[velero] Improve docs and add examples

charts/velero/.helmignore

@@ -19,3 +19,4 @@
 .project
 .idea/
 *.tmproj
+examples/

charts/velero/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: 1.5.3
 description: A Helm chart for velero
 name: velero
-version: 2.14.13
+version: 2.14.14
 home: https://github.com/vmware-tanzu/velero
 icon: https://cdn-images-1.medium.com/max/1600/1*-9mb3AKnKdcL_QD3CMnthQ.png
 sources:

charts/velero/README.md

@@ -4,6 +4,31 @@ Velero is an open source tool to safely backup and restore, perform disaster rec
 
 Velero has two main components: a CLI, and a server-side Kubernetes deployment.
 
+* [Installing the Velero CLI](#installing-the-velero-cli)
+* [Installing the Velero server](#installing-the-velero-server)
+  * [Velero version](#velero-version)
+  * [Provider credentials](#provider-credentials)
+  * [Installing](#installing)
+    * [Using Helm 3](#using-helm-3)
+      * [Option 1) CLI commands](#option-1-cli-commands)
+      * [Option 2) YAML file](#option-2-yaml-file)
+      * [Upgrade the configuration](#upgrade-the-configuration)
+    * [Using Helm 2](#using-helm-2)
+      * [Tiller cluster-admin permissions](#tiller-cluster-admin-permissions)
+      * [Option 1) CLI commands](#option-1-cli-commands-1)
+      * [Option 2) YAML file](#option-2-yaml-file-1)
+      * [Upgrade the configuration](#upgrade-the-configuration-1)
+* [Upgrading](#upgrading)
+  * [Upgrading to v1.5](#upgrading-to-v15)
+  * [Upgrading to v1.4](#upgrading-to-v14)
+  * [Upgrading to v1.3.1](#upgrading-to-v131)
+  * [Upgrading to v1.2.0](#upgrading-to-v120)
+  * [Upgrading to v1.1.0](#upgrading-to-v110)
+* [Uninstall Velero](#uninstall-velero)
+  * [Using Helm 2](#using-helm-2-1)
+  * [Using Helm 3](#using-helm-3-1)
+* [Chart configuration examples](#chart-configuration-examples)
+
 ## Installing the Velero CLI
 
 See the different options for installing the [Velero CLI](https://velero.io/docs/v1.5/basic-install/#install-the-cli).
@@ -64,6 +89,7 @@ Add/update the necessary values by changing the values.yaml from this repository
 ```bash
 helm install vmware-tanzu/velero --namespace <YOUR NAMESPACE> -f values.yaml --generate-name
 ```
+
 ##### Upgrade the configuration
 
 If a value needs to be added or changed, you may do so with the `upgrade` command. An example:
@@ -78,7 +104,7 @@ helm upgrade vmware-tanzu/velero <RELEASE NAME> --namespace <YOUR NAMESPACE> --r
 
 A service account and the role binding prerequisite must be added to Tiller when configuring Helm to install Velero:
 
-```
+```bash
 kubectl create sa -n kube-system tiller
 kubectl create clusterrolebinding tiller-cluster-admin --clusterrole cluster-admin --serviceaccount kube-system:tiller
 helm init --service-account=tiller --wait --upgrade
@@ -105,7 +131,7 @@ helm install vmware-tanzu/velero \
 --set initContainers[0].name=velero-plugin-for-<PROVIDER NAME> \
 --set initContainers[0].image=velero/velero-plugin-for-<PROVIDER NAME>:<PROVIDER PLUGIN TAG> \
 --set initContainers[0].volumeMounts[0].mountPath=/target \
---set initContainers[0].volumeMounts[0].name=plugins 
+--set initContainers[0].volumeMounts[0].name=plugins
 ```
 
 Users of zsh might need to put quotes around key/value pairs.
@@ -123,7 +149,7 @@ helm install vmware-tanzu/velero --namespace <YOUR NAMESPACE> -f values.yaml
 If a value needs to be added or changed, you may do so with the `upgrade` command. An example:
 
 ```bash
-helm upgrade vmware-tanzu/velero <RELEASE NAME> --reuse-values --set configuration.provider=<NEW PROVIDER> 
+helm upgrade vmware-tanzu/velero <RELEASE NAME> --reuse-values --set configuration.provider=<NEW PROVIDER>
 ```
 
 ## Upgrading
@@ -164,3 +190,10 @@ helm delete <RELEASE NAME> --purge
 ```bash
 helm delete <RELEASE NAME> -n <YOUR NAMESPACE>
 ```
+
+## Chart configuration examples
+
+In [examples folder](./examples/) located some basic scenario for different plugins. It does not include settings that you need make in your cloud provider, see plugin README for details.
+
+* [AWS example](./examples/aws/)
+* [vSphere example](./examples/vsphere/)

charts/velero/examples/aws/README.md

@@ -0,0 +1,7 @@
+# AWS example
+
+* [AWS plugin README.md](https://github.com/vmware-tanzu/velero-plugin-for-aws/#velero-plugins-for-aws)
+
+If you manage AWS by IaC-tool, you will generate `access key` by it and then set it as exiting [secret](./secret.yaml).
+
+

charts/velero/examples/aws/secret.yaml

@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: velero-aws-creds
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=ACCESSKEY
+    aws_secret_access_key=SECRETACCESSKEY
+type: Opaque

charts/velero/examples/aws/values.yaml

@@ -0,0 +1,76 @@
+##
+## Configuration settings that directly affect the Velero deployment YAML.
+##
+
+# Details of the container image to use in the Velero deployment & daemonset (if
+# enabling restic). Required.
+image:
+  repository: velero/velero
+  tag: v1.4.2
+
+# Init containers to add to the Velero deployment's pod spec. At least one plugin provider image is required.
+initContainers:
+  - name: velero-plugin-for-aws
+    image: velero/velero-plugin-for-aws:v1.1.0
+    imagePullPolicy: IfNotPresent
+    volumeMounts:
+      - mountPath: /target
+        name: plugins
+
+##
+## Parameters for the `default` BackupStorageLocation and VolumeSnapshotLocation,
+## and additional server settings.
+##
+configuration:
+  # Cloud provider being used (e.g. aws, azure, gcp).
+  provider: aws
+  # Parameters for the `default` BackupStorageLocation. See
+  # https://velero.io/docs/v1.4/api-types/backupstoragelocation/
+  backupStorageLocation:
+    # name is the name of the backup storage location where backups should be stored. If a name is not provided,
+    # a backup storage location will be created with the name "default". Optional.
+    name: velero-backup
+    # bucket is the name of the bucket to store backups in. Required.
+    bucket: velero-backup
+    # Additional provider-specific configuration. See link above
+    # for details of required/optional fields for your provider.
+    config:
+      region: us-east-1
+
+  # Parameters for the `default` VolumeSnapshotLocation. See
+  # https://velero.io/docs/v1.4/api-types/volumesnapshotlocation/
+  volumeSnapshotLocation:
+    # name is the name of the volume snapshot location where snapshots are being taken. Required.
+    name: velero-backup
+    # Additional provider-specific configuration. See link above
+    # for details of required/optional fields for your provider.
+    config:
+      region: us-east-1
+# Info about the secret to be used by the Velero deployment, which
+# should contain credentials for the cloud provider IAM account you've
+# set up for Velero.
+credentials:
+  # Whether a secret should be used as the source of IAM account
+  # credentials. Set to false if, for example, using kube2iam or
+  # kiam to provide IAM credentials for the Velero pod.
+  useSecret: true
+  # Name of a pre-existing secret (if any) in the Velero namespace
+  # that should be used to get IAM account credentials. Optional.
+  existingSecret: velero-aws-creds
+
+# Backup schedules to create.
+
+# If you've specified a value for configuration.backupStorageLocation.name,
+# ensure you specify the same name in schedules.<YOUR_SCHEDULE_NAME>.template.storageLocation
+schedules:
+  backup-all:
+    schedule: "0 0 * * *"
+    template:
+      ttl: 720h0m0s
+      includeClusterResources: true
+      includedNamespaces:
+      - '*'
+      includedResources:
+      - '*'
+      storageLocation: velero-backup
+      snapshotVolumes: true

charts/velero/examples/vsphere/README.md

@@ -0,0 +1,5 @@
+# vSphere example
+
+* [vSphere plugin README.md](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/#velero-plugin-for-vsphere)
+
+If you manage AWS by IaC-tool (vSphere needs AWS S3, for now), you will generate `access key` by it and then set it as exiting [secret](./secret.yaml).

charts/velero/examples/vsphere/secret.yaml

@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: velero-aws-creds
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=ACCESSKEY
+    aws_secret_access_key=SECRETACCESSKEY
+type: Opaque

charts/velero/examples/vsphere/values.yaml

@@ -0,0 +1,85 @@
+##
+## Configuration settings that directly affect the Velero deployment YAML.
+##
+
+# Details of the container image to use in the Velero deployment & daemonset (if
+# enabling restic). Required.
+image:
+  repository: velero/velero
+  tag: v1.4.2
+
+# Init containers to add to the Velero deployment's pod spec. At least one plugin provider image is required.
+initContainers:
+  - name: velero-plugin-for-aws
+    image: velero/velero-plugin-for-aws:v1.1.0
+    imagePullPolicy: IfNotPresent
+    volumeMounts:
+      - mountPath: /target
+        name: plugins
+  - name: velero-plugin-for-vsphere
+    image: vsphereveleroplugin/velero-plugin-for-vsphere:1.0.2
+    imagePullPolicy: IfNotPresent
+    volumeMounts:
+      - mountPath: /target
+        name: plugins
+
+##
+## Parameters for the `default` BackupStorageLocation and VolumeSnapshotLocation,
+## and additional server settings.
+##
+configuration:
+  # Cloud provider being used (e.g. aws, azure, gcp).
+  provider: aws
+  # Parameters for the `default` BackupStorageLocation. See
+  # https://velero.io/docs/v1.4/api-types/backupstoragelocation/
+  backupStorageLocation:
+    # name is the name of the backup storage location where backups should be stored. If a name is not provided,
+    # a backup storage location will be created with the name "default". Optional.
+    name: velero-backup
+    # bucket is the name of the bucket to store backups in. Required.
+    bucket: velero-backup
+    # Additional provider-specific configuration. See link above
+    # for details of required/optional fields for your provider.
+    config:
+      region: us-east-1
+
+  # Parameters for the `default` VolumeSnapshotLocation. See
+  # https://velero.io/docs/v1.4/api-types/volumesnapshotlocation/
+  volumeSnapshotLocation:
+    # name is the name of the volume snapshot location where snapshots are being taken. Required.
+    name: velero-backup
+    # provider is the name for the volume snapshot provider. If omitted
+    # `configuration.provider` will be used instead.
+    provider: velero.io/vsphere
+    # Additional provider-specific configuration. See link above
+    # for details of required/optional fields for your provider.
+    config:
+      region: us-east-1
+# Info about the secret to be used by the Velero deployment, which
+# should contain credentials for the cloud provider IAM account you've
+# set up for Velero.
+credentials:
+  # Whether a secret should be used as the source of IAM account
+  # credentials. Set to false if, for example, using kube2iam or
+  # kiam to provide IAM credentials for the Velero pod.
+  useSecret: true
+  # Name of a pre-existing secret (if any) in the Velero namespace
+  # that should be used to get IAM account credentials. Optional.
+  existingSecret: velero-aws-creds
+
+# Backup schedules to create.
+
+# If you've specified a value for configuration.backupStorageLocation.name,
+# ensure you specify the same name in schedules.<YOUR_SCHEDULE_NAME>.template.storageLocation
+schedules:
+  backup-all:
+    schedule: "0 0 * * *"
+    template:
+      ttl: 720h0m0s
+      includeClusterResources: true
+      includedNamespaces:
+      - '*'
+      includedResources:
+      - '*'
+      storageLocation: velero-backup
+      snapshotVolumes: true

charts/velero/values.yaml

@@ -142,7 +142,7 @@ configuration:
     #  s3Url:
     #  kmsKeyId:
     #  resourceGroup:
-    #  The ID of the subscription containing the storage account, if different from the cluster’s subscription. (Azure only)
+    #  The ID of the subscription containing the storage account, if different from the cluster's subscription. (Azure only)
     #  subscriptionId:
     #  storageAccount:
     #  publicUrl:
@@ -164,7 +164,7 @@ configuration:
   #    region:
   #    apitimeout:
   #    resourceGroup:
-  #    The ID of the subscription where volume snapshots should be stored, if different from the cluster’s subscription. If specified, also requires `configuration.volumeSnapshotLocation.config.resourceGroup`to be set. (Azure only)
+  #    The ID of the subscription where volume snapshots should be stored, if different from the cluster's subscription. If specified, also requires `configuration.volumeSnapshotLocation.config.resourceGroup`to be set. (Azure only)
   #    subscriptionId:
   #    snapshotLocation:
   #    project:
@@ -237,6 +237,7 @@ credentials:
   name:
   # Name of a pre-existing secret (if any) in the Velero namespace
   # that should be used to get IAM account credentials. Optional.
+  # Attention: Secret K/V should be `data.cloud: <base64 config>`
   existingSecret:
   # Data to be stored in the Velero secret, if `useSecret` is true and `existingSecret` is empty.
   # As of the current Velero release, Velero only uses one secret key/value at a time.
@@ -311,9 +312,16 @@ restic:
 #       myenv: foo
 #     schedule: "0 0 * * *"
 #     template:
-#       ttl: "240h"
+#       ttl: 240h0m0s
+#       includeClusterResources: true
 #       includedNamespaces:
 #       - foo
+#       includedResources:
+#       - '*'
+#       # If you've specified a value for configuration.backupStorageLocation.name,
+#       # ensure you specify the same name in schedules.<YOUR_SCHEDULE_NAME>.template.storageLocation
+#       storageLocation: default
+#       snapshotVolumes: true
 schedules: {}
 
 # Velero ConfigMaps.