mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
161 lines
4.7 KiB
Plaintext
161 lines
4.7 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-aws.adoc
|
|
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-azure.adoc
|
|
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-gcp.adoc
|
|
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-mcg.adoc
|
|
// * backup_and_restore/application_backup_and_restore/installing/installing-oadp-ocs.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="oadp-secrets-for-different-credentials_{context}"]
|
|
= Creating secrets for different credentials
|
|
|
|
[role="_abstract"]
|
|
If your backup and snapshot locations use different credentials, you must create two `Secret` objects:
|
|
|
|
* Backup location `Secret` with a custom name. The custom name is specified in the `spec.backupLocations` block of the `DataProtectionApplication` custom resource (CR).
|
|
* Snapshot location `Secret` with the default name, `{credentials}`. This `Secret` is not specified in the `DataProtectionApplication` CR.
|
|
|
|
.Procedure
|
|
|
|
. Create a `credentials-velero` file for the snapshot location in the appropriate format for your cloud provider.
|
|
. Create a `Secret` for the snapshot location with the default name:
|
|
+
|
|
[source,terminal,subs="attributes+"]
|
|
----
|
|
$ oc create secret generic {credentials} -n openshift-adp --from-file cloud=credentials-velero
|
|
----
|
|
|
|
. Create a `credentials-velero` file for the backup location in the appropriate format for your object storage.
|
|
. Create a `Secret` for the backup location with a custom name:
|
|
+
|
|
[source,terminal,subs="attributes+"]
|
|
----
|
|
$ oc create secret generic <custom_secret> -n openshift-adp --from-file cloud=credentials-velero
|
|
----
|
|
|
|
. Add the `Secret` with the custom name to the `DataProtectionApplication` CR, as in the following example:
|
|
|
|
ifdef::installing-oadp-azure[]
|
|
+
|
|
[source,yaml,subs="attributes+"]
|
|
----
|
|
apiVersion: oadp.openshift.io/v1alpha1
|
|
kind: DataProtectionApplication
|
|
metadata:
|
|
name: <dpa_sample>
|
|
namespace: openshift-adp
|
|
spec:
|
|
...
|
|
backupLocations:
|
|
- velero:
|
|
config:
|
|
resourceGroup: <azure_resource_group>
|
|
storageAccount: <azure_storage_account_id>
|
|
subscriptionId: <azure_subscription_id>
|
|
storageAccountKeyEnvVar: AZURE_STORAGE_ACCOUNT_ACCESS_KEY
|
|
credential:
|
|
key: cloud
|
|
name: <custom_secret> <1>
|
|
provider: azure
|
|
default: true
|
|
objectStorage:
|
|
bucket: <bucket_name>
|
|
prefix: <prefix>
|
|
snapshotLocations:
|
|
- velero:
|
|
config:
|
|
resourceGroup: <azure_resource_group>
|
|
subscriptionId: <azure_subscription_id>
|
|
incremental: "true"
|
|
provider: {provider}
|
|
----
|
|
<1> Backup location `Secret` with custom name.
|
|
endif::[]
|
|
ifdef::installing-oadp-gcp[]
|
|
+
|
|
[source,yaml,subs="attributes+"]
|
|
----
|
|
apiVersion: oadp.openshift.io/v1alpha1
|
|
kind: DataProtectionApplication
|
|
metadata:
|
|
name: <dpa_sample>
|
|
namespace: openshift-adp
|
|
spec:
|
|
...
|
|
backupLocations:
|
|
- velero:
|
|
provider: {provider}
|
|
default: true
|
|
credential:
|
|
key: cloud
|
|
name: <custom_secret> <1>
|
|
objectStorage:
|
|
bucket: <bucket_name>
|
|
prefix: <prefix>
|
|
snapshotLocations:
|
|
- velero:
|
|
provider: {provider}
|
|
default: true
|
|
config:
|
|
project: <project>
|
|
snapshotLocation: us-west1
|
|
----
|
|
<1> Backup location `Secret` with custom name.
|
|
endif::[]
|
|
ifdef::installing-oadp-mcg[]
|
|
+
|
|
[source,yaml,subs="attributes+"]
|
|
----
|
|
apiVersion: oadp.openshift.io/v1alpha1
|
|
kind: DataProtectionApplication
|
|
metadata:
|
|
name: <dpa_sample>
|
|
namespace: openshift-adp
|
|
spec:
|
|
...
|
|
backupLocations:
|
|
- velero:
|
|
config:
|
|
profile: "default"
|
|
region: <region_name> <1>
|
|
s3Url: <url>
|
|
insecureSkipTLSVerify: "true"
|
|
s3ForcePathStyle: "true"
|
|
provider: {provider}
|
|
default: true
|
|
credential:
|
|
key: cloud
|
|
name: <custom_secret> <2>
|
|
objectStorage:
|
|
bucket: <bucket_name>
|
|
prefix: <prefix>
|
|
----
|
|
<1> Specify the region, following the naming convention of the documentation of your object storage server.
|
|
<2> Backup location `Secret` with custom name.
|
|
endif::[]
|
|
ifdef::installing-oadp-ibm-cloud,installing-oadp-ocs[]
|
|
+
|
|
[source,yaml,subs="attributes+"]
|
|
----
|
|
apiVersion: oadp.openshift.io/v1alpha1
|
|
kind: DataProtectionApplication
|
|
metadata:
|
|
name: <dpa_sample>
|
|
namespace: openshift-adp
|
|
spec:
|
|
...
|
|
backupLocations:
|
|
- velero:
|
|
provider: <provider>
|
|
default: true
|
|
credential:
|
|
key: cloud
|
|
name: <custom_secret> <1>
|
|
objectStorage:
|
|
bucket: <bucket_name>
|
|
prefix: <prefix>
|
|
----
|
|
<1> Backup location `Secret` with custom name.
|
|
endif::[]
|