Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure: cross subscription backups #1646

Closed
brondum opened this issue Jul 11, 2019 · 2 comments · Fixed by #1895
Closed

Azure: cross subscription backups #1646

brondum opened this issue Jul 11, 2019 · 2 comments · Fixed by #1895
Labels

Comments

@brondum
Copy link

brondum commented Jul 11, 2019

What steps did you take and what happened:
Background: We have multiple AKS clusters in different subscriptions ( same tenant ). We are aiming for a single storage account were we can store backups from all clusters, in different buckets though.

  • The storage account resides in a subscription by it self.
  • Service principals are created in each subscription with a cluster and given contributor to the backup storage account and resource group.

The problem is we cant tell Velero that the resource group and storage account resides in another subscription than the service principal, even though it have access to the resource.

The output of the following commands will help us better understand what's going on:
(Pasting long output into a GitHub gist or other pastebin is fine.)

Tried to specify the whole path to the resource group:
time="2019-07-11T10:29:34Z" level=info msg="Checking that all backup storage locations are valid" logSource="pkg/cmd/server/server.go:431" An error occurred: some backup storage locations are invalid: error getting backup store for location "default": rpc error: code = Unknown desc = storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="/subscriptions/REDACTED/resourceGroups/REDACTED" details: value doesn't match pattern ^[-\w\._\(\)]+$

And when i just enter the name of the group:
time="2019-07-11T10:15:44Z" level=info msg="Checking that all backup storage locations are valid" logSource="pkg/cmd/server/server.go:431" An error occurred: some backup storage locations are invalid: error getting backup store for location "default": rpc error: code = Unknown desc = storage.AccountsClient#ListKeys: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceGroupNotFound" Message="Resource group 'REDACTED' could not be found."

Environment:

  • Velero version (use velero version): 1.0.0
  • Kubernetes version (use kubectl version): 1.13.5
  • Cloud provider or hardware configuration: AKS
@typhoonrr
Copy link

Is there an Update?

@boxcee
Copy link
Contributor

boxcee commented Sep 20, 2019

Also very much interested in this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants