From 9cfc18176ca47b5a7a98c3be08e4d0ce5317ee70 Mon Sep 17 00:00:00 2001 From: Jooseppi Luna Date: Mon, 3 Jun 2024 11:14:08 -0400 Subject: [PATCH] Cherrypick v1.4.4 changes into main (#585) * add v1.0.3 support (#524) * add v1.0.3 support * update test files (cherry picked from commit 0763aac57876f0c2da747b5e07532f277c068cf4) * Changed cluster role binding for secrets to role binding on specific namespaces (#527) * Changed cluster role binding for secrets to role binding on specific namespaces * Modified sample CRD * Added Default CSM Namespace * Added csmNamespace in crds and samples * Added namespace - default to role * Hardcoded CSM namespace as dell-csm * Added namespace creation * Added secret names * add Namespace to GetModuleComponentObj * Added secret names * ClusterRole does not have namespace (k8s docs) --------- Co-authored-by: nijayf Co-authored-by: Jooseppi Luna (cherry picked from commit 4e743852d231ea3e24f0354c0f81aad5214133bd) * Remove secret create restriction by resourcenames (#529) * Removed restriction by resourcenames * Moved permissions from clusterrole to role * Moved permissions from clusterrole to role * Update statefulset.yaml * Update statefulset.yaml * Update statefulset.yaml * Added list permission for secret at cluster level * removed list secret * review changes * review changes --------- Co-authored-by: Jooseppi Luna (cherry picked from commit 7520e8acfd8796914fa64d77a417a29757bbe3d5) * dont delete namespaces BRUV (#531) (cherry picked from commit 8ce8e0078cfd2535198f573499078851a7100c5d) --------- Co-authored-by: JacobGros Co-authored-by: Francis Nijay --- .../v1.0.0/statefulset.yaml | 126 +- ...ty-controller-manager-metrics-service.yaml | 25 + .../app-mobility-controller-manager.yaml | 625 ++++ .../v1.0.3/app-mobility-crds.yaml | 784 +++++ .../v1.0.3/app-mobility-webhook-service.yaml | 68 + .../v1.0.3/certificate.yaml | 21 + .../v1.0.3/node-agent.yaml | 73 + .../v1.0.3/velero-backupstoragelocation.yaml | 18 + .../v1.0.3/velero-crds.yaml | 2684 +++++++++++++++++ .../v1.0.3/velero-deployment.yaml | 179 ++ .../v1.0.3/velero-secret.yaml | 14 + .../v1.0.3/velero-volumesnapshotlocation.yaml | 14 + pkg/utils/utils.go | 9 +- .../csm_application_mobility_vanilla.yaml | 2 +- .../csm_application_mobility_with_pflex.yaml | 8 +- ...m_application_mobility_with_pflex_alt.yaml | 8 +- .../powerflex_noAM.yaml | 2 +- 17 files changed, 4635 insertions(+), 25 deletions(-) create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager-metrics-service.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-crds.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-webhook-service.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/certificate.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/node-agent.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-backupstoragelocation.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-crds.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-deployment.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-secret.yaml create mode 100644 operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-volumesnapshotlocation.yaml diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml index 077921e26..632dfc45e 100644 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml +++ b/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml @@ -26,14 +26,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: connectivity-client-docker-k8s - namespace: rules: - apiGroups: [""] resources: ["pods"] verbs: ["list", "watch"] - apiGroups: [""] resources: ["namespaces"] - verbs: ["get", "list", "watch", "create"] + verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["list", "watch"] @@ -58,36 +57,135 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["csidrivers"] verbs: ["list", "watch", "get"] + - apiGroups: ["storage.dell.com"] + resources: ["containerstoragemodules"] + verbs: ["list", "get", "watch"] + - apiGroups: ["mobility.storage.dell.com"] + resources: ["backups"] + verbs: ["list", "get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: connectivity-client-docker-k8s + namespace: +subjects: + - kind: ServiceAccount + name: connectivity-client-docker-k8s + namespace: +roleRef: + kind: ClusterRole + name: connectivity-client-docker-k8s + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connectivity-client-docker-k8s + namespace: +rules: - apiGroups: [""] resources: ["secrets"] - verbs: ["list","get", "create", "update", "delete"] + verbs: ["list","get", "create", "update", "delete", "watch"] - apiGroups: [""] resources: ["configmaps"] verbs: ["get", "create", "delete", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: connectivity-client-docker-k8s + namespace: +subjects: + - kind: ServiceAccount + name: connectivity-client-docker-k8s + namespace: +roleRef: + kind: Role + name: connectivity-client-docker-k8s + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connectivity-client-docker-k8s + namespace: default +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "update", "delete", "watch", "list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: connectivity-client-docker-k8s + namespace: default +subjects: + - kind: ServiceAccount + name: connectivity-client-docker-k8s + namespace: +roleRef: + kind: Role + name: connectivity-client-docker-k8s + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connectivity-client-docker-k8s + namespace: "karavi" +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["list","get", "create", "update", "delete", "watch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "delete", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: connectivity-client-docker-k8s + namespace: "karavi" +subjects: + - kind: ServiceAccount + name: connectivity-client-docker-k8s + namespace: +roleRef: + kind: Role + name: connectivity-client-docker-k8s + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connectivity-client-docker-k8s + namespace: "dell-csm" +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["list","get", "create", "update", "delete","watch"] - apiGroups: ["storage.dell.com"] resources: ["containerstoragemodules"] - verbs: ["list", "create", "get", "delete", "watch"] + verbs: ["create", "delete"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "delete", "update"] - apiGroups: ["mobility.storage.dell.com"] resources: ["backups"] - verbs: ["list", "create", "get"] - - apiGroups: ["cert-manager.io"] - resources: ["issuers"] - verbs: ["list", "get", "create", "delete"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["list", "get", "create", "delete"] + verbs: ["create"] --- apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding +kind: RoleBinding metadata: name: connectivity-client-docker-k8s - namespace: + namespace: "dell-csm" subjects: - kind: ServiceAccount name: connectivity-client-docker-k8s namespace: roleRef: - kind: ClusterRole + kind: Role name: connectivity-client-docker-k8s apiGroup: rbac.authorization.k8s.io --- diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager-metrics-service.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager-metrics-service.yaml new file mode 100644 index 000000000..d59f12d32 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager-metrics-service.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: application-mobility-controller-manager-metrics-service + namespace: +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: -metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager.yaml new file mode 100644 index 000000000..5844f8044 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-controller-manager.yaml @@ -0,0 +1,625 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: application-mobility-controller-manager + namespace: +spec: + replicas: + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + csm: + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --app-mobility-namespace= + - --secret-name= + - --velero-namespace= + command: + - /manager + image: + imagePullPolicy: + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + serviceAccountName: -controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -controller-manager + namespace: +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: -manager-role +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list +- apiGroups: + - mobility.storage.dell.com + resources: + - backups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - backups/finalizers + verbs: + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - backups/status + verbs: + - get + - patch + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumebackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumebackups/finalizers + verbs: + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumebackups/status + verbs: + - get + - patch + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumerestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumerestores/finalizers + verbs: + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - podvolumerestores/status + verbs: + - get + - patch + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - restores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - restores/finalizers + verbs: + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - restores/status + verbs: + - get + - patch + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - clusterconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - clusterconfigs/finalizers + verbs: + - update +- apiGroups: + - mobility.storage.dell.com + resources: + - clusterconfigs/status + verbs: + - get + - patch + - update +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotclasses + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - get + - list +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list +- apiGroups: + - velero.io + resources: + - backups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - velero.io + resources: + - backups/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - velero.io + resources: + - backups/finalizers + verbs: + - update +- apiGroups: + - velero.io + resources: + - backupstoragelocations + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - velero.io + resources: + - deletebackuprequests + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - velero.io + resources: + - podvolumebackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - velero.io + resources: + - podvolumebackups/finalizers + verbs: + - update +- apiGroups: + - velero.io + resources: + - podvolumebackups/status + verbs: + - create + - get + - list + - patch + - update +- apiGroups: + - velero.io + resources: + - podvolumerestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - velero.io + resources: + - backuprepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - velero.io + resources: + - restores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - volumegroup.storage.dell.com + resources: + - dellcsivolumegroupsnapshots + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - schedules + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mobility.storage.dell.com + resources: + - schedules/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: -leader-election-role + namespace: +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: -manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: -manager-role +subjects: +- kind: ServiceAccount + name: -controller-manager + namespace: +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: -manager-role + namespace: +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - get + - list + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: -leader-election-rolebinding + namespace: +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: -leader-election-role +subjects: +- kind: ServiceAccount + name: -controller-manager + namespace: +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: -proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: -proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: -proxy-role +subjects: +- kind: ServiceAccount + name: -controller-manager + namespace: +--- +apiVersion: v1 +data: + controller_manager_config.yaml: "apiVersion: controller-runtime.sigs.k8s.io/v1\r\nkind: ControllerManagerConfig\r\nhealth:\r\n healthProbeBindAddress: :8081\r\nmetrics:\r\n bindAddress: 127.0.0.1:8080\r\nwebhook:\r\n port: 9443\r\nleaderElection:\r\n leaderElect: true\r\n resourceName: 50a66265.storage.dell.com\r\n" +kind: ConfigMap +metadata: + name: -manager-config + namespace: +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: -manager-rolebinding + namespace: +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: -manager-role +subjects: +- kind: ServiceAccount + name: -controller-manager + namespace: \ No newline at end of file diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-crds.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-crds.yaml new file mode 100644 index 000000000..09a0f1b8d --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-crds.yaml @@ -0,0 +1,784 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + cert-manager.io/inject-ca-from: /-serving-cert + controller-gen.kubebuilder.io/version: v0.7.0 + name: backups.mobility.storage.dell.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: -webhook-service + namespace: + path: /convert + conversionReviewVersions: + - v1 + group: mobility.storage.dell.com + names: + kind: Backup + listKind: BackupList + plural: backups + singular: backup + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Backup is the Schema for the backups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupSpec defines the desired state of Backup + properties: + backupLocation: + description: Velero Storage location where k8s resources and application data will be backed up to. Default value is "default" + nullable: true + type: string + clones: + description: Clones is the list of targets where this backup will be cloned to. + items: + properties: + namespaceMapping: + additionalProperties: + type: string + description: NamespaceMapping is a map of source namespace names to target namespace names to restore into. Any source namespaces not included in the map will be restored into namespaces of the same name. + type: object + restoreOnceAvailable: + description: Optionally, specify whether the backup is to be restored to TargetCluster once available. Default value is false. Setting this to true causes the backup to be restored as soon as it is available. + nullable: true + type: boolean + targetCluster: + description: Optionally, specify the targetCluster to restore the backup to. + nullable: true + type: string + type: object + nullable: true + type: array + datamover: + description: Default datamover is Restic + nullable: true + type: string + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces that are not included in the backup. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that are not included in the backup. + items: + type: string + nullable: true + type: array + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped resources should be included for consideration in the backup. + nullable: true + type: boolean + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names to include objects from. If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to include in the backup. If empty, all resources are included. + items: + type: string + nullable: true + type: array + labelSelector: + description: LabelSelector is a metav1.LabelSelector to filter with when adding individual objects to the backup. If empty or nil, all objects are included. Optional. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + podVolumeBackups: + items: + type: string + nullable: true + type: array + ttl: + description: TTL the Dell Backup retention period + type: string + veleroBackup: + nullable: true + type: string + type: object + status: + description: BackupStatus defines the observed state of Backup + properties: + clones: + items: + properties: + clusterUID: + description: ClusterID is the identifier with which cluster was registered - should be the kube-system uid of the targetCLuster + nullable: true + type: string + phase: + description: Phase of the restore + type: string + restoreName: + description: RestoreName is the name of the restore object that will restore the backup. This may or may not be used. + nullable: true + type: string + restoreOnceAvailable: + description: RestoreOnceAvailable + nullable: true + type: boolean + targetCluster: + description: TargetCluster to which the backup will be restored + nullable: true + type: string + type: object + type: array + completionTimestamp: + description: CompletionTimestamp records the time a backup was completed. Completion time is recorded even on failed backups. Completion time is recorded before uploading the backup object. The server's time is used for CompletionTimestamps + format: date-time + nullable: true + type: string + expiration: + description: Expiration is when this Backup is eligible for garbage-collection. + format: date-time + nullable: true + type: string + phase: + description: Phase is the current state of the Backup. + type: string + startTimestamp: + description: StartTimestamp records the time a backup was started. The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: clusterconfigs.mobility.storage.dell.com +spec: + group: mobility.storage.dell.com + names: + kind: ClusterConfig + listKind: ClusterConfigList + plural: clusterconfigs + singular: clusterconfig + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ClusterConfig is the Schema for the clusterconfigs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterConfigSpec defines the desired state of ClusterConfig + properties: + clusterName: + description: ClusterName is the name with which the cluster is being registered. + type: string + kubeConfig: + description: KubeConfig contains the kubeConfig that can be used to connect to the cluster being registered.Either this or SecretRef should be specified. + nullable: true + type: string + secretRef: + description: SecretRef is the name of the secret containing kubeConfig to connect to the cluster. Either this or KubeConfig should be specified. + nullable: true + type: string + required: + - clusterName + type: object + status: + description: ClusterConfigStatus defines the observed state of ClusterConfig + properties: + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: podvolumebackups.mobility.storage.dell.com +spec: + group: mobility.storage.dell.com + names: + kind: PodVolumeBackup + listKind: PodVolumeBackupList + plural: podvolumebackups + singular: podvolumebackup + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: PodVolumeBackup is the Schema for the podvolumebackups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PodVolumeBackupSpec defines the desired state of PodVolumeBackup + properties: + backupFromSourceVolume: + description: BackupFromSourceVolume is the bool that indicates whether to backup from source volume instead of its snapshot + type: boolean + backupStorageLocation: + description: BackupStorage location to backup to + nullable: true + type: string + namespace: + description: Namespace the original pvc and snapshot reside in + nullable: true + type: string + pod: + description: Pod is the name of the pod using the volume to be backed up. + type: string + repoIdentifier: + description: Identifier of the restic repository where this snapshot will be backed up to + type: string + snapshotName: + description: SnapshotName is the name of the snapshot from which to backup + type: string + sourcePVCName: + description: SourcePVCName is the name of the pvc used to provision the volume which is to be backed up + type: string + veleroPodVolumeBackup: + description: Corresponding velero PodVolumeBackup for this dell PodVolumeBackup + nullable: true + type: string + volume: + description: Volume is the name of the volume within the Pod to be backed up. + type: string + required: + - backupFromSourceVolume + - pod + - snapshotName + - sourcePVCName + - volume + type: object + status: + description: PodVolumeBackupStatus defines the observed state of PodVolumeBackup + properties: + phase: + description: Phase is the current state of the Dell PodVolumeBackup. + enum: + - New + - InProgress + - Completed + - Failed + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: podvolumerestores.mobility.storage.dell.com +spec: + group: mobility.storage.dell.com + names: + kind: PodVolumeRestore + listKind: PodVolumeRestoreList + plural: podvolumerestores + singular: podvolumerestore + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: PodVolumeRestore is the Schema for the podvolumerestores API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PodVolumeRestoreSpec defines the desired state of PodVolumeRestore + properties: + backupStorageLocation: + description: BackupStorageLocation is the name of the backup storage location where the restic repository is stored. + type: string + namespace: + description: Should this come from PodVolumeRestore's namespace? Namespace is the namespace the pvc. + type: string + newNamespace: + description: NewNamespace is the namespace that the pod and pvc are being restored to; used only for init-container approach + type: string + podName: + description: PodName is the name of the pod that uses the volume to which data is to be restored; used only for init-container approach + type: string + pvcName: + description: PVCName is the name of the pvc to which data is to be restored + type: string + repoIdentifier: + description: RepoIdentifier is the restic repository identifier. + type: string + resticSnapshotId: + description: ResticSnapshotID is the snapshotID from which data is to be restored + type: string + veleroRestore: + description: Velero restore associated with this pod volume restore; used only for init-container approach + type: string + volumeName: + description: VolumeName is the name of the volume to which data is to be restored; used only for init-container approach + type: string + required: + - backupStorageLocation + - repoIdentifier + type: object + status: + description: PodVolumeRestoreStatus defines the observed state of PodVolumeRestore + properties: + phase: + description: Phase is the current state of the PodVolumeRestore. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: restores.mobility.storage.dell.com +spec: + group: mobility.storage.dell.com + names: + kind: Restore + listKind: RestoreList + plural: restores + singular: restore + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Restore is the Schema for the restores API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RestoreSpec defines the desired state of Restore + properties: + backupName: + description: BackupName is the name of the backup to restore from + type: string + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces in the backup from which resources should not be restored + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that are not included in the restore. + items: + type: string + nullable: true + type: array + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped resources should be included for consideration in the restore. If null, defaults to true. + nullable: true + type: boolean + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names in the backup to retore objects from If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to include in the restore. If empty, all resources in the backup are included. + items: + type: string + nullable: true + type: array + namespaceMapping: + additionalProperties: + type: string + description: NamespaceMapping is a map of source namespace names to target namespace names to restore into. Any source namespaces not included in the map will be restored into namespaces of the same name. + type: object + restorePVs: + description: RestorePVs specifies whether to restore all included PVs + nullable: true + type: boolean + type: object + status: + description: RestoreStatus defines the observed state of Restore + properties: + phase: + description: Phase is the current state of the Restore + type: string + podVolumeRestores: + description: PodVolumeRestores is the slice of podVolumeRestore names created for this Dell restore + items: + type: string + nullable: true + type: array + veleroRestore: + description: VeleroRestore is the name of the velero restore created for this Dell restore + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: application-mobility + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: schedules.mobility.storage.dell.com +spec: + group: mobility.storage.dell.com + names: + kind: Schedule + listKind: ScheduleList + plural: schedules + singular: schedule + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .spec.paused + name: Paused + type: boolean + - jsonPath: .spec.schedule + name: Schedule + type: string + - jsonPath: .status.lastBackupTime + name: lastBackupTime + type: date + name: v1 + schema: + openAPIV3Schema: + description: Schedule is the Schema for the schedules API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ScheduleSpec defines the desired state of Schedule + properties: + backupSpec: + description: BackupSpec is the spec of the Backup to be created on + the specified Schedule. + properties: + backupLocation: + description: Velero Storage location where k8s resources and application + data will be backed up to. Default value is "default" + nullable: true + type: string + clones: + description: Clones is the list of targets where this backup will + be cloned to. + items: + properties: + namespaceMapping: + additionalProperties: + type: string + description: NamespaceMapping is a map of source namespace + names to target namespace names to restore into. Any source + namespaces not included in the map will be restored into + namespaces of the same name. + type: object + restoreOnceAvailable: + description: Optionally, specify whether the backup is to + be restored to TargetCluster once available. Default value + is false. Setting this to true causes the backup to be + restored as soon as it is available. + nullable: true + type: boolean + targetCluster: + description: Optionally, specify the targetCluster to restore + the backup to. + nullable: true + type: string + type: object + nullable: true + type: array + datamover: + description: Default datamover is Restic + nullable: true + type: string + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces + that are not included in the backup. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that + are not included in the backup. + items: + type: string + nullable: true + type: array + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped + resources should be included for consideration in the backup. + nullable: true + type: boolean + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names + to include objects from. If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to + include in the backup. If empty, all resources are included. + items: + type: string + nullable: true + type: array + labelSelector: + description: LabelSelector is a metav1.LabelSelector to filter + with when adding individual objects to the backup. If empty + or nil, all objects are included. Optional. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + podVolumeBackups: + items: + type: string + nullable: true + type: array + ttl: + description: TTL the Dell Backup retention period + type: string + veleroBackup: + nullable: true + type: string + type: object + paused: + description: Paused specifies whether the schedule is paused or not + type: boolean + schedule: + description: Schedule is the cron expression representing when to + create the Backup. + type: string + setOwnerReferencesInBackup: + description: SetOwnerReferencesInBackup specifies whether to set OwnerReferences + on Backups created by this Schedule. + nullable: true + type: boolean + required: + - backupSpec + - schedule + type: object + status: + description: ScheduleStatus defines the observed state of Schedule + properties: + lastBackupTime: + description: LastBackupTime is the last time when a backup was created + successfully from this schedule. + format: date-time + nullable: true + type: string + phase: + description: Phase is the current phase of the schdule. + enum: + - New + - Enabled + - FailedValidation + type: string + validationErrors: + description: ValidationErrors is a list of validation errors, if any + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-webhook-service.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-webhook-service.yaml new file mode 100644 index 000000000..4b26371e1 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/app-mobility-webhook-service.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: Service +metadata: + name: -webhook-service + namespace: +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: controller-manager +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: /-serving-cert + name: -mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: -webhook-service + namespace: + path: /mutate-mobility-storage-dell-com-v1-backup + failurePolicy: Fail + name: mbackup.mobility.storage.dell.com + rules: + - apiGroups: + - mobility.storage.dell.com + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backups + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: /-serving-cert + name: -validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: -webhook-service + namespace: + path: /validate-mobility-storage-dell-com-v1-backup + failurePolicy: Fail + name: vbackup.mobility.storage.dell.com + rules: + - apiGroups: + - mobility.storage.dell.com + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backups + sideEffects: None \ No newline at end of file diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/certificate.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/certificate.yaml new file mode 100644 index 000000000..92903f461 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/certificate.yaml @@ -0,0 +1,21 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: -selfsigned-issuer + namespace: +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: -serving-cert + namespace: +spec: + dnsNames: + - -webhook-service..svc + - -webhook-service..svc.cluster.local + issuerRef: + kind: Issuer + name: -selfsigned-issuer + secretName: webhook-server-cert \ No newline at end of file diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/node-agent.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/node-agent.yaml new file mode 100644 index 000000000..3631a7cde --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/node-agent.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: application-mobility-node-agent + namespace: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +spec: + selector: + matchLabels: + name: application-mobility-node-agent + template: + metadata: + labels: + name: application-mobility-node-agent + csm: application-mobility + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility + spec: + serviceAccountName: application-mobility-velero-server-service-account + terminationGracePeriodSeconds: 3600 + volumes: + - name: cloud-credentials + secret: + secretName: + - name: host-pods + hostPath: + path: /var/lib/kubelet/pods + - name: scratch + emptyDir: {} + dnsPolicy: ClusterFirst + securityContext: + runAsUser: 0 + containers: + - name: node-agent + image: + imagePullPolicy: + command: + - /velero + args: + - node-agent + - server + volumeMounts: + - name: cloud-credentials + mountPath: /credentials + - name: host-pods + mountPath: /host_pods + mountPropagation: HostToContainer + - name: scratch + mountPath: /scratch + env: + - name: VELERO_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: VELERO_SCRATCH_DIR + value: /scratch + - name: AWS_SHARED_CREDENTIALS_FILE + value: /credentials/cloud + securityContext: + privileged: true + resources: + requests: + cpu: 1000m + memory: 1028Mi + limits: + cpu: 2000m + memory: 2024Mi diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-backupstoragelocation.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-backupstoragelocation.yaml new file mode 100644 index 000000000..c187685e6 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-backupstoragelocation.yaml @@ -0,0 +1,18 @@ +apiVersion: velero.io/v1 +kind: BackupStorageLocation +metadata: + name: + namespace: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +spec: + provider: + accessMode: ReadWrite + objectStorage: + bucket: + default: true + config: + region: + s3ForcePathStyle: true + s3Url: diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-crds.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-crds.yaml new file mode 100644 index 000000000..bdfd1f654 --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-crds.yaml @@ -0,0 +1,2684 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: backuprepositories.velero.io +spec: + group: velero.io + names: + kind: BackupRepository + listKind: BackupRepositoryList + plural: backuprepositories + singular: backuprepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.repositoryType + name: Repository Type + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupRepositorySpec is the specification for a BackupRepository. + properties: + backupStorageLocation: + description: BackupStorageLocation is the name of the BackupStorageLocation + that should contain this repository. + type: string + maintenanceFrequency: + description: MaintenanceFrequency is how often maintenance should + be run. + type: string + repositoryType: + description: RepositoryType indicates the type of the backend repository + enum: + - kopia + - restic + - "" + type: string + resticIdentifier: + description: ResticIdentifier is the full restic-compatible string + for identifying this repository. + type: string + volumeNamespace: + description: VolumeNamespace is the namespace this backup repository + contains pod volume backups for. + type: string + required: + - backupStorageLocation + - maintenanceFrequency + - resticIdentifier + - volumeNamespace + type: object + status: + description: BackupRepositoryStatus is the current status of a BackupRepository. + properties: + lastMaintenanceTime: + description: LastMaintenanceTime is the last time maintenance was + run. + format: date-time + nullable: true + type: string + message: + description: Message is a message about the current status of the + BackupRepository. + type: string + phase: + description: Phase is the current state of the BackupRepository. + enum: + - New + - Ready + - NotReady + type: string + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: backups.velero.io +spec: + group: velero.io + names: + kind: Backup + listKind: BackupList + plural: backups + singular: backup + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Backup is a Velero resource that represents the capture of Kubernetes + cluster state at a point in time (API objects and associated volume state). + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupSpec defines the specification for a Velero backup. + properties: + csiSnapshotTimeout: + description: CSISnapshotTimeout specifies the time used to wait for + CSI VolumeSnapshot status turns to ReadyToUse during creation, before + returning error as timeout. The default value is 10 minute. + type: string + defaultVolumesToFsBackup: + description: DefaultVolumesToFsBackup specifies whether pod volume + file system backup should be used for all volumes by default. + nullable: true + type: boolean + defaultVolumesToRestic: + description: "DefaultVolumesToRestic specifies whether restic should + be used to take a backup of all pod volumes by default. \n Deprecated: + this field is no longer used and will be removed entirely in future. + Use DefaultVolumesToFsBackup instead." + nullable: true + type: boolean + excludedClusterScopedResources: + description: ExcludedClusterScopedResources is a slice of cluster-scoped + resource type names to exclude from the backup. If set to "*", all + cluster-scoped resource types are excluded. The default value is + empty. + items: + type: string + nullable: true + type: array + excludedNamespaceScopedResources: + description: ExcludedNamespaceScopedResources is a slice of namespace-scoped + resource type names to exclude from the backup. If set to "*", all + namespace-scoped resource types are excluded. The default value + is empty. + items: + type: string + nullable: true + type: array + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces that + are not included in the backup. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that are + not included in the backup. + items: + type: string + nullable: true + type: array + hooks: + description: Hooks represent custom behaviors that should be executed + at different phases of the backup. + properties: + resources: + description: Resources are hooks that should be executed when + backing up individual instances of a resource. + items: + description: BackupResourceHookSpec defines one or more BackupResourceHooks + that should be executed based on the rules defined for namespaces, + resources, and label selector. + properties: + excludedNamespaces: + description: ExcludedNamespaces specifies the namespaces + to which this hook spec does not apply. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources specifies the resources to + which this hook spec does not apply. + items: + type: string + nullable: true + type: array + includedNamespaces: + description: IncludedNamespaces specifies the namespaces + to which this hook spec applies. If empty, it applies + to all namespaces. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources specifies the resources to + which this hook spec applies. If empty, it applies to + all resources. + items: + type: string + nullable: true + type: array + labelSelector: + description: LabelSelector, if specified, filters the resources + to which this hook spec applies. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + name: + description: Name is the name of this hook. + type: string + post: + description: PostHooks is a list of BackupResourceHooks + to execute after storing the item in the backup. These + are executed after all "additional items" from item actions + are processed. + items: + description: BackupResourceHook defines a hook for a resource. + properties: + exec: + description: Exec defines an exec hook. + properties: + command: + description: Command is the command and arguments + to execute. + items: + type: string + minItems: 1 + type: array + container: + description: Container is the container in the + pod where the command should be executed. If + not specified, the pod's first container is + used. + type: string + onError: + description: OnError specifies how Velero should + behave if it encounters an error executing this + hook. + enum: + - Continue + - Fail + type: string + timeout: + description: Timeout defines the maximum amount + of time Velero should wait for the hook to complete + before considering the execution a failure. + type: string + required: + - command + type: object + required: + - exec + type: object + type: array + pre: + description: PreHooks is a list of BackupResourceHooks to + execute prior to storing the item in the backup. These + are executed before any "additional items" from item actions + are processed. + items: + description: BackupResourceHook defines a hook for a resource. + properties: + exec: + description: Exec defines an exec hook. + properties: + command: + description: Command is the command and arguments + to execute. + items: + type: string + minItems: 1 + type: array + container: + description: Container is the container in the + pod where the command should be executed. If + not specified, the pod's first container is + used. + type: string + onError: + description: OnError specifies how Velero should + behave if it encounters an error executing this + hook. + enum: + - Continue + - Fail + type: string + timeout: + description: Timeout defines the maximum amount + of time Velero should wait for the hook to complete + before considering the execution a failure. + type: string + required: + - command + type: object + required: + - exec + type: object + type: array + required: + - name + type: object + nullable: true + type: array + type: object + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped + resources should be included for consideration in the backup. + nullable: true + type: boolean + includedClusterScopedResources: + description: IncludedClusterScopedResources is a slice of cluster-scoped + resource type names to include in the backup. If set to "*", all + cluster-scoped resource types are included. The default value is + empty, which means only related cluster-scoped resources are included. + items: + type: string + nullable: true + type: array + includedNamespaceScopedResources: + description: IncludedNamespaceScopedResources is a slice of namespace-scoped + resource type names to include in the backup. The default value + is "*". + items: + type: string + nullable: true + type: array + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names to include + objects from. If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to include + in the backup. If empty, all resources are included. + items: + type: string + nullable: true + type: array + itemOperationTimeout: + description: ItemOperationTimeout specifies the time used to wait + for asynchronous BackupItemAction operations The default value is + 1 hour. + type: string + labelSelector: + description: LabelSelector is a metav1.LabelSelector to filter with + when adding individual objects to the backup. If empty or nil, all + objects are included. Optional. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + metadata: + properties: + labels: + additionalProperties: + type: string + type: object + type: object + orLabelSelectors: + description: OrLabelSelectors is list of metav1.LabelSelector to filter + with when adding individual objects to the backup. If multiple provided + they will be joined by the OR operator. LabelSelector as well as + OrLabelSelectors cannot co-exist in backup request, only one of + them can be used. + items: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + nullable: true + type: array + orderedResources: + additionalProperties: + type: string + description: OrderedResources specifies the backup order of resources + of specific Kind. The map key is the resource name and value is + a list of object names separated by commas. Each resource name has + format "namespace/objectname". For cluster resources, simply use + "objectname". + nullable: true + type: object + resourcePolicy: + description: ResourcePolicy specifies the referenced resource policies + that backup should follow + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + snapshotVolumes: + description: SnapshotVolumes specifies whether to take snapshots of + any PV's referenced in the set of objects included in the Backup. + nullable: true + type: boolean + storageLocation: + description: StorageLocation is a string containing the name of a + BackupStorageLocation where the backup should be stored. + type: string + ttl: + description: TTL is a time.Duration-parseable string describing how + long the Backup should be retained for. + type: string + volumeSnapshotLocations: + description: VolumeSnapshotLocations is a list containing names of + VolumeSnapshotLocations associated with this backup. + items: + type: string + type: array + type: object + status: + description: BackupStatus captures the current status of a Velero backup. + properties: + backupItemOperationsAttempted: + description: BackupItemOperationsAttempted is the total number of + attempted async BackupItemAction operations for this backup. + type: integer + backupItemOperationsCompleted: + description: BackupItemOperationsCompleted is the total number of + successfully completed async BackupItemAction operations for this + backup. + type: integer + backupItemOperationsFailed: + description: BackupItemOperationsFailed is the total number of async + BackupItemAction operations for this backup which ended with an + error. + type: integer + completionTimestamp: + description: CompletionTimestamp records the time a backup was completed. + Completion time is recorded even on failed backups. Completion time + is recorded before uploading the backup object. The server's time + is used for CompletionTimestamps + format: date-time + nullable: true + type: string + csiVolumeSnapshotsAttempted: + description: CSIVolumeSnapshotsAttempted is the total number of attempted + CSI VolumeSnapshots for this backup. + type: integer + csiVolumeSnapshotsCompleted: + description: CSIVolumeSnapshotsCompleted is the total number of successfully + completed CSI VolumeSnapshots for this backup. + type: integer + errors: + description: Errors is a count of all error messages that were generated + during execution of the backup. The actual errors are in the backup's + log file in object storage. + type: integer + expiration: + description: Expiration is when this Backup is eligible for garbage-collection. + format: date-time + nullable: true + type: string + failureReason: + description: FailureReason is an error that caused the entire backup + to fail. + type: string + formatVersion: + description: FormatVersion is the backup format version, including + major, minor, and patch version. + type: string + phase: + description: Phase is the current state of the Backup. + enum: + - New + - FailedValidation + - InProgress + - WaitingForPluginOperations + - WaitingForPluginOperationsPartiallyFailed + - Finalizing + - FinalizingPartiallyFailed + - Completed + - PartiallyFailed + - Failed + - Deleting + type: string + progress: + description: Progress contains information about the backup's execution + progress. Note that this information is best-effort only -- if Velero + fails to update it during a backup for any reason, it may be inaccurate/stale. + nullable: true + properties: + itemsBackedUp: + description: ItemsBackedUp is the number of items that have actually + been written to the backup tarball so far. + type: integer + totalItems: + description: TotalItems is the total number of items to be backed + up. This number may change throughout the execution of the backup + due to plugins that return additional related items to back + up, the velero.io/exclude-from-backup label, and various other + filters that happen as items are processed. + type: integer + type: object + startTimestamp: + description: StartTimestamp records the time a backup was started. + Separate from CreationTimestamp, since that value changes on restores. + The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + validationErrors: + description: ValidationErrors is a slice of all validation errors + (if applicable). + items: + type: string + nullable: true + type: array + version: + description: 'Version is the backup format major version. Deprecated: + Please see FormatVersion' + type: integer + volumeSnapshotsAttempted: + description: VolumeSnapshotsAttempted is the total number of attempted + volume snapshots for this backup. + type: integer + volumeSnapshotsCompleted: + description: VolumeSnapshotsCompleted is the total number of successfully + completed volume snapshots for this backup. + type: integer + warnings: + description: Warnings is a count of all warning messages that were + generated during execution of the backup. The actual warnings are + in the backup's log file in object storage. + type: integer + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: backupstoragelocations.velero.io +spec: + group: velero.io + names: + kind: BackupStorageLocation + listKind: BackupStorageLocationList + plural: backupstoragelocations + shortNames: + - bsl + singular: backupstoragelocation + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Backup Storage Location status such as Available/Unavailable + jsonPath: .status.phase + name: Phase + type: string + - description: LastValidationTime is the last time the backup store location was + validated + jsonPath: .status.lastValidationTime + name: Last Validated + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Default backup storage location + jsonPath: .spec.default + name: Default + type: boolean + name: v1 + schema: + openAPIV3Schema: + description: BackupStorageLocation is a location where Velero stores backup + objects + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupStorageLocationSpec defines the desired state of a + Velero BackupStorageLocation + properties: + accessMode: + description: AccessMode defines the permissions for the backup storage + location. + enum: + - ReadOnly + - ReadWrite + type: string + backupSyncPeriod: + description: BackupSyncPeriod defines how frequently to sync backup + API objects from object storage. A value of 0 disables sync. + nullable: true + type: string + config: + additionalProperties: + type: string + description: Config is for provider-specific configuration fields. + type: object + credential: + description: Credential contains the credential information intended + to be used with this location + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + default: + description: Default indicates this location is the default backup + storage location. + type: boolean + objectStorage: + description: ObjectStorageLocation specifies the settings necessary + to connect to a provider's object storage. + properties: + bucket: + description: Bucket is the bucket to use for object storage. + type: string + caCert: + description: CACert defines a CA bundle to use when verifying + TLS connections to the provider. + format: byte + type: string + prefix: + description: Prefix is the path inside a bucket to use for Velero + storage. Optional. + type: string + required: + - bucket + type: object + provider: + description: Provider is the provider of the backup storage. + type: string + validationFrequency: + description: ValidationFrequency defines how frequently to validate + the corresponding object storage. A value of 0 disables validation. + nullable: true + type: string + required: + - objectStorage + - provider + type: object + status: + description: BackupStorageLocationStatus defines the observed state of + BackupStorageLocation + properties: + accessMode: + description: "AccessMode is an unused field. \n Deprecated: there + is now an AccessMode field on the Spec and this field will be removed + entirely as of v2.0." + enum: + - ReadOnly + - ReadWrite + type: string + lastSyncedRevision: + description: "LastSyncedRevision is the value of the `metadata/revision` + file in the backup storage location the last time the BSL's contents + were synced into the cluster. \n Deprecated: this field is no longer + updated or used for detecting changes to the location's contents + and will be removed entirely in v2.0." + type: string + lastSyncedTime: + description: LastSyncedTime is the last time the contents of the location + were synced into the cluster. + format: date-time + nullable: true + type: string + lastValidationTime: + description: LastValidationTime is the last time the backup store + location was validated the cluster. + format: date-time + nullable: true + type: string + message: + description: Message is a message about the backup storage location's + status. + type: string + phase: + description: Phase is the current state of the BackupStorageLocation. + enum: + - Available + - Unavailable + type: string + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: deletebackuprequests.velero.io +spec: + group: velero.io + names: + kind: DeleteBackupRequest + listKind: DeleteBackupRequestList + plural: deletebackuprequests + singular: deletebackuprequest + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The name of the backup to be deleted + jsonPath: .spec.backupName + name: BackupName + type: string + - description: The status of the deletion request + jsonPath: .status.phase + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: DeleteBackupRequest is a request to delete one or more backups. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeleteBackupRequestSpec is the specification for which backups + to delete. + properties: + backupName: + type: string + required: + - backupName + type: object + status: + description: DeleteBackupRequestStatus is the current status of a DeleteBackupRequest. + properties: + errors: + description: Errors contains any errors that were encountered during + the deletion process. + items: + type: string + nullable: true + type: array + phase: + description: Phase is the current state of the DeleteBackupRequest. + enum: + - New + - InProgress + - Processed + type: string + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: downloadrequests.velero.io +spec: + group: velero.io + names: + kind: DownloadRequest + listKind: DownloadRequestList + plural: downloadrequests + singular: downloadrequest + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: DownloadRequest is a request to download an artifact from backup + object storage, such as a backup log file. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DownloadRequestSpec is the specification for a download request. + properties: + target: + description: Target is what to download (e.g. logs for a backup). + properties: + kind: + description: Kind is the type of file to download. + enum: + - BackupLog + - BackupContents + - BackupVolumeSnapshots + - BackupItemOperations + - BackupResourceList + - BackupResults + - RestoreLog + - RestoreResults + - RestoreResourceList + - RestoreItemOperations + - CSIBackupVolumeSnapshots + - CSIBackupVolumeSnapshotContents + type: string + name: + description: Name is the name of the kubernetes resource with + which the file is associated. + type: string + required: + - kind + - name + type: object + required: + - target + type: object + status: + description: DownloadRequestStatus is the current status of a DownloadRequest. + properties: + downloadURL: + description: DownloadURL contains the pre-signed URL for the target + file. + type: string + expiration: + description: Expiration is when this DownloadRequest expires and can + be deleted by the system. + format: date-time + nullable: true + type: string + phase: + description: Phase is the current state of the DownloadRequest. + enum: + - New + - Processed + type: string + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: podvolumebackups.velero.io +spec: + group: velero.io + names: + kind: PodVolumeBackup + listKind: PodVolumeBackupList + plural: podvolumebackups + singular: podvolumebackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Pod Volume Backup status such as New/InProgress + jsonPath: .status.phase + name: Status + type: string + - description: Time when this backup was started + jsonPath: .status.startTimestamp + name: Created + type: date + - description: Namespace of the pod containing the volume to be backed up + jsonPath: .spec.pod.namespace + name: Namespace + type: string + - description: Name of the pod containing the volume to be backed up + jsonPath: .spec.pod.name + name: Pod + type: string + - description: Name of the volume to be backed up + jsonPath: .spec.volume + name: Volume + type: string + - description: Backup repository identifier for this backup + jsonPath: .spec.repoIdentifier + name: Repository ID + type: string + - description: The type of the uploader to handle data transfer + jsonPath: .spec.uploaderType + name: Uploader Type + type: string + - description: Name of the Backup Storage Location where this backup should be + stored + jsonPath: .spec.backupStorageLocation + name: Storage Location + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PodVolumeBackupSpec is the specification for a PodVolumeBackup. + properties: + backupStorageLocation: + description: BackupStorageLocation is the name of the backup storage + location where the backup repository is stored. + type: string + node: + description: Node is the name of the node that the Pod is running + on. + type: string + pod: + description: Pod is a reference to the pod containing the volume to + be backed up. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + repoIdentifier: + description: RepoIdentifier is the backup repository identifier. + type: string + tags: + additionalProperties: + type: string + description: Tags are a map of key-value pairs that should be applied + to the volume backup as tags. + type: object + uploaderType: + description: UploaderType is the type of the uploader to handle the + data transfer. + enum: + - kopia + - restic + - "" + type: string + volume: + description: Volume is the name of the volume within the Pod to be + backed up. + type: string + required: + - backupStorageLocation + - node + - pod + - repoIdentifier + - volume + type: object + status: + description: PodVolumeBackupStatus is the current status of a PodVolumeBackup. + properties: + completionTimestamp: + description: CompletionTimestamp records the time a backup was completed. + Completion time is recorded even on failed backups. Completion time + is recorded before uploading the backup object. The server's time + is used for CompletionTimestamps + format: date-time + nullable: true + type: string + message: + description: Message is a message about the pod volume backup's status. + type: string + path: + description: Path is the full path within the controller pod being + backed up. + type: string + phase: + description: Phase is the current state of the PodVolumeBackup. + enum: + - New + - InProgress + - Completed + - Failed + type: string + progress: + description: Progress holds the total number of bytes of the volume + and the current number of backed up bytes. This can be used to display + progress information about the backup operation. + properties: + bytesDone: + format: int64 + type: integer + totalBytes: + format: int64 + type: integer + type: object + snapshotID: + description: SnapshotID is the identifier for the snapshot of the + pod volume. + type: string + startTimestamp: + description: StartTimestamp records the time a backup was started. + Separate from CreationTimestamp, since that value changes on restores. + The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: podvolumerestores.velero.io +spec: + group: velero.io + names: + kind: PodVolumeRestore + listKind: PodVolumeRestoreList + plural: podvolumerestores + singular: podvolumerestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Namespace of the pod containing the volume to be restored + jsonPath: .spec.pod.namespace + name: Namespace + type: string + - description: Name of the pod containing the volume to be restored + jsonPath: .spec.pod.name + name: Pod + type: string + - description: The type of the uploader to handle data transfer + jsonPath: .spec.uploaderType + name: Uploader Type + type: string + - description: Name of the volume to be restored + jsonPath: .spec.volume + name: Volume + type: string + - description: Pod Volume Restore status such as New/InProgress + jsonPath: .status.phase + name: Status + type: string + - description: Pod Volume Restore status such as New/InProgress + format: int64 + jsonPath: .status.progress.totalBytes + name: TotalBytes + type: integer + - description: Pod Volume Restore status such as New/InProgress + format: int64 + jsonPath: .status.progress.bytesDone + name: BytesDone + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PodVolumeRestoreSpec is the specification for a PodVolumeRestore. + properties: + backupStorageLocation: + description: BackupStorageLocation is the name of the backup storage + location where the backup repository is stored. + type: string + pod: + description: Pod is a reference to the pod containing the volume to + be restored. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + repoIdentifier: + description: RepoIdentifier is the backup repository identifier. + type: string + snapshotID: + description: SnapshotID is the ID of the volume snapshot to be restored. + type: string + sourceNamespace: + description: SourceNamespace is the original namespace for namaspace + mapping. + type: string + uploaderType: + description: UploaderType is the type of the uploader to handle the + data transfer. + enum: + - kopia + - restic + - "" + type: string + volume: + description: Volume is the name of the volume within the Pod to be + restored. + type: string + required: + - backupStorageLocation + - pod + - repoIdentifier + - snapshotID + - sourceNamespace + - volume + type: object + status: + description: PodVolumeRestoreStatus is the current status of a PodVolumeRestore. + properties: + completionTimestamp: + description: CompletionTimestamp records the time a restore was completed. + Completion time is recorded even on failed restores. The server's + time is used for CompletionTimestamps + format: date-time + nullable: true + type: string + message: + description: Message is a message about the pod volume restore's status. + type: string + phase: + description: Phase is the current state of the PodVolumeRestore. + enum: + - New + - InProgress + - Completed + - Failed + type: string + progress: + description: Progress holds the total number of bytes of the snapshot + and the current number of restored bytes. This can be used to display + progress information about the restore operation. + properties: + bytesDone: + format: int64 + type: integer + totalBytes: + format: int64 + type: integer + type: object + startTimestamp: + description: StartTimestamp records the time a restore was started. + The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: restores.velero.io +spec: + group: velero.io + names: + kind: Restore + listKind: RestoreList + plural: restores + singular: restore + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Restore is a Velero resource that represents the application + of resources from a Velero backup to a target Kubernetes cluster. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RestoreSpec defines the specification for a Velero restore. + properties: + backupName: + description: BackupName is the unique name of the Velero backup to + restore from. + type: string + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces that + are not included in the restore. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that are + not included in the restore. + items: + type: string + nullable: true + type: array + existingResourcePolicy: + description: ExistingResourcePolicy specifies the restore behavior + for the kubernetes resource to be restored + nullable: true + type: string + hooks: + description: Hooks represent custom behaviors that should be executed + during or post restore. + properties: + resources: + items: + description: RestoreResourceHookSpec defines one or more RestoreResrouceHooks + that should be executed based on the rules defined for namespaces, + resources, and label selector. + properties: + excludedNamespaces: + description: ExcludedNamespaces specifies the namespaces + to which this hook spec does not apply. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources specifies the resources to + which this hook spec does not apply. + items: + type: string + nullable: true + type: array + includedNamespaces: + description: IncludedNamespaces specifies the namespaces + to which this hook spec applies. If empty, it applies + to all namespaces. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources specifies the resources to + which this hook spec applies. If empty, it applies to + all resources. + items: + type: string + nullable: true + type: array + labelSelector: + description: LabelSelector, if specified, filters the resources + to which this hook spec applies. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + name: + description: Name is the name of this hook. + type: string + postHooks: + description: PostHooks is a list of RestoreResourceHooks + to execute during and after restoring a resource. + items: + description: RestoreResourceHook defines a restore hook + for a resource. + properties: + exec: + description: Exec defines an exec restore hook. + properties: + command: + description: Command is the command and arguments + to execute from within a container after a pod + has been restored. + items: + type: string + minItems: 1 + type: array + container: + description: Container is the container in the + pod where the command should be executed. If + not specified, the pod's first container is + used. + type: string + execTimeout: + description: ExecTimeout defines the maximum amount + of time Velero should wait for the hook to complete + before considering the execution a failure. + type: string + onError: + description: OnError specifies how Velero should + behave if it encounters an error executing this + hook. + enum: + - Continue + - Fail + type: string + waitTimeout: + description: WaitTimeout defines the maximum amount + of time Velero should wait for the container + to be Ready before attempting to run the command. + type: string + required: + - command + type: object + init: + description: Init defines an init restore hook. + properties: + initContainers: + description: InitContainers is list of init containers + to be added to a pod during its restore. + items: + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + timeout: + description: Timeout defines the maximum amount + of time Velero should wait for the initContainers + to complete. + type: string + type: object + type: object + type: array + required: + - name + type: object + type: array + type: object + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped + resources should be included for consideration in the restore. If + null, defaults to true. + nullable: true + type: boolean + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names to include + objects from. If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to include + in the restore. If empty, all resources in the backup are included. + items: + type: string + nullable: true + type: array + itemOperationTimeout: + description: ItemOperationTimeout specifies the time used to wait + for RestoreItemAction operations The default value is 1 hour. + type: string + labelSelector: + description: LabelSelector is a metav1.LabelSelector to filter with + when restoring individual objects from the backup. If empty or nil, + all objects are included. Optional. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + namespaceMapping: + additionalProperties: + type: string + description: NamespaceMapping is a map of source namespace names to + target namespace names to restore into. Any source namespaces not + included in the map will be restored into namespaces of the same + name. + type: object + orLabelSelectors: + description: OrLabelSelectors is list of metav1.LabelSelector to filter + with when restoring individual objects from the backup. If multiple + provided they will be joined by the OR operator. LabelSelector as + well as OrLabelSelectors cannot co-exist in restore request, only + one of them can be used + items: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + nullable: true + type: array + preserveNodePorts: + description: PreserveNodePorts specifies whether to restore old nodePorts + from backup. + nullable: true + type: boolean + restorePVs: + description: RestorePVs specifies whether to restore all included + PVs from snapshot + nullable: true + type: boolean + restoreStatus: + description: RestoreStatus specifies which resources we should restore + the status field. If nil, no objects are included. Optional. + nullable: true + properties: + excludedResources: + description: ExcludedResources specifies the resources to which + will not restore the status. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources specifies the resources to which + will restore the status. If empty, it applies to all resources. + items: + type: string + nullable: true + type: array + type: object + scheduleName: + description: ScheduleName is the unique name of the Velero schedule + to restore from. If specified, and BackupName is empty, Velero will + restore from the most recent successful backup created from this + schedule. + type: string + required: + - backupName + type: object + status: + description: RestoreStatus captures the current status of a Velero restore + properties: + completionTimestamp: + description: CompletionTimestamp records the time the restore operation + was completed. Completion time is recorded even on failed restore. + The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + errors: + description: Errors is a count of all error messages that were generated + during execution of the restore. The actual errors are stored in + object storage. + type: integer + failureReason: + description: FailureReason is an error that caused the entire restore + to fail. + type: string + phase: + description: Phase is the current state of the Restore + enum: + - New + - FailedValidation + - InProgress + - WaitingForPluginOperations + - WaitingForPluginOperationsPartiallyFailed + - Completed + - PartiallyFailed + - Failed + type: string + progress: + description: Progress contains information about the restore's execution + progress. Note that this information is best-effort only -- if Velero + fails to update it during a restore for any reason, it may be inaccurate/stale. + nullable: true + properties: + itemsRestored: + description: ItemsRestored is the number of items that have actually + been restored so far + type: integer + totalItems: + description: TotalItems is the total number of items to be restored. + This number may change throughout the execution of the restore + due to plugins that return additional related items to restore + type: integer + type: object + restoreItemOperationsAttempted: + description: RestoreItemOperationsAttempted is the total number of + attempted async RestoreItemAction operations for this restore. + type: integer + restoreItemOperationsCompleted: + description: RestoreItemOperationsCompleted is the total number of + successfully completed async RestoreItemAction operations for this + restore. + type: integer + restoreItemOperationsFailed: + description: RestoreItemOperationsFailed is the total number of async + RestoreItemAction operations for this restore which ended with an + error. + type: integer + startTimestamp: + description: StartTimestamp records the time the restore operation + was started. The server's time is used for StartTimestamps + format: date-time + nullable: true + type: string + validationErrors: + description: ValidationErrors is a slice of all validation errors + (if applicable) + items: + type: string + nullable: true + type: array + warnings: + description: Warnings is a count of all warning messages that were + generated during execution of the restore. The actual warnings are + stored in object storage. + type: integer + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: schedules.velero.io +spec: + group: velero.io + names: + kind: Schedule + listKind: ScheduleList + plural: schedules + singular: schedule + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status of the schedule + jsonPath: .status.phase + name: Status + type: string + - description: A Cron expression defining when to run the Backup + jsonPath: .spec.schedule + name: Schedule + type: string + - description: The last time a Backup was run for this schedule + jsonPath: .status.lastBackup + name: LastBackup + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.paused + name: Paused + type: boolean + name: v1 + schema: + openAPIV3Schema: + description: Schedule is a Velero resource that represents a pre-scheduled + or periodic Backup that should be run. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ScheduleSpec defines the specification for a Velero schedule + properties: + paused: + description: Paused specifies whether the schedule is paused or not + type: boolean + schedule: + description: Schedule is a Cron expression defining when to run the + Backup. + type: string + template: + description: Template is the definition of the Backup to be run on + the provided schedule + properties: + csiSnapshotTimeout: + description: CSISnapshotTimeout specifies the time used to wait + for CSI VolumeSnapshot status turns to ReadyToUse during creation, + before returning error as timeout. The default value is 10 minute. + type: string + defaultVolumesToFsBackup: + description: DefaultVolumesToFsBackup specifies whether pod volume + file system backup should be used for all volumes by default. + nullable: true + type: boolean + defaultVolumesToRestic: + description: "DefaultVolumesToRestic specifies whether restic + should be used to take a backup of all pod volumes by default. + \n Deprecated: this field is no longer used and will be removed + entirely in future. Use DefaultVolumesToFsBackup instead." + nullable: true + type: boolean + excludedClusterScopedResources: + description: ExcludedClusterScopedResources is a slice of cluster-scoped + resource type names to exclude from the backup. If set to "*", + all cluster-scoped resource types are excluded. The default + value is empty. + items: + type: string + nullable: true + type: array + excludedNamespaceScopedResources: + description: ExcludedNamespaceScopedResources is a slice of namespace-scoped + resource type names to exclude from the backup. If set to "*", + all namespace-scoped resource types are excluded. The default + value is empty. + items: + type: string + nullable: true + type: array + excludedNamespaces: + description: ExcludedNamespaces contains a list of namespaces + that are not included in the backup. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources is a slice of resource names that + are not included in the backup. + items: + type: string + nullable: true + type: array + hooks: + description: Hooks represent custom behaviors that should be executed + at different phases of the backup. + properties: + resources: + description: Resources are hooks that should be executed when + backing up individual instances of a resource. + items: + description: BackupResourceHookSpec defines one or more + BackupResourceHooks that should be executed based on the + rules defined for namespaces, resources, and label selector. + properties: + excludedNamespaces: + description: ExcludedNamespaces specifies the namespaces + to which this hook spec does not apply. + items: + type: string + nullable: true + type: array + excludedResources: + description: ExcludedResources specifies the resources + to which this hook spec does not apply. + items: + type: string + nullable: true + type: array + includedNamespaces: + description: IncludedNamespaces specifies the namespaces + to which this hook spec applies. If empty, it applies + to all namespaces. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources specifies the resources + to which this hook spec applies. If empty, it applies + to all resources. + items: + type: string + nullable: true + type: array + labelSelector: + description: LabelSelector, if specified, filters the + resources to which this hook spec applies. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + name: + description: Name is the name of this hook. + type: string + post: + description: PostHooks is a list of BackupResourceHooks + to execute after storing the item in the backup. These + are executed after all "additional items" from item + actions are processed. + items: + description: BackupResourceHook defines a hook for + a resource. + properties: + exec: + description: Exec defines an exec hook. + properties: + command: + description: Command is the command and arguments + to execute. + items: + type: string + minItems: 1 + type: array + container: + description: Container is the container in + the pod where the command should be executed. + If not specified, the pod's first container + is used. + type: string + onError: + description: OnError specifies how Velero + should behave if it encounters an error + executing this hook. + enum: + - Continue + - Fail + type: string + timeout: + description: Timeout defines the maximum amount + of time Velero should wait for the hook + to complete before considering the execution + a failure. + type: string + required: + - command + type: object + required: + - exec + type: object + type: array + pre: + description: PreHooks is a list of BackupResourceHooks + to execute prior to storing the item in the backup. + These are executed before any "additional items" from + item actions are processed. + items: + description: BackupResourceHook defines a hook for + a resource. + properties: + exec: + description: Exec defines an exec hook. + properties: + command: + description: Command is the command and arguments + to execute. + items: + type: string + minItems: 1 + type: array + container: + description: Container is the container in + the pod where the command should be executed. + If not specified, the pod's first container + is used. + type: string + onError: + description: OnError specifies how Velero + should behave if it encounters an error + executing this hook. + enum: + - Continue + - Fail + type: string + timeout: + description: Timeout defines the maximum amount + of time Velero should wait for the hook + to complete before considering the execution + a failure. + type: string + required: + - command + type: object + required: + - exec + type: object + type: array + required: + - name + type: object + nullable: true + type: array + type: object + includeClusterResources: + description: IncludeClusterResources specifies whether cluster-scoped + resources should be included for consideration in the backup. + nullable: true + type: boolean + includedClusterScopedResources: + description: IncludedClusterScopedResources is a slice of cluster-scoped + resource type names to include in the backup. If set to "*", + all cluster-scoped resource types are included. The default + value is empty, which means only related cluster-scoped resources + are included. + items: + type: string + nullable: true + type: array + includedNamespaceScopedResources: + description: IncludedNamespaceScopedResources is a slice of namespace-scoped + resource type names to include in the backup. The default value + is "*". + items: + type: string + nullable: true + type: array + includedNamespaces: + description: IncludedNamespaces is a slice of namespace names + to include objects from. If empty, all namespaces are included. + items: + type: string + nullable: true + type: array + includedResources: + description: IncludedResources is a slice of resource names to + include in the backup. If empty, all resources are included. + items: + type: string + nullable: true + type: array + itemOperationTimeout: + description: ItemOperationTimeout specifies the time used to wait + for asynchronous BackupItemAction operations The default value + is 1 hour. + type: string + labelSelector: + description: LabelSelector is a metav1.LabelSelector to filter + with when adding individual objects to the backup. If empty + or nil, all objects are included. Optional. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + metadata: + properties: + labels: + additionalProperties: + type: string + type: object + type: object + orLabelSelectors: + description: OrLabelSelectors is list of metav1.LabelSelector + to filter with when adding individual objects to the backup. + If multiple provided they will be joined by the OR operator. + LabelSelector as well as OrLabelSelectors cannot co-exist in + backup request, only one of them can be used. + items: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + nullable: true + type: array + orderedResources: + additionalProperties: + type: string + description: OrderedResources specifies the backup order of resources + of specific Kind. The map key is the resource name and value + is a list of object names separated by commas. Each resource + name has format "namespace/objectname". For cluster resources, + simply use "objectname". + nullable: true + type: object + resourcePolicy: + description: ResourcePolicy specifies the referenced resource + policies that backup should follow + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + snapshotVolumes: + description: SnapshotVolumes specifies whether to take snapshots + of any PV's referenced in the set of objects included in the + Backup. + nullable: true + type: boolean + storageLocation: + description: StorageLocation is a string containing the name of + a BackupStorageLocation where the backup should be stored. + type: string + ttl: + description: TTL is a time.Duration-parseable string describing + how long the Backup should be retained for. + type: string + volumeSnapshotLocations: + description: VolumeSnapshotLocations is a list containing names + of VolumeSnapshotLocations associated with this backup. + items: + type: string + type: array + type: object + useOwnerReferencesInBackup: + description: UseOwnerReferencesBackup specifies whether to use OwnerReferences + on backups created by this Schedule. + nullable: true + type: boolean + required: + - schedule + - template + type: object + status: + description: ScheduleStatus captures the current state of a Velero schedule + properties: + lastBackup: + description: LastBackup is the last time a Backup was run for this + Schedule schedule + format: date-time + nullable: true + type: string + phase: + description: Phase is the current phase of the Schedule + enum: + - New + - Enabled + - FailedValidation + type: string + validationErrors: + description: ValidationErrors is a slice of all validation errors + (if applicable) + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: serverstatusrequests.velero.io +spec: + group: velero.io + names: + kind: ServerStatusRequest + listKind: ServerStatusRequestList + plural: serverstatusrequests + shortNames: + - ssr + singular: serverstatusrequest + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServerStatusRequest is a request to access current status information + about the Velero server. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServerStatusRequestSpec is the specification for a ServerStatusRequest. + type: object + status: + description: ServerStatusRequestStatus is the current status of a ServerStatusRequest. + properties: + phase: + description: Phase is the current lifecycle phase of the ServerStatusRequest. + enum: + - New + - Processed + type: string + plugins: + description: Plugins list information about the plugins running on + the Velero server + items: + description: PluginInfo contains attributes of a Velero plugin + properties: + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + nullable: true + type: array + processedTimestamp: + description: ProcessedTimestamp is when the ServerStatusRequest was + processed by the ServerStatusRequestController. + format: date-time + nullable: true + type: string + serverVersion: + description: ServerVersion is the Velero server version. + type: string + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + component: velero + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: volumesnapshotlocations.velero.io +spec: + group: velero.io + names: + kind: VolumeSnapshotLocation + listKind: VolumeSnapshotLocationList + plural: volumesnapshotlocations + shortNames: + - vsl + singular: volumesnapshotlocation + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotLocation is a location where Velero stores volume + snapshots. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeSnapshotLocationSpec defines the specification for + a Velero VolumeSnapshotLocation. + properties: + config: + additionalProperties: + type: string + description: Config is for provider-specific configuration fields. + type: object + credential: + description: Credential contains the credential information intended + to be used with this location + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + provider: + description: Provider is the provider of the volume storage. + type: string + required: + - provider + type: object + status: + description: VolumeSnapshotLocationStatus describes the current status + of a Velero VolumeSnapshotLocation. + properties: + phase: + description: VolumeSnapshotLocationPhase is the lifecycle phase of + a Velero VolumeSnapshotLocation. + enum: + - Available + - Unavailable + type: string + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-deployment.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-deployment.yaml new file mode 100644 index 000000000..5f8217b2a --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-deployment.yaml @@ -0,0 +1,179 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: application-mobility-velero-server + labels: + app.kubernetes.io/component: server + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +subjects: + - kind: ServiceAccount + namespace: + name: application-mobility-velero-server-service-account +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: application-mobility-velero-server + namespace: + labels: + app.kubernetes.io/component: server + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +rules: +- apiGroups: + - "*" + resources: + - "*" + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: application-mobility-velero-server + namespace: + labels: + app.kubernetes.io/component: server + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +subjects: + - kind: ServiceAccount + namespace: + name: application-mobility-velero-server-service-account +roleRef: + kind: Role + name: application-mobility-velero-server + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: application-mobility-velero-server-service-account + namespace: + annotations: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +--- +apiVersion: v1 +kind: Service +metadata: + name: application-mobility-velero-server + namespace: + annotations: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +spec: + type: ClusterIP + ports: + - name: http-monitoring + port: 8085 + targetPort: http-monitoring + selector: + name: velero + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: application-mobility-velero + namespace: + annotations: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility + component: application-mobility-velero +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/instance: application-mobility + app.kubernetes.io/name: application-mobility-velero + template: + metadata: + labels: + name: application-mobility-velero + csm: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility + + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8085" + prometheus.io/path: "/metrics" + spec: + restartPolicy: Always + serviceAccountName: application-mobility-velero-server-service-account + containers: + - name: application-mobility-velero + image: + imagePullPolicy: + ports: + - name: http-monitoring + containerPort: 8085 + command: + - /velero + args: + - server + - --uploader-type=restic + resources: + requests: + cpu: 500m + memory: 128Mi + limits: + cpu: 1000m + memory: 512Mi + volumeMounts: + - name: plugins + mountPath: /plugins + - name: cloud-credentials + mountPath: /credentials + - name: scratch + mountPath: /scratch + - name: tmpdir + mountPath: /tmp + env: + - name: VELERO_SCRATCH_DIR + value: /scratch + - name: VELERO_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_LIBRARY_PATH + value: /plugins + - name: AWS_SHARED_CREDENTIALS_FILE + value: /credentials/cloud + lifecycle: + dnsPolicy: ClusterFirst + initContainers: + - name: + image: + volumeMounts: + - mountPath: /target + name: plugins + - name: + image: + volumeMounts: + - mountPath: /target + name: plugins + volumes: + - name: cloud-credentials + secret: + secretName: + - name: plugins + emptyDir: {} + - name: scratch + emptyDir: {} + - name: tmpdir + emptyDir: {} + securityContext: diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-secret.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-secret.yaml new file mode 100644 index 000000000..0772314bf --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-secret.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: + namespace: + labels: + app.kubernetes.io/name: application-mobility-velero + app.kubernetes.io/instance: application-mobility +type: Opaque +stringData: + cloud: | + [] + aws_access_key_id= + aws_secret_access_key= diff --git a/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-volumesnapshotlocation.yaml b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-volumesnapshotlocation.yaml new file mode 100644 index 000000000..e66d5127b --- /dev/null +++ b/operatorconfig/moduleconfig/application-mobility/v1.0.3/velero-volumesnapshotlocation.yaml @@ -0,0 +1,14 @@ +apiVersion: velero.io/v1 +kind: VolumeSnapshotLocation +metadata: + name: + namespace: + annotations: + labels: + app.kubernetes.io/name: velero + app.kubernetes.io/instance: application-mobility + +spec: + provider: + config: + region: diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 2bdb1bfaa..57daae61e 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -615,7 +615,6 @@ func GetModuleComponentObj(CtrlBuf []byte) ([]crclient.Object, error) { ctrlObjects = append(ctrlObjects, &ct) case "StatefulSet": - var ss appsv1.StatefulSet if err := yaml.Unmarshal(raw, &ss); err != nil { return ctrlObjects, err @@ -638,6 +637,14 @@ func GetModuleComponentObj(CtrlBuf []byte) ([]crclient.Object, error) { } ctrlObjects = append(ctrlObjects, &pv) + + case "Namespace": + var ss corev1.Namespace + if err := yaml.Unmarshal(raw, &ss); err != nil { + return ctrlObjects, err + } + + ctrlObjects = append(ctrlObjects, &ss) } } diff --git a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_vanilla.yaml b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_vanilla.yaml index 5a23f1dff..9e45e503a 100644 --- a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_vanilla.yaml +++ b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_vanilla.yaml @@ -9,7 +9,7 @@ spec: - name: application-mobility # enable: Enable/Disable app-mobility controller enabled: true - configVersion: v1.0.2 + configVersion: v1.0.3 forceRemoveModule: true components: - name: application-mobility-controller-manager diff --git a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex.yaml b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex.yaml index bdbddd00f..48781adfc 100644 --- a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex.yaml +++ b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex.yaml @@ -16,7 +16,7 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: true - configVersion: v2.8.0 + configVersion: v2.9.2 replicas: 1 dnsPolicy: ClusterFirstWithHostNet forceUpdate: false @@ -49,7 +49,7 @@ spec: # sdc-monitor is disabled by default, due to high CPU usage - name: sdc-monitor enabled: false - image: dellemc/sdc:3.6.2 + image: dellemc/sdc:4.5 envs: - name: HOST_PID value: "1" @@ -157,7 +157,7 @@ spec: # effect: "NoSchedule" initContainers: - - image: dellemc/sdc:3.6.2 + - image: dellemc/sdc:4.5 imagePullPolicy: IfNotPresent name: sdc envs: @@ -169,7 +169,7 @@ spec: - name: application-mobility # enable: Enable/Disable app-mobility controller enabled: true - configVersion: v1.0.2 + configVersion: v1.0.3 forceRemoveModule: true components: - name: application-mobility-controller-manager diff --git a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex_alt.yaml b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex_alt.yaml index e09aeb061..54a922477 100644 --- a/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex_alt.yaml +++ b/tests/e2e/testfiles/application-mobility-templates/csm_application_mobility_with_pflex_alt.yaml @@ -16,7 +16,7 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: true - configVersion: v2.8.0 + configVersion: v2.9.2 replicas: 1 dnsPolicy: ClusterFirstWithHostNet forceUpdate: false @@ -49,7 +49,7 @@ spec: # sdc-monitor is disabled by default, due to high CPU usage - name: sdc-monitor enabled: false - image: dellemc/sdc:3.6.2 + image: dellemc/sdc:4.5 envs: - name: HOST_PID value: "1" @@ -157,7 +157,7 @@ spec: # effect: "NoSchedule" initContainers: - - image: dellemc/sdc:3.6.2 + - image: dellemc/sdc:4.5 imagePullPolicy: IfNotPresent name: sdc envs: @@ -169,7 +169,7 @@ spec: - name: application-mobility # enable: Enable/Disable app-mobility controller enabled: true - configVersion: v1.0.2 + configVersion: v1.0.3 forceRemoveModule: true components: - name: application-mobility-controller-manager diff --git a/tests/e2e/testfiles/application-mobility-templates/powerflex_noAM.yaml b/tests/e2e/testfiles/application-mobility-templates/powerflex_noAM.yaml index 03a516d61..1120586c6 100644 --- a/tests/e2e/testfiles/application-mobility-templates/powerflex_noAM.yaml +++ b/tests/e2e/testfiles/application-mobility-templates/powerflex_noAM.yaml @@ -169,7 +169,7 @@ spec: - name: application-mobility # enable: Enable/Disable app-mobility controller enabled: false - configVersion: v1.0.2 + configVersion: v1.0.3 forceRemoveModule: true components: - name: application-mobility-controller-manager