For OpenShift: Installing and configuring Velero by using the OADP Operator

To protect OpenShift® cluster-scoped resources and namespace-scoped resources, you must use the OpenShift APIs for Data Protection (OADP) operator to install and configure the Velero tool in a dedicated namespace. The suggested name for the IBM Spectrum® Protect Plus Velero namespace is spp-velero.

Before you begin

If you installed an instance of Velero in the cluster for another purpose, you must install another instance of Velero for IBM Spectrum Protect Plus. Follow the instructions in Installing a second instance of Velero.

Download the OADP operator from the Operator Hub.

Important: To use the OADP operator in Red Hat® OpenShift Container Platform 4.5, you must complete extra steps to add the OADP operator to the Operator Hub. For instructions, see https://github.com/konveyor/oadp-operator/blob/master/docs/olm.md.

About this task

Tip: The term namespace is used to refer to Red Hat OpenShift project.

Procedure

Create an empty namespace called spp-velero.
Create a secret file with the following content:
```
[default]
aws_access_key_id=
aws_secret_access_key=
```
The secret file does not need to have a user ID or a password, the fields can remain empty and unspecified.
Create a secret from the secret file that was created in the previous step by entering the following command:
```
oc create secret generic cloud-credentials 
--namespace spp-velero 
--from-file cloud=<path_to_secret_file>
```
Log on to the OpenShift web console as the cluster administrator.
In the navigation panel, click Operators > OperatorHub.
To install the OADP Operator, enter OADP in the search field. Click the OADP Operator card.
Click Install.
In the Install Operator page, change the default namespace name from oadp-operator to spp-velero and click Install.
In the OADP Operator page, look for the Velero card and click Create Instance to create a Velero custom resource (CR).

Edit the YAML file. Replace it with the following details and click Create.

apiVersion: konveyor.openshift.io/v1alpha1
kind: Velero
metadata:
  name: spp-velero
  namespace: spp-velero
spec:
  default_velero_plugins:
    - aws
    - openshift
  enable_restic: false
  olm_managed: true
  use_upstream_images: false
  velero_resource_allocation:
    limits:
      cpu: '1'
      memory: 512Mi
    requests:
      cpu: 500m
      memory: 256Mi

For example:

Ensure that Velero is installed and running by issuing the following command at the oc command line:

oc describe deployment velero -n spp-velero | grep Image

The following text block is an example of the output that is displayed:

Image:      quay.io/konveyor/openshift-velero-plugin:oadp-0.2.3
Image:      quay.io/konveyor/velero-plugin-for-aws:oadp-0.2.3
Image:      quay.io/konveyor/velero:oadp-0.2.3
Image:      quay.io/konveyor/velero:oadp-0.2.3

What to do next

If you no longer require Velero, uninstall it by deleting the Velero instance in the OADP operator page in the OpenShift web console.

Tip:

After you installed Velero and Container Backup Support and before you can protect cluster-scoped and namespaces-scoped resources, you must run an inventory in the IBM Spectrum Protect Plus user interface so that the Velero instance is detected. For instructions, see Detecting OpenShift cluster resources.

During the inventory operation, the BackupStorageLocation that connects to the BaaS MinIO data mover is created automatically.