Document velero

.helmdocsignore

@@ -8,4 +8,3 @@ charts/radar-upload-connect-backend/
 charts/radar-upload-connect-frontend/
 charts/radar-upload-source-connector/
 charts/smtp/
-charts/velero/

charts/_templates.gotmpl

@@ -6,9 +6,6 @@
 {{- end }}
 
 {{ define "common.prerequisiteswithpv" -}}
-## Prerequisites
-* Kubernetes 1.17+
-* Kubectl 1.17+
-* Helm 3.1.0+
+{{ template "common.prerequisites" . }}
 * PV provisioner support in the underlying infrastructure
 {{- end }}

charts/velero/Chart.yaml

@@ -1,8 +1,14 @@
 apiVersion: v1
 appVersion: "1.0"
-description: A Helm chart for Kubernetes
+description: A Helm chart for Velero, this chart is an overlay for Velero and adds some default values and a deployment to mirror the local object storage to a remote location.
 name: velero
 version: 0.1.1
+kubeVersion: "<=1.17"
+engine: gotpl
+sources: ["https://github.com/vmware-tanzu/helm-charts/tree/main/charts/velero"]
+deprecated: false
+type: application
+home: "https://velero.io"
 maintainers:
   - email: keyvan@thehyve.nl
     name: Keyvan Hedayati

charts/velero/DOCS.md.gotmpl

@@ -0,0 +1,3 @@
+{{ define "velero.prerequisitess3" -}}
+* S3-compatible object storage
+{{- end }}

charts/velero/README.md

@@ -0,0 +1,77 @@
+
+
+# velero
+
+![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0](https://img.shields.io/badge/AppVersion-1.0-informational?style=flat-square)
+
+A Helm chart for Velero, this chart is an overlay for Velero and adds some default values and a deployment to mirror the local object storage to a remote location.
+
+**Homepage:** <https://velero.io>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| Keyvan Hedayati | keyvan@thehyve.nl |  |
+| Joris Borgdorff | joris@thehyve.nl |  |
+
+## Source Code
+
+* <https://github.com/vmware-tanzu/helm-charts/tree/main/charts/velero>
+
+## Prerequisites
+* Kubernetes 1.17+
+* Kubectl 1.17+
+* Helm 3.1.0+
+* S3-compatible object storage
+
+## Requirements
+
+Kubernetes: `<=1.17`
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://vmware-tanzu.github.io/helm-charts | velero | 2.12.0 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| objectStorageBackupReplicaCount | int | `1` | Number of replicas for object storage backup pod, should be 1 |
+| mc_image.repository | string | `"minio/mc"` | Object storage backup pod image repository |
+| mc_image.tag | string | `"RELEASE.2020-09-03T00-08-28Z"` | Object storage backup pod image tag (immutable tags are recommended) |
+| mc_image.pullPolicy | string | `"IfNotPresent"` | Object storage backup pod image pull policy |
+| local.address | string | `"minio.default:9000"` | Address of local object storage to backup data from |
+| local.accessKey | string | `"accessKey"` | Access key of local object storage |
+| local.secretKey | string | `"secretKey"` | Secret key of local object storage |
+| local.intermediateBucketName | string | `"radar-intermediate-storage"` | Name of local intermediate data bucket |
+| local.outputBucketName | string | `"radar-output-storage"` | Name of local output data bucket |
+| backup.address | string | `"s3.example.com"` | Address of remote object storage to backup data to |
+| backup.accessKey | string | `"accessKey"` | Access key of remote object storage |
+| backup.secretKey | string | `"secretKey"` | Secret key of remote object storage |
+| backup.intermediateBucketName | string | `"radar-intermediate-storage"` | Name of remote intermediate data bucket |
+| backup.outputBucketName | string | `"radar-output-storage"` | Name of remote output data bucket |
+| velero.initContainers | list | check values.yaml | Add plugins to enable using different storage systems, AWS plugin is needed to be able to push to S3-compatible object storages |
+| velero.metrics.enabled | bool | `true` | Enable monitoring metrics to be collected |
+| velero.metrics.serviceMonitor.enabled | bool | `true` | Enable prometheus-operator interface |
+| velero.configuration.provider | string | `"aws"` | Cloud provider being used (e.g. aws, azure, gcp). |
+| velero.configuration.backupStorageLocation | object | Check below | Parameters for the `default` BackupStorageLocation. See https://velero.io/docs/v1.0.0/api-types/backupstoragelocation/ |
+| velero.configuration.backupStorageLocation.name | string | `"default"` | Cloud provider where backups should be stored. Usually should match `configuration.provider`. Required. |
+| velero.configuration.backupStorageLocation.bucket | string | `"radar-base-backups"` | Bucket to store backups in. Required. |
+| velero.configuration.backupStorageLocation.config | object | Check values.yaml | Additional provider-specific configuration. See link above for details of required/optional fields for your provider. |
+| velero.credentials.secretContents.cloud | string | Check values.yaml | Check |
+| velero.snapshotsEnabled | bool | `false` | Don't snapshot volumes where they're not supported |
+| velero.deployRestic | bool | `true` | Deploy restic to backup Kubernetes volumes |
+| velero.restic.podVolumePath | string | `"/var/lib/kubelet/pods"` | Path to find pod volumes |
+| velero.restic.privileged | bool | `false` | Shouldn't need privilege to backup the volumes |
+| velero.restic.priorityClassName | object | `{}` | Pod priority class name to use for the Restic daemonset. Optional. |
+| velero.restic.resources | object | `{}` | Resource requests/limits to specify for the Restic daemonset deployment. Optional. |
+| velero.restic.tolerations | list | `[]` | Tolerations to use for the Restic daemonset. Optional. |
+| velero.restic.extraVolumes | list | `[]` | Extra volumes for the Restic daemonset. Optional. |
+| velero.restic.extraVolumeMounts | list | `[]` | Extra volumeMounts for the Restic daemonset. Optional. |
+| velero.restic.securityContext | object | `{}` | SecurityContext to use for the Velero deployment. Optional. Set fsGroup for `AWS IAM Roles for Service Accounts` see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html |
+| velero.schedules.backup.schedule | string | `"0 3 * * *"` | Backup every day at 3:00 AM |
+| velero.schedules.backup.template.ttl | string | `"240h"` | Keep backup for 10 days |
+| velero.schedules.backup.template.includeClusterResources | bool | `true` | Backup cluster wide resources |
+| velero.schedules.backup.template.snapshotVolumes | bool | `false` | Don't snapshot volumes where they're not supported |
+| velero.schedules.backup.template.includedNamespaces | list | Check values.yaml | Namespaces to backup manifests and volumes from |

charts/velero/README.md.gotmpl

@@ -0,0 +1,19 @@
+{{ template "chart.header" . }}
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.badgesSection" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersSection" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "common.prerequisites" . }}
+{{ template "velero.prerequisitess3" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}

charts/velero/values.yaml

@@ -2,29 +2,45 @@
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 
+# -- Number of replicas for object storage backup pod, should be 1
 objectStorageBackupReplicaCount: 1
 
 mc_image:
+  # -- Object storage backup pod image repository
   repository: minio/mc
+  # -- Object storage backup pod image tag (immutable tags are recommended)
   tag: RELEASE.2020-09-03T00-08-28Z
+  # -- Object storage backup pod image pull policy
   pullPolicy: IfNotPresent
 
 local:
+  # -- Address of local object storage to backup data from
   address: minio.default:9000
+  # -- Access key of local object storage
   accessKey: accessKey
+  # -- Secret key of local object storage
   secretKey: secretKey
+  # -- Name of local intermediate data bucket
   intermediateBucketName: radar-intermediate-storage
+  # -- Name of local output data bucket
   outputBucketName: radar-output-storage
 
 backup:
+  # -- Address of remote object storage to backup data to
   address: s3.example.com
+  # -- Access key of remote object storage
   accessKey: accessKey
+  # -- Secret key of remote object storage
   secretKey: secretKey
+  # -- Name of remote intermediate data bucket
   intermediateBucketName: radar-intermediate-storage
+  # -- Name of remote output data bucket
   outputBucketName: radar-output-storage
 
 # ----
 velero:
+  # -- Add plugins to enable using different storage systems, AWS plugin is needed to be able to push to S3-compatible object storages
+  # @default -- check values.yaml
   initContainers:
     - name: velero-plugin-for-aws
       image: velero/velero-plugin-for-aws:v1.1.0
@@ -34,68 +50,85 @@ velero:
           name: plugins
 
   metrics:
+    # -- Enable monitoring metrics to be collected
     enabled: true
     serviceMonitor:
+      # -- Enable prometheus-operator interface
       enabled: true
 
   configuration:
-    # Cloud provider being used (e.g. aws, azure, gcp).
+    # -- Cloud provider being used (e.g. aws, azure, gcp).
     provider: aws
 
-    # Parameters for the `default` BackupStorageLocation. See
+    # -- Parameters for the `default` BackupStorageLocation. See
     # https://velero.io/docs/v1.0.0/api-types/backupstoragelocation/
+    # @default -- Check below
     backupStorageLocation:
-      # Cloud provider where backups should be stored. Usually should
+      # -- Cloud provider where backups should be stored. Usually should
       # match `configuration.provider`. Required.
       name: default
-      # Bucket to store backups in. Required.
+      # -- Bucket to store backups in. Required.
       bucket: radar-base-backups
-      # Additional provider-specific configuration. See link above
+      # -- Additional provider-specific configuration. See link above
       # for details of required/optional fields for your provider.
+      # @default -- Check values.yaml
       config:
         region: eu-central-1
         s3ForcePathStyle: "true"
         s3Url: "https://s3.amazon.com"
 
   credentials:
     secretContents:
+      # -- Check
+      # @default -- Check values.yaml
       cloud: |
         [default]
         aws_access_key_id=accessKey
         aws_secret_access_key=secretKey
 
+  # -- Don't snapshot volumes where they're not supported
   snapshotsEnabled: false
+
+  # -- Deploy restic to backup Kubernetes volumes
   deployRestic: true
 
   restic:
+    # -- Path to find pod volumes
     podVolumePath: /var/lib/kubelet/pods
+    # -- Shouldn't need privilege to backup the volumes
     privileged: false
-    # Pod priority class name to use for the Restic daemonset. Optional.
+    # -- Pod priority class name to use for the Restic daemonset. Optional.
     priorityClassName: {}
-    # Resource requests/limits to specify for the Restic daemonset deployment. Optional.
+    # -- Resource requests/limits to specify for the Restic daemonset deployment. Optional.
     resources: {}
-    # Tolerations to use for the Restic daemonset. Optional.
+    # -- Tolerations to use for the Restic daemonset. Optional.
     tolerations: []
 
-    # Extra volumes for the Restic daemonset. Optional.
+    # -- Extra volumes for the Restic daemonset. Optional.
     extraVolumes: []
 
-    # Extra volumeMounts for the Restic daemonset. Optional.
+    # -- Extra volumeMounts for the Restic daemonset. Optional.
     extraVolumeMounts: []
 
-    # SecurityContext to use for the Velero deployment. Optional.
+    # -- SecurityContext to use for the Velero deployment. Optional.
     # Set fsGroup for `AWS IAM Roles for Service Accounts`
     # see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
     securityContext: {}
       # fsGroup: 1337
 
   schedules:
     backup:
+      # -- Backup every day at 3:00 AM
       schedule: "0 3 * * *"
       template:
+        # -- Keep backup for 10 days
         ttl: "240h"
+        # -- Backup cluster wide resources
         includeClusterResources: true
+        # -- Don't snapshot volumes where they're not supported
         snapshotVolumes: false
+        # -- Namespaces to backup manifests and volumes from
+        # @default -- Check values.yaml
         includedNamespaces:
           - cert-manager
           - default