Closed Xieql closed 1 year ago
AWS S3/Minio:
[default]
aws_access_key_id=
Google Cloud Platform (GCP) see https://github.com/vmware-tanzu/velero-plugin-for-gcp#setup
velero install \ --provider gcp \ --plugins velero/velero-plugin-for-gcp:v1.6.0 \ --bucket $BUCKET \ --secret-file ./credentials-velero
see https://cloud.google.com/iam/docs/keys-create-delete?hl=zh-cn { "type": "service_account", "project_id": "PROJECT_ID", "private_key_id": "KEY_ID", "private_key": "-----BEGIN PRIVATE KEY-----\nPRIVATE_KEY\n-----END PRIVATE KEY-----\n", "client_email": "SERVICE_ACCOUNT_EMAIL", "client_id": "CLIENT_ID", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://accounts.google.com/o/oauth2/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/SERVICE_ACCOUNT_EMAIL" }
see https://github.com/kurator-dev/kurator/blob/c8ad3998de73ec0c55741cf6edb977abfdf38b6b/pkg/apis/fleet/v1alpha1/types.go#L286-L298 since we already have decision about how to access object storage, so close it.
What would you like to be added:
Currently, Kurator using Velero which uses Object Storage to store backup of cluster resources.
However, different object storage providers have different authentication methods.
To support a wider range of object storage providers, it would be beneficial to investigate and enhance the authentication methods for the following providers:
Why is this needed:
The union backup feature need know how to create credential for object storage in Velero