-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
22 changed files
with
516 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| # redhat-oadp-operator | ||
|
|
||
| OADP (OpenShift API for Data Protection) operator sets up and installs Data Protection Applications on the OpenShift platform. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| # OADP Operator | ||
|
|
||
| Install OADP Operator. | ||
|
|
||
| Do not use the `base` directory directly, as you will need to patch the `channel` based on the version of OpenShift you are using, or the version of the operator you want to use. | ||
|
|
||
| The current *overlays* available are for the following channels: | ||
|
|
||
| * [stable](operator/overlays/stable) | ||
| * [stable-1.0](operator/overlays/stable-1.0) | ||
| * [stable-1.1](operator/overlays/stable-1.1) | ||
|
|
||
| ## Usage | ||
|
|
||
| If you have cloned the `gitops-catalog` repository, you can install OADP Operator based on the overlay of your choice by running from the root (`gitops-catalog`) directory. | ||
|
|
||
| ``` | ||
| oc apply -k redhat-oadp-operator/operator/overlays/<channel> | ||
| ``` | ||
|
|
||
| Or, without cloning: | ||
|
|
||
| ``` | ||
| oc apply -k https://github.com/redhat-cop/gitops-catalog/redhat-oadp-operator/operator/overlays/<channel> | ||
| ``` | ||
|
|
||
| As part of a different overlay in your own GitOps repo: | ||
|
|
||
| ``` | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
| resources: | ||
| - https://github.com/redhat-cop/gitops-catalog/redhat-oadp-operator/operator/overlays/<channel>?ref=main | ||
| ``` |
33 changes: 33 additions & 0 deletions
33
components/operators/redhat-oadp-operator/instance/base/dpa.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| --- | ||
| apiVersion: oadp.openshift.io/v1alpha1 | ||
| kind: DataProtectionApplication | ||
| metadata: | ||
| name: default | ||
| spec: | ||
| configuration: | ||
| velero: | ||
| defaultPlugins: | ||
| - openshift | ||
| - aws | ||
| restic: | ||
| enable: true | ||
| backupLocations: | ||
| - velero: | ||
| provider: aws | ||
| default: true | ||
| objectStorage: | ||
| bucket: ocp-cluster | ||
| prefix: patch-see-overlay | ||
| config: | ||
| insecureSkipTLSVerify: "false" | ||
| profile: "backupStorage" | ||
| region: us-east-1 | ||
| credential: | ||
| key: cloud | ||
| name: cloud-credentials | ||
| snapshotLocations: | ||
| - velero: | ||
| provider: aws | ||
| config: | ||
| region: us-west-2 | ||
| profile: "volumeSnapshot" |
5 changes: 5 additions & 0 deletions
5
components/operators/redhat-oadp-operator/instance/base/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
|
|
||
| resources: | ||
| - dpa.yaml |
19 changes: 19 additions & 0 deletions
19
components/operators/redhat-oadp-operator/instance/base/secret.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Secret | ||
| metadata: | ||
| name: cloud-credentials | ||
| type: Opqaue | ||
| stringData: | ||
| cloud: | | ||
| [default] | ||
| aws_access_key_id=${AWS_ACCESS_KEY_ID} | ||
| aws_secret_access_key=${AWS_SECRET_ACCESS_KEY} | ||
| [backupStorage] | ||
| aws_access_key_id=${AWS_ACCESS_KEY_ID} | ||
| aws_secret_access_key=${AWS_SECRET_ACCESS_KEY} | ||
| [volumeSnapshot] | ||
| aws_access_key_id=${AWS_ACCESS_KEY_ID} | ||
| aws_secret_access_key=${AWS_SECRET_ACCESS_KEY} |
7 changes: 7 additions & 0 deletions
7
components/operators/redhat-oadp-operator/instance/overlays/default/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
|
|
||
| namespace: openshift-adp | ||
|
|
||
| resources: | ||
| - ../../base |
8 changes: 8 additions & 0 deletions
8
...ents/operators/redhat-oadp-operator/instance/overlays/minio-w-schedule/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
|
|
||
| namespace: openshift-adp | ||
|
|
||
| resources: | ||
| - ../minio | ||
| - schedule.yaml |
93 changes: 93 additions & 0 deletions
93
components/operators/redhat-oadp-operator/instance/overlays/minio-w-schedule/schedule.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,93 @@ | ||
| --- | ||
| apiVersion: velero.io/v1 | ||
| kind: Schedule | ||
| metadata: | ||
| name: daily-full-backup | ||
| spec: | ||
| schedule: 0 1 * * * | ||
| template: | ||
| defaultVolumesToRestic: true | ||
| excludedResources: | ||
| - imagetags.image.openshift.io | ||
| - images.image.openshift.io | ||
| - oauthaccesstokens.oauth.openshift.io | ||
| - oauthauthorizetokens.oauth.openshift.io | ||
| - templateinstances.template.openshift.io | ||
| - clusterserviceversions.operators.coreos.com | ||
| - packagemanifests.packages.operators.coreos.com | ||
| - operatorgroups.operators.coreos.com | ||
| - subscriptions.operators.coreos.com | ||
| - servicebrokers.servicecatalog.k8s.io | ||
| - servicebindings.servicecatalog.k8s.io | ||
| - serviceclasses.servicecatalog.k8s.io | ||
| - serviceinstances.servicecatalog.k8s.io | ||
| - serviceplans.servicecatalog.k8s.io | ||
| - events.events.k8s.io | ||
| - events | ||
| includedNamespaces: | ||
| - '*' | ||
| excludedNamespaces: | ||
| - 'minio' | ||
| snapshotVolumes: false | ||
| ttl: 168h0m0s | ||
| --- | ||
| apiVersion: velero.io/v1 | ||
| kind: Schedule | ||
| metadata: | ||
| name: hourly-object-backup | ||
| spec: | ||
| schedule: 17 * * * * | ||
| template: | ||
| excludedResources: | ||
| - imagetags.image.openshift.io | ||
| - images.image.openshift.io | ||
| - oauthaccesstokens.oauth.openshift.io | ||
| - oauthauthorizetokens.oauth.openshift.io | ||
| - templateinstances.template.openshift.io | ||
| - clusterserviceversions.operators.coreos.com | ||
| - packagemanifests.packages.operators.coreos.com | ||
| - operatorgroups.operators.coreos.com | ||
| - subscriptions.operators.coreos.com | ||
| - servicebrokers.servicecatalog.k8s.io | ||
| - servicebindings.servicecatalog.k8s.io | ||
| - serviceclasses.servicecatalog.k8s.io | ||
| - serviceinstances.servicecatalog.k8s.io | ||
| - serviceplans.servicecatalog.k8s.io | ||
| - events.events.k8s.io | ||
| - events | ||
| includedNamespaces: | ||
| - '*' | ||
| snapshotVolumes: false | ||
| ttl: 24h0m0s | ||
| --- | ||
| apiVersion: velero.io/v1 | ||
| kind: Schedule | ||
| metadata: | ||
| name: weekly-full-backup | ||
| spec: | ||
| schedule: 0 2 * * 1 | ||
| template: | ||
| defaultVolumesToRestic: true | ||
| excludedResources: | ||
| - imagetags.image.openshift.io | ||
| - images.image.openshift.io | ||
| - oauthaccesstokens.oauth.openshift.io | ||
| - oauthauthorizetokens.oauth.openshift.io | ||
| - templateinstances.template.openshift.io | ||
| - clusterserviceversions.operators.coreos.com | ||
| - packagemanifests.packages.operators.coreos.com | ||
| - operatorgroups.operators.coreos.com | ||
| - subscriptions.operators.coreos.com | ||
| - servicebrokers.servicecatalog.k8s.io | ||
| - servicebindings.servicecatalog.k8s.io | ||
| - serviceclasses.servicecatalog.k8s.io | ||
| - serviceinstances.servicecatalog.k8s.io | ||
| - serviceplans.servicecatalog.k8s.io | ||
| - events.events.k8s.io | ||
| - events | ||
| includedNamespaces: | ||
| - '*' | ||
| excludedNamespaces: | ||
| - 'minio' | ||
| snapshotVolumes: false | ||
| ttl: 720h0m0s |
78 changes: 78 additions & 0 deletions
78
components/operators/redhat-oadp-operator/instance/overlays/minio/create-bucket-job.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| --- | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: create-minio-bucket | ||
| annotations: | ||
| argocd.argoproj.io/sync-wave: "1" | ||
| --- | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: RoleBinding | ||
| metadata: | ||
| name: create-minio-bucket | ||
| annotations: | ||
| argocd.argoproj.io/sync-wave: "1" | ||
| roleRef: | ||
| apiGroup: rbac.authorization.k8s.io | ||
| kind: ClusterRole | ||
| name: edit | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: create-minio-bucket | ||
| --- | ||
| apiVersion: batch/v1 | ||
| kind: Job | ||
| metadata: | ||
| name: create-minio-bucket | ||
| annotations: | ||
| argocd.argoproj.io/sync-wave: "2" | ||
| spec: | ||
| backoffLimit: 4 | ||
| template: | ||
| spec: | ||
| serviceAccount: create-minio-bucket | ||
| serviceAccountName: create-minio-bucket | ||
| initContainers: | ||
| - name: wait-for-minio | ||
| image: image-registry.openshift-image-registry.svc:5000/openshift/tools:latest | ||
| imagePullPolicy: IfNotPresent | ||
| envFrom: | ||
| - secretRef: | ||
| name: data-connection-minio | ||
| command: ["/bin/bash"] | ||
| args: | ||
| - -ec | ||
| - |- | ||
| echo -n "Waiting for ${AWS_S3_ENDPOINT}" | ||
| while ! curl -I "${AWS_S3_ENDPOINT}/minio/health/live" 2>/dev/null; do | ||
| echo -n . | ||
| sleep 5 | ||
| done; echo | ||
| containers: | ||
| - name: create-bucket | ||
| image: image-registry.openshift-image-registry.svc:5000/openshift/python:latest | ||
| imagePullPolicy: IfNotPresent | ||
| command: ["/bin/bash"] | ||
| args: | ||
| - -ec | ||
| - |- | ||
| pip install boto3 -q | ||
| cat << 'EOF' | python3 | ||
| import os, boto3 | ||
| bucket = os.getenv("AWS_S3_BUCKET", "ocp-cluster") | ||
| s3 = boto3.client("s3", | ||
| endpoint_url=os.getenv("AWS_S3_ENDPOINT", "http://minio.minio.svc:9000"), | ||
| aws_access_key_id=os.getenv("AWS_ACCESS_KEY_ID", "minioadmin"), | ||
| aws_secret_access_key=os.getenv("AWS_SECRET_ACCESS_KEY", "minioadmin")) | ||
| if bucket not in [bu["Name"] for bu in s3.list_buckets()["Buckets"]]: | ||
| s3.create_bucket(Bucket=bucket) | ||
| print(f'created: {bucket}') | ||
| EOF | ||
| envFrom: | ||
| - secretRef: | ||
| name: data-connection-minio | ||
| restartPolicy: Never |
Oops, something went wrong.