-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update integrated Restic version and add insecureSkipTLSVerify for Re… #4821
Update integrated Restic version and add insecureSkipTLSVerify for Re… #4821
Conversation
…stic CLI Fix: vmware-tanzu#4820 Signed-off-by: Xun Jiang <jxun@vmware.com>
9f9c741
to
10651e6
Compare
Signed-off-by: Xun Jiang <jxun@vmware.com>
7a6a482
to
9849ab1
Compare
Codecov Report
@@ Coverage Diff @@
## main #4821 +/- ##
==========================================
+ Coverage 41.41% 41.45% +0.03%
==========================================
Files 204 204
Lines 17948 18002 +54
==========================================
+ Hits 7434 7463 +29
- Misses 9970 9993 +23
- Partials 544 546 +2
Continue to review full report at Codecov.
|
6612366
to
8a9c004
Compare
1. Add --insecure-tls in PodVolumeBackup and PodVolumeRestore controller. 2. Change --last flag in Restic command to --latest=1 due to Restic version update. Signed-off-by: Xun Jiang <jxun@vmware.com>
8a9c004
to
e52f042
Compare
…eck code. Signed-off-by: Xun Jiang <jxun@vmware.com>
Test done for this modification: Setup MinIO with TLS: 1. Install certgen, then add certgen into PATH:
go install[ github.com/minio/certgen](http://github.com/minio/certgen)
2. Generate key and cert:
certgen -ca -host "127.0.0.1,minio.velero.svc,minio.minio.svc"
3. Create TLS needed secret from generated key and cert:
kubectl create ns minio; kubectl -n minio create secret generic tls-ssl-minio --from-file=./private.key --from-file=./public.crt
4. Install MinIO with TLS enabled by helm chart:
helm repo add minio https://charts.min.io/; helm install minio -n minio --set tls.enabled=true,tls.certSecret=tls-ssl-minio,replicas=1,persistence.enabled=true,resources.requests.memory=1Gi,mode=standalone,rootUser=minio,rootPassword=minio123 minio/minio
5. Setup up MinIO host and add bucket:
kubectl apply -f https://github.com/raw/blackpiglet/public_files/main/minio-setup.yaml Install Velero with the MinIO and not provide CA to Velero and Restic. velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:main \
--image=gcr.io/velero-gcp/velero:test \
--bucket=velero \
--use-volume-snapshots=false \
--backup-location-config region=minio,s3ForcePathStyle="true",s3Url=https://minio.minio.svc:9000,insecureSkipTLSVerify=true \
--use-restic \
--secret-file=../../credentials-velero-minio \
--default-volumes-to-restic Tests:
|
…n RunRestore 1. remove insecureTLS parameter in function RunRestore 2. add a const for insecureTLS flag 3. add comments on --last replaced with --latest=1 Signed-off-by: Xun Jiang <jxun@vmware.com>
Signed-off-by: Xun Jiang <jxun@vmware.com>
a37c7a1
to
3ed0874
Compare
Met error described here after merge PR #4436 to resolve conflict After investigation, found this error is triggered by misconfiguration. In my environment, Velero image is updated after merging code, but the PVB's CRD is not updated. I think the 404 error is raised because Velero image's PVB CRD mismatch with PVB CRD in cluster API. |
This reverts commit 3ed0874. Met PVB not found issue after merging main to resolve conflict. After investigation, that error is triggered by mis-configure, so revert the code. Signed-off-by: Xun Jiang <jxun@vmware.com>
13d3dcb
to
e4881b7
Compare
Mess this branch after |
…stic CLI
Fix: #4820
Signed-off-by: Xun Jiang jxun@vmware.com
Thank you for contributing to Velero!
Please add a summary of your change
Does your change fix a particular issue?
Fixes #4820
Please indicate you've done the following:
/kind changelog-not-required
as a comment on this pull request.site/content/docs/main
.