setup gcs backup bucket for longhorn
This commit is contained in:
38
argocd/templates/longhorn_backup_target_creds.yaml
Normal file
38
argocd/templates/longhorn_backup_target_creds.yaml
Normal file
@@ -0,0 +1,38 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: longhorn-vault-secret-reader
|
||||
namespace: longhorn-system
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultAuth
|
||||
metadata:
|
||||
name: longhorn-vault-secret-reader
|
||||
namespace: longhorn-system
|
||||
spec:
|
||||
method: kubernetes
|
||||
mount: kubernetes
|
||||
kubernetes:
|
||||
role: longhorn
|
||||
serviceAccount: longhorn-vault-secret-reader # le même que dans TF
|
||||
audiences:
|
||||
- vault
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: longhorn-gcs-backup-credentials
|
||||
namespace: longhorn-system
|
||||
spec:
|
||||
type: kv-v2
|
||||
mount: kvv2
|
||||
|
||||
path: longhorn/gcs-backup
|
||||
|
||||
destination:
|
||||
name: longhorn-gcs-backup-credentials
|
||||
create: true
|
||||
|
||||
refreshAfter: 1h
|
||||
|
||||
vaultAuthRef: longhorn-vault-secret-reader
|
||||
Reference in New Issue
Block a user