mirror of
https://github.com/vmware-tanzu/velero.git
synced 2025-12-23 06:15:21 +00:00
Merge pull request #9173 from clementnuss/feat/backup-pvc-annotations
Some checks failed
Run the E2E test on kind / build (push) Failing after 8s
Run the E2E test on kind / setup-test-matrix (push) Successful in 3s
Run the E2E test on kind / run-e2e-test (push) Has been skipped
Main CI / Build (push) Failing after 3s
Close stale issues and PRs / stale (push) Successful in 13s
Trivy Nightly Scan / Trivy nightly scan (velero, main) (push) Failing after 3m0s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-aws, main) (push) Failing after 55s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-gcp, main) (push) Failing after 2s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-microsoft-azure, main) (push) Failing after 21s
Some checks failed
Run the E2E test on kind / build (push) Failing after 8s
Run the E2E test on kind / setup-test-matrix (push) Successful in 3s
Run the E2E test on kind / run-e2e-test (push) Has been skipped
Main CI / Build (push) Failing after 3s
Close stale issues and PRs / stale (push) Successful in 13s
Trivy Nightly Scan / Trivy nightly scan (velero, main) (push) Failing after 3m0s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-aws, main) (push) Failing after 55s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-gcp, main) (push) Failing after 2s
Trivy Nightly Scan / Trivy nightly scan (velero-plugin-for-microsoft-azure, main) (push) Failing after 21s
feat: Permit specifying annotations for the BackupPVC
This commit is contained in:
lyndon-li
GitHub
1
changelogs/unreleased/9173-clementnuss
Normal file
1
changelogs/unreleased/9173-clementnuss
Normal file
@@ -0,0 +1 @@
|
|||||||
|
feat: Permit specifying annotations for the BackupPVC
|
||||||
@@ -188,6 +188,7 @@ func (e *csiSnapshotExposer) Expose(ctx context.Context, ownerObject corev1api.O
|
|||||||
backupPVCStorageClass := csiExposeParam.StorageClass
|
backupPVCStorageClass := csiExposeParam.StorageClass
|
||||||
backupPVCReadOnly := false
|
backupPVCReadOnly := false
|
||||||
spcNoRelabeling := false
|
spcNoRelabeling := false
|
||||||
|
backupPVCAnnotations := map[string]string{}
|
||||||
if value, exists := csiExposeParam.BackupPVCConfig[csiExposeParam.StorageClass]; exists {
|
if value, exists := csiExposeParam.BackupPVCConfig[csiExposeParam.StorageClass]; exists {
|
||||||
if value.StorageClass != "" {
|
if value.StorageClass != "" {
|
||||||
backupPVCStorageClass = value.StorageClass
|
backupPVCStorageClass = value.StorageClass
|
||||||
@@ -201,9 +202,13 @@ func (e *csiSnapshotExposer) Expose(ctx context.Context, ownerObject corev1api.O
|
|||||||
curLog.WithField("vs name", volumeSnapshot.Name).Warn("Ignoring spcNoRelabling for read-write volume")
|
curLog.WithField("vs name", volumeSnapshot.Name).Warn("Ignoring spcNoRelabling for read-write volume")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(value.Annotations) > 0 {
|
||||||
|
backupPVCAnnotations = value.Annotations
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
backupPVC, err := e.createBackupPVC(ctx, ownerObject, backupVS.Name, backupPVCStorageClass, csiExposeParam.AccessMode, volumeSize, backupPVCReadOnly)
|
backupPVC, err := e.createBackupPVC(ctx, ownerObject, backupVS.Name, backupPVCStorageClass, csiExposeParam.AccessMode, volumeSize, backupPVCReadOnly, backupPVCAnnotations)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "error to create backup pvc")
|
return errors.Wrap(err, "error to create backup pvc")
|
||||||
}
|
}
|
||||||
@@ -485,7 +490,7 @@ func (e *csiSnapshotExposer) createBackupVSC(ctx context.Context, ownerObject co
|
|||||||
return e.csiSnapshotClient.VolumeSnapshotContents().Create(ctx, vsc, metav1.CreateOptions{})
|
return e.csiSnapshotClient.VolumeSnapshotContents().Create(ctx, vsc, metav1.CreateOptions{})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *csiSnapshotExposer) createBackupPVC(ctx context.Context, ownerObject corev1api.ObjectReference, backupVS, storageClass, accessMode string, resource resource.Quantity, readOnly bool) (*corev1api.PersistentVolumeClaim, error) {
|
func (e *csiSnapshotExposer) createBackupPVC(ctx context.Context, ownerObject corev1api.ObjectReference, backupVS, storageClass, accessMode string, resource resource.Quantity, readOnly bool, annotations map[string]string) (*corev1api.PersistentVolumeClaim, error) {
|
||||||
backupPVCName := ownerObject.Name
|
backupPVCName := ownerObject.Name
|
||||||
|
|
||||||
volumeMode, err := getVolumeModeByAccessMode(accessMode)
|
volumeMode, err := getVolumeModeByAccessMode(accessMode)
|
||||||
@@ -507,8 +512,9 @@ func (e *csiSnapshotExposer) createBackupPVC(ctx context.Context, ownerObject co
|
|||||||
|
|
||||||
pvc := &corev1api.PersistentVolumeClaim{
|
pvc := &corev1api.PersistentVolumeClaim{
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Namespace: ownerObject.Namespace,
|
Namespace: ownerObject.Namespace,
|
||||||
Name: backupPVCName,
|
Name: backupPVCName,
|
||||||
|
Annotations: annotations,
|
||||||
OwnerReferences: []metav1.OwnerReference{
|
OwnerReferences: []metav1.OwnerReference{
|
||||||
{
|
{
|
||||||
APIVersion: ownerObject.APIVersion,
|
APIVersion: ownerObject.APIVersion,
|
||||||
|
|||||||
@@ -1001,8 +1001,9 @@ func Test_csiSnapshotExposer_createBackupPVC(t *testing.T) {
|
|||||||
|
|
||||||
backupPVC := corev1api.PersistentVolumeClaim{
|
backupPVC := corev1api.PersistentVolumeClaim{
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Namespace: velerov1.DefaultNamespace,
|
Namespace: velerov1.DefaultNamespace,
|
||||||
Name: "fake-backup",
|
Name: "fake-backup",
|
||||||
|
Annotations: map[string]string{},
|
||||||
OwnerReferences: []metav1.OwnerReference{
|
OwnerReferences: []metav1.OwnerReference{
|
||||||
{
|
{
|
||||||
APIVersion: backup.APIVersion,
|
APIVersion: backup.APIVersion,
|
||||||
@@ -1031,8 +1032,9 @@ func Test_csiSnapshotExposer_createBackupPVC(t *testing.T) {
|
|||||||
|
|
||||||
backupPVCReadOnly := corev1api.PersistentVolumeClaim{
|
backupPVCReadOnly := corev1api.PersistentVolumeClaim{
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Namespace: velerov1.DefaultNamespace,
|
Namespace: velerov1.DefaultNamespace,
|
||||||
Name: "fake-backup",
|
Name: "fake-backup",
|
||||||
|
Annotations: map[string]string{},
|
||||||
OwnerReferences: []metav1.OwnerReference{
|
OwnerReferences: []metav1.OwnerReference{
|
||||||
{
|
{
|
||||||
APIVersion: backup.APIVersion,
|
APIVersion: backup.APIVersion,
|
||||||
@@ -1114,7 +1116,7 @@ func Test_csiSnapshotExposer_createBackupPVC(t *testing.T) {
|
|||||||
APIVersion: tt.ownerBackup.APIVersion,
|
APIVersion: tt.ownerBackup.APIVersion,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
got, err := e.createBackupPVC(t.Context(), ownerObject, tt.backupVS, tt.storageClass, tt.accessMode, tt.resource, tt.readOnly)
|
got, err := e.createBackupPVC(t.Context(), ownerObject, tt.backupVS, tt.storageClass, tt.accessMode, tt.resource, tt.readOnly, map[string]string{})
|
||||||
if !tt.wantErr(t, err, fmt.Sprintf("createBackupPVC(%v, %v, %v, %v, %v, %v)", ownerObject, tt.backupVS, tt.storageClass, tt.accessMode, tt.resource, tt.readOnly)) {
|
if !tt.wantErr(t, err, fmt.Sprintf("createBackupPVC(%v, %v, %v, %v, %v, %v)", ownerObject, tt.backupVS, tt.storageClass, tt.accessMode, tt.resource, tt.readOnly)) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -56,6 +56,9 @@ type BackupPVC struct {
|
|||||||
// SPCNoRelabeling sets Spec.SecurityContext.SELinux.Type to "spc_t" for the pod mounting the backupPVC
|
// SPCNoRelabeling sets Spec.SecurityContext.SELinux.Type to "spc_t" for the pod mounting the backupPVC
|
||||||
// ignored if ReadOnly is false
|
// ignored if ReadOnly is false
|
||||||
SPCNoRelabeling bool `json:"spcNoRelabeling,omitempty"`
|
SPCNoRelabeling bool `json:"spcNoRelabeling,omitempty"`
|
||||||
|
|
||||||
|
// Annotations permits setting annotations for the backupPVC
|
||||||
|
Annotations map[string]string `json:"annotations,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type RestorePVC struct {
|
type RestorePVC struct {
|
||||||
|
|||||||
@@ -37,6 +37,9 @@ default the source PVC's storage class will be used.
|
|||||||
The users can specify the ConfigMap name during velero installation by CLI:
|
The users can specify the ConfigMap name during velero installation by CLI:
|
||||||
`velero install --node-agent-configmap=<ConfigMap-Name>`
|
`velero install --node-agent-configmap=<ConfigMap-Name>`
|
||||||
|
|
||||||
|
- `annotations`: permits to set annotations on the backupPVC itself. typically useful for some CSI provider which cannot mount
|
||||||
|
a VolumeSnapshot without a custom annotation.
|
||||||
|
|
||||||
A sample of `backupPVC` config as part of the ConfigMap would look like:
|
A sample of `backupPVC` config as part of the ConfigMap would look like:
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
@@ -49,8 +52,11 @@ A sample of `backupPVC` config as part of the ConfigMap would look like:
|
|||||||
"storageClass": "backupPVC-storage-class"
|
"storageClass": "backupPVC-storage-class"
|
||||||
},
|
},
|
||||||
"storage-class-3": {
|
"storage-class-3": {
|
||||||
"readOnly": true
|
"readOnly": true,
|
||||||
}
|
"annotations": {
|
||||||
|
"some-csi.provider.io/readOnlyClone": true
|
||||||
|
}
|
||||||
|
},
|
||||||
"storage-class-4": {
|
"storage-class-4": {
|
||||||
"readOnly": true,
|
"readOnly": true,
|
||||||
"spcNoRelabeling": true
|
"spcNoRelabeling": true
|
||||||
|
|||||||
Reference in New Issue
Block a user