Velero with Google Cloud Storage Buckets - Prepare your Environment
Prerequisites
Ensure you have installed Velero (included in the default DKP installation).
Ensure you have installed the Velero CLI.
Ensure you have installed the gcloud CLI.
Optional: You can install the gsutil CLI (or opt to create buckets through the GCS Console)
Ensure you have created a GCS bucket.
Ensure you have sufficient access rights to the bucket you want to use for backup. For more information about GCP-related access control, refer to the official documentation of the Google Cloud Storage platform.
Set Environment Variables
Set the
BUCKET
environment variable to the name of the GCS container you want to use as backup storage:CODEexport BUCKET=<GCS-bucket-name>
Set the
WORKSPACE_NAMESPACE
environment variable to the name of the workspace’s namespace. Replace<workspace_namespace>
with the name of the target workspace:CODEexport WORKSPACE_NAMESPACE=<workspace_namespace>
This can be the
kommander
namespace for the Management cluster or any other additional workspace namespace for Attached or Managed clusters. To list all available workspace namespaces, use thekubectl get kommandercluster -A
command.Set the
CLUSTER_NAME
environment variable. Replace<target_cluster>
with the name of the cluster where you want to set up Velero:CODEexport CLUSTER_NAME=<target_cluster>
Prepare your Google Credentials
You can store your backups in Google Cloud Platform/GCS buckets.
See https://cloud.google.com/storage/docs/creating-buckets#required-roles for more information on setting up access to your bucket.
Create a
credentials-velero
file with the information required to create a secret.
Replace<service-account-email>
with the email address you used to grant permissions to your bucket. The address usually follows the format<service-account-user>@<gcp-project>.iam.gserviceaccount.com
.CODEgcloud iam service-accounts keys create credentials-velero \ --iam-account <service-account-email>
Use the
credentials-velero
file to create the secret:CODEkubectl create secret generic -n ${WORKSPACE_NAMESPACE} velero-gcp-credentials --from-file=gcp=credentials-velero --kubeconfig=${CLUSTER_NAME}.conf