Compare commits
1 Commits
118acde09d
...
6d4d0172e0
Author | SHA1 | Date |
---|---|---|
Fleur Kelpin | 6d4d0172e0 |
|
@ -16,11 +16,12 @@ See https://github.com/coreos/vault-operator/blob/master/doc/user/vault.md
|
|||
Define credentials for backup to the Azure Blob Store.
|
||||
See [etcd-operator documentation](https://github.com/coreos/etcd-operator/blob/master/doc/user/abs_backup.md).
|
||||
|
||||
| Parameter | Description | Default |
|
||||
| --------------- | ----------------------------- | ------------------ |
|
||||
| `abs.account` | name of storage account | `fdlkops` |
|
||||
| `abs.accessKey` | access key of storage account | `xxxx` |
|
||||
| `abs.cloud` | name of cloud environment | `AzurePublicCloud` |
|
||||
| Parameter | Description | Default |
|
||||
| -------------------- | ------------------------------------ | ------------------------------------------ |
|
||||
| `s3.accessKeyId` | key id storage account | `AKIAIOSFODNN7EXAMPLE` |
|
||||
| `s3.secretAccessKey` | secret access key of storage account | `wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY` |
|
||||
| `s3.region` | region of the storage server | `us-east-1` |
|
||||
| `s3.endpoint` | endpoint for the storage server | `http://minio.minio.svc:9000` |
|
||||
|
||||
### Backup job
|
||||
Define the schedule of the backup job
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
apiVersion: "etcd.database.coreos.com/v1beta2"
|
||||
kind: "EtcdBackup"
|
||||
metadata:
|
||||
name: vault-backup
|
||||
namespace: "vault-operator"
|
||||
spec:
|
||||
etcdEndpoints: ["https://vault-etcd-client:2379"]
|
||||
storageType: S3
|
||||
clientTLSSecret: vault-etcd-client-tls
|
||||
s3:
|
||||
path: vault/backup-manual
|
||||
awsSecret: aws
|
||||
endpoint: http://minio.minio.svc:9000
|
|
@ -9,7 +9,8 @@ spec:
|
|||
etcdCluster:
|
||||
# The namespace is the same as this EtcdRestore CR
|
||||
name: vault-etcd
|
||||
backupStorageType: ABS
|
||||
abs:
|
||||
path: vault/backup-<specify the backup name>
|
||||
absSecret: abs
|
||||
backupStorageType: S3
|
||||
s3:
|
||||
path: vault/backup-<name>
|
||||
awsSecret: aws
|
||||
endpoint: http://minio.minio.svc:9000
|
|
@ -1,10 +0,0 @@
|
|||
# Secret to access microsoft azure blob store
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: abs
|
||||
type: Opaque
|
||||
stringData:
|
||||
storage-account: {{ .Values.abs.account }}
|
||||
storage-key: {{ .Values.abs.accessKey }}
|
||||
cloud: {{ .Values.abs.cloud }}
|
|
@ -0,0 +1,10 @@
|
|||
# Secret to access s3 compatible store
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: aws
|
||||
type: Opaque
|
||||
data:
|
||||
config: {{ printf "[default]\nregion = %s" .Values.s3.region | b64enc | quote }}
|
||||
credentials: {{ printf "[default]\naws_access_key_id = %s\naws_secret_access_key = %s\n" .Values.s3.accessKeyId .Values.s3.secretAccessKey | b64enc | quote }}
|
||||
|
|
@ -11,8 +11,9 @@ data:
|
|||
generateName: vault-backup-
|
||||
spec:
|
||||
etcdEndpoints: ["https://vault-etcd-client:2379"]
|
||||
storageType: ABS
|
||||
storageType: S3
|
||||
clientTLSSecret: vault-etcd-client-tls
|
||||
abs:
|
||||
s3:
|
||||
path: vault/backup.<NOW>
|
||||
absSecret: abs
|
||||
awsSecret: aws
|
||||
endpoint: {{ .Values.s3.endpoint }}
|
|
@ -2,14 +2,16 @@
|
|||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
# abs gives details of the credentials to reach the azure backup storage
|
||||
abs:
|
||||
# account is the name of the Storage account
|
||||
account: fdlkops
|
||||
# access key for the Storage account
|
||||
accessKey: xxxx
|
||||
# default cloud
|
||||
cloud: AzurePublicCloud
|
||||
# s3 configures s3 backup storage
|
||||
s3:
|
||||
# accessKey for the s3 storage account
|
||||
accessKeyId: AKIAIOSFODNN7EXAMPLE
|
||||
# secretAccessKey for the s3 storage account
|
||||
secretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
||||
# region
|
||||
region: us-east-1
|
||||
# endpoint for the s3 storage
|
||||
endpoint: http://minio.minio.svc:9000
|
||||
|
||||
# backupjob describes the backup cronjob
|
||||
backupJob:
|
||||
|
@ -40,10 +42,10 @@ etcd-operator:
|
|||
tag: v0.9.2
|
||||
backupOperator:
|
||||
image:
|
||||
tag: v0.9.2
|
||||
tag: v0.8.3
|
||||
restoreOperator:
|
||||
image:
|
||||
tag: v0.9.2
|
||||
tag: v0.8.3
|
||||
|
||||
ui:
|
||||
name: "vault-ui"
|
||||
|
|
Loading…
Reference in New Issue