Deploy velero to Kubernetes.
$ brew install velero
$ helm repo add vmware-tanzu https://vmware-tanzu.github.io/helm-chartsHere's the gist of using it directly from github.
module "velero" {
source = "terraform-module/velero/kubernetes"
version = "0.12.2"
namespace_deploy = true
app_deploy = true
cluster_name = my-personal-cluster
openid_connect_provider_uri = "openid-configuration"
bucket = "backup-s3"
values = [<<EOF
# https://github.com/vmware-tanzu/helm-charts/tree/master/charts/velero
image:
repository: velero/velero
tag: v1.4.2
initContainers:
- name: velero-plugin-for-aws
image: velero/velero-plugin-for-aws:v1.1.0
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /target
name: plugins
# SecurityContext to use for the Velero deployment. Optional.
# Set fsGroup for `AWS IAM Roles for Service Accounts`
# see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
securityContext:
fsGroup: 1337
configuration:
provider: aws
backupStorageLocation:
name: default
provider: aws
bucket: backup-s3
prefix: "velero/dev/my-cluster"
config:
region: eu-west-1
volumeSnapshotLocation:
name: default
provider: aws
# Additional provider-specific configuration. See link above
# for details of required/optional fields for your provider.
config:
region: eu-west-1
EOF
]
vars = {
"version" = "2.12.0"
}
tags = local.tags
}See examples directory for working examples to reference
- Deploy
Velero - Hook IAM role with
k8s Service AccountandAWS WebIdentity
| Name | Version |
|---|---|
| terraform | ~> 1 |
| aws | >= 4 |
| helm | ~> 2 |
| kubernetes | ~> 2 |
| Name | Version |
|---|---|
| aws | 5.31.0 |
| helm | 2.12.1 |
| kubernetes | 2.25.1 |
No modules.
| Name | Type |
|---|---|
| aws_iam_role.this | resource |
| aws_iam_role_policy.this | resource |
| helm_release.this | resource |
| kubernetes_namespace.this | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.assume_role | data source |
| aws_iam_policy_document.policy | data source |
| kubernetes_namespace.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | A Release is an instance of a chart running in a Kubernetes cluster. | map(any) |
{} |
no |
| app_deploy | Whether or not to deploy app | bool |
true |
no |
| bucket | Backup and Restore bucket. | string |
n/a | yes |
| cluster_name | Cluster name. | string |
n/a | yes |
| description | Namespace description | string |
"velero-back-up-and-restore" |
no |
| iam_deploy | whther or not to deploy iam role | bool |
true |
no |
| iam_role_name | Name of the Velero IAM role. If not specified a new iam role will be created | string |
"" |
no |
| name | Installation name | string |
"velero" |
no |
| namespace_deploy | Whether or not to deploy namespace | bool |
false |
no |
| namespace_name | Kubernetes namespace name | string |
null |
no |
| openid_connect_provider_uri | OpenID Connect Provider for EKS to enable IRSA. | string |
n/a | yes |
| repository | VMware Tanzu repository for Helm repos. | string |
"https://vmware-tanzu.github.io/helm-charts" |
no |
| tags | A mapping of tags to assign to the object. | map(any) |
{} |
no |
| values | List of values in raw yaml to pass to helm. Values will be merged. | list(string) |
n/a | yes |
| Name | Description |
|---|---|
| namespace_name | Namespace name |
$ make help
hooks Commit hooks setup
validate Validate with pre-commit hooks
changelog Update changelog
- π Use a succinct title and description.
- π Bugs & feature requests can be be opened
- πΆ Support questions are better asked on Stack Overflow
- π Be nice, civil and polite (as always).
Copyright 2019 Ivan Katliarhcuk
MIT Licensed. See LICENSE for full details.
Submit a pull request
Currently maintained by Ivan Katliarchuk and these awesome contributors.
- Kiam support
