At this time the management cluster can not be managed by Tanzu Mission Control, and thus can't manage it's Data Protection as it does for our shared services cluster. However, under TMC leverages velero under the covers, so we can take on the data protection configuration ourself.
It is assumed you have already downloaded velero cli from Enable Data Protection and Setup Nightly Backup for Shared Services Cluster.
Your backup will be stored based upon the IaaS you are using.
vSpherewill target the Minio server you deployedAzurewill create a storage account in your cluster resource group and backups will go thereAWSwill go into AWS S3 and backups will go there
Credentials to access the target storage location are stored at generated/$CLUSTER_NAME/velero/credentials-velero.
If using Cloud Gate for AWS, no credentials will be stored and you will use the IAM of the node.
The scripts to prepare the YAML to deploy velero depend on a parameters to be set. Ensure the following are set in params.yaml based upon your environment:
velero.bucket: my-bucketPrepare the YAML manifests for the related velero K8S objects and then run the following script to install velero and configure a nightly backup.
./scripts/velero.sh $(yq e .management-cluster.name $PARAMS_YAML)Ensure schedule is created and the first backup is starting
velero schedule get
velero backup get | grep dailyNow management cluster steps are complete, on to the workload cluster.