我在 AKS 中安装 Velero。
脚步-
Velero(版本 1.6.1)下载并解压缩,然后将其移动到 /usr/local/bin/
我创建了具有贡献者角色的服务原则。
我的凭证-velero 文件-
AZURE_SUBSCRIPTION_ID=xxxxx-xxxxx-xxxxxxx-xxxxx
AZURE_TENANT_ID=xxxx-xxxxx-xxxxx-xxxxx-xxx
AZURE_CLIENT_ID=xxxx-xxxxxxx-xxxxx-xxxxx-xx
AZURE_CLIENT_SECRET=xxxx-xxxxx-xxxxx-xxxxx
AZURE_RESOURCE_GROUP=MC....
AZURE_CLOUD_NAME=AzurePublicCloud
我用来安装 velero 的命令 -
velero install \
--provider azure \
--plugins velero/velero-plugin-for-microsoft-azure:v1.2.0 \
--bucket velero \
--secret-file ./credentials-velero \
--backup-location-config resourceGroup=<RG name>,storageAccount=<storage acc name>[,subscriptionId=<subscription id>] \
--snapshot-location-config apiTimeout=5m[,resourceGroup=<RG name>,subscriptionId=<subscription id>]
注意 - 我的 RG 对于 AKS 群集和备份存储帐户是相同的。
错误-
备份位置的阶段显示“未知”-
部署日志 -
time="2021-07-15T15:59:56Z" level=error msg="获取此位置的备份存储时出错"backupLocation=default controller=backup-sync error="rpc error: code = Unknown desc = azure.BearerAuthorizer# WithAuthorization:未能刷新令牌以请求 https://management.azure.com/subscriptions/xxxx-xxxxxx-xxxxx-xxxxx%5D/resourceGroups/myRG/providers/Microso ft.Storage/storageAccounts/storagename%5B/ listKeys?%24expand=kerb&api-version=2019-06-01: StatusCode=401 -- 原始错误:adal:刷新请求失败。状态代码 = '401'。响应正文:{"error":"invalid_client"," error_description":"AADSTS1080615: 提供了无效的客户端密码。\r\n跟踪 ID: xxxx-xxxx-xxxxx-xxxxx\r\n相关 ID: xxxx-xxxx-xxxxxx-xxxx\r
\n时间戳:2021-07-15 15:59:56Z","error_codes":[7000215],"timestamp":"2021-07-15 15:59:56Z","trace_id":"xxxx-xxxx-xxxxx -xxxx ","correlation_id":"xxx-xxxx-xxxx-xxxx-xxx","error_uri":"https://login.microsoftonline.com/error?code=7000215"}" error.file="/ go/src/velero-plugin-for-microsoft-azure/velero-plugin-for-microsoft-azure/object_store.go:217" error.funct ion=main.getStorageAccountKey logSource="pkg/controller/backup_sync_controller.go:175 "
任何人都可以帮助我了解我在设置中缺少什么。