azure: update documentation and examples

Signed-off-by: Steve Kriss <steve@heptio.com>
2025-12-23 14:25:22 +00:00 · 2018-08-27 12:21:50 -07:00
parent cb321db21f
commit df69b274a0
5 changed files with 28 additions and 29 deletions
--- a/docs/azure-config.md
+++ b/docs/azure-config.md
@@ -51,23 +51,15 @@ az storage account create \
    --access-tier Hot
 ```
-Create the blob container named `ark`. Feel free to use a different name, preferrably unique to a single Kubernetes cluster. See the [FAQ][20] for more details. You'll need to
+Create the blob container named `ark`. Feel free to use a different name, preferably unique to a single Kubernetes cluster. See the [FAQ][20] for more details.
 adjust the `bucket` field under `backupStorageProvider` in the Ark Config accordingly if you do.
 ```bash
 az storage container create -n ark --public-access off --account-name $AZURE_STORAGE_ACCOUNT_ID
 # Obtain the storage access key for the storage account just created
 AZURE_STORAGE_KEY=`az storage account keys list \
    --account-name $AZURE_STORAGE_ACCOUNT_ID \
    --resource-group $AZURE_BACKUP_RESOURCE_GROUP \
    --query '[0].value' \
    -o tsv`
 ```
 ## Create service principal
-To integrate Ark with Azure, you must create an Ark-specific [service principal][17]. Note that seven environment variables must be set for Ark to work properly.
+To integrate Ark with Azure, you must create an Ark-specific [service principal][17].
 1. Obtain your Azure Account Subscription ID and Tenant ID:
@@ -79,11 +71,11 @@ To integrate Ark with Azure, you must create an Ark-specific [service principal]
 1. Set the name of the Resource Group that contains your Kubernetes cluster.
    ```bash
-    # Make sure this is the name of the second resource group. See warning.
+    # Make sure this is the name of the auto-generated resource group. See warning.
    AZURE_RESOURCE_GROUP=<NAME_OF_RESOURCE_GROUP_2>
    ```
-    WARNING: `AZURE_RESOURCE_GROUP` must be set to the name of the second resource group that is created when you provision your cluster in Azure. Your cluster is provisioned in the resource group that you specified when you created the cluster. Your disks, however, are provisioned in the second resource group.
+    WARNING: `AZURE_RESOURCE_GROUP` must be set to the name of the auto-generated resource group that is created when you provision your cluster in Azure. Your cluster is provisioned in the resource group that you specified when you created the cluster. Your disks, however, are provisioned in the second resource group.
    If you are unsure of the Resource Group name, run the following command to get a list that you can select from. Then set the `AZURE_RESOURCE_GROUP` environment variable to the appropriate value.
@@ -117,18 +109,16 @@ In the Ark root directory, run the following to first set up namespaces, RBAC, a
 kubectl apply -f examples/common/00-prereqs.yaml
 ```
-Now you need to create a Secret that contains all the seven environment variables you just set. The command looks like the following:
+Now you need to create a Secret that contains all the environment variables you just set. The command looks like the following:
 ```bash
 kubectl create secret generic cloud-credentials \
    --namespace <ARK_NAMESPACE> \
    --from-literal AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID} \
    --from-literal AZURE_TENANT_ID=${AZURE_TENANT_ID} \
    --from-literal AZURE_RESOURCE_GROUP=${AZURE_RESOURCE_GROUP} \
    --from-literal AZURE_CLIENT_ID=${AZURE_CLIENT_ID} \
    --from-literal AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET} \
-    --from-literal AZURE_STORAGE_ACCOUNT_ID=${AZURE_STORAGE_ACCOUNT_ID} \
+    --from-literal AZURE_RESOURCE_GROUP=${AZURE_RESOURCE_GROUP}
    --from-literal AZURE_STORAGE_KEY=${AZURE_STORAGE_KEY}
 ```
 Now that you have your Azure credentials stored in a Secret, you need to replace some placeholder values in the template files. Specifically, you need to change the following:
@@ -139,7 +129,7 @@ Now that you have your Azure credentials stored in a Secret, you need to replace
 * In file `examples/azure/05-ark-backupstoragelocation.yaml`:
-  * Replace `<YOUR_BUCKET>`. See the [BackupStorageLocation definition][21] for details.
+  * Replace `<YOUR_BLOB_CONTAINER>`, `<YOUR_STORAGE_RESOURCE_GROUP>`, and `<YOUR_STORAGE_ACCOUNT>`. See the [BackupStorageLocation definition][21] for details.
 Here is an example of a completed config file.
--- a/docs/backupstoragelocation-definition.md
+++ b/docs/backupstoragelocation-definition.md
@@ -51,12 +51,17 @@ The configurable parameters are as follows:
 | `s3Url` | string | Required field for non-AWS-hosted storage| *Example*: http://minio:9000<br><br>You can specify the AWS S3 URL here for explicitness, but Ark can already generate it from `region`, and `bucket`. This field is primarily for local storage services like Minio.|
 | `kmsKeyId` | string | Empty | *Example*: "502b409c-4da1-419f-a16e-eif453b3i49f" or "alias/`<KMS-Key-Alias-Name>`"<br><br>Specify an [AWS KMS key][10] id or alias to enable encryption of the backups stored in S3. Only works with AWS S3 and may require explicitly granting key usage rights.|
 #### GCP
 No parameters required.
 #### Azure
 ##### objectStorage/config
 | Key | Type | Default | Meaning |
 | --- | --- | --- | --- |
 | `resourceGroup` | string | Required Field | Name of the resource group containing the storage account for this backup storage location. |
 | `storageAccount` | string | Required Field | Name of the storage account for this backup storage location. |
 #### GCP
 No parameters required.
 [0]: #aws
--- a/docs/config-definition.md
+++ b/docs/config-definition.md
@@ -53,12 +53,6 @@ The configurable parameters are as follows:
 | --- | --- | --- | --- |
 | `region` | string | Required Field | *Example*: "us-east-1"<br><br>See [AWS documentation][3] for the full list. |
 #### GCP
 ##### persistentVolumeProvider/config
 No parameters required.
 #### Azure
 ##### persistentVolumeProvider/config
@@ -67,6 +61,13 @@ No parameters required.
 | --- | --- | --- | --- |
 | `apiTimeout` | metav1.Duration | 2m0s | How long to wait for an Azure API request to complete before timeout. |
 #### GCP
 ##### persistentVolumeProvider/config
 No parameters required.
 ## Deployment
 Heptio Ark also defines its own Deployment object for starting the Ark server on Kubernetes. When the Ark server is deployed, there are specific configurations that might be changed.
--- a/docs/debugging-install.md
+++ b/docs/debugging-install.md
@@ -41,7 +41,7 @@ into the Ark server pod. Ensure the following:
 This means that the secrets containing the Azure service principal credentials for Ark has not been created/mounted 
 properly into the Ark server pod. Ensure the following:
 * The `cloud-credentials` secret exists in the Ark server's namespace
-* The `cloud-credentials` secret has seven keys and each one has the correct value (see [setup instructions](0))
+* The `cloud-credentials` secret has all of the expected keys and each one has the correct value (see [setup instructions](0))
 * The `cloud-credentials` secret is defined as a volume for the Ark deployment
 * The `cloud-credentials` secret is being mounted into the Ark server pod at `/credentials`
--- a/examples/azure/05-ark-backupstoragelocation.yaml
+++ b/examples/azure/05-ark-backupstoragelocation.yaml
@@ -21,7 +21,10 @@ metadata:
 spec:
  provider: azure
  objectStorage:
-    bucket: <YOUR_BUCKET> 
+    bucket: <YOUR_BLOB_CONTAINER> 
    config:
      resourceGroup: <YOUR_STORAGE_RESOURCE_GROUP>
      storageAccount: <YOUR_STORAGE_ACCOUNT>
    # Uncomment the below line to enable restic integration.
    # The format for resticLocation is <bucket>[/<prefix>],
    # e.g. "my-restic-bucket" or "my-restic-bucket/repos".