openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/oadp-creating-default-secret.adoc
Shruti Deshpande ab7ef76d70 fix callouts and dits errors in AWS 
Signed-off-by: Shruti Deshpande <shdeshpa@redhat.com>
2026-01-20 11:22:15 +05:30

86 lines
3.2 KiB
Plaintext
Raw Permalink Blame History

// Module included in the following assemblies:
//
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
:_mod-docs-content-type: PROCEDURE
[id="oadp-creating-default-secret_{context}"]
= Creating a default Secret
[role="_abstract"]
You create a default `Secret` if your backup and snapshot locations use the same credentials or if you do not require a snapshot location.
ifdef::installing-oadp-aws,installing-oadp-azure,installing-oadp-gcp,installing-oadp-mcg[]
The default name of the `Secret` is `{credentials}`.
endif::[]
ifdef::installing-oadp-ocs[]
The default name of the `Secret` is `{credentials}`, unless your backup storage provider has a default plugin, such as `aws`, `azure`, or `gcp`. In that case, the default name is specified in the provider-specific OADP installation procedure.
endif::[]
[NOTE]
====
The `DataProtectionApplication` custom resource (CR) requires a default `Secret`. Otherwise, the installation will fail. If the name of the backup location `Secret` is not specified, the default name is used.
If you do not want to use the backup location credentials during the installation, you can create a `Secret` with the default name by using an empty `credentials-velero` file.
====
.Prerequisites
* Your object storage and cloud storage, if any, must use the same credentials.
* You must configure object storage for Velero.
.Procedure
. Create a `credentials-velero` file for the backup storage location in the appropriate format for your cloud provider.
ifdef::installing-oadp-aws,installing-oadp-mcg,installing-oadp-ocs[]
+
See the following example:
+
[source,terminal]
----
[default]
aws_access_key_id=<AWS_ACCESS_KEY_ID>
aws_secret_access_key=<AWS_SECRET_ACCESS_KEY>
----
endif::[]
ifdef::installing-oadp-azure[]
+
You can use one of the following two methods to authenticate {oadp-short} with Azure.
* Use the service principal with secret-based authentication. See the following example:
+
[source,terminal]
----
AZURE_SUBSCRIPTION_ID=<azure_subscription_id>
AZURE_TENANT_ID=<azure_tenant_id>
AZURE_CLIENT_ID=<azure_client_id>
AZURE_CLIENT_SECRET=<azure_client_secret>
AZURE_RESOURCE_GROUP=<azure_resource_group>
AZURE_CLOUD_NAME=<azure_cloud_name>
----
* Use a storage account access key. See the following example:
+
[source,terminal]
----
AZURE_STORAGE_ACCOUNT_ACCESS_KEY=<azure_storage_account_access_key>
AZURE_SUBSCRIPTION_ID=<azure_subscription_id>
AZURE_RESOURCE_GROUP=<azure_resource_group>
AZURE_CLOUD_NAME=<azure_cloud_name>
----
endif::[]
. Create a `Secret` custom resource (CR) with the default name:
+
[source,terminal,subs="attributes+"]
----
$ oc create secret generic {credentials} -n openshift-adp --from-file cloud=credentials-velero
----
+
The `Secret` is referenced in the `spec.backupLocations.credential` block of the `DataProtectionApplication` CR when you install the Data Protection Application.
View Git Blame Copy Permalink