diff --git a/velero/main.yaml b/velero/main.yaml index e2e523e..4e92d1f 100644 --- a/velero/main.yaml +++ b/velero/main.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: backuprepositories.velero.io @@ -55,6 +55,13 @@ spec: description: MaintenanceFrequency is how often maintenance should be run. type: string + repositoryConfig: + additionalProperties: + type: string + description: RepositoryConfig is for repository-specific configuration + fields. + nullable: true + type: object repositoryType: description: RepositoryType indicates the type of the backend repository enum: @@ -82,8 +89,8 @@ spec: description: BackupRepositoryStatus is the current status of a BackupRepository. properties: lastMaintenanceTime: - description: LastMaintenanceTime is the last time maintenance was - run. + description: LastMaintenanceTime is the last time repo maintenance + succeeded. format: date-time nullable: true type: string @@ -98,6 +105,33 @@ spec: - Ready - NotReady type: string + recentMaintenance: + description: RecentMaintenance is status of the recent repo maintenance. + items: + properties: + completeTimestamp: + description: CompleteTimestamp is the completion time of the + repo maintenance. + format: date-time + nullable: true + type: string + message: + description: Message is a message about the current status of + the repo maintenance. + type: string + result: + description: Result is the result of the repo maintenance. + enum: + - Succeeded + - Failed + type: string + startTimestamp: + description: StartTimestamp is the start time of the repo maintenance. + format: date-time + nullable: true + type: string + type: object + type: array type: object type: object served: true @@ -108,7 +142,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: backups.velero.io @@ -170,7 +204,6 @@ spec: DefaultVolumesToRestic specifies whether restic should be used to take a backup of all pod volumes by default. - Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. nullable: true type: boolean @@ -283,11 +316,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -471,11 +506,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -532,11 +569,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -770,7 +809,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: backupstoragelocations.velero.io @@ -855,10 +894,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -910,7 +952,6 @@ spec: description: |- AccessMode is an unused field. - Deprecated: there is now an AccessMode field on the Spec and this field will be removed entirely as of v2.0. enum: @@ -922,7 +963,6 @@ spec: LastSyncedRevision is the value of the `metadata/revision` file in the backup storage location the last time the BSL's contents were synced into the cluster. - Deprecated: this field is no longer updated or used for detecting changes to the location's contents and will be removed entirely in v2.0. type: string @@ -960,7 +1000,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: datadownloads.velero.io @@ -1051,6 +1091,13 @@ spec: DataMover specifies the data mover to be used by the backup. If DataMover is "" or "velero", the built-in data mover will be used. type: string + nodeOS: + description: NodeOS is OS of the node where the DataDownload is processed. + enum: + - auto + - linux + - windows + type: string operationTimeout: description: |- OperationTimeout specifies the time used to wait internal operations, @@ -1095,6 +1142,16 @@ spec: status: description: DataDownloadStatus is the current status of a DataDownload. properties: + acceptedByNode: + description: Node is name of the node where the DataUpload is prepared. + type: string + acceptedTimestamp: + description: |- + AcceptedTimestamp records the time the DataUpload is to be prepared. + The server's time is used for AcceptedTimestamp + format: date-time + nullable: true + type: string completionTimestamp: description: |- CompletionTimestamp records the time a restore was completed. @@ -1151,7 +1208,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: datauploads.velero.io @@ -1293,6 +1350,17 @@ spec: status: description: DataUploadStatus is the current status of a DataUpload. properties: + acceptedByNode: + description: AcceptedByNode is name of the node where the DataUpload + is prepared. + type: string + acceptedTimestamp: + description: |- + AcceptedTimestamp records the time the DataUpload is to be prepared. + The server's time is used for AcceptedTimestamp + format: date-time + nullable: true + type: string completionTimestamp: description: |- CompletionTimestamp records the time a backup was completed. @@ -1315,6 +1383,13 @@ spec: node: description: Node is name of the node where the DataUpload is processed. type: string + nodeOS: + description: NodeOS is OS of the node where the DataUpload is processed. + enum: + - auto + - linux + - windows + type: string path: description: Path is the full path of the snapshot volume being backed up. @@ -1367,7 +1442,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: deletebackuprequests.velero.io @@ -1447,7 +1522,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: downloadrequests.velero.io @@ -1547,7 +1622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: podvolumebackups.velero.io @@ -1642,7 +1717,6 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1772,7 +1846,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: podvolumerestores.velero.io @@ -1864,7 +1938,6 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1983,7 +2056,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: restores.velero.io @@ -2120,11 +2193,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2273,11 +2348,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2336,11 +2413,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2541,7 +2620,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: schedules.velero.io @@ -2642,7 +2721,6 @@ spec: DefaultVolumesToRestic specifies whether restic should be used to take a backup of all pod volumes by default. - Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. nullable: true type: boolean @@ -2755,11 +2833,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2945,11 +3025,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3006,11 +3088,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3140,7 +3224,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: serverstatusrequests.velero.io @@ -3226,7 +3310,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 labels: component: velero name: volumesnapshotlocations.velero.io @@ -3282,10 +3366,13 @@ spec: valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -3317,17 +3404,19 @@ spec: storage: true --- apiVersion: v1 +automountServiceAccountToken: true kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-server namespace: velero --- apiVersion: v1 +automountServiceAccountToken: true kind: ServiceAccount metadata: annotations: @@ -3338,7 +3427,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-server-upgrade-crds namespace: velero --- @@ -3350,7 +3439,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-server namespace: velero rules: @@ -3373,7 +3462,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-upgrade-crds rules: - apiGroups: @@ -3395,7 +3484,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-server namespace: velero roleRef: @@ -3415,7 +3504,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-server roleRef: apiGroup: rbac.authorization.k8s.io @@ -3438,7 +3527,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-upgrade-crds roleRef: apiGroup: rbac.authorization.k8s.io @@ -3456,7 +3545,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero namespace: velero spec: @@ -3477,8 +3566,9 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero + app.kubernetes.io/version: 1.16.2 component: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero namespace: velero spec: @@ -3499,14 +3589,17 @@ spec: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + app.kubernetes.io/version: 1.16.2 + helm.sh/chart: velero-10.1.1 name: velero spec: + automountServiceAccountToken: true containers: - args: - server - --uploader-type=kopia - --features=EnableCSI + - --keep-latest-maintenance-jobs=3 command: - /velero env: @@ -3527,7 +3620,7 @@ spec: value: /credentials/cloud - name: ALIBABA_CLOUD_CREDENTIALS_FILE value: /credentials/cloud - image: velero/velero:v1.16.1 + image: velero/velero:v1.16.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 @@ -3562,7 +3655,7 @@ spec: name: scratch dnsPolicy: ClusterFirst initContainers: - - image: velero/velero-plugin-for-aws:v1.12.0 + - image: velero/velero-plugin-for-aws:v1.12.2 imagePullPolicy: IfNotPresent name: velero-plugin-for-aws volumeMounts: @@ -3587,7 +3680,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: node-agent namespace: velero spec: @@ -3604,9 +3697,11 @@ spec: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: node-agent + role: node-agent spec: + automountServiceAccountToken: true containers: - args: - node-agent @@ -3633,7 +3728,7 @@ spec: value: /credentials/cloud - name: ALIBABA_CLOUD_CREDENTIALS_FILE value: /credentials/cloud - image: velero/velero:v1.16.1 + image: velero/velero:v1.16.2 imagePullPolicy: IfNotPresent name: node-agent ports: @@ -3646,6 +3741,9 @@ spec: - mountPath: /host_pods mountPropagation: HostToContainer name: host-pods + - mountPath: /host_plugins + mountPropagation: HostToContainer + name: host-plugins - mountPath: /scratch name: scratch dnsPolicy: ClusterFirst @@ -3660,6 +3758,9 @@ spec: - hostPath: path: /var/lib/kubelet/pods name: host-pods + - hostPath: + path: /var/lib/kubelet/plugins + name: host-plugins - emptyDir: {} name: scratch --- @@ -3674,7 +3775,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: velero-upgrade-crds namespace: velero spec: @@ -3683,13 +3784,14 @@ spec: metadata: name: velero-upgrade-crds spec: + automountServiceAccountToken: true containers: - args: - -c - /velero install --crds-only --dry-run -o yaml | /tmp/kubectl apply -f - command: - /tmp/sh - image: velero/velero:v1.16.1 + image: velero/velero:v1.16.2 imagePullPolicy: IfNotPresent name: velero volumeMounts: @@ -3720,7 +3822,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: nas namespace: velero spec: @@ -3742,7 +3844,7 @@ metadata: app.kubernetes.io/instance: velero app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: velero - helm.sh/chart: velero-7.0.0 + helm.sh/chart: velero-10.1.1 name: nas namespace: velero spec: diff --git a/velero/src/kustomization.yaml b/velero/src/kustomization.yaml index 85e1450..8b0215e 100644 --- a/velero/src/kustomization.yaml +++ b/velero/src/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization helmCharts: - name: velero repo: https://vmware-tanzu.github.io/helm-charts - version: 7.0.0 + version: 10.1.1 releaseName: velero includeCRDs: true namespace: velero diff --git a/velero/src/values.yaml b/velero/src/values.yaml index e211853..3dcc0d6 100644 --- a/velero/src/values.yaml +++ b/velero/src/values.yaml @@ -7,18 +7,12 @@ namespace: labels: {} # Enforce Pod Security Standards with Namespace Labels # https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels/ - # - key: pod-security.kubernetes.io/enforce - # value: privileged - # - key: pod-security.kubernetes.io/enforce-version - # value: latest - # - key: pod-security.kubernetes.io/audit - # value: privileged - # - key: pod-security.kubernetes.io/audit-version - # value: latest - # - key: pod-security.kubernetes.io/warn - # value: privileged - # - key: pod-security.kubernetes.io/warn-version - # value: latest + # pod-security.kubernetes.io/enforce: privileged + # pod-security.kubernetes.io/enforce-version: latest + # pod-security.kubernetes.io/audit: privileged + # pod-security.kubernetes.io/audit-version: latest + # pod-security.kubernetes.io/warn: privileged + # pod-security.kubernetes.io/warn-version: latest ## ## End of namespace-related settings. @@ -33,7 +27,7 @@ namespace: # enabling node-agent). Required. image: repository: velero/velero - tag: v1.16.1 + tag: v1.16.2 # Digest value example: sha256:d238835e151cec91c6a811fe3a89a66d3231d9f64d09e5f3c49552672d271f38. # If used, it will take precedence over the image.tag. # digest: @@ -81,6 +75,22 @@ resources: {} # cpu: 1000m # memory: 512Mi +# Container resize policy for the Velero deployment. +# See: https://kubernetes.io/docs/tasks/configure-pod-container/resize-container-resources/ +resizePolicy: [] + # - resourceName: cpu + # restartPolicy: NotRequired + # - resourceName: memory + # restartPolicy: RestartContainer + +# Configure hostAliases for Velero deployment. Optional +# For more information, check: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/ +hostAliases: [] + # - ip: "127.0.0.1" + # hostnames: + # - "foo.local" + # - "bar.local" + # Resource requests/limits to specify for the upgradeCRDs job pod. Need to be adjusted by user accordingly. upgradeJobResources: {} # requests: @@ -94,9 +104,23 @@ upgradeCRDsJob: extraVolumes: [] # Extra volumeMounts for the Upgrade CRDs Job. Optional. extraVolumeMounts: [] - # Extra key/value pairs to be used as environment variables. Optional. - extraEnvVars: {} + # Additional values to be used as environment variables. Optional. + extraEnvVars: [] + # Simple value + # - name: SIMPLE_VAR + # value: "simple-value" + # FieldRef example + # - name: MY_POD_LABEL + # valueFrom: + # fieldRef: + # fieldPath: metadata.labels['my_label'] + + # Configure if API credential for Service Account is automounted. + automountServiceAccountToken: true + # Configure the shell cmd in case you are using custom image + # shellCmd: /tmp/sh + # updateCmd: /velero install --crds-only --dry-run -o yaml | /tmp/kubectl apply -f - # Configure the dnsPolicy of the Velero deployment # See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy @@ -106,7 +130,7 @@ dnsPolicy: ClusterFirst # If the value is a string then it is evaluated as a template. initContainers: - name: velero-plugin-for-aws - image: velero/velero-plugin-for-aws:v1.12.0 + image: velero/velero-plugin-for-aws:v1.12.2 imagePullPolicy: IfNotPresent volumeMounts: - mountPath: /target @@ -216,7 +240,19 @@ metrics: # service metdata if metrics are enabled service: annotations: {} + type: ClusterIP labels: {} + nodePort: null + + # External/Internal traffic policy setting (Cluster, Local) + # https://kubernetes.io/docs/reference/networking/virtual-ips/#traffic-policies + externalTrafficPolicy: "" + internalTrafficPolicy: "" + + # the IP family policy for the metrics Service to be able to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services). + ipFamilyPolicy: "" + # a list of IP families for the metrics Service that should be supported, in the order in which they should be applied to ClusterIP. Can be "IPv4" and/or "IPv6". + ipFamilies: [] # Pod annotations for Prometheus podAnnotations: @@ -262,19 +298,40 @@ metrics: # namespace: "" # Rules to be deployed spec: [] - # - alert: VeleroBackupPartialFailures + # - alert: VeleroBackupFailed # annotations: - # message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} partialy failed backups. + # message: Velero backup {{ $labels.schedule }} has failed # expr: |- - # velero_backup_partial_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 + # velero_backup_last_status{schedule!=""} != 1 # for: 15m # labels: # severity: warning - # - alert: VeleroBackupFailures + # - alert: VeleroBackupFailing # annotations: - # message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} failed backups. + # message: Velero backup {{ $labels.schedule }} has been failing for the last 12h # expr: |- - # velero_backup_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 + # velero_backup_last_status{schedule!=""} != 1 + # for: 12h + # labels: + # severity: critical + # - alert: VeleroNoNewBackup + # annotations: + # message: Velero backup {{ $labels.schedule }} has not run successfuly in the last 30h + # expr: |- + # ( + # rate(velero_backup_last_successful_timestamp{schedule!=""}[15m]) <=bool 0 + # or + # absent(velero_backup_last_successful_timestamp{schedule!=""}) + # ) == 1 + # for: 30h + # labels: + # severity: critical + # - alert: VeleroBackupPartialFailures + # annotations: + # message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} partialy failed backups + # expr: |- + # rate(velero_backup_partial_failure_total{schedule!=""}[25m]) + # / rate(velero_backup_attempt_total{schedule!=""}[25m]) > 0.5 # for: 15m # labels: # severity: warning @@ -296,6 +353,10 @@ kubectl: annotations: {} # Labels to set for the upgrade/cleanup job. Optional. labels: {} + # Extra volumes for the upgrade/cleanup job. Optional. + extraVolumes: [] + # Extra volumeMounts for the upgrade/cleanup job.. Optional. + extraVolumeMounts: [] # This job upgrades the CRDs. upgradeCRDs: true @@ -365,7 +426,8 @@ configuration: # Parameters for the VolumeSnapshotLocation(s). Configure multiple by adding other element(s) to the volumeSnapshotLocation slice. # See https://velero.io/docs/v1.6/api-types/volumesnapshotlocation/ volumeSnapshotLocation: - # name is the name of the volume snapshot location where snapshots are being taken. Required. + # name is the name of the volume snapshot location where snapshots are being taken. If a name is not provided, + # a volume snapshot location will be created with the name "default". Optional. - name: nas # provider is the name for the volume snapshot provider. provider: aws @@ -420,6 +482,8 @@ configuration: disableInformerCache: false # `velero server` default: 1h garbageCollectionFrequency: + # `velero server` default: 1 + itemBlockWorkerCount: # Set log-format for Velero pod. Default: text. Other option: json. logFormat: # Set log-level for Velero pod. Default: info. Other options: debug, warning, error, fatal, panic. @@ -443,6 +507,8 @@ configuration: # Comma separated list of velero feature flags. default: empty # features: EnableCSI features: EnableCSI + # Configures the timeout for provisioning the volume created from the CSI snapshot. Default: 30m + dataMoverPrepareTimeout: # Resource requests/limits to specify for the repository-maintenance job. Optional. # https://velero.io/docs/v1.14/repository-maintenance/#resource-limitation repositoryMaintenanceJob: @@ -454,14 +520,64 @@ configuration: # memory: 1024Mi # Number of latest maintenance jobs to keep for each repository latestJobsCount: 3 + # Per-repository resource settings ConfigMap + # This ConfigMap allows specifying different settings for different repositories + # See: https://velero.io/docs/main/repository-maintenance/ + repositoryConfigData: + # Name of the ConfigMap to create. If not provided, will use "velero-repo-maintenance" + name: "velero-repo-maintenance" + # Global configuration applied to all repositories + # This configuration is used when no specific repository configuration is found + # global: + # podResources: + # cpuRequest: "100m" + # cpuLimit: "200m" + # memoryRequest: "100Mi" + # memoryLimit: "200Mi" + # keepLatestMaintenanceJobs: 1 + # loadAffinity: + # - nodeSelector: + # matchExpressions: + # - key: "cloud.google.com/machine-family" + # operator: "In" + # values: ["e2"] + # - nodeSelector: + # matchExpressions: + # - key: "topology.kubernetes.io/zone" + # operator: "In" + # values: ["us-central1-a", "us-central1-b", "us-central1-c"] + # priorityClassName: "low-priority" # Note: priorityClassName is only supported in global configuration + global: {} + # Repository-specific configurations + # Repository keys are formed as: "{namespace}-{storageLocation}-{repositoryType}" + # For example: "default-default-kopia" or "prod-s3-backup-kopia" + # Note: priorityClassName is NOT supported in repository-specific configurations + # repositories: + # "kibishii-default-kopia": + # podResources: + # cpuRequest: "200m" + # cpuLimit: "400m" + # memoryRequest: "200Mi" + # memoryLimit: "400Mi" + # keepLatestMaintenanceJobs: 2 + repositories: {} # `velero server` default: velero namespace: # additional command-line arguments that will be passed to the `velero server` # e.g.: extraArgs: ["--foo=bar"] extraArgs: [] - # additional key/value pairs to be used as environment variables such as "AWS_CLUSTER_NAME: 'yourcluster.domain.tld'" - extraEnvVars: {} + # Additional values to be used as environment variables. Optional. + extraEnvVars: [] + # Simple value + # - name: SIMPLE_VAR + # value: "simple-value" + + # FieldRef example + # - name: MY_POD_LABEL + # valueFrom: + # fieldRef: + # fieldPath: metadata.labels['my_label'] # Set true for backup all pod volumes without having to apply annotation on the pod when used file system backup Default: false. defaultVolumesToFsBackup: @@ -495,6 +611,8 @@ serviceAccount: labels: imagePullSecrets: [] # - registrySecretName + # Configure if API credential for Service Account is automounted. + automountServiceAccountToken: true # Info about the secret to be used by the Velero deployment, which # should contain credentials for the cloud provider IAM account you've @@ -542,6 +660,8 @@ nodeAgent: pluginVolumePath: /var/lib/kubelet/plugins # Pod priority class name to use for the node-agent daemonset. Optional. priorityClassName: "" + # Pod runtime class name to use for the node-agent daemonset. Optional. + runtimeClassName: "" # Resource requests/limits to specify for the node-agent daemonset deployment. Optional. # https://velero.io/docs/v1.6/customize-installation/#customize-resource-requests-and-limits resources: {} @@ -551,6 +671,13 @@ nodeAgent: # limits: # cpu: 1000m # memory: 1024Mi + # Container resize policy for the node-agent daemonset. + # See: https://kubernetes.io/docs/tasks/configure-pod-container/resize-container-resources/ + resizePolicy: [] + # - resourceName: cpu + # restartPolicy: NotRequired + # - resourceName: memory + # restartPolicy: RestartContainer # Tolerations to use for the node-agent daemonset. Optional. tolerations: [] @@ -576,8 +703,17 @@ nodeAgent: # Extra volumeMounts for the node-agent daemonset. Optional. extraVolumeMounts: [] - # Key/value pairs to be used as environment variables for the node-agent daemonset. Optional. - extraEnvVars: {} + # Additional values to be used as environment variables for node-agent daemonset. Optional. + extraEnvVars: [] + # Simple key/value + # - name: SIMPLE_VAR + # value: "simple-value" + + # FieldRef example + # - name: MY_POD_LABEL + # valueFrom: + # fieldRef: + # fieldPath: metadata.labels['my_label'] # Additional command-line arguments that will be passed to the node-agent. Optional. # e.g.: extraArgs: ["--foo=bar"] @@ -587,6 +723,14 @@ nodeAgent: # See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy dnsPolicy: ClusterFirst + # Configure hostAliases for node-agent daemonset. Optional + # For more information, check: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/ + hostAliases: [] + # - ip: "127.0.0.1" + # hostnames: + # - "foo.local" + # - "bar.local" + # SecurityContext to use for the Velero deployment. Optional. # Set fsGroup for `AWS IAM Roles for Service Accounts` # see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html @@ -665,5 +809,4 @@ configMaps: {} ## ## End of additional Velero resource settings. -## - +## \ No newline at end of file