You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps did you take and what happened:
In issue #4820, Restic supporting insecureSkipTLSVerify feature is added.
May need to update related Velero document to explain how to use it.
The following information will help us better understand what's going on:
If you are using velero v1.7.0+:
Please use velero debug --backup <backupname> --restore <restorename> to generate the support bundle, and attach to this issue, more options please refer to velero debug --help
If you are using earlier versions:
Please provide the output of the following commands (Pasting long output into a GitHub gist or other pastebin is fine.)
kubectl logs deployment/velero -n velero
velero backup describe <backupname> or kubectl get backup/<backupname> -n velero -o yaml
velero backup logs <backupname>
velero restore describe <restorename> or kubectl get restore/<restorename> -n velero -o yaml
velero restore logs <restorename>
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
Velero version (use velero version): v1.9
Velero features (use velero client config get features): None
Kubernetes version (use kubectl version): v1.22
Kubernetes installer & version: GCE
Cloud provider or hardware configuration: GCE
OS (e.g. from /etc/os-release): Ubuntu
Vote on this issue!
This is an invitation to the Velero community to vote on issues, you can see the project's top voted issues listed here.
Use the "reaction smiley face" up to the right of this comment to vote.
👍 for "I would like to see this bug fixed as soon as possible"
👎 for "There are more important bugs to focus on right now"
The text was updated successfully, but these errors were encountered:
@a-mccarthy
User requested to support skipping TLS verification for insecure HTTPS connection.
The use case is that Velero set up to connect to a HTTPS enabled object store, but user cannot find correct CACert, so need to skip TLS verification.
The new feature use BackupStorageLocation’s Spec.Config.InsecureSkipTLSVerify as option. If the BSL’s Spec.Config.InsecureSkipTLSVerify is set true and Restic daemonset is installed, when running Restic command in Velero, Restic command will use option --insecure-tls to skip TLS verification for object store connection.
By far, only Velero’s AWS plugin supports parsing BSL’s Spec.Config.InsecureSkipTLSVerify field. It’s good enough for now, because skipping TLS verification only suits to on-premise environment, and AWS plugin is used as object plugin in this situation. If any plugin needs this feature in future, need to add parsing Spec.Config.InsecureSkipTLSVerify logic in code.
I added this issue to the documentation board so I wouldn't loose track of it, and I didn't realize that I put it in the engineering help needed column. Sorry about the confusion!
What steps did you take and what happened:
In issue #4820, Restic supporting insecureSkipTLSVerify feature is added.
May need to update related Velero document to explain how to use it.
What did you expect to happen:
Update https://velero.io/docs/main/restic/#docs document to state that when and why this feature is added, and how to use it.
The following information will help us better understand what's going on:
If you are using velero v1.7.0+:
Please use
velero debug --backup <backupname> --restore <restorename>
to generate the support bundle, and attach to this issue, more options please refer tovelero debug --help
If you are using earlier versions:
Please provide the output of the following commands (Pasting long output into a GitHub gist or other pastebin is fine.)
kubectl logs deployment/velero -n velero
velero backup describe <backupname>
orkubectl get backup/<backupname> -n velero -o yaml
velero backup logs <backupname>
velero restore describe <restorename>
orkubectl get restore/<restorename> -n velero -o yaml
velero restore logs <restorename>
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
velero version
): v1.9velero client config get features
): Nonekubectl version
): v1.22/etc/os-release
): UbuntuVote on this issue!
This is an invitation to the Velero community to vote on issues, you can see the project's top voted issues listed here.
Use the "reaction smiley face" up to the right of this comment to vote.
The text was updated successfully, but these errors were encountered: