If you are trying to configure Konvoy's Velero addon to use an external S3 instance instead of the included Minio addon, you may encounter problems with running backups, accompanied by an error that resembles:
An error occurred: DownloadRequest.velero.io "velero-kubeaddons-default-XX-XX" is invalid: status.phase: Unsupported value: "": supported values: "New", "Processed"
You can also try running it manually with the "velero" CLI to get another error that is not very helpful:
$ velero create backup testbackup
An error occurred: Backup.velero.io "testbackup" is invalid: [spec.volumeSnapshotLocations: Invalid value: "null": spec.volumeSnapshotLocations in body must be of type array: "null", status.phase: Unsupported value: "": supported values: "New", "FailedValidation", "InProgress", "Completed", "PartiallyFailed", "Failed", "Deleting"]
Check the velero pod logs for more information on the failed backup. You may be able to find an entry that looks like this:
time="20XX-XX-XXTXX:XX:XXZ" level=error msg="Error listing backups in backup store" backupLocation=default controller=backup-sync error="rpc error: code = Unknown desc = RequestError: send request failed\ncaused by: Get https://example.com/k8s-backup?delimiter=%2F&list-type=2&prefix=backups%2F: dial tcp 192.168.X.X:443: connect: connection refused" error.file="/go/src/github.com/vmware-tanzu/velero-plugin-for-aws/velero-plugin-for-aws/object_store.go:331" error.function="main.(*ObjectStore).ListCommonPrefixes" logSource="pkg/controller/backup_sync_controller.go:175"
The first thing to check is that you are specifying the correct port. Check the S3 store's documentation to ensure that you are using to see what port you should be trying to connect to. For example, Netapp StorageGrid uses port 8082 by default.
Also, ensure that you are specifying credentials. Your S3 store may be configured to require credentials, which Velero will not have configured by default. Refer to your S3 store's documentation and how it was configured to see which credentials are required.
Here is a section of a Konvoy cluster.yaml file that contains an example for how the Velero addon block might be configured to include s3Url and access credentials. Enter the appropriate values as needed:
- name: velero
enabled: true
values: |
minioBackend: false
configuration:
provider: aws
backupStorageLocation:
bucket: <my-bucket>
config:
region: us-west-2
s3ForcePathStyle: "false"
insecureSkipTLSVerify: "false"
s3Url: "<S3-url>:<port>"
credentials:
secretContents:
cloud: |
[default]
aws_access_key_id = <key-id>
aws_secret_access_key = <secret-key>
After making a change to your cluster.yaml, you can apply it with "./konvoy deploy addons". Continue to check the Velero pod logs after attempting backups to see if additional configurations are needed.