openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 21:46:22 +01:00
Code Issues Releases Activity

OADP-106: OADP installation

Browse Source
This commit is contained in:
Avital Pinnick
2021-10-26 14:21:58 +03:00
committed by openshift-cherrypick-robot
parent 24f0910c73
commit e047d22e48
22 changed files with 1000 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
_topic_maps/_topic_map.yml
View File

@@ -2083,6 +2083,21 @@ Topics:
# - Name: Application backup and restore
# Dir: application_backup_and_restore
# Topics:
# - Name: Installing OADP
# Dir: installing
# Topics:
# - Name: About installing OADP
# File: about-installing-oadp
# - Name: Installing OADP with AWS
# File: installing-oadp-aws
# - Name: Installing OADP with Azure
# File: installing-oadp-azure
# - Name: Installing OADP with GCP
# File: installing-oadp-gcp
# - Name: Installing OADP with MCG
# File: installing-oadp-mcg
# - Name: Installing OADP with OCS
# File: installing-oadp-ocs
# - Name: Configuring OADP
# File: configuring-oadp
- Name: Control plane backup and restore

32
backup_and_restore/application_backup_and_restore/installing/about-installing-oadp.adoc Normal file
View File

@@ -0,0 +1,32 @@
[id="about-installing-oadp"]
= About installing OADP
include::modules/common-attributes.adoc[]
:context: about-installing-oadp
toc::[]
As a cluster administrator, you install the Openshift API for Data Protection (OADP) by installing the OADP Operator and then installing the Data Protection Application. The OADP Operator installs link:https://velero.io/docs/v1.7/[Velero 1.7].
To back up Kubernetes resources and internal images, you must have S3-compatible object storage, such as the following storage providers:
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc#installing-oadp-aws[Amazon Web Services]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc#installing-oadp-azure[Microsoft Azure]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc#installing-oadp-gcp[Google Cloud Platform]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc#installing-oadp-mcg[Multicloud Object Gateway]
:FeatureName: The CloudStorage API for S3 storage
include::modules/technology-preview.adoc[]
To back up persistent volumes (PVs) with snapshots, your cloud provider must support either a native snapshot API or Container Snapshot Interface (CSI) snapshots, such as the following providers:
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc#installing-oadp-aws[Amazon Web Services]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc#installing-oadp-azure[Microsoft Azure]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc#installing-oadp-gcp[Google Cloud Platform]
* xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc#oadp-about-vsl_installing-oadp-ocs[Ceph RBD or Ceph FS storage]
If your cloud provider does not support snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
[discrete]
== Additional resources
* Overview of backup storage locations and volume snapshot locations in the link:https://velero.io/docs/v1.7/locations/[Velero documentation]

32
backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc Normal file
View File

@@ -0,0 +1,32 @@
[id="installing-oadp-aws"]
= Installing the Openshift API for Data Protection with Amazon Web Services
include::modules/common-attributes.adoc[]
:context: installing-oadp-aws
:installing-oadp-aws:
:credentials: cloud-credentials
:provider: aws
toc::[]
You install the Openshift API for Data Protection (OADP) with Amazon Web Services (AWS) by installing the OADP Operator, configuring AWS for Velero, and then installing the Data Protection Application.
:FeatureName: The CloudStorage API for S3 storage
include::modules/technology-preview.adoc[]
To install the OADP Operator in a restricted network environment, you must first disable the default OperatorHub sources and mirror the Operator catalog. See xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] for details.
If you are not using snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
include::modules/oadp-installing-operator.adoc[leveloffset=+1]
include::modules/migration-configuring-aws-s3.adoc[leveloffset=+1]
[id="configuring-dpa-aws"]
== Configuring the Data Protection Application
include::modules/oadp-configuring-default-plug-ins.adoc[leveloffset=+2]
include::modules/oadp-about-bsl.adoc[leveloffset=+2]
include::modules/oadp-about-vsl.adoc[leveloffset=+2]
include::modules/oadp-installing-dpa.adoc[leveloffset=+1]
:installing-oadp-aws!:

32
backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc Normal file
View File

@@ -0,0 +1,32 @@
[id="installing-oadp-azure"]
= Installing the Openshift API for Data Protection with Azure
include::modules/common-attributes.adoc[]
:context: installing-oadp-azure
:installing-oadp-azure:
:credentials: cloud-credentials-azure
:provider: azure
toc::[]
You install the Openshift API for Data Protection (OADP) with Microsoft Azure by installing the OADP Operator, configuring Azure for Velero, and then installing the Data Protection Application.
:FeatureName: The CloudStorage API for S3 storage
include::modules/technology-preview.adoc[]
To install the OADP Operator in a restricted network environment, you must first disable the default OperatorHub sources and mirror the Operator catalog. See xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] for details.
If you are not using snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
include::modules/oadp-installing-operator.adoc[leveloffset=+1]
include::modules/migration-configuring-azure.adoc[leveloffset=+1]
[id="configuring-dpa-azure"]
== Configuring the Data Protection Application
include::modules/oadp-configuring-default-plug-ins.adoc[leveloffset=+2]
include::modules/oadp-about-bsl.adoc[leveloffset=+2]
include::modules/oadp-about-vsl.adoc[leveloffset=+2]
include::modules/oadp-installing-dpa.adoc[leveloffset=+1]
:installing-oadp-azure!:

32
backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc Normal file
View File

@@ -0,0 +1,32 @@
[id="installing-oadp-gcp"]
= Installing the Openshift API for Data Protection with Google Cloud Platform
include::modules/common-attributes.adoc[]
:context: installing-oadp-gcp
:installing-oadp-gcp:
:credentials: cloud-credentials-gcp
:provider: gcp
toc::[]
You install the Openshift API for Data Protection (OADP) with Google Cloud Platform (GCP) by installing the OADP Operator, configuring GCP for Velero, and then installing the Data Protection Application.
:FeatureName: The CloudStorage API for S3 storage
include::modules/technology-preview.adoc[]
To install the OADP Operator in a restricted network environment, you must first disable the default OperatorHub sources and mirror the Operator catalog. See xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] for details.
If you are not using snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
include::modules/oadp-installing-operator.adoc[leveloffset=+1]
include::modules/migration-configuring-gcp.adoc[leveloffset=+1]
[id="configuring-dpa-gcp"]
== Configuring the Data Protection Application
include::modules/oadp-configuring-default-plug-ins.adoc[leveloffset=+2]
include::modules/oadp-about-bsl.adoc[leveloffset=+2]
include::modules/oadp-about-vsl.adoc[leveloffset=+2]
include::modules/oadp-installing-dpa.adoc[leveloffset=+1]
:installing-oadp-gcp!:

30
backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc Normal file
View File

@@ -0,0 +1,30 @@
[id="installing-oadp-mcg"]
= Installing the Openshift API for Data Protection with Google Cloud Platform
include::modules/common-attributes.adoc[]
:context: installing-oadp-mcg
:installing-oadp-mcg:
:credentials: cloud-credentials
:provider: aws
toc::[]
You install the Openshift API for Data Protection (OADP) with Multicloud Object Gateway (MCG) by installing the OADP Operator, retrieving the MCG credentials, and then installing the Data Protection Application.
MCG is a component of OpenShift Container Storage (OCS). You can configure MCG as a backup location.
To install the OADP Operator in a restricted network environment, you must first disable the default OperatorHub sources and mirror the Operator catalog. See xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] for details.
If you are not using snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
include::modules/oadp-installing-operator.adoc[leveloffset=+1]
include::modules/migration-configuring-mcg.adoc[leveloffset=+1]
[id="configuring-dpa-mcg"]
== Configuring the Data Protection Application
include::modules/oadp-configuring-default-plug-ins.adoc[leveloffset=+2]
include::modules/oadp-about-bsl.adoc[leveloffset=+2]
include::modules/oadp-installing-dpa.adoc[leveloffset=+1]
:installing-oadp-mcg!:

32
backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc Normal file
View File

@@ -0,0 +1,32 @@
[id="installing-oadp-ocs"]
= Installing the Openshift API for Data Protection with OpenShift Container Storage
include::modules/common-attributes.adoc[]
:context: installing-oadp-ocs
:installing-oadp-ocs:
:credentials: cloud-credentials-gcp
:provider: gcp
toc::[]
You install the Openshift API for Data Protection (OADP) with OpenShift Container Storage (OCS) by installing the OADP Operator, installing the Data Protection Application, and configuring the snapshot location.
To install the OADP Operator in a restricted network environment, you must first disable the default OperatorHub sources and mirror the Operator catalog. See xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] for details.
You can configure xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc#installing-oadp-mcg[Multicloud Object Gateway] or any S3-compatible object storage as a backup location.
You can configure xref:../../../backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc#oadp-about-vsl_installing-oadp-ocs[Ceph RBD or Ceph FS storage] as a snapshot location.
If you are not using snapshots or if your storage is NFS, you can create backups with link:https://restic.net/[Restic].
include::modules/oadp-installing-operator.adoc[leveloffset=+1]
[id="configuring-dpa-ocs"]
== Configuring the Data Protection Application
include::modules/oadp-configuring-default-plug-ins.adoc[leveloffset=+2]
include::modules/oadp-about-bsl.adoc[leveloffset=+2]
include::modules/oadp-about-vsl.adoc[leveloffset=+2]
include::modules/oadp-installing-dpa.adoc[leveloffset=+1]
:installing-oadp-ocs!:

1
backup_and_restore/application_backup_and_restore/installing/modules Symbolic link
View File

@@ -0,0 +1 @@
../../modules/

126
modules/migration-configuring-aws-s3.adoc
View File

@@ -2,48 +2,70 @@
//
// * migrating_from_ocp_3_to_4/installing-3-4.adoc
// * migration_toolkit_for_containers/installing-mtc.adoc
// * migration_toolkit_for_containers/installing-mtc-restricted.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
[id="migration-configuring-aws-s3_{context}"]
= Configuring Amazon Web Services S3
= Configuring Amazon Web Services
You can configure an Amazon Web Services (AWS) S3 storage bucket as a replication repository for the {mtc-full} ({mtc-short}).
ifdef::installing-3-4,installing-mtc[]
You configure Amazon Web Services (AWS) S3 object storage as a replication repository for the {mtc-full} ({mtc-short}).
endif::[]
ifdef::installing-oadp-aws[]
You configure Amazon Web Services (AWS) for the OpenShift API for Data Protection (OADP).
endif::[]
.Prerequisites
* You must have the link:https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html[AWS CLI] installed.
ifdef::installing-3-4,installing-mtc[]
* The AWS S3 storage bucket must be accessible to the source and target clusters.
* You must have the link:https://aws.amazon.com/cli/[AWS CLI] installed.
* If you are using the snapshot copy method:
** You must have access to EC2 Elastic Block Storage (EBS).
** The source and target clusters must be in the same region.
** The source and target clusters must have the same storage class.
** The storage class must be compatible with snapshots.
endif::[]
.Procedure
. Set the `BUCKET` variable:
+
[source,terminal]
----
$ BUCKET=<your_bucket>
----
. Set the `REGION` variable:
+
[source,terminal]
----
$ REGION=<your_region>
----
. Create an AWS S3 bucket:
+
[source,terminal]
----
$ aws s3api create-bucket \
--bucket <bucket> \ <1>
--region <bucket_region> <2>
--bucket $BUCKET \
--region $REGION \
--create-bucket-configuration LocationConstraint=$REGION <1>
----
<1> Specify your S3 bucket name.
<2> Specify your S3 bucket region, for example, `us-east-1`.
<1> `us-east-1` does not support a `LocationConstraint`. If your region is `us-east-1`, omit `--create-bucket-configuration LocationConstraint=$REGION`.
. Create the IAM user `velero`:
. Create an IAM user:
+
[source,terminal]
----
$ aws iam create-user --user-name velero
$ aws iam create-user --user-name velero <1>
----
<1> If you want to use Velero to back up multiple clusters with multiple S3 buckets, create a unique user name for each cluster.
. Create an EC2 EBS snapshot policy:
. Create a `velero-policy.json` file:
+
[source,terminal]
----
$ cat > velero-ec2-snapshot-policy.json <<EOF
$ cat > velero-policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
@@ -58,20 +80,7 @@ $ cat > velero-ec2-snapshot-policy.json <<EOF
"ec2:DeleteSnapshot"
],
"Resource": "*"
}
]
}
EOF
----
. Create an AWS S3 access policy for one or for all S3 buckets:
+
[source,terminal]
----
$ cat > velero-s3-policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
},
{
"Effect": "Allow",
"Action": [
@@ -82,66 +91,69 @@ $ cat > velero-s3-policy.json <<EOF
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::<bucket>/*" <1>
"arn:aws:s3:::${BUCKET}/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads"
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::<bucket>" <1>
"arn:aws:s3:::${BUCKET}"
]
}
]
}
EOF
----
<1> To grant access to a single S3 bucket, specify the bucket name. To grant access to all AWS S3 buckets, specify `*` instead of a bucket name as in the following example:
+
.Example output
[source,terminal]
----
"Resource": [
"arn:aws:s3:::*"
----
. Attach the EC2 EBS policy to `velero`:
. Attach the policies to give the `velero` user the necessary permissions:
+
[source,terminal]
----
$ aws iam put-user-policy \
--user-name velero \
--policy-name velero-ebs \
--policy-document file://velero-ec2-snapshot-policy.json
--policy-name velero \
--policy-document file://velero-policy.json
----
. Attach the AWS S3 policy to `velero`:
+
[source,terminal]
----
$ aws iam put-user-policy \
--user-name velero \
--policy-name velero-s3 \
--policy-document file://velero-s3-policy.json
----
. Create an access key for `velero`:
. Create an access key for the `velero` user:
+
[source,terminal]
----
$ aws iam create-access-key --user-name velero
----
+
.Example output
+
[source,terminal]
----
{
"AccessKey": {
"UserName": "velero",
"Status": "Active",
"CreateDate": "2017-07-31T22:24:41.576Z",
"SecretAccessKey": <AWS_SECRET_ACCESS_KEY>, <1>
"AccessKeyId": <AWS_ACCESS_KEY_ID> <1>
}
"SecretAccessKey": <AWS_SECRET_ACCESS_KEY>,
"AccessKeyId": <AWS_ACCESS_KEY_ID>
}
}
----
<1> Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID` for adding the AWS repository to the {mtc-short} web console.
ifdef::installing-3-4,installing-mtc[]
+
Record the `AWS_SECRET_ACCESS_KEY` and the `AWS_ACCESS_KEY_ID`. You use the credentials to add AWS as a replication repository.
endif::[]
ifdef::installing-oadp-aws[]
. Create a `credentials-velero` file:
+
[source,terminal,subs="attributes+"]
----
$ cat << EOF > ./credentials-velero
[default]
aws_access_key_id=<AWS_ACCESS_KEY_ID>
aws_secret_access_key=<AWS_SECRET_ACCESS_KEY>
EOF
----
+
You use the `credentials-velero` file to create a `Secret` custom resource for AWS when you install the Data Protection Application.
endif::[]

81
modules/migration-configuring-azure.adoc
View File

@@ -2,25 +2,38 @@
//
// * migrating_from_ocp_3_to_4/installing-3-4.adoc
// * migration_toolkit_for_containers/installing-mtc.adoc
// * migration_toolkit_for_containers/installing-mtc-restricted.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
[id="migration-configuring-azure_{context}"]
= Configuring Microsoft Azure Blob
= Configuring Microsoft Azure
You can configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}).
ifdef::installing-3-4,installing-mtc[]
You configure a Microsoft Azure Blob storage container as a replication repository for the {mtc-full} ({mtc-short}).
endif::[]
ifdef::installing-oadp-azure[]
You configure a Microsoft Azure for the OpenShift API for Data Protection (OADP).
endif::[]
.Prerequisites
* You must have an link:https://docs.microsoft.com/en-us/azure/storage/common/storage-quickstart-create-account?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&tabs=azure-portal[Azure storage account].
* You must have the link:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest[Azure CLI] installed.
* You must have the link:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli[Azure CLI] installed.
ifdef::installing-3-4,installing-mtc[]
* The Azure Blob storage container must be accessible to the source and target clusters.
* If you are using the snapshot copy method:
** The source and target clusters must be in the same region.
** The source and target clusters must have the same storage class.
** The storage class must be compatible with snapshots.
endif::[]
.Procedure
. Log in to Azure:
+
[source,terminal]
----
$ az login
----
. Set the `AZURE_RESOURCE_GROUP` variable:
+
[source,terminal]
@@ -32,7 +45,7 @@ $ AZURE_RESOURCE_GROUP=Velero_Backups
+
[source,terminal]
----
$ az group create -n $AZURE_RESOURCE_GROUP --location <CentralUS> <1>
$ az group create -n $AZURE_RESOURCE_GROUP --location CentralUS <1>
----
<1> Specify your location.
@@ -40,7 +53,7 @@ $ az group create -n $AZURE_RESOURCE_GROUP --location <CentralUS> <1>
+
[source,terminal]
----
$ AZURE_STORAGE_ACCOUNT_ID=velerobackups
$ AZURE_STORAGE_ACCOUNT_ID="velero$(uuidgen | cut -d '-' -f5 | tr '[A-Z]' '[a-z]')"
----
. Create an Azure storage account:
@@ -48,13 +61,13 @@ $ AZURE_STORAGE_ACCOUNT_ID=velerobackups
[source,terminal]
----
$ az storage account create \
--name $AZURE_STORAGE_ACCOUNT_ID \
--resource-group $AZURE_RESOURCE_GROUP \
--sku Standard_GRS \
--encryption-services blob \
--https-only true \
--kind BlobStorage \
--access-tier Hot
--name $AZURE_STORAGE_ACCOUNT_ID \
--resource-group $AZURE_BACKUP_RESOURCE_GROUP \
--sku Standard_GRS \
--encryption-services blob \
--https-only true \
--kind BlobStorage \
--access-tier Hot
----
. Set the `BLOB_CONTAINER` variable:
@@ -74,21 +87,24 @@ $ az storage container create \
--account-name $AZURE_STORAGE_ACCOUNT_ID
----
ifdef::installing-3-4,installing-mtc[]
. Create a service principal and credentials for `velero`:
+
[source,terminal]
----
$ AZURE_SUBSCRIPTION_ID=`az account list --query '[?isDefault].id' -o tsv` \
AZURE_TENANT_ID=`az account list --query '[?isDefault].tenantId' -o tsv` \
AZURE_CLIENT_SECRET=`az ad sp create-for-rbac --name "velero" --role "Contributor" --query 'password' -o tsv` \
AZURE_CLIENT_ID=`az ad sp list --display-name "velero" --query '[0].appId' -o tsv`
AZURE_CLIENT_SECRET=`az ad sp create-for-rbac --name "velero" \
--role "Contributor" --query 'password' -o tsv` \
AZURE_CLIENT_ID=`az ad sp list --display-name "velero" \
--query '[0].appId' -o tsv`
----
. Save the service principal credentials in the `credentials-velero` file:
+
[source,terminal]
----
$ cat << EOF > ./credentials-velero
$ cat << EOF > ./credentials-velero
AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID}
AZURE_TENANT_ID=${AZURE_TENANT_ID}
AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
@@ -97,3 +113,34 @@ AZURE_RESOURCE_GROUP=${AZURE_RESOURCE_GROUP}
AZURE_CLOUD_NAME=AzurePublicCloud
EOF
----
+
You use the `credentials-velero` file to add Azure as a replication repository.
endif::[]
ifdef::installing-oadp-azure[]
. Obtain the storage account access key:
+
[source,terminal]
----
$ AZURE_STORAGE_ACCOUNT_ACCESS_KEY=`az storage account keys list \
--account-name $AZURE_STORAGE_ACCOUNT_ID \
--query "[?keyName == 'key1'].value" -o tsv`
----
. Create a `credentials-velero` file:
+
[source,terminal,subs="attributes+"]
----
$ cat << EOF > ./credentials-velero
AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID}
AZURE_TENANT_ID=${AZURE_TENANT_ID}
AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET}
AZURE_RESOURCE_GROUP=${AZURE_RESOURCE_GROUP}
AZURE_STORAGE_ACCOUNT_ACCESS_KEY=${AZURE_STORAGE_ACCOUNT_ACCESS_KEY} <1>
AZURE_CLOUD_NAME=AzurePublicCloud
EOF
----
<1> Mandatory. You cannot back up internal images if the `credentials-velero` file contains only the service principal credentials.
+
You use the `credentials-velero` file to create a `Secret` custom resource for Azure when you install the Data Protection Application.
endif::[]

63
modules/migration-configuring-gcp.adoc
View File

@@ -2,39 +2,37 @@
//
// * migrating_from_ocp_3_to_4/installing-3-4.adoc
// * migration_toolkit_for_containers/installing-mtc.adoc
// * migration_toolkit_for_containers/installing-mtc-restricted.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
[id="migration-configuring-gcp_{context}"]
= Configuring Google Cloud Platform
You can configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}).
ifdef::installing-3-4,installing-mtc[]
You configure a Google Cloud Platform (GCP) storage bucket as a replication repository for the {mtc-full} ({mtc-short}).
endif::[]
ifdef::installing-oadp-gcp[]
You configure Google Cloud Platform (GCP) for the OpenShift API for Data Protection (OADP).
endif::[]
.Prerequisites
* You must have the `gcloud` and `gsutil` CLI tools installed. See the link:https://cloud.google.com/sdk/docs/[Google cloud documentation] for details.
ifdef::installing-3-4,installing-mtc[]
* The GCP storage bucket must be accessible to the source and target clusters.
* You must have link:https://cloud.google.com/storage/docs/gsutil_install[`gsutil`] installed.
* If you are using the snapshot copy method:
** The source and target clusters must be in the same region.
** The source and target clusters must have the same storage class.
** The storage class must be compatible with snapshots.
endif::[]
.Procedure
. Log in to `gsutil`:
. Log in to GCP:
+
[source,terminal]
----
$ gsutil init
----
+
.Example output
[source,terminal]
----
Welcome! This command will take you through the configuration of gcloud.
Your current configuration has been set to: [default]
To continue, you must login. Would you like to login (Y/n)?
$ gcloud auth login
----
. Set the `BUCKET` variable:
@@ -45,7 +43,7 @@ $ BUCKET=<bucket> <1>
----
<1> Specify your bucket name.
. Create a storage bucket:
. Create the storage bucket:
+
[source,terminal]
----
@@ -56,27 +54,34 @@ $ gsutil mb gs://$BUCKET/
+
[source,terminal]
----
$ PROJECT_ID=`gcloud config get-value project`
$ PROJECT_ID=$(gcloud config get-value project)
----
. Create a `velero` IAM service account:
. Create a service account:
+
[source,terminal]
----
$ gcloud iam service-accounts create velero \
--display-name "Velero Storage"
--display-name "Velero service account"
----
. Create the `SERVICE_ACCOUNT_EMAIL` variable:
. List your service accounts:
+
[source,terminal]
----
$ SERVICE_ACCOUNT_EMAIL=`gcloud iam service-accounts list \
--filter="displayName:Velero Storage" \
--format 'value(email)'`
$ gcloud iam service-accounts list
----
. Create the `ROLE_PERMISSIONS` variable:
. Set the `SERVICE_ACCOUNT_EMAIL` variable to match its `email` value:
+
[source,terminal]
----
$ SERVICE_ACCOUNT_EMAIL=$(gcloud iam service-accounts list \
--filter="displayName:Velero service account" \
--format 'value(email)')
----
. Attach the policies to give the `velero` user the necessary permissions:
+
[source,terminal]
----
@@ -123,5 +128,13 @@ $ gsutil iam ch serviceAccount:$SERVICE_ACCOUNT_EMAIL:objectAdmin gs://${BUCKET}
[source,terminal]
----
$ gcloud iam service-accounts keys create credentials-velero \
--iam-account $SERVICE_ACCOUNT_EMAIL
--iam-account $SERVICE_ACCOUNT_EMAIL
----
ifdef::installing-3-4,installing-mtc[]
+
You use the `credentials-velero` file to add GCP as a replication repository.
endif::[]
ifdef::installing-oadp-gcp[]
+
You use the `credentials-velero` file to create a `Secret` custom resource for GCP when you install the Data Protection Application.
endif::[]

35
modules/migration-configuring-mcg.adoc
View File

@@ -4,23 +4,46 @@
// * migrating_from_ocp_3_to_4/installing-restricted-3-4.adoc
// * migration_toolkit_for_containers/installing-mtc.adoc
// * migration_toolkit_for_containers/installing-mtc-restricted.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
[id="migration-configuring-mcg_{context}"]
= Configuring the Multicloud Object Gateway
= Retrieving Multicloud Object Gateway credentials
You can configure the Multicloud Object Gateway (MCG) as a replication repository for the {mtc-full} ({mtc-short}). MCG is a component of OpenShift Container Storage.
ifdef::installing-3-4,installing-mtc[]
You must retrieve the Multicloud Object Gateway (MCG) credentials and S3 endpoint in order to configure MCG as a replication repository for the {mtc-full} ({mtc-short}).
endif::[]
You must retrieve the Multicloud Object Gateway (MCG) credentials in order to create a `Secret` custom resource (CR) for the OpenShift API for Data Protection (OADP).
ifdef::installing-oadp-mcg[]
endif::[]
MCG is a component of OpenShift Container Storage.
ifdef::openshift-origin[]
.Prerequisites
ifdef::openshift-origin[]
* Ensure that you have downloaded the link:https://console.redhat.com/openshift/install/pull-secret[pull secret from the Red Hat OpenShift Cluster Manager site] as shown in _Obtaining the installation program_ in the installation documentation for your platform.
+
If you have the pull secret, add the `redhat-operators` catalog to the OperatorHub custom resource (CR) as shown in _Configuring {product-title} to use Red Hat Operators_.
endif::[]
* You must deploy OpenShift Container Storage by using the appropriate link:https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.8/[OpenShift Container Storage deployment guide].
.Procedure
. Deploy OpenShift Container Storage by using the appropriate link:https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.8/[OpenShift Container Storage deployment guide].
. Obtain the S3 endpoint, `AWS_ACCESS_KEY_ID`, and `AWS_SECRET_ACCESS_KEY` by running the link:https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.8/html-single/managing_hybrid_and_multicloud_resources/index#accessing-the-Multicloud-object-gateway-from-the-terminal_rhocs[`describe` command] on the `NooBaa` custom resource.
ifdef::installing-3-4,installing-mtc[]
+
These values are required in order to add MCG as a replication repository to the {mtc-short} web console.
You use these credentials to add MCG as a replication repository.
endif::[]
ifdef::installing-oadp-mcg[]
. Create a `credentials-velero` file:
+
[source,terminal]
----
$ cat << EOF > ./credentials-velero
[default]
aws_access_key_id=<AWS_ACCESS_KEY_ID>
aws_secret_access_key=<AWS_SECRET_ACCESS_KEY>
EOF
----
+
You use the `credentials-velero` file to create a `Secret` object when you install the Data Protection Application.
endif::[]

6
modules/migration-migrating-applications-api.adoc
View File

@@ -25,7 +25,7 @@ spec:
EOF
----
. Create a `Secret` CR manifest for each remote cluster:
. Create a `Secret` object manifest for each remote cluster:
+
[source,yaml]
----
@@ -70,7 +70,7 @@ EOF
<.> Specify the `Cluster` CR of the remote cluster.
<.> Optional: For direct image migration, specify the exposed registry route.
<.> SSL verification is enabled if `false`. CA certificates are not required or checked if `true`.
<.> Specify the `Secret` CR of the remote cluster.
<.> Specify the `Secret` object of the remote cluster.
<.> Specify the URL of the remote cluster.
. Verify that all clusters are in a `Ready` state:
@@ -80,7 +80,7 @@ EOF
$ oc describe cluster <cluster>
----
. Create a `Secret` CR manifest for the replication repository:
. Create a `Secret` object manifest for the replication repository:
+
[source,yaml]
----

6
modules/migration-mtc-cr-manifests.adoc
View File

@@ -186,7 +186,7 @@ spec:
<7> Set to `true` to restart the `Restic` pods on the source cluster after the `Stage` pods are created.
<8> Remote cluster and direct image migration only: Specify the exposed secure registry path.
<9> Remote cluster only: Specify the URL.
<10> Remote cluster only: Specify the name of the `Secret` CR.
<10> Remote cluster only: Specify the name of the `Secret` object.
[id="mighook_{context}"]
== MigHook
@@ -355,10 +355,10 @@ spec:
<2> Snapshot copy method only: Specify the storage provider.
<3> AWS only: Specify the bucket name.
<4> AWS only: Specify the bucket region, for example, `us-east-1`.
<5> Specify the name of the `Secret` CR that you created for the storage.
<5> Specify the name of the `Secret` object that you created for the storage.
<6> AWS only: If you are using the AWS Key Management Service, specify the unique identifier of the key.
<7> AWS only: If you granted public access to the AWS bucket, specify the bucket URL.
<8> AWS only: Specify the AWS signature version for authenticating requests to the bucket, for example, `4`.
<9> Snapshot copy method only: Specify the geographical region of the clusters.
<10> Snapshot copy method only: Specify the name of the `Secret` CR that you created for the storage.
<10> Snapshot copy method only: Specify the name of the `Secret` object that you created for the storage.
<11> Set to `true` to validate the cluster.

2
modules/migration-rolling-back-migration-cli.adoc
View File

@@ -13,7 +13,7 @@ You can roll back a migration by creating a `MigMigration` custom resource (CR)
The following resources remain in the migrated namespaces for debugging after a failed direct volume migration (DVM):
* Config maps (source and destination clusters)
* `Secret` CRs (source and destination clusters)
* `Secret` objects (source and destination clusters)
* `Rsync` CRs (source cluster)
These resources do not affect rollback. You can delete them manually.

2
modules/migration-rolling-back-migration-manually.adoc
View File

@@ -15,7 +15,7 @@ If you run the same migration plan successfully, the resources from the failed m
The following resources remain in the migrated namespaces after a failed direct volume migration (DVM):
* Config maps (source and destination clusters)
* `Secret` CRs (source and destination clusters)
* `Secret` objects (source and destination clusters)
* `Rsync` CRs (source cluster)
These resources do not affect rollback. You can delete them manually.

2
modules/migration-rolling-back-migration-web-console.adoc
View File

@@ -13,7 +13,7 @@ You can roll back a migration by using the {mtc-full} ({mtc-short}) web console.
The following resources remain in the migrated namespaces for debugging after a failed direct volume migration (DVM):
* Config maps (source and destination clusters)
* `Secret` CRs (source and destination clusters)
* `Secret` objects (source and destination clusters)
* `Rsync` CRs (source cluster)
These resources do not affect rollback. You can delete them manually.

100
modules/oadp-about-bsl.adoc Normal file
View File

@@ -0,0 +1,100 @@
// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
[id="oadp-about-bsl_{context}"]
= Configuring backup locations
The OpenShift API for Data Protection (OADP) backs up Kubernetes objects and internal images by using Velero backups and storing them in backup locations, which are S3 storage endpoints.
You configure backup locations in the `spec.backupLocations.velero` block of the `DataProtectionApplication` CR.
[IMPORTANT]
====
You must specify either a dedicated bucket for Velero or a bucket prefix, if the bucket is used for multiple purposes.
====
.Example `spec.backupLocations.velero` block
ifdef::installing-oadp-aws[]
[source,yaml,subs="attributes+"]
----
spec:
backupLocations:
- name: default
velero:
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
config:
region: us-east-2
profile: "default"
objectStorage:
bucket: my_bucket
prefix: velero
----
endif::[]
ifdef::installing-oadp-azure[]
[source,yaml,subs="attributes+"]
----
spec:
backupLocations:
- velero:
configuration:
resourceGroup: Velero_Backups
storageAccount: velerobackups
subscriptionId: 53b8f551-f0fc-4bea-8cba-6d1fefd54c8a
storageAccountKeyEnvVar: AZURE_STORAGE_ACCOUNT_ACCESS_KEY
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: my_bucket
prefix: velero
----
endif::[]
ifdef::installing-oadp-gcp,installing-oadp-ocs[]
[source,yaml,subs="attributes+"]
----
spec:
backupLocations:
- velero:
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: my_bucket
prefix: velero
----
endif::[]
ifdef::installing-oadp-mcg[]
[source,yaml,subs="attributes+"]
----
spec:
backupLocations:
- velero:
config:
profile: "default"
region: minio
s3Url: https://www.example.com
insecureSkipTLSVerify: "true"
s3ForcePathStyle: "true"
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: my_bucket
prefix: velero
----
endif::[]

105
modules/oadp-about-vsl.adoc Normal file
View File

@@ -0,0 +1,105 @@
// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
[id="oadp-about-vsl_{context}"]
= Configuring snapshot locations
The OpenShift API for Data Protection (OADP) backs up persistent volumes (PVs) by using snapshots. Snapshots are stored in snapshot locations, which are specified by the cloud provider parameters.
[IMPORTANT]
====
The PVs and the snapshot locations must be in the same region. See the link:https://velero.io/docs/v1.7/locations/#limitations--caveats[Velero documentation] for a comprehensive list of limitations.
====
ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp[]
You configure snapshot locations in the `spec.snapshotLocations.velero` block of the `DataProtectionApplication` custom resource manifest.
endif::[]
ifdef::installing-oadp-aws[]
.Example `spec.snapshotLocations.velero` block
[source,yaml]
----
spec:
snapshotLocations:
- name: default
velero:
provider: aws
config:
region: us-west-2
profile: "default"
----
endif::[]
ifdef::installing-oadp-azure[]
.Example `spec.volumeSnapshotLocations` block
[source,yaml]
----
spec:
snapshotLocations:
- velero:
name: default
provider: azure
config:
resourceGroup: Velero_Backups
subscriptionId: 53b8f551-f0fc-4bea-8cba-6d1fefd54c8a
incremental: true
----
endif::[]
ifdef::installing-oadp-gcp[]
.Example `spec.snapshotLocations.velero` block
[source,yaml]
----
spec:
snapshotLocations:
- velero:
provider: gcp
default: true
config:
project: my_project
snapshotLocation: us-west1
----
endif::[]
ifdef::installing-oadp-ocs[]
You configure snapshot locations in the `VolumeSnapshotClass` custom resource (CR) manifest.
You can use Ceph RBD for `RWO` access or Ceph FS for `RWX` access.
.Example `VolumeSnapshotClass` CR manifest for Ceph RBD
[source,yaml]
----
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
deletionPolicy: Retain
metadata:
name: ocs-storagecluster-ceph-rbd-snapshot
labels:
velero.io/csi-volumesnapshot-class: "true"
snapshotter: openshift-storage.rbd.csi.ceph.com
driver: openshift-storage.rbd.csi.ceph.com
parameters:
clusterID: openshift-storage
csi.storage.k8s.io/snapshotter-secret-name: rook-csi-rbd-provisioner
csi.storage.k8s.io/snapshotter-secret-namespace: openshift-storage
----
.Example `VolumeSnapshotClass` CR manifest for Ceph FS
[source,yaml]
----
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: ocs-storagecluster-ceph-cephfs-snapshot
labels:
velero.io/csi-volumesnapshot-class: "true"
snapshotter: openshift-storage.cephfs.csi.ceph.com
driver: openshift-storage.cephfs.csi.ceph.com
deletionPolicy: Retain
parameters:
clusterID: openshift-storage
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
csi.storage.k8s.io/provisioner-secret-namespace: openshift-storage
----
endif::[]

80
modules/oadp-configuring-default-plug-ins.adoc Normal file
View File

@@ -0,0 +1,80 @@
// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
[id="oadp-configuring-default-plug-ins_{context}"]
= Configuring default plug-ins
You configure default plug-ins in the `spec.configuration.velero.defaultPlugins` block of the `DataProtectionApplication` CR.
ifdef::installing-oadp-ocs[]
The `csi` plug-in backs up and restores snapshots on persistent volume claims (PVCs) that support Container Storage Interface (CSI) snapshots, for example Ceph RBD or Ceph FS. The `csi` plug-in uses the link:https://velero.io/docs/main/csi/[Velero CSI beta snapshot APIs].
endif::[]
.Example `spec.configuration.velero.defaultPlugins` block
ifdef::installing-oadp-aws[]
[source,yaml]
----
spec:
configuration:
velero:
defaultPlugins:
- openshift <.>
- aws
----
endif::[]
ifdef::installing-oadp-azure[]
[source,yaml]
----
spec:
configuration:
velero:
defaultPlugins:
- openshift <.>
- azure
----
endif::[]
ifdef::installing-oadp-gcp[]
[source,yaml]
----
spec:
configuration:
velero:
defaultPlugins:
- openshift <.>
- gcp
----
endif::[]
ifdef::installing-oadp-mcg[]
[source,yaml]
----
spec:
configuration:
velero:
defaultPlugins:
- openshift <.>
- aws
----
endif::[]
ifdef::installing-oadp-ocs[]
[source,yaml]
----
spec:
configuration:
velero:
defaultPlugins:
- openshift <.>
- csi
featureFlags:
- EnableCSI <.>
----
endif::[]
<.> The `openshift` plug-in is mandatory in order to back up and restore namespaces on an {product-title} cluster.
ifdef::installing-oadp-ocs[]
<.> Mandatory if you use the `csi` default plug-in.
endif::[]

274
modules/oadp-installing-dpa.adoc Normal file
View File

@@ -0,0 +1,274 @@
// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
[id="oadp-installing-dpa_{context}"]
= Installing the Data Protection Application
You install the Data Protection Application (DPA) by creating an instance of the `DataProtectionApplication` API.
If you are not using snapshots to back up persistent volumes (PVs) or if your storage is NFS, you can create backups with link:https://restic.net/[Restic]. Restic is installed by default. Restic deploys a daemon set, which means that an environment with many nodes will have a lot of `Restic` pods running. You can disable the Restic installation by setting `spec.configuration.restic.enable` to `false`.
.Prerequisites
* You must install the OADP Operator.
* You must configure object storage for Velero.
* You must create a `credentials-velero` file for the object storage.
* If you use snapshots to back up PVs, your cloud provider must support either a native snapshot API or Container Snapshot Interface (CSI) snapshots.
.Procedure
. Create a `Secret` object called `{credentials}` in the `openshift-adp` project:
+
[source,terminal,subs="attributes+"]
----
$ oc create secret generic {credentials} -n openshift-adp --from-file cloud=credentials-velero
----
. Click *Operators* -> *Installed Operators* and select the OADP Operator.
. Under *Provided APIs*, click *Create instance* in the *DataProtectionApplication* box.
. Click *YAML View* and update the parameters of the `DataProtectionApplication` manifest:
ifdef::installing-oadp-aws[]
+
[source,yaml,subs="attributes+"]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: <dpa-sample>
namespace: openshift-adp
spec:
configuration:
velero:
defaultPlugins:
- openshift
- aws
restic:
enable: true <.>
backupLocations:
- name: default
velero:
provider: {provider}
default: true
objectStorage:
bucket: <bucket_name> <.>
prefix: <prefix> <.>
config:
region: <region>
profile: "default"
credential:
key: cloud
name: {credentials}
snapshotLocations:
- name: default
velero:
provider: aws
config:
region: <region> <.>
profile: "default"
----
endif::[]
ifdef::installing-oadp-azure[]
+
[source,yaml,subs="attributes+"]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: <dpa-sample>
namespace: openshift-adp
spec:
configuration:
velero:
defaultPlugins:
- azure
- openshift
restic:
enable: true <.>
backupLocations:
- velero:
configuration:
resourceGroup: <azure_resource_group> <.>
storageAccount: <azure_storage_account_id> <.>
subscriptionId: <azure_subscription_id> <.>
storageAccountKeyEnvVar: AZURE_STORAGE_ACCOUNT_ACCESS_KEY
credential:
key: cloud
name: {credentials}
provider: azure
default: true
objectStorage:
bucket: <bucket_name> <.>
prefix: <prefix> <.>
snapshotLocations:
- velero:
config:
resourceGroup: <azure_resource_group>
subscriptionId: <azure_subscription_id>
incremental: true
name: default
provider: {provider}
----
endif::[]
ifdef::installing-oadp-gcp[]
+
[source,yaml,subs="attributes+"]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: <dpa-sample>
namespace: openshift-adp
spec:
configuration:
velero:
defaultPlugins:
- gcp
- openshift
restic:
enable: true <.>
backupLocations:
- velero:
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: <bucket_name> <.>
prefix: <prefix> <.>
snapshotLocations:
- velero:
provider: gcp
default: true
config:
project: <project>
snapshotLocation: <us-west1> <.>
----
endif::[]
ifdef::installing-oadp-mcg[]
+
[source,yaml,subs="attributes+"]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: <dpa-sample>
namespace: openshift-adp
spec:
configuration:
velero:
defaultPlugins:
- aws
- openshift
restic:
enable: true <.>
backupLocations:
- velero:
config:
profile: "default"
region: minio
s3Url: <https://www.example.com>
insecureSkipTLSVerify: "true"
s3ForcePathStyle: "true"
provider: {provider}
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: <bucket_name> <.>
prefix: <prefix> <.>
----
endif::[]
ifdef::installing-oadp-ocs[]
+
[source,yaml,subs="attributes+"]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
name: <dpa-sample>
namespace: openshift-adp
spec:
configuration:
velero:
defaultPlugins:
- gcp <.>
- csi <.>
- openshift
featureFlags:
- EnableCSI <.>
restic:
enable: true <.>
backupLocations:
- velero:
provider: {provider} <.>
default: true
credential:
key: cloud
name: {credentials}
objectStorage:
bucket: <bucket_name> <.>
prefix: <prefix> <.>
----
<.> Specify the default plug-in for the backup provider, for example, `gcp`, if it exists.
<.> Specify the `csi` default plug-in if you use CSI snapshots to back up PVs. The volume locations are configured in the `VolumeSnapshotClass` manifest.
<.> Mandatory for CSI.
endif::[]
<.> Set to `false` to disable the Restic installation. You configure Restic for backups by adding `spec.defaultVolumesToRestic: true` to the `Backup` CR.
ifdef::installing-oadp-ocs[]
<.> Specify the backup provider.
endif::[]
ifdef::installing-oadp-azure[]
<.> Specify the Azure resource group.
<.> Specify the Azure storage account ID.
<.> Specify the Azure subscription ID.
endif::[]
<.> Specify a bucket as the backup storage location. If the bucket is not a dedicated bucket for Velero backups, you must specify a prefix.
<.> Specify a prefix for Velero backups, for example, `velero`, if the bucket is used for multiple purposes.
ifdef::installing-oadp-aws,installing-oadp-gcp[]
<.> The snapshot location must be in the same region as your PVs.
endif::[]
. Click *Create*.
. Verify the installation by viewing the OADP resources:
+
[source,terminal]
----
$ oc get all -n openshift-adp
----
+
.Example output
+
----
NAME READY STATUS RESTARTS AGE
pod/oadp-operator-controller-manager-67d9494d47-6l8z8 2/2 Running 0 2m8s
pod/oadp-velero-sample-1-aws-registry-5d6968cbdd-d5w9k 1/1 Running 0 95s
pod/restic-9cq4q 1/1 Running 0 94s
pod/restic-m4lts 1/1 Running 0 94s
pod/restic-pv4kr 1/1 Running 0 95s
pod/velero-588db7f655-n842v 1/1 Running 0 95s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/oadp-operator-controller-manager-metrics-service ClusterIP 172.30.70.140 <none> 8443/TCP 2m8s
service/oadp-velero-sample-1-aws-registry-svc ClusterIP 172.30.130.230 <none> 5000/TCP 95s
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/restic 3 3 3 3 3 <none> 96s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/oadp-operator-controller-manager 1/1 1 1 2m9s
deployment.apps/oadp-velero-sample-1-aws-registry 1/1 1 1 96s
deployment.apps/velero 1/1 1 1 96s
NAME DESIRED CURRENT READY AGE
replicaset.apps/oadp-operator-controller-manager-67d9494d47 1 1 1 2m9s
replicaset.apps/oadp-velero-sample-1-aws-registry-5d6968cbdd 1 1 1 96s
replicaset.apps/velero-588db7f655 1 1 1 96s
----

26
modules/oadp-installing-operator.adoc Normal file
View File

@@ -0,0 +1,26 @@
// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
[id="oadp-installing-operator_{context}"]
= Installing the OADP Operator
You install the Openshift API for Data Protection (OADP) Operator on {product-title} {product-version} by using Operator Lifecycle Manager (OLM).
The OADP Operator installs link:https://velero.io/docs/v1.7/[Velero 1.7].
.Prerequisites
* You must be logged in as a user with `cluster-admin` privileges.
.Procedure
. In the {product-title} web console, click *Operators* -> *OperatorHub*.
. Use the *Filter by keyword* field to find the *OADP Operator*.
. Select the *OADP Operator* and click *Install*.
. Click *Install* to install the Operator in the `openshift-adp` project.
. Click *Operators* -> *Installed Operators* to verify the installation.