expect to happen:
The connection should work for the restic restore as the same for the restic backup.
The output of the following commands will help us better understand what's going on:
(Pasting long output into a GitHub gist or other pastebin is fine.)
kubectl logs deployment/velero -n velero
deployment_velero.log
velero backup describe <backupname>
orkubectl get backup/<backupname> -n velero -o yaml
velero_backup_describe.log
velero backup logs <backupname>
velero_backup.log
velero restore describe <restorename>
orkubectl get restore/<restorename> -n velero -o yaml
velero_restore_describe.log
velero restore logs <restorename>
velero_restore.log
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
Velero version (use
velero version
):Client:
Version: v1.4.0-beta.1
Git commit: 8bf75bd
Server:
Version: v1.4.0-beta.1
Velero features (use
velero client config get features
):features:
Kubernetes version (use
kubectl version
):Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.11", GitCommit:"d94a81c724ea8e1ccc9002d89b7fe81d58f89ede", GitTreeState:"clean", BuildDate:"2020-03-12T21:08:59Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.11", GitCommit:"d94a81c724ea8e1ccc9002d89b7fe81d58f89ede", GitTreeState:"clean", BuildDate:"2020-03-12T21:00:06Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}
Kubernetes installer & version:
rke v1.0.6
Cloud provider or hardware configuration:
hardware
OS (e.g. from
/etc/os-release
):kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ltec-fil-m-01 Ready controlplane,etcd 245d v1.15.11 10.195.177.52 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-m-02 Ready controlplane,etcd 245d v1.15.11 10.195.177.53 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-m-03 Ready controlplane,etcd 245d v1.15.11 10.195.177.54 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-01 Ready worker 245d v1.15.11 10.195.177.55 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-02 Ready worker 245d v1.15.11 10.195.177.56 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-03 Ready worker 207d v1.15.11 10.195.177.57 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
ltec-fil-w-99 Ready worker 121d v1.15.11 10.195.200.99 Ubuntu 16.04.6 LTS 4.4.0-169-generic docker://18.9.9
The text was updated successfully, but these errors were encountered: