{{ if .Values.velero.enabled }} apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: velero namespace: argocd annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: destination: namespace: velero server: 'https://kubernetes.default.svc' sources: - repoURL: {{ .Values.cluster_config.manifests }} path: {{ .Values.cluster_config.policies }}/velero targetRevision: HEAD - repoURL: 'https://vmware-tanzu.github.io/helm-charts' targetRevision: {{ .Values.velero.version }} chart: velero helm: values: | initContainers: - name: velero-plugin-for-aws image: velero/velero-plugin-for-aws:v1.9.0 imagePullPolicy: IfNotPresent volumeMounts: - mountPath: /target name: plugins credentials: useSecret: true existingSecret: {{ .Values.velero.credentials.secretName }} deployNodeAgent: true nodeAgent: podVolumePath: {{ .Values.velero.kubeletRootDir }} resources: requests: cpu: {{ .Values.velero.resources.nodeAgent.request.cpu | default "500m" }} memory: {{ .Values.velero.resources.nodeAgent.request.memory | default "1Gi" }} limits: memory: {{ .Values.velero.resources.nodeAgent.limit.memory | default "2Gi" }} snapshotsEnabled: false resources: requests: cpu: {{ .Values.velero.resources.velero.request.cpu | default "500m" }} memory: {{ .Values.velero.resources.velero.request.memory | default "1Gi" }} limits: memory: {{ .Values.velero.resources.velero.limit.memory | default "1Gi" }} configuration: uploaderType: kopia # Backup all volumes by default defaultVolumesToFsBackup: {{ .Values.velero.backupAllVolumes }} ## https://velero.io/docs/v1.6/api-types/backupstoragelocation/ backupStorageLocation: - name: {{ .Values.velero.bsl }} bucket: {{ .Values.velero.bucket }} provider: aws default: true ## prefix is the directory under which all Velero data should be stored within the bucket. Optional. prefix: {{ .Values.cluster_config.cluster }}/velero accessMode: ReadWrite config: ## ONLY us-east-1 region is supported by nutanix region: {{ .Values.velero.s3.region }} s3ForcePathStyle: "true" s3Url: {{ .Values.velero.s3.url }} {{- if .Values.velero.s3.insecureSkipTLSVerify }} insecureSkipTLSVerify: true {{- end }} metrics: serviceMonitor: enabled: true additionalLabels: k8s-app: "velero" release: "prometheus" prometheusRule: enabled: true # namespace: "" # Rules to be deployed spec: - alert: VeleroBackupPartialFailures annotations: message: Velero backup {{` {{ $labels.schedule }} `}} has {{` {{$value | humanizePercentage}} `}} partialy failed backups. expr: |- velero_backup_partial_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 for: 15m labels: severity: critical - alert: VeleroBackupFailures annotations: message: Velero backup {{` {{$labels.schedule}} `}} has {{` {{$value | humanizePercentage}} `}} failed backups. expr: |- velero_backup_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 for: 15m labels: severity: critical project: sys syncPolicy: managedNamespaceMetadata: labels: component: sys syncOptions: - CreateNamespace=true - ApplyOutOfSyncOnly=true {{- if .Values.velero.autosync }} automated: prune: true # selfHeal: false {{- end }} {{- end }}