Velero installation on AWS EKS Kubernetes
Deploy velero to Kubernetes.
References
Installation
$ brew install velero
$ helm repo add vmware-tanzu https://vmware-tanzu.github.io/helm-charts
Documentation
Usage example
Here's the gist of using it directly from github.
module "velero" {
source = "terraform-module/velero/kubernetes"
version = "0.12.2"
namespace_deploy = true
app_deploy = true
cluster_name = my-personal-cluster
openid_connect_provider_uri = "openid-configuration"
bucket = "backup-s3"
values = [<<EOF
# https://github.com/vmware-tanzu/helm-charts/tree/master/charts/velero
image:
repository: velero/velero
tag: v1.4.2
initContainers:
- name: velero-plugin-for-aws
image: velero/velero-plugin-for-aws:v1.1.0
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /target
name: plugins
# SecurityContext to use for the Velero deployment. Optional.
# Set fsGroup for `AWS IAM Roles for Service Accounts`
# see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
securityContext:
fsGroup: 1337
configuration:
provider: aws
backupStorageLocation:
name: default
provider: aws
bucket: backup-s3
prefix: "velero/dev/my-cluster"
config:
region: eu-west-1
volumeSnapshotLocation:
name: default
provider: aws
# Additional provider-specific configuration. See link above
# for details of required/optional fields for your provider.
config:
region: eu-west-1
EOF
]
vars = {
"version" = "2.12.0"
}
tags = local.tags
}
Examples
See examples
directory for working examples to reference
Available features
- Deploy
Velero
- Hook IAM role with
k8s Service Account
andAWS WebIdentity
Module Variables
Requirements
Name | Version |
---|---|
terraform | ~> 1 |
aws | ~> 4 |
helm | ~> 2 |
kubernetes | ~> 2 |
Providers
Name | Version |
---|---|
aws | 4.22.0 |
helm | 2.6.0 |
kubernetes | 2.12.1 |
Modules
No modules.
Resources
Name | Type |
---|---|
aws_iam_role.this | resource |
aws_iam_role_policy.this | resource |
helm_release.this | resource |
kubernetes_namespace.this | resource |
aws_caller_identity.current | data source |
aws_iam_policy_document.assume_role | data source |
aws_iam_policy_document.policy | data source |
kubernetes_namespace.this | data source |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
app | A Release is an instance of a chart running in a Kubernetes cluster. | map(any) |
{} |
no |
app_deploy | Whether or not to deploy app | bool |
true |
no |
bucket | Backup and Restore bucket. | string |
n/a | yes |
cluster_name | Cluster name. | string |
n/a | yes |
description | Namespace description | string |
"velero-back-up-and-restore" |
no |
iam_deploy | whther or not to deploy iam role | bool |
true |
no |
iam_role_name | Name of the Velero IAM role. If not specified a new iam role will be created | string |
"" |
no |
name | Installation name | string |
"velero" |
no |
namespace_deploy | Whether or not to deploy namespace | bool |
false |
no |
namespace_name | Kubernetes namespace name | string |
null |
no |
openid_connect_provider_uri | OpenID Connect Provider for EKS to enable IRSA. | string |
n/a | yes |
repository | VMware Tanzu repository for Helm repos. | string |
"https://vmware-tanzu.github.io/helm-charts" |
no |
tags | A mapping of tags to assign to the object. | map(any) |
{} |
no |
values | List of values in raw yaml to pass to helm. Values will be merged. | list(string) |
n/a | yes |
Outputs
Name | Description |
---|---|
namespace_name | Namespace name |
Commands
$ make help
hooks Commit hooks setup
validate Validate with pre-commit hooks
changelog Update changelog
π Guidelines
π Use a succinct title and description.π Bugs & feature requests can be be openedπΆ Support questions are better asked on Stack Overflowπ Be nice, civil and polite (as always).
License
Copyright 2019 Ivan Katliarhcuk
MIT Licensed. See LICENSE for full details.
How to Contribute
Submit a pull request
Authors
Currently maintained by Ivan Katliarchuk and these awesome contributors.
Terraform Registry
TODO
- Kiam support