openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
941d1310d486905245a9801e32d40bd3116cc160
openshift-docs/modules/oadp-self-service-creating-nabsl.adoc
Shruti Deshpande 941d1310d4 OADP-4001 Self-Service 
Signed-off-by: Shruti Deshpande <shdeshpa@redhat.com>
2025-05-28 20:46:38 +00:00

165 lines
5.6 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// backup_and_restore/application_backup_and_restore/oadp-self-service/oadp-self-service-namespace-admin-use-cases.adoc
:_mod-docs-content-type: PROCEDURE
[id="oadp-self-service-creating-nabsl_{context}"]
= Creating a NonAdminBackupStorageLocation CR
You can create a `NonAdminBackupStorageLocation` (NABSL) custom resource (CR) in your authorized namespace. After the cluster administrator approves the NABSL CR request, you can use the NABSL CR in the `NonAdminBackup` CR spec.
.Prerequisites
* You are logged in to the cluster as a namespace admin user.
* The cluster administrator has installed the {oadp-short} Operator.
* The cluster administrator has configured the `DataProtectionApplication` (DPA) CR to enable {oadp-short} Self-Service.
* The cluster administrator has created a namespace for you and has authorized you to operate from that namespace.
.Procedure
. Create a `Secret` CR by using the cloud credentials file content for your cloud provider. Run the following command:
+
[source,terminal]
----
$ oc create secret generic cloud-credentials -n test-nac-ns --from-file <cloud_key_name>=<cloud_credentials_file> # <1>
----
<1> In this example, the `Secret` name is `cloud-credentials` and the authorized namespace name is `test-nac-ns`. Replace `<cloud_key_name>` and `<cloud_credentials_file>` with your cloud key name and the cloud credentials file name, respectively.
. To create a `NonAdminBackupStorageLocation` CR, create a YAML manifest file with the following configuration:
+
.Example `NonAdminBackupStorageLocation` CR
[source,yaml]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: NonAdminBackupStorageLocation
metadata:
name: test-nabsl
namespace: test-nac-ns # <1>
spec:
backupStorageLocationSpec:
config:
profile: default
region: <region_name> # <2>
credential:
key: cloud
name: cloud-credentials
objectStorage:
bucket: <bucket_name> # <3>
prefix: velero
provider: aws
----
<1> Specify the namespace you are authorized to operate from. For example, `test-nac-ns`.
<2> Replace `<region_name>` with a region name.
<3> Replace `<bucket_name>` with a bucket name.
. To apply the NABSL CR configuration, run the following command:
+
[source,terminal]
----
$ oc apply -f <nabsl_cr_filename> # <1>
----
<1> Replace `<nabsl_cr_filename>` with the file name containing the NABSL CR configuration.
.Verification
. To verify that the NABSL CR is in the `New` phase and is pending administrator approval, run the following command:
+
[source,terminal]
----
$ oc get nabsl test-nabsl -o yaml
----
+
.Example output
[source,yaml]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: NonAdminBackupStorageLocation
...
status:
conditions:
- lastTransitionTime: "2025-02-26T09:07:15Z"
message: NonAdminBackupStorageLocation spec validation successful
reason: BslSpecValidation
status: "True"
type: Accepted
- lastTransitionTime: "2025-02-26T09:07:15Z"
message: NonAdminBackupStorageLocationRequest approval pending # <1>
reason: BslSpecApprovalPending
status: "False"
type: ClusterAdminApproved
phase: New # <2>
veleroBackupStorageLocation:
nacuuid: test-nac-test-bsl-c...d4389a1930
name: test-nac-test-bsl-cd....1930
namespace: openshift-adp
----
<1> Defines that the `status.conditions.message` field contains the `NonAdminBackupStorageLocationRequest approval pending` message .
<2> Defines that the status of a phase is `New`.
. After the cluster administrator approves the `NonAdminBackupStorageLocationRequest` CR request, verify that the NABSL CR is successfully created by running the following command:
+
[source,terminal]
----
$ oc get nabsl test-nabsl -o yaml
----
+
.Example output
+
[source,yaml]
----
apiVersion: oadp.openshift.io/v1alpha1
kind: NonAdminBackupStorageLocation
metadata:
creationTimestamp: "2025-02-19T09:30:34Z"
finalizers:
- nonadminbackupstoragelocation.oadp.openshift.io/finalizer
generation: 1
name: test-nabsl
namespace: test-nac-ns
resourceVersion: "159973"
uid: 4a..80-3260-4ef9-a3..5a-00...d1922
spec:
backupStorageLocationSpec:
credential:
key: cloud
name: cloud-credentials
objectStorage:
bucket: oadp...51rrdqj
prefix: velero
provider: aws
status:
conditions:
- lastTransitionTime: "2025-02-19T09:30:34Z"
message: NonAdminBackupStorageLocation spec validation successful # <1>
reason: BslSpecValidation
status: "True"
type: Accepted
- lastTransitionTime: "2025-02-19T09:30:34Z"
message: Secret successfully created in the OADP namespace # <2>
reason: SecretCreated
status: "True"
type: SecretSynced
- lastTransitionTime: "2025-02-19T09:30:34Z"
message: BackupStorageLocation successfully created in the OADP namespace # <3>
reason: BackupStorageLocationCreated
status: "True"
type: BackupStorageLocationSynced
phase: Created
veleroBackupStorageLocation:
nacuuid: test-nac-..f933a-4ec1-4f6a-8099-ee...b8b26 # <4>
name: test-nac-test-nabsl-36...11ab8b26 # <5>
namespace: openshift-adp
status:
lastSyncedTime: "2025-02-19T11:47:10Z"
lastValidationTime: "2025-02-19T11:47:31Z"
phase: Available # <6>
----
<1> The NABSL `spec` is validated and approved by the cluster administrator.
<2> The `secret` object is successfully created in the `openshift-adp` namespace.
<3> The associated `Velero` `BackupStorageLocation` is successfully created in the `openshift-adp` namespace.
<4> The `nacuuid` NAC is orchestrating the NABSL CR.
<5> The name of the associated `Velero` backup storage location object.
<6> The `Available` phase indicates that the NABSL is ready for use.
View Git Blame Copy Permalink