To create a backup storage location secret:
- Establish a CLI session on the Bare Metal Orchestrator VM and log in. For high availability configurations, establish a CLI session using the virtual IP (VIP) of the Load Balancers for the Bare Metal Orchestrator cluster.
- Run:
bmo delete secret <secretname> -n <namespace>
where
<secretname>
is the name of the existing S3 backup storage location secret and the<namespace>
entered should bevelero
to identify that the object is related to cluster backups.For example:bmo delete secret cloud-credentials -n velero
- Create a credentials file and specify these default attributes:
aws_access_key_id = <accesskeyid>
aws_secret_access_key = <secretkey>
The following is an example of an S3 credentials file called credentials-s3:[default]
aws_access_key_id = myaccesskey
aws_secret_access_key = mysecretkey - Run the following command to encode the S3 credentials file using base64 encoding.
base64 -w 0 <credentials-filename>
For example:#base64 -w 0 credentials-s3
W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkID0gbXlhY2Nlc3NrZXkKYXdzX3NlY3JldF9hY2Nlc3Nfa2V5ID0gbXlzZWNyZXRrZXkK - Create a YAML file for the backup location secret. Enter:
<secretfilename>.yaml
For example:secret.yaml
- Edit the <secretfilename>.yaml file in Vim or a similar editor to include the base64 encoded content that was generated earlier. The following is an example of the <secretfilename>.yaml file:
apiVersion: v1
data:
cloud: W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkID0gbXlhY2Nlc3NrZXkKYXdzX3NlY3JldF9hY2Nlc3Nfa2V5ID0gbXlzZWNyZXRrZXkK
kind: Secret
metadata:
name: cloud-credentials
namespace: velero
type: Opaque - Save the file and quit the editor.
- Create the backup location secret. Run:
bmo create secret -f <secretfilename>.yaml -n velero