k8s/apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

velero update

Browse Source
This commit is contained in:
Philip Haupt
2025-09-03 12:45:53 +02:00
parent 01e0618e4f
commit a56457b7ad
3 changed files with 317 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

186
velero/main.yaml
View File

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: backuprepositories.velero.io
@@ -55,6 +55,13 @@ spec:
description: MaintenanceFrequency is how often maintenance should
be run.
type: string
repositoryConfig:
additionalProperties:
type: string
description: RepositoryConfig is for repository-specific configuration
fields.
nullable: true
type: object
repositoryType:
description: RepositoryType indicates the type of the backend repository
enum:
@@ -82,8 +89,8 @@ spec:
description: BackupRepositoryStatus is the current status of a BackupRepository.
properties:
lastMaintenanceTime:
description: LastMaintenanceTime is the last time maintenance was
run.
description: LastMaintenanceTime is the last time repo maintenance
succeeded.
format: date-time
nullable: true
type: string
@@ -98,6 +105,33 @@ spec:
- Ready
- NotReady
type: string
recentMaintenance:
description: RecentMaintenance is status of the recent repo maintenance.
items:
properties:
completeTimestamp:
description: CompleteTimestamp is the completion time of the
repo maintenance.
format: date-time
nullable: true
type: string
message:
description: Message is a message about the current status of
the repo maintenance.
type: string
result:
description: Result is the result of the repo maintenance.
enum:
- Succeeded
- Failed
type: string
startTimestamp:
description: StartTimestamp is the start time of the repo maintenance.
format: date-time
nullable: true
type: string
type: object
type: array
type: object
type: object
served: true
@@ -108,7 +142,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: backups.velero.io
@@ -170,7 +204,6 @@ spec:
DefaultVolumesToRestic specifies whether restic should be used to take a
backup of all pod volumes by default.
Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.
nullable: true
type: boolean
@@ -283,11 +316,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -471,11 +506,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -532,11 +569,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -770,7 +809,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: backupstoragelocations.velero.io
@@ -855,10 +894,13 @@ spec:
valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the Secret or its key must be defined
@@ -910,7 +952,6 @@ spec:
description: |-
AccessMode is an unused field.
Deprecated: there is now an AccessMode field on the Spec and this field
will be removed entirely as of v2.0.
enum:
@@ -922,7 +963,6 @@ spec:
LastSyncedRevision is the value of the `metadata/revision` file in the backup
storage location the last time the BSL's contents were synced into the cluster.
Deprecated: this field is no longer updated or used for detecting changes to
the location's contents and will be removed entirely in v2.0.
type: string
@@ -960,7 +1000,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: datadownloads.velero.io
@@ -1051,6 +1091,13 @@ spec:
DataMover specifies the data mover to be used by the backup.
If DataMover is "" or "velero", the built-in data mover will be used.
type: string
nodeOS:
description: NodeOS is OS of the node where the DataDownload is processed.
enum:
- auto
- linux
- windows
type: string
operationTimeout:
description: |-
OperationTimeout specifies the time used to wait internal operations,
@@ -1095,6 +1142,16 @@ spec:
status:
description: DataDownloadStatus is the current status of a DataDownload.
properties:
acceptedByNode:
description: Node is name of the node where the DataUpload is prepared.
type: string
acceptedTimestamp:
description: |-
AcceptedTimestamp records the time the DataUpload is to be prepared.
The server's time is used for AcceptedTimestamp
format: date-time
nullable: true
type: string
completionTimestamp:
description: |-
CompletionTimestamp records the time a restore was completed.
@@ -1151,7 +1208,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: datauploads.velero.io
@@ -1293,6 +1350,17 @@ spec:
status:
description: DataUploadStatus is the current status of a DataUpload.
properties:
acceptedByNode:
description: AcceptedByNode is name of the node where the DataUpload
is prepared.
type: string
acceptedTimestamp:
description: |-
AcceptedTimestamp records the time the DataUpload is to be prepared.
The server's time is used for AcceptedTimestamp
format: date-time
nullable: true
type: string
completionTimestamp:
description: |-
CompletionTimestamp records the time a backup was completed.
@@ -1315,6 +1383,13 @@ spec:
node:
description: Node is name of the node where the DataUpload is processed.
type: string
nodeOS:
description: NodeOS is OS of the node where the DataUpload is processed.
enum:
- auto
- linux
- windows
type: string
path:
description: Path is the full path of the snapshot volume being backed
up.
@@ -1367,7 +1442,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: deletebackuprequests.velero.io
@@ -1447,7 +1522,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: downloadrequests.velero.io
@@ -1547,7 +1622,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: podvolumebackups.velero.io
@@ -1642,7 +1717,6 @@ spec:
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
@@ -1772,7 +1846,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: podvolumerestores.velero.io
@@ -1864,7 +1938,6 @@ spec:
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
@@ -1983,7 +2056,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: restores.velero.io
@@ -2120,11 +2193,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -2273,11 +2348,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -2336,11 +2413,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -2541,7 +2620,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: schedules.velero.io
@@ -2642,7 +2721,6 @@ spec:
DefaultVolumesToRestic specifies whether restic should be used to take a
backup of all pod volumes by default.
Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead.
nullable: true
type: boolean
@@ -2755,11 +2833,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -2945,11 +3025,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -3006,11 +3088,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@@ -3140,7 +3224,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: serverstatusrequests.velero.io
@@ -3226,7 +3310,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
labels:
component: velero
name: volumesnapshotlocations.velero.io
@@ -3282,10 +3366,13 @@ spec:
valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the Secret or its key must be defined
@@ -3317,17 +3404,19 @@ spec:
storage: true
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-server
namespace: velero
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
annotations:
@@ -3338,7 +3427,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-server-upgrade-crds
namespace: velero
---
@@ -3350,7 +3439,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-server
namespace: velero
rules:
@@ -3373,7 +3462,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-upgrade-crds
rules:
- apiGroups:
@@ -3395,7 +3484,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-server
namespace: velero
roleRef:
@@ -3415,7 +3504,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-server
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -3438,7 +3527,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-upgrade-crds
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -3456,7 +3545,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero
namespace: velero
spec:
@@ -3477,8 +3566,9 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
app.kubernetes.io/version: 1.16.2
component: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero
namespace: velero
spec:
@@ -3499,14 +3589,17 @@ spec:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
app.kubernetes.io/version: 1.16.2
helm.sh/chart: velero-10.1.1
name: velero
spec:
automountServiceAccountToken: true
containers:
- args:
- server
- --uploader-type=kopia
- --features=EnableCSI
- --keep-latest-maintenance-jobs=3
command:
- /velero
env:
@@ -3527,7 +3620,7 @@ spec:
value: /credentials/cloud
- name: ALIBABA_CLOUD_CREDENTIALS_FILE
value: /credentials/cloud
image: velero/velero:v1.16.1
image: velero/velero:v1.16.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
@@ -3562,7 +3655,7 @@ spec:
name: scratch
dnsPolicy: ClusterFirst
initContainers:
- image: velero/velero-plugin-for-aws:v1.12.0
- image: velero/velero-plugin-for-aws:v1.12.2
imagePullPolicy: IfNotPresent
name: velero-plugin-for-aws
volumeMounts:
@@ -3587,7 +3680,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: node-agent
namespace: velero
spec:
@@ -3604,9 +3697,11 @@ spec:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: node-agent
role: node-agent
spec:
automountServiceAccountToken: true
containers:
- args:
- node-agent
@@ -3633,7 +3728,7 @@ spec:
value: /credentials/cloud
- name: ALIBABA_CLOUD_CREDENTIALS_FILE
value: /credentials/cloud
image: velero/velero:v1.16.1
image: velero/velero:v1.16.2
imagePullPolicy: IfNotPresent
name: node-agent
ports:
@@ -3646,6 +3741,9 @@ spec:
- mountPath: /host_pods
mountPropagation: HostToContainer
name: host-pods
- mountPath: /host_plugins
mountPropagation: HostToContainer
name: host-plugins
- mountPath: /scratch
name: scratch
dnsPolicy: ClusterFirst
@@ -3660,6 +3758,9 @@ spec:
- hostPath:
path: /var/lib/kubelet/pods
name: host-pods
- hostPath:
path: /var/lib/kubelet/plugins
name: host-plugins
- emptyDir: {}
name: scratch
---
@@ -3674,7 +3775,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: velero-upgrade-crds
namespace: velero
spec:
@@ -3683,13 +3784,14 @@ spec:
metadata:
name: velero-upgrade-crds
spec:
automountServiceAccountToken: true
containers:
- args:
- -c
- /velero install --crds-only --dry-run -o yaml | /tmp/kubectl apply -f -
command:
- /tmp/sh
image: velero/velero:v1.16.1
image: velero/velero:v1.16.2
imagePullPolicy: IfNotPresent
name: velero
volumeMounts:
@@ -3720,7 +3822,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: nas
namespace: velero
spec:
@@ -3742,7 +3844,7 @@ metadata:
app.kubernetes.io/instance: velero
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: velero
helm.sh/chart: velero-7.0.0
helm.sh/chart: velero-10.1.1
name: nas
namespace: velero
spec:

2
velero/src/kustomization.yaml
View File

@@ -5,7 +5,7 @@ kind: Kustomization
helmCharts:
- name: velero
repo: https://vmware-tanzu.github.io/helm-charts
version: 7.0.0
version: 10.1.1
releaseName: velero
includeCRDs: true
namespace: velero

201
velero/src/values.yaml
View File

@@ -7,18 +7,12 @@ namespace:
labels: {}
# Enforce Pod Security Standards with Namespace Labels
# https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels/
# - key: pod-security.kubernetes.io/enforce
# value: privileged
# - key: pod-security.kubernetes.io/enforce-version
# value: latest
# - key: pod-security.kubernetes.io/audit
# value: privileged
# - key: pod-security.kubernetes.io/audit-version
# value: latest
# - key: pod-security.kubernetes.io/warn
# value: privileged
# - key: pod-security.kubernetes.io/warn-version
# value: latest
# pod-security.kubernetes.io/enforce: privileged
# pod-security.kubernetes.io/enforce-version: latest
# pod-security.kubernetes.io/audit: privileged
# pod-security.kubernetes.io/audit-version: latest
# pod-security.kubernetes.io/warn: privileged
# pod-security.kubernetes.io/warn-version: latest
##
## End of namespace-related settings.
@@ -33,7 +27,7 @@ namespace:
# enabling node-agent). Required.
image:
repository: velero/velero
tag: v1.16.1
tag: v1.16.2
# Digest value example: sha256:d238835e151cec91c6a811fe3a89a66d3231d9f64d09e5f3c49552672d271f38.
# If used, it will take precedence over the image.tag.
# digest:
@@ -81,6 +75,22 @@ resources: {}
# cpu: 1000m
# memory: 512Mi
# Container resize policy for the Velero deployment.
# See: https://kubernetes.io/docs/tasks/configure-pod-container/resize-container-resources/
resizePolicy: []
# - resourceName: cpu
# restartPolicy: NotRequired
# - resourceName: memory
# restartPolicy: RestartContainer
# Configure hostAliases for Velero deployment. Optional
# For more information, check: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/
hostAliases: []
# - ip: "127.0.0.1"
# hostnames:
# - "foo.local"
# - "bar.local"
# Resource requests/limits to specify for the upgradeCRDs job pod. Need to be adjusted by user accordingly.
upgradeJobResources: {}
# requests:
@@ -94,9 +104,23 @@ upgradeCRDsJob:
extraVolumes: []
# Extra volumeMounts for the Upgrade CRDs Job. Optional.
extraVolumeMounts: []
# Extra key/value pairs to be used as environment variables. Optional.
extraEnvVars: {}
# Additional values to be used as environment variables. Optional.
extraEnvVars: []
# Simple value
# - name: SIMPLE_VAR
# value: "simple-value"
# FieldRef example
# - name: MY_POD_LABEL
# valueFrom:
# fieldRef:
# fieldPath: metadata.labels['my_label']
# Configure if API credential for Service Account is automounted.
automountServiceAccountToken: true
# Configure the shell cmd in case you are using custom image
# shellCmd: /tmp/sh
# updateCmd: /velero install --crds-only --dry-run -o yaml | /tmp/kubectl apply -f -
# Configure the dnsPolicy of the Velero deployment
# See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
@@ -106,7 +130,7 @@ dnsPolicy: ClusterFirst
# If the value is a string then it is evaluated as a template.
initContainers:
- name: velero-plugin-for-aws
image: velero/velero-plugin-for-aws:v1.12.0
image: velero/velero-plugin-for-aws:v1.12.2
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /target
@@ -216,7 +240,19 @@ metrics:
# service metdata if metrics are enabled
service:
annotations: {}
type: ClusterIP
labels: {}
nodePort: null
# External/Internal traffic policy setting (Cluster, Local)
# https://kubernetes.io/docs/reference/networking/virtual-ips/#traffic-policies
externalTrafficPolicy: ""
internalTrafficPolicy: ""
# the IP family policy for the metrics Service to be able to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services).
ipFamilyPolicy: ""
# a list of IP families for the metrics Service that should be supported, in the order in which they should be applied to ClusterIP. Can be "IPv4" and/or "IPv6".
ipFamilies: []
# Pod annotations for Prometheus
podAnnotations:
@@ -262,19 +298,40 @@ metrics:
# namespace: ""
# Rules to be deployed
spec: []
# - alert: VeleroBackupPartialFailures
# - alert: VeleroBackupFailed
# annotations:
# message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} partialy failed backups.
# message: Velero backup {{ $labels.schedule }} has failed
# expr: |-
# velero_backup_partial_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25
# velero_backup_last_status{schedule!=""} != 1
# for: 15m
# labels:
# severity: warning
# - alert: VeleroBackupFailures
# - alert: VeleroBackupFailing
# annotations:
# message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} failed backups.
# message: Velero backup {{ $labels.schedule }} has been failing for the last 12h
# expr: |-
# velero_backup_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25
# velero_backup_last_status{schedule!=""} != 1
# for: 12h
# labels:
# severity: critical
# - alert: VeleroNoNewBackup
# annotations:
# message: Velero backup {{ $labels.schedule }} has not run successfuly in the last 30h
# expr: |-
# (
# rate(velero_backup_last_successful_timestamp{schedule!=""}[15m]) <=bool 0
# or
# absent(velero_backup_last_successful_timestamp{schedule!=""})
# ) == 1
# for: 30h
# labels:
# severity: critical
# - alert: VeleroBackupPartialFailures
# annotations:
# message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} partialy failed backups
# expr: |-
# rate(velero_backup_partial_failure_total{schedule!=""}[25m])
# / rate(velero_backup_attempt_total{schedule!=""}[25m]) > 0.5
# for: 15m
# labels:
# severity: warning
@@ -296,6 +353,10 @@ kubectl:
annotations: {}
# Labels to set for the upgrade/cleanup job. Optional.
labels: {}
# Extra volumes for the upgrade/cleanup job. Optional.
extraVolumes: []
# Extra volumeMounts for the upgrade/cleanup job.. Optional.
extraVolumeMounts: []
# This job upgrades the CRDs.
upgradeCRDs: true
@@ -365,7 +426,8 @@ configuration:
# Parameters for the VolumeSnapshotLocation(s). Configure multiple by adding other element(s) to the volumeSnapshotLocation slice.
# See https://velero.io/docs/v1.6/api-types/volumesnapshotlocation/
volumeSnapshotLocation:
# name is the name of the volume snapshot location where snapshots are being taken. Required.
# name is the name of the volume snapshot location where snapshots are being taken. If a name is not provided,
# a volume snapshot location will be created with the name "default". Optional.
- name: nas
# provider is the name for the volume snapshot provider.
provider: aws
@@ -420,6 +482,8 @@ configuration:
disableInformerCache: false
# `velero server` default: 1h
garbageCollectionFrequency:
# `velero server` default: 1
itemBlockWorkerCount:
# Set log-format for Velero pod. Default: text. Other option: json.
logFormat:
# Set log-level for Velero pod. Default: info. Other options: debug, warning, error, fatal, panic.
@@ -443,6 +507,8 @@ configuration:
# Comma separated list of velero feature flags. default: empty
# features: EnableCSI
features: EnableCSI
# Configures the timeout for provisioning the volume created from the CSI snapshot. Default: 30m
dataMoverPrepareTimeout:
# Resource requests/limits to specify for the repository-maintenance job. Optional.
# https://velero.io/docs/v1.14/repository-maintenance/#resource-limitation
repositoryMaintenanceJob:
@@ -454,14 +520,64 @@ configuration:
# memory: 1024Mi
# Number of latest maintenance jobs to keep for each repository
latestJobsCount: 3
# Per-repository resource settings ConfigMap
# This ConfigMap allows specifying different settings for different repositories
# See: https://velero.io/docs/main/repository-maintenance/
repositoryConfigData:
# Name of the ConfigMap to create. If not provided, will use "velero-repo-maintenance"
name: "velero-repo-maintenance"
# Global configuration applied to all repositories
# This configuration is used when no specific repository configuration is found
# global:
# podResources:
# cpuRequest: "100m"
# cpuLimit: "200m"
# memoryRequest: "100Mi"
# memoryLimit: "200Mi"
# keepLatestMaintenanceJobs: 1
# loadAffinity:
# - nodeSelector:
# matchExpressions:
# - key: "cloud.google.com/machine-family"
# operator: "In"
# values: ["e2"]
# - nodeSelector:
# matchExpressions:
# - key: "topology.kubernetes.io/zone"
# operator: "In"
# values: ["us-central1-a", "us-central1-b", "us-central1-c"]
# priorityClassName: "low-priority" # Note: priorityClassName is only supported in global configuration
global: {}
# Repository-specific configurations
# Repository keys are formed as: "{namespace}-{storageLocation}-{repositoryType}"
# For example: "default-default-kopia" or "prod-s3-backup-kopia"
# Note: priorityClassName is NOT supported in repository-specific configurations
# repositories:
# "kibishii-default-kopia":
# podResources:
# cpuRequest: "200m"
# cpuLimit: "400m"
# memoryRequest: "200Mi"
# memoryLimit: "400Mi"
# keepLatestMaintenanceJobs: 2
repositories: {}
# `velero server` default: velero
namespace:
# additional command-line arguments that will be passed to the `velero server`
# e.g.: extraArgs: ["--foo=bar"]
extraArgs: []
# additional key/value pairs to be used as environment variables such as "AWS_CLUSTER_NAME: 'yourcluster.domain.tld'"
extraEnvVars: {}
# Additional values to be used as environment variables. Optional.
extraEnvVars: []
# Simple value
# - name: SIMPLE_VAR
# value: "simple-value"
# FieldRef example
# - name: MY_POD_LABEL
# valueFrom:
# fieldRef:
# fieldPath: metadata.labels['my_label']
# Set true for backup all pod volumes without having to apply annotation on the pod when used file system backup Default: false.
defaultVolumesToFsBackup:
@@ -495,6 +611,8 @@ serviceAccount:
labels:
imagePullSecrets: []
# - registrySecretName
# Configure if API credential for Service Account is automounted.
automountServiceAccountToken: true
# Info about the secret to be used by the Velero deployment, which
# should contain credentials for the cloud provider IAM account you've
@@ -542,6 +660,8 @@ nodeAgent:
pluginVolumePath: /var/lib/kubelet/plugins
# Pod priority class name to use for the node-agent daemonset. Optional.
priorityClassName: ""
# Pod runtime class name to use for the node-agent daemonset. Optional.
runtimeClassName: ""
# Resource requests/limits to specify for the node-agent daemonset deployment. Optional.
# https://velero.io/docs/v1.6/customize-installation/#customize-resource-requests-and-limits
resources: {}
@@ -551,6 +671,13 @@ nodeAgent:
# limits:
# cpu: 1000m
# memory: 1024Mi
# Container resize policy for the node-agent daemonset.
# See: https://kubernetes.io/docs/tasks/configure-pod-container/resize-container-resources/
resizePolicy: []
# - resourceName: cpu
# restartPolicy: NotRequired
# - resourceName: memory
# restartPolicy: RestartContainer
# Tolerations to use for the node-agent daemonset. Optional.
tolerations: []
@@ -576,8 +703,17 @@ nodeAgent:
# Extra volumeMounts for the node-agent daemonset. Optional.
extraVolumeMounts: []
# Key/value pairs to be used as environment variables for the node-agent daemonset. Optional.
extraEnvVars: {}
# Additional values to be used as environment variables for node-agent daemonset. Optional.
extraEnvVars: []
# Simple key/value
# - name: SIMPLE_VAR
# value: "simple-value"
# FieldRef example
# - name: MY_POD_LABEL
# valueFrom:
# fieldRef:
# fieldPath: metadata.labels['my_label']
# Additional command-line arguments that will be passed to the node-agent. Optional.
# e.g.: extraArgs: ["--foo=bar"]
@@ -587,6 +723,14 @@ nodeAgent:
# See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
dnsPolicy: ClusterFirst
# Configure hostAliases for node-agent daemonset. Optional
# For more information, check: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/
hostAliases: []
# - ip: "127.0.0.1"
# hostnames:
# - "foo.local"
# - "bar.local"
# SecurityContext to use for the Velero deployment. Optional.
# Set fsGroup for `AWS IAM Roles for Service Accounts`
# see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
@@ -665,5 +809,4 @@ configMaps: {}
##
## End of additional Velero resource settings.
##
##