vmware-tanzu
/
velero
mirror of https://github.com/vmware-tanzu/velero.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Modify new scope resource filters name. 

Signed-off-by: Xun Jiang <blackpiglet@gmail.com>
pull/6089/head
Xun Jiang 2023-04-06 10:59:28 +08:00
parent 3a09e8aa23
commit 56f93393d8
22 changed files with 530 additions and 525 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -49,4 +49,6 @@ tilt-resources/deployment.yaml
tilt-resources/node-agent.yaml
tilt-resources/cloud
# test generated files
test/e2e/report.xml
coverage.out

1
changelogs/unreleased/6089-blackpiglet Normal file
View File

@ -0,0 +1 @@
Modify new scope resource filters name.

26
config/crd/v1/bases/velero.io_backups.yaml
View File

@ -54,18 +54,20 @@ spec:
Use DefaultVolumesToFsBackup instead."
nullable: true
type: boolean
excludedClusterScopeResources:
description: ExcludedClusterScopeResources is a slice of cluster scope
excludedClusterScopedResources:
description: ExcludedClusterScopedResources is a slice of cluster-scoped
resource type names to exclude from the backup. If set to "*", all
cluster scope resource types are excluded.
cluster-scoped resource types are excluded. The default value is
empty.
items:
type: string
nullable: true
type: array
excludedNamespacedResources:
description: ExcludedNamespacedResources is a slice of namespace scope
excludedNamespaceScopedResources:
description: ExcludedNamespaceScopedResources is a slice of namespace-scoped
resource type names to exclude from the backup. If set to "*", all
namespace scope resource types are excluded.
namespace-scoped resource types are excluded. The default value
is empty.
items:
type: string
nullable: true
@ -275,17 +277,17 @@ spec:
resources should be included for consideration in the backup.
nullable: true
type: boolean
includedClusterScopeResources:
description: IncludedClusterScopeResources is a slice of cluster scope
includedClusterScopedResources:
description: IncludedClusterScopedResources is a slice of cluster-scoped
resource type names to include in the backup. If set to "*", all
cluster scope resource types are included. The default value is
empty, which means only related cluster scope resources are included.
cluster-scoped resource types are included. The default value is
empty, which means only related cluster-scoped resources are included.
items:
type: string
nullable: true
type: array
includedNamespacedResources:
description: IncludedNamespacedResources is a slice of namespace scope
includedNamespaceScopedResources:
description: IncludedNamespaceScopedResources is a slice of namespace-scoped
resource type names to include in the backup. The default value
is "*".
items:

36
config/crd/v1/bases/velero.io_schedules.yaml
View File

@ -84,18 +84,20 @@ spec:
entirely in future. Use DefaultVolumesToFsBackup instead."
nullable: true
type: boolean
excludedClusterScopeResources:
description: ExcludedClusterScopeResources is a slice of cluster
scope resource type names to exclude from the backup. If set
to "*", all cluster scope resource types are excluded.
excludedClusterScopedResources:
description: ExcludedClusterScopedResources is a slice of cluster-scoped
resource type names to exclude from the backup. If set to "*",
all cluster-scoped resource types are excluded. The default
value is empty.
items:
type: string
nullable: true
type: array
excludedNamespacedResources:
description: ExcludedNamespacedResources is a slice of namespace
scope resource type names to exclude from the backup. If set
to "*", all namespace scope resource types are excluded.
excludedNamespaceScopedResources:
description: ExcludedNamespaceScopedResources is a slice of namespace-scoped
resource type names to exclude from the backup. If set to "*",
all namespace-scoped resource types are excluded. The default
value is empty.
items:
type: string
nullable: true
@ -310,20 +312,20 @@ spec:
resources should be included for consideration in the backup.
nullable: true
type: boolean
includedClusterScopeResources:
description: IncludedClusterScopeResources is a slice of cluster
scope resource type names to include in the backup. If set to
"*", all cluster scope resource types are included. The default
value is empty, which means only related cluster scope resources
includedClusterScopedResources:
description: IncludedClusterScopedResources is a slice of cluster-scoped
resource type names to include in the backup. If set to "*",
all cluster-scoped resource types are included. The default
value is empty, which means only related cluster-scoped resources
are included.
items:
type: string
nullable: true
type: array
includedNamespacedResources:
description: IncludedNamespacedResources is a slice of namespace
scope resource type names to include in the backup. The default
value is "*".
includedNamespaceScopedResources:
description: IncludedNamespaceScopedResources is a slice of namespace-scoped
resource type names to include in the backup. The default value
is "*".
items:
type: string
nullable: true

4
config/crd/v1/crds/crds.go
View File

File diff suppressed because one or more lines are too long

200
design/cluster-scope-resource-filter.md
View File

@ -1,6 +1,6 @@
# Proposal to add resource filters for backup can distinguish whether resource is cluster scope or namespace scope.
# Proposal to add resource filters for backup can distinguish whether resource is cluster-scoped or namespace-scoped.
- [Proposal to add resource filters for backup can distinguish whether resource is cluster scope or namespace scope.](#proposal-to-add-resource-filters-for-backup-can-distinguish-whether-resource-is-cluster-scope-or-namespace-scope)
- [Proposal to add resource filters for backup can distinguish whether resource is cluster-scoped or namespace-scoped.](#proposal-to-add-resource-filters-for-backup-can-distinguish-whether-resource-is-cluster-scoped-or-namespace-scoped)
- [Abstract](#abstract)
- [Background](#background)
- [Goals](#goals)
@ -8,29 +8,29 @@
- [High-Level Design](#high-level-design)
- [Parameters Rules](#parameters-rules)
- [Using scenarios:](#using-scenarios)
- [no namespaced resources + some cluster resources](#no-namespaced-resources--some-cluster-resources)
- [no namespaced resources + all cluster resources](#no-namespaced-resources--all-cluster-resources)
- [some namespaced resources + no cluster resources](#some-namespaced-resources--no-cluster-resources)
- [no namespace-scoped resources + some cluster-scoped resources](#no-namespace-scoped-resources--some-cluster-scoped-resources)
- [no namespace-scoped resources + all cluster-scoped resources](#no-namespace-scoped-resources--all-cluster-scoped-resources)
- [some namespace-scoped resources + no cluster-scoped resources](#some-namespace-scoped-resources--no-cluster-scoped-resources)
- [scenario 1](#scenario-1)
- [scenario 2](#scenario-2)
- [scenario 3](#scenario-3)
- [scenario 4](#scenario-4)
- [some namespaced resources + only related cluster resources](#some-namespaced-resources--only-related-cluster-resources)
- [some namespace-scoped resources + only related cluster-scoped resources](#some-namespace-scoped-resources--only-related-cluster-scoped-resources)
- [scenario 1](#scenario-1-1)
- [scenario 2](#scenario-2-1)
- [scenario 3](#scenario-3-1)
- [some namespaced resources + some additional cluster resources](#some-namespaced-resources--some-additional-cluster-resources)
- [some namespace-scoped resources + some additional cluster-scoped resources](#some-namespace-scoped-resources--some-additional-cluster-scoped-resources)
- [scenario 1](#scenario-1-2)
- [scenario 2](#scenario-2-2)
- [scenario 3](#scenario-3-2)
- [scenario 4](#scenario-4-1)
- [some namespaced resources + all cluster resources](#some-namespaced-resources--all-cluster-resources)
- [some namespace-scoped resources + all cluster-scoped resources](#some-namespace-scoped-resources--all-cluster-scoped-resources)
- [scenario 1](#scenario-1-3)
- [scenario 2](#scenario-2-3)
- [scenario 3](#scenario-3-3)
- [all namespaced resources + no cluster resources](#all-namespaced-resources--no-cluster-resources)
- [all namespaced resources + some additional cluster resources](#all-namespaced-resources--some-additional-cluster-resources)
- [all namespaced resources + all cluster resources](#all-namespaced-resources--all-cluster-resources)
- [all namespace-scoped resources + no cluster-scoped resources](#all-namespace-scoped-resources--no-cluster-scoped-resources)
- [all namespace-scoped resources + some additional cluster-scoped resources](#all-namespace-scoped-resources--some-additional-cluster-scoped-resources)
- [all namespace-scoped resources + all cluster-scoped resources](#all-namespace-scoped-resources--all-cluster-scoped-resources)
- [describe command change](#describe-command-change)
- [Detailed Design](#detailed-design)
- [Alternatives Considered](#alternatives-considered)
@ -40,76 +40,76 @@
- [Open Issues](#open-issues)
## Abstract
The current filter (IncludedResources/ExcludedResources + IncludeClusterResources flag) is not enough for some special cases, e.g. all namespaced resources + some kind of cluster resource and all namespaced resources + cluster resource excludes.
Propose to add a new group of resource filtering parameters, which can distinguish cluster and namespaced resources.
The current filter (IncludedResources/ExcludedResources + IncludeClusterResources flag) is not enough for some special cases, e.g. all namespace-scoped resources + some kind of cluster-scoped resource and all namespace-scoped resources + cluster-scoped resource excludes.
Propose to add a new group of resource filtering parameters, which can distinguish cluster-scoped and namespace-scoped resources.
## Background
There are two sets of resource filters for Velero: `IncludedNamespaces/ExcludedNamespaces` and `IncludedResources/ExcludedResources`.
`IncludedResources` means only including the resource types specified in the parameter. Both cluster and namespaced resources are handled in this parameter by now.
The k8s resources are separated into cluster scope and namespaced scope.
`IncludedResources` means only including the resource types specified in the parameter. Both cluster-scoped and namespace-scoped resources are handled in this parameter by now.
The k8s resources are separated into cluster-scoped and namespace-scoped.
As a result, it's hard to include all resources in one group and only including specified resource in the other group.
## Goals
- Make Velero can support more complicated namespaced and cluster resources filtering scenarios in backup.
- Make Velero can support more complicated namespace-scoped and cluster-scoped resources filtering scenarios in backup.
## Non Goals
- Enrich the resource filtering rules, for example, advanced PV filtering and filtering by resource names.
## High-Level Design
Four new parameters are added into command `velero backup create`: `--include-cluster-scope-resources`, `--exclude-cluster-scope-resources`, `--include-namespaced-resources` and `--exclude-namespaced-resources`.
`--include-cluster-scope-resources` and `--exclude-cluster-scope-resources` are used to filter cluster scope resources included or excluded in backup per resource type.
`--include-namespaced-resources` and `--exclude-namespaced-resources` are used to filter namespace scope resources included or excluded in backup per resource type.
Four new parameters are added into command `velero backup create`: `--include-cluster-scoped-resources`, `--exclude-cluster-scoped-resources`, `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources`.
`--include-cluster-scoped-resources` and `--exclude-cluster-scoped-resources` are used to filter cluster-scoped resources included or excluded in backup per resource type.
`--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources` are used to filter namespace-scoped resources included or excluded in backup per resource type.
Restore and other code pieces also use resource filtering will be handled in future releases.
### Parameters Rules
* `--include-cluster-scope-resources`, `--include-namespaced-resources`, `--exclude-cluster-scope-resources` and `--exclude-namespaced-resources` valid value include `*` and comma separated string. Each element of the CSV string should a k8s resource name. The format should be `resource.group`, such as `storageclasses.storage.k8s.io.`.
* `--include-cluster-scoped-resources`, `--include-namespace-scoped-resources`, `--exclude-cluster-scoped-resources` and `--exclude-namespace-scoped-resources` valid value include `*` and comma separated string. Each element of the CSV string should a k8s resource name. The format should be `resource.group`, such as `storageclasses.storage.k8s.io.`.
* `--include-cluster-scope-resources`, `--include-namespaced-resources`, `--exclude-cluster-scope-resources` and `--exclude-namespaced-resources` parameters are mutual exclusive with `--include-cluster-resources`, `--include-resources` and `--exclude-resources` parameters. If both sets of parameters are provisioned, validation failure should be returned.
* `--include-cluster-scoped-resources`, `--include-namespace-scoped-resources`, `--exclude-cluster-scoped-resources` and `--exclude-namespace-scoped-resources` parameters are mutual exclusive with `--include-cluster-resources`, `--include-resources` and `--exclude-resources` parameters. If both sets of parameters are provisioned, validation failure should be returned.
* `--include-cluster-scope-resources` and `--exclude-cluster-scope-resources` should only contain cluster scope resource type names. If namespace scope resource type names are included, they are ignored.
* `--include-cluster-scoped-resources` and `--exclude-cluster-scoped-resources` should only contain cluster-scoped resource type names. If namespace-scoped resource type names are included, they are ignored.
* If there are conflicts between `--include-cluster-scope-resources` and `--exclude-cluster-scope-resources` specified resources type lists, `--exclude-cluster-scope-resources` parameter has higher priority.
* If there are conflicts between `--include-cluster-scoped-resources` and `--exclude-cluster-scoped-resources` specified resources type lists, `--exclude-cluster-scoped-resources` parameter has higher priority.
* `--include-namespaced-resources` and `--exclude-namespaced-resources` should only contain namespace scope resource type names. If cluster scope resource type names are included, they are ignored.
* `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources` should only contain namespace-scoped resource type names. If cluster-scoped resource type names are included, they are ignored.
* If there are conflicts between `--include-namespaced-resources` and `--exclude-namespaced-resources` specified resources type lists, `--exclude-namespaced-resources` parameter has higher priority.
* If there are conflicts between `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources` specified resources type lists, `--exclude-namespace-scoped-resources` parameter has higher priority.
* If `--include-namespaced-resources` is not present, it means all namespace scope resources are included per resource type.
* If `--include-namespace-scoped-resources` is not present, it means all namespace-scoped resources are included per resource type.
* If both `--include-cluster-scope-resources` and `--exclude-cluster-scope-resources` are not present, it means no additional cluster resource is included per resource type, just as the existing `--include-cluster-resources` parameter not setting value. Cluster resources are related to the namespace scope resources, which means those are returned in the namespace resources' BackupItemAction's result AdditionalItems array, are still included in backup by default. Taking backing up PVC scenario as an example, PVC is namespaced, PV is in cluster scope. PVC's BIA will include PVC related PV into backup too.
* If both `--include-cluster-scoped-resources` and `--exclude-cluster-scoped-resources` are not present, it means no additional cluster-scoped resource is included per resource type, just as the existing `--include-cluster-resources` parameter not setting value. Cluster-scoped resources are related to the namespace-scoped resources, which means those are returned in the namespace-scoped resources' BackupItemAction's result AdditionalItems array, are still included in backup by default. Taking backing up PVC scenario as an example, PVC is namespace-scoped, PV is cluster-scoped. PVC's BIA will include PVC related PV into backup too.
### Using scenarios:
Please notice, if the scenario give the example of using old filtering parameters (`--include-cluster-resources`, `--include-resources` and `--exclude-resources`), that means the old parameters also work for this case. If old parameters example is not given, that means they don't work for this scenario, only new parameters (`--include-cluster-scope-resources`, `--include-namespaced-resources`, `--exclude-cluster-scope-resources` and `--exclude-namespaced-resources`) work.
Please notice, if the scenario give the example of using old filtering parameters (`--include-cluster-resources`, `--include-resources` and `--exclude-resources`), that means the old parameters also work for this case. If old parameters example is not given, that means they don't work for this scenario, only new parameters (`--include-cluster-scoped-resources`, `--include-namespace-scoped-resources`, `--exclude-cluster-scoped-resources` and `--exclude-namespace-scoped-resources`) work.
#### no namespaced resources + some cluster resources
The following command means backup no namespaced resources and some cluster resources.
#### no namespace-scoped resources + some cluster-scoped resources
The following command means backup no namespace-scoped resources and some cluster-scoped resources.
``` bash
velero backup create <backup-name>
--exclude-namespaced-resources=*
--include-cluster-scope-resources=storageclass
--exclude-namespace-scoped-resources=*
--include-cluster-scoped-resources=storageclass
```
#### no namespaced resources + all cluster resources
The following command means backup no namespaced resources and all cluster resources.
#### no namespace-scoped resources + all cluster-scoped resources
The following command means backup no namespace-scoped resources and all cluster-scoped resources.
``` bash
velero backup create <backup-name>
--exclude-namespaced-resources=*
--include-cluster-scope-resources=*
--exclude-namespace-scoped-resources=*
--include-cluster-scoped-resources=*
```
#### some namespaced resources + no cluster resources
#### some namespace-scoped resources + no cluster-scoped resources
##### scenario 1
The following commands mean backup all resources in namespaces default and kube-system, and no cluster resources.
The following commands mean backup all resources in namespaces default and kube-system, and no cluster-scoped resources.
Example of new parameters:
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--exclude-cluster-scope-resources=*
--exclude-cluster-scoped-resources=*
```
Example of old parameters:
@ -119,12 +119,12 @@ velero backup create <backup-name>
--include-cluster-resources=false
```
##### scenario 2
The following commands mean backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and no cluster resources. Although PVC's related PV should be included, due to no cluster resources are included, so they are ruled out too.
The following commands mean backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and no cluster-scoped resources. Although PVC's related PV should be included, due to no cluster-scoped resources are included, so they are ruled out too.
Example of new parameters:
``` bash
velero backup create <backup-name>
--include-namespaced-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespace-scoped-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--exclude-cluster-scope-resources=*
```
@ -135,13 +135,13 @@ velero backup create <backup-name>
--include-cluster-resources=false
```
##### scenario 3
The following commands mean backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in namespace default and kube-system, and no cluster resources. Although PVC's related PV should be included, due to no cluster resources are included, so they are ruled out too.
The following commands mean backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in namespace default and kube-system, and no cluster-scoped resources. Although PVC's related PV should be included, due to no cluster-scoped resources are included, so they are ruled out too.
Example of new parameters:
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--include-namespaced-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespace-scoped-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--exclude-cluster-scope-resources=*
```
@ -153,13 +153,13 @@ velero backup create <backup-name>
--include-cluster-resources=false
```
##### scenario 4
The following commands mean backup all resources except Ingress type resources in all namespaces, and no cluster resources.
The following commands mean backup all resources except Ingress type resources in all namespaces, and no cluster-scoped resources.
Example of new parameters:
``` bash
velero backup create <backup-name>
--exclude-namespaced-resources=ingress
--exclude-cluster-scope-resources=*
--exclude-namespace-scoped-resources=ingress
--exclude-cluster-scoped-resources=*
```
Example of old parameters:
@ -169,29 +169,29 @@ velero backup create <backup-name>
--include-cluster-resources=false
```
#### some namespaced resources + only related cluster resources
#### some namespace-scoped resources + only related cluster-scoped resources
##### scenario 1
This means backup all resources in namespaces default and kube-system, and related cluster resources.
This means backup all resources in namespaces default and kube-system, and related cluster-scoped resources.
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
```
##### scenario 2
This means backup pods and configmaps in namespaces default and kube-system, and related cluster resources.
This means backup pods and configmaps in namespaces default and kube-system, and related cluster-scoped resources.
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--include-namespaced-resources=pods,configmaps
--include-namespace-scoped-resources=pods,configmaps
```
##### scenario 3
This means backup all resources except Ingress type resources in all namespaces, and related cluster resources.
This means backup all resources except Ingress type resources in all namespaces, and related cluster-scoped resources.
Example of new parameters:
``` bash
velero backup create <backup-name>
--exclude-namespaced-resources=ingress
--exclude-namespace-scoped-resources=ingress
```
Example of old parameters:
@ -200,50 +200,50 @@ velero backup create <backup-name>
--exclude-resources=ingress
```
#### some namespaced resources + some additional cluster resources
#### some namespace-scoped resources + some additional cluster-scoped resources
##### scenario 1
This means backup all resources in namespace in default, kube-system, and related cluster resources, plus all StorageClass cluster resources.
This means backup all resources in namespace in default, kube-system, and related cluster-scoped resources, plus all StorageClass resources.
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--include-cluster-scope-resources=storageclass
--include-cluster-scoped-resources=storageclass
```
##### scenario 2
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and related cluster resources, plus all StorageClass cluster resources, and PVC related PV.
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and related cluster-scoped resources, plus all StorageClass resources, and PVC related PV.
``` bash
velero backup create <backup-name>
--include-namespaced-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-cluster-scope-resources=storageclass
--include-namespace-scoped-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-cluster-scoped-resources=storageclass
```
##### scenario 3
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and related cluster resources, plus all StorageClass cluster resources, and PVC related PV.
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and related cluster-scoped resources, plus all StorageClass resources, and PVC related PV.
``` bash
velero backup create <backup-name>
--include-namespaced-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespace-scoped-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespaces=default,kube-system
--include-cluster-scope-resources=storageclass
--include-cluster-scoped-resources=storageclass
```
##### scenario 4
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and related cluster resources, plus all cluster scope resources except StorageClass type resources.
This means backup PVC, Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and related cluster-scoped resources, plus all cluster-scoped resources except StorageClass type resources.
``` bash
velero backup create <backup-name>
--include-namespaced-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespace-scoped-resources=persistentvolumeclaim,deployment,service,endpoint,pod,replicaset
--include-namespaces=default,kube-system
--exclude-cluster-scope-resources=storageclass
--exclude-cluster-scoped-resources=storageclass
```
#### some namespaced resources + all cluster resources
#### some namespace-scoped resources + all cluster-scoped resources
##### scenario 1
The following commands mean backup all resources in namespace in default, kube-system, and all cluster resources.
The following commands mean backup all resources in namespace in default, kube-system, and all cluster-scoped resources.
Example of new parameters:
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--include-cluster-scope-resources=*
--include-cluster-scoped-resources=*
```
Example of old parameters:
@ -254,29 +254,29 @@ velero backup create <backup-name>
```
##### scenario 2
This means backup Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and all cluster resources.
This means backup Deployment, Service, Endpoint, Pod and ReplicaSet resources in all namespaces, and all cluster-scoped resources.
``` bash
velero backup create <backup-name>
--include-namespaced-resources=deployment,service,endpoint,pod,replicaset
--include-cluster-scope-resources=*
--include-namespace-scoped-resources=deployment,service,endpoint,pod,replicaset
--include-cluster-scoped-resources=*
```
##### scenario 3
This means backup Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and all cluster resources.
This means backup Deployment, Service, Endpoint, Pod and ReplicaSet resources in default and kube-system namespaces, and all cluster-scoped resources.
``` bash
velero backup create <backup-name>
--include-namespaces=default,kube-system
--include-namespaced-resources=deployment,service,endpoint,pod,replicaset
--include-cluster-scope-resources=*
--include-namespace-scoped-resources=deployment,service,endpoint,pod,replicaset
--include-cluster-scoped-resources=*
```
#### all namespaced resources + no cluster resources
The following commands all mean backup all namespace scope resources and no cluster resources.
#### all namespace-scoped resources + no cluster-scoped resources
The following commands all mean backup all namespace-scoped resources and no cluster-scoped resources.
Example of new parameters:
``` bash
velero backup create <backup-name>
--exclude-cluster-scope-resources=*
--exclude-cluster-scoped-resources=*
```
Example of old parameters:
@ -285,19 +285,19 @@ velero backup create <backup-name>
--include-cluster-resources=false
```
#### all namespaced resources + some additional cluster resources
This command means backup all namespace scope resources, and related cluster resources, plus all PersistentVolume resources.
#### all namespace-scoped resources + some additional cluster-scoped resources
This command means backup all namespace-scoped resources, and related cluster-scoped resources, plus all PersistentVolume resources.
``` bash
velero backup create <backup-name>
--include-namespaces=*
--include-cluster-scope-resources=persistentvolume
--include-cluster-scoped-resources=persistentvolume
```
#### all namespaced resources + all cluster resources
The following commands have the same meaning: backup all namespace scope resources, and all cluster scope resources.
#### all namespace-scoped resources + all cluster-scoped resources
The following commands have the same meaning: backup all namespace-scoped resources, and all cluster-scoped resources.
``` bash
velero backup create <backup-name>
--include-cluster-scope-resources=*
--include-cluster-scoped-resources=*
```
``` bash
@ -316,21 +316,17 @@ Namespaces:
Excluded: <none>
Resources:
Included: <none>
Excluded: <none>
Included-cluster-scope: StorageClass,PersistentVolume
Excluded-cluster-scope: <none>
Included-namespaced: default
Excluded-namespaced: <none>
Cluster-scoped: auto
Included cluster-scoped: StorageClass,PersistentVolume
Excluded cluster-scoped: <none>
Included namespace-scoped: default
Excluded namespace-scoped: <none>
......
```
**Note:** `velero restore` command doesn't support those four new parameter in Velero v1.11, but `velero schedule` supports the four new parameters through backup specification.
## Detailed Design
With adding `IncludedNamespacedResources`, `ExcludedNamespacedResources`, `IncludedClusterScopeResources` and `ExcludedClusterScopeResources`, the `BackupSpec` looks like:
With adding `IncludedNamespaceScopedResources`, `ExcludedNamespaceScopedResources`, `IncludedClusterScopedResources` and `ExcludedClusterScopedResources`, the `BackupSpec` looks like:
``` go
type BackupSpec struct {
......
@ -352,35 +348,35 @@ type BackupSpec struct {
// +nullable
IncludeClusterResources *bool `json:"includeClusterResources,omitempty"`
// IncludedClusterScopeResources is a slice of cluster scope
// IncludedClusterScopedResources is a slice of cluster-scoped
// resource type names to include in the backup.
// If set to "*", all cluster scope resource types are included.
// The default value is empty, which means only related cluster
// scope resources are included.
// +optional
// +nullable
IncludedClusterScopeResources []string `json:"includedClusterScopeResources,omitempty"`
IncludedClusterScopedResources []string `json:"includedClusterScopedResources,omitempty"`
// ExcludedClusterScopeResources is a slice of cluster scope
// ExcludedClusterScopedResources is a slice of cluster-scoped
// resource type names to exclude from the backup.
// If set to "*", all cluster scope resource types are excluded.
// +optional
// +nullable
ExcludedClusterScopeResources []string `json:"excludedClusterScopeResources,omitempty"`
ExcludedClusterScopedResources []string `json:"excludedClusterScopedResources,omitempty"`
// IncludedNamespacedResources is a slice of namespace scope
// IncludedNamespaceScopedResources is a slice of namespace-scoped
// resource type names to include in the backup.
// The default value is "*".
// +optional
// +nullable
IncludedNamespacedResources []string `json:"includedNamespacedResources,omitempty"`
IncludedNamespaceScopedResources []string `json:"includedNamespaceScopedResources,omitempty"`
// ExcludedNamespacedResources is a slice of namespace scope
// ExcludedNamespaceScopedResources is a slice of namespace-scoped
// resource type names to exclude from the backup.
// If set to "*", all namespace scope resource types are excluded.
// +optional
// +nullable
ExcludedNamespacedResources []string `json:"excludedNamespacedResources,omitempty"`
ExcludedNamespaceScopedResources []string `json:"excludedNamespaceScopedResources,omitempty"`
......
}
```
@ -401,6 +397,6 @@ New parameters will coexist with `IncludedResources`, `ExcludedResources` and `I
Plan to deprecate `IncludedResources`, `ExcludedResources` and `IncludeClusterResources` in future releases, but also open to the community's feedback.
## Open Issues
`LabelSelector/OrLabelSelectors` apply to namespaced scope resources.
It may be reasonable to make them also working on cluster scope resources.
An issue is created to trace this topic [resource label selector not work for cluster scope resources](https://github.com/vmware-tanzu/velero/issues/5787)
`LabelSelector/OrLabelSelectors` apply to namespace-scoped resources.
It may be reasonable to make them also working on cluster-scoped resources.
An issue is created to trace this topic [resource label selector not work for cluster-scoped resources](https://github.com/vmware-tanzu/velero/issues/5787)

28
pkg/apis/velero/v1/backup_types.go
View File

@ -53,35 +53,37 @@ type BackupSpec struct {
// +nullable
ExcludedResources []string `json:"excludedResources,omitempty"`
// IncludedClusterScopeResources is a slice of cluster scope
// IncludedClusterScopedResources is a slice of cluster-scoped
// resource type names to include in the backup.
// If set to "*", all cluster scope resource types are included.
// The default value is empty, which means only related cluster
// scope resources are included.
// If set to "*", all cluster-scoped resource types are included.
// The default value is empty, which means only related
// cluster-scoped resources are included.
// +optional
// +nullable
IncludedClusterScopeResources []string `json:"includedClusterScopeResources,omitempty"`
IncludedClusterScopedResources []string `json:"includedClusterScopedResources,omitempty"`
// ExcludedClusterScopeResources is a slice of cluster scope
// ExcludedClusterScopedResources is a slice of cluster-scoped
// resource type names to exclude from the backup.
// If set to "*", all cluster scope resource types are excluded.
// If set to "*", all cluster-scoped resource types are excluded.
// The default value is empty.
// +optional
// +nullable
ExcludedClusterScopeResources []string `json:"excludedClusterScopeResources,omitempty"`
ExcludedClusterScopedResources []string `json:"excludedClusterScopedResources,omitempty"`
// IncludedNamespacedResources is a slice of namespace scope
// IncludedNamespaceScopedResources is a slice of namespace-scoped
// resource type names to include in the backup.
// The default value is "*".
// +optional
// +nullable
IncludedNamespacedResources []string `json:"includedNamespacedResources,omitempty"`
IncludedNamespaceScopedResources []string `json:"includedNamespaceScopedResources,omitempty"`
// ExcludedNamespacedResources is a slice of namespace scope
// ExcludedNamespaceScopedResources is a slice of namespace-scoped
// resource type names to exclude from the backup.
// If set to "*", all namespace scope resource types are excluded.
// If set to "*", all namespace-scoped resource types are excluded.
// The default value is empty.
// +optional
// +nullable
ExcludedNamespacedResources []string `json:"excludedNamespacedResources,omitempty"`
ExcludedNamespaceScopedResources []string `json:"excludedNamespaceScopedResources,omitempty"`
// LabelSelector is a metav1.LabelSelector to filter with
// when adding individual objects to the backup. If empty

16
pkg/apis/velero/v1/zz_generated.deepcopy.go
View File

@ -299,23 +299,23 @@ func (in *BackupSpec) DeepCopyInto(out *BackupSpec) {
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.IncludedClusterScopeResources != nil {
in, out := &in.IncludedClusterScopeResources, &out.IncludedClusterScopeResources
if in.IncludedClusterScopedResources != nil {
in, out := &in.IncludedClusterScopedResources, &out.IncludedClusterScopedResources
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.ExcludedClusterScopeResources != nil {
in, out := &in.ExcludedClusterScopeResources, &out.ExcludedClusterScopeResources
if in.ExcludedClusterScopedResources != nil {
in, out := &in.ExcludedClusterScopedResources, &out.ExcludedClusterScopedResources
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.IncludedNamespacedResources != nil {
in, out := &in.IncludedNamespacedResources, &out.IncludedNamespacedResources
if in.IncludedNamespaceScopedResources != nil {
in, out := &in.IncludedNamespaceScopedResources, &out.IncludedNamespaceScopedResources
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.ExcludedNamespacedResources != nil {
in, out := &in.ExcludedNamespacedResources, &out.ExcludedNamespacedResources
if in.ExcludedNamespaceScopedResources != nil {
in, out := &in.ExcludedNamespaceScopedResources, &out.ExcludedNamespaceScopedResources
*out = make([]string, len(*in))
copy(*out, *in)
}

8
pkg/backup/backup.go
View File

@ -211,10 +211,10 @@ func (kb *kubernetesBackupper) BackupWithResolvers(log logrus.FieldLogger,
*backupRequest.NamespaceIncludesExcludes)
} else {
backupRequest.ResourceIncludesExcludes = collections.GetScopeResourceIncludesExcludes(kb.discoveryHelper, log,
backupRequest.Spec.IncludedNamespacedResources,
backupRequest.Spec.ExcludedNamespacedResources,
backupRequest.Spec.IncludedClusterScopeResources,
backupRequest.Spec.ExcludedClusterScopeResources,
backupRequest.Spec.IncludedNamespaceScopedResources,
backupRequest.Spec.ExcludedNamespaceScopedResources,
backupRequest.Spec.IncludedClusterScopedResources,
backupRequest.Spec.ExcludedClusterScopedResources,
*backupRequest.NamespaceIncludesExcludes,
)
}

86
pkg/backup/backup_test.go
View File

@ -3279,8 +3279,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
actions []biav2.BackupItemAction
}{
{
name: "no namespaced resources + some cluster resources",
backup: defaultBackup().IncludedClusterScopeResources("persistentvolumes").ExcludedNamespacedResources("*").Result(),
name: "no namespace-scoped resources + some cluster-scoped resources",
backup: defaultBackup().IncludedClusterScopedResources("persistentvolumes").ExcludedNamespaceScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3300,8 +3300,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "no namespaced resources + all cluster resources",
backup: defaultBackup().IncludedClusterScopeResources("*").ExcludedNamespacedResources("*").Result(),
name: "no namespace-scoped resources + all cluster-scoped resources",
backup: defaultBackup().IncludedClusterScopedResources("*").ExcludedNamespaceScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3329,8 +3329,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + no cluster resources 1",
backup: defaultBackup().ExcludedClusterScopeResources("*").IncludedNamespaces("foo", "zoo").Result(),
name: "some namespace-scoped resources + no cluster-scoped resources 1",
backup: defaultBackup().ExcludedClusterScopedResources("*").IncludedNamespaces("foo", "zoo").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3360,8 +3360,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + no cluster resources 2",
backup: defaultBackup().ExcludedClusterScopeResources("*").IncludedNamespacedResources("pods", "deployments").Result(),
name: "some namespace-scoped resources + no cluster-scoped resources 2",
backup: defaultBackup().ExcludedClusterScopedResources("*").IncludedNamespaceScopedResources("pods", "deployments").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3391,8 +3391,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + no cluster resources 3",
backup: defaultBackup().ExcludedClusterScopeResources("*").IncludedNamespaces("foo").IncludedNamespacedResources("pods", "deployments").Result(),
name: "some namespace-scoped resources + no cluster-scoped resources 3",
backup: defaultBackup().ExcludedClusterScopedResources("*").IncludedNamespaces("foo").IncludedNamespaceScopedResources("pods", "deployments").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3418,8 +3418,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + no cluster resources 4",
backup: defaultBackup().ExcludedClusterScopeResources("*").ExcludedNamespacedResources("pods").Result(),
name: "some namespace-scoped resources + no cluster-scoped resources 4",
backup: defaultBackup().ExcludedClusterScopedResources("*").ExcludedNamespaceScopedResources("pods").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3445,8 +3445,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + only related cluster resources 2",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("pods", "persistentvolumeclaims").Result(),
name: "some namespace-scoped resources + only related cluster-scoped resources 2",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("pods", "persistentvolumeclaims").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Volumes(builder.ForVolume("foo").PersistentVolumeClaimSource("test-1").Result()).Result(),
@ -3486,8 +3486,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + only related cluster resources 3",
backup: defaultBackup().IncludedNamespaces("foo").ExcludedNamespacedResources("deployments").Result(),
name: "some namespace-scoped resources + only related cluster-scoped resources 3",
backup: defaultBackup().IncludedNamespaces("foo").ExcludedNamespaceScopedResources("deployments").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Volumes(builder.ForVolume("foo").PersistentVolumeClaimSource("test-1").Result()).Result(),
@ -3526,8 +3526,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + some additional cluster resources 1",
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopeResources("customresourcedefinitions").Result(),
name: "some namespace-scoped resources + some additional cluster-scoped resources 1",
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopedResources("customresourcedefinitions").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3574,8 +3574,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + some additional cluster resources 2",
backup: defaultBackup().IncludedNamespacedResources("persistentvolumeclaims").IncludedClusterScopeResources("customresourcedefinitions").Result(),
name: "some namespace-scoped resources + some additional cluster-scoped resources 2",
backup: defaultBackup().IncludedNamespaceScopedResources("persistentvolumeclaims").IncludedClusterScopedResources("customresourcedefinitions").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3618,8 +3618,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + some additional cluster resources 3",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("pods", "persistentvolumeclaims").IncludedClusterScopeResources("customresourcedefinitions").Result(),
name: "some namespace-scoped resources + some additional cluster-scoped resources 3",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("pods", "persistentvolumeclaims").IncludedClusterScopedResources("customresourcedefinitions").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3664,8 +3664,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + some additional cluster resources 4",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("pods", "persistentvolumeclaims").IncludedClusterScopeResources("*").ExcludedClusterScopeResources("customresourcedefinitions.apiextensions.k8s.io").Result(),
name: "some namespace-scoped resources + some additional cluster-scoped resources 4",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("pods", "persistentvolumeclaims").IncludedClusterScopedResources("*").ExcludedClusterScopedResources("customresourcedefinitions.apiextensions.k8s.io").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3710,8 +3710,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + all cluster resources 1",
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopeResources("*").Result(),
name: "some namespace-scoped resources + all cluster-scoped resources 1",
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3743,8 +3743,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + all cluster resources 2",
backup: defaultBackup().IncludedNamespacedResources("pods").IncludedClusterScopeResources("*").Result(),
name: "some namespace-scoped resources + all cluster-scoped resources 2",
backup: defaultBackup().IncludedNamespaceScopedResources("pods").IncludedClusterScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3776,8 +3776,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "some namespaced resources + all cluster resources 3",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("pods").IncludedClusterScopeResources("*").Result(),
name: "some namespace-scoped resources + all cluster-scoped resources 3",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("pods").IncludedClusterScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3807,8 +3807,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "all namespaced resources + no cluster resources",
backup: defaultBackup().ExcludedClusterScopeResources("*").Result(),
name: "all namespace-scoped resources + no cluster-scoped resources",
backup: defaultBackup().ExcludedClusterScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3838,8 +3838,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "all namespaced resources + all cluster resources",
backup: defaultBackup().IncludedClusterScopeResources("*").Result(),
name: "all namespace-scoped resources + all cluster-scoped resources",
backup: defaultBackup().IncludedClusterScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Pods(
builder.ForPod("foo", "bar").Result(),
@ -3876,7 +3876,7 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
{
name: "namespace resource should be included even it's not specified in the include list, when IncludedNamespaces has specified value 1",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("Secrets").Result(),
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("Secrets").Result(),
apiResources: []*test.APIResource{
test.Secrets(
builder.ForSecret("foo", "bar").Result(),
@ -3902,7 +3902,7 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
{
name: "namespace resource should be included even it's not specified in the include list, when IncludedNamespaces has specified value 2",
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopeResources("persistentvolumes").Result(),
backup: defaultBackup().IncludedNamespaces("foo").IncludedClusterScopedResources("persistentvolumes").Result(),
apiResources: []*test.APIResource{
test.Secrets(
builder.ForSecret("foo", "bar").Result(),
@ -3932,7 +3932,7 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
{
name: "namespace resource should be included even it's not specified in the include list, when IncludedNamespaces is asterisk.",
backup: defaultBackup().IncludedNamespaces("*").IncludedClusterScopeResources("persistentvolumes").Result(),
backup: defaultBackup().IncludedNamespaces("*").IncludedClusterScopedResources("persistentvolumes").Result(),
apiResources: []*test.APIResource{
test.Secrets(
builder.ForSecret("foo", "bar").Result(),
@ -3968,8 +3968,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "when all namespace resources are involved, cluster resources should be included too",
backup: defaultBackup().IncludedNamespaces("*").IncludedNamespacedResources("*").Result(),
name: "when all namespace-scoped resources are involved, cluster-scoped resources should be included too",
backup: defaultBackup().IncludedNamespaces("*").IncludedNamespaceScopedResources("*").Result(),
apiResources: []*test.APIResource{
test.Secrets(
builder.ForSecret("foo", "bar").Result(),
@ -4008,8 +4008,8 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
},
{
name: "IncludedNamespaces is asterisk, but not all namespaced types are include, additional cluster resource should not be included.",
backup: defaultBackup().IncludedNamespaces("*").IncludedNamespacedResources("secrets").Result(),
name: "IncludedNamespaces is asterisk, but not all namespace-scoped resource types are include, additional cluster-scoped resources should not be included.",
backup: defaultBackup().IncludedNamespaces("*").IncludedNamespaceScopedResources("secrets").Result(),
apiResources: []*test.APIResource{
test.Secrets(
builder.ForSecret("foo", "bar").Result(),
@ -4041,7 +4041,7 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
{
name: "Resource's CRD should be included",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("volumesnapshotlocations.velero.io", "backups.velero.io").Result(),
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("volumesnapshotlocations.velero.io", "backups.velero.io").Result(),
apiResources: []*test.APIResource{
test.CRDs(
builder.ForCustomResourceDefinitionV1Beta1("backups.velero.io").Result(),
@ -4064,7 +4064,7 @@ func TestBackupNewResourceFiltering(t *testing.T) {
},
{
name: "Resource's CRD is not included, when CRD is excluded.",
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespacedResources("volumesnapshotlocations.velero.io", "backups.velero.io").ExcludedClusterScopeResources("customresourcedefinitions.apiextensions.k8s.io").Result(),
backup: defaultBackup().IncludedNamespaces("foo").IncludedNamespaceScopedResources("volumesnapshotlocations.velero.io", "backups.velero.io").ExcludedClusterScopedResources("customresourcedefinitions.apiextensions.k8s.io").Result(),
apiResources: []*test.APIResource{
test.CRDs(
builder.ForCustomResourceDefinitionV1Beta1("backups.velero.io").Result(),

24
pkg/builder/backup_builder.go
View File

@ -156,27 +156,27 @@ func (b *BackupBuilder) ExcludedResources(resources ...string) *BackupBuilder {
return b
}
// IncludedClusterScopeResources sets the Backup's included cluster resources.
func (b *BackupBuilder) IncludedClusterScopeResources(resources ...string) *BackupBuilder {
b.object.Spec.IncludedClusterScopeResources = resources
// IncludedClusterScopedResources sets the Backup's included cluster resources.
func (b *BackupBuilder) IncludedClusterScopedResources(resources ...string) *BackupBuilder {
b.object.Spec.IncludedClusterScopedResources = resources
return b
}
// ExcludedClusterScopeResources sets the Backup's excluded cluster resources.
func (b *BackupBuilder) ExcludedClusterScopeResources(resources ...string) *BackupBuilder {
b.object.Spec.ExcludedClusterScopeResources = resources
// ExcludedClusterScopedResources sets the Backup's excluded cluster resources.
func (b *BackupBuilder) ExcludedClusterScopedResources(resources ...string) *BackupBuilder {
b.object.Spec.ExcludedClusterScopedResources = resources
return b
}
// IncludedNamespacedResources sets the Backup's included namespaced resources.
func (b *BackupBuilder) IncludedNamespacedResources(resources ...string) *BackupBuilder {
b.object.Spec.IncludedNamespacedResources = resources
// IncludedNamespaceScopedResources sets the Backup's included namespaced resources.
func (b *BackupBuilder) IncludedNamespaceScopedResources(resources ...string) *BackupBuilder {
b.object.Spec.IncludedNamespaceScopedResources = resources
return b
}
// ExcludedNamespacedResources sets the Backup's excluded namespaced resources.
func (b *BackupBuilder) ExcludedNamespacedResources(resources ...string) *BackupBuilder {
b.object.Spec.ExcludedNamespacedResources = resources
// ExcludedNamespaceScopedResources sets the Backup's excluded namespaced resources.
func (b *BackupBuilder) ExcludedNamespaceScopedResources(resources ...string) *BackupBuilder {
b.object.Spec.ExcludedNamespaceScopedResources = resources
return b
}

80
pkg/cmd/cli/backup/create.go
View File

@ -82,30 +82,30 @@ func NewCreateCommand(f client.Factory, use string) *cobra.Command {
}
type CreateOptions struct {
Name string
TTL time.Duration
SnapshotVolumes flag.OptionalBool
DefaultVolumesToFsBackup flag.OptionalBool
IncludeNamespaces flag.StringArray
ExcludeNamespaces flag.StringArray
IncludeResources flag.StringArray
ExcludeResources flag.StringArray
IncludeClusterScopeResources flag.StringArray
ExcludeClusterScopeResources flag.StringArray
IncludeNamespacedResources flag.StringArray
ExcludeNamespacedResources flag.StringArray
Labels flag.Map
Selector flag.LabelSelector
IncludeClusterResources flag.OptionalBool
Wait bool
StorageLocation string
SnapshotLocations []string
FromSchedule string
OrderedResources string
CSISnapshotTimeout time.Duration
ItemOperationTimeout time.Duration
ResPoliciesConfigmap string
client veleroclient.Interface
Name string
TTL time.Duration
SnapshotVolumes flag.OptionalBool
DefaultVolumesToFsBackup flag.OptionalBool
IncludeNamespaces flag.StringArray
ExcludeNamespaces flag.StringArray
IncludeResources flag.StringArray
ExcludeResources flag.StringArray
IncludeClusterScopedResources flag.StringArray
ExcludeClusterScopedResources flag.StringArray
IncludeNamespaceScopedResources flag.StringArray
ExcludeNamespaceScopedResources flag.StringArray
Labels flag.Map
Selector flag.LabelSelector
IncludeClusterResources flag.OptionalBool
Wait bool
StorageLocation string
SnapshotLocations []string
FromSchedule string
OrderedResources string
CSISnapshotTimeout time.Duration
ItemOperationTimeout time.Duration
ResPoliciesConfigmap string
client veleroclient.Interface
}
func NewCreateOptions() *CreateOptions {
@ -121,12 +121,12 @@ func (o *CreateOptions) BindFlags(flags *pflag.FlagSet) {
flags.DurationVar(&o.TTL, "ttl", o.TTL, "How long before the backup can be garbage collected.")
flags.Var(&o.IncludeNamespaces, "include-namespaces", "Namespaces to include in the backup (use '*' for all namespaces).")
flags.Var(&o.ExcludeNamespaces, "exclude-namespaces", "Namespaces to exclude from the backup.")
flags.Var(&o.IncludeResources, "include-resources", "Resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io (use '*' for all resources). Cannot work with include-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources.")
flags.Var(&o.ExcludeResources, "exclude-resources", "Resources to exclude from the backup, formatted as resource.group, such as storageclasses.storage.k8s.io. Cannot work with include-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources.")
flags.Var(&o.IncludeClusterScopeResources, "include-cluster-scope-resources", "Cluster-scoped resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.ExcludeClusterScopeResources, "exclude-cluster-scope-resources", "Cluster-scoped resources to exclude from the backup, formatted as resource.group, such as storageclasses.storage.k8s.io(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.IncludeNamespacedResources, "include-namespaced-resources", "Namespaced resources to include in the backup, formatted as resource.group, such as deployments.apps(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.ExcludeNamespacedResources, "exclude-namespaced-resources", "Namespaced resources to exclude from the backup, formatted as resource.group, such as deployments.apps(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.IncludeResources, "include-resources", "Resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io (use '*' for all resources). Cannot work with include-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources.")
flags.Var(&o.ExcludeResources, "exclude-resources", "Resources to exclude from the backup, formatted as resource.group, such as storageclasses.storage.k8s.io. Cannot work with include-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources.")
flags.Var(&o.IncludeClusterScopedResources, "include-cluster-scoped-resources", "Cluster-scoped resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.ExcludeClusterScopedResources, "exclude-cluster-scoped-resources", "Cluster-scoped resources to exclude from the backup, formatted as resource.group, such as storageclasses.storage.k8s.io(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.IncludeNamespaceScopedResources, "include-namespace-scoped-resources", "Namespaced resources to include in the backup, formatted as resource.group, such as deployments.apps(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.ExcludeNamespaceScopedResources, "exclude-namespace-scoped-resources", "Namespaced resources to exclude from the backup, formatted as resource.group, such as deployments.apps(use '*' for all resources). Cannot work with include-resources, exclude-resources and include-cluster-resources.")
flags.Var(&o.Labels, "labels", "Labels to apply to the backup.")
flags.StringVar(&o.StorageLocation, "storage-location", "", "Location in which to store the backup.")
flags.StringSliceVar(&o.SnapshotLocations, "volume-snapshot-locations", o.SnapshotLocations, "List of locations (at most one per provider) where volume snapshots should be stored.")
@ -139,7 +139,7 @@ func (o *CreateOptions) BindFlags(flags *pflag.FlagSet) {
// like a normal bool flag
f.NoOptDefVal = "true"
f = flags.VarPF(&o.IncludeClusterResources, "include-cluster-resources", "", "Include cluster-scoped resources in the backup. Cannot work with include-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources.")
f = flags.VarPF(&o.IncludeClusterResources, "include-cluster-resources", "", "Include cluster-scoped resources in the backup. Cannot work with include-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources.")
f.NoOptDefVal = "true"
f = flags.VarPF(&o.DefaultVolumesToFsBackup, "default-volumes-to-fs-backup", "", "Use pod volume file system backup by default for volumes")
@ -182,7 +182,7 @@ func (o *CreateOptions) Validate(c *cobra.Command, args []string, f client.Facto
if o.oldAndNewFilterParametersUsedTogether() {
return fmt.Errorf("include-resources, exclude-resources and include-cluster-resources are old filter parameters.\n" +
"include-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources are new filter parameters.\n" +
"include-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources are new filter parameters.\n" +
"They cannot be used together")
}
@ -350,10 +350,10 @@ func (o *CreateOptions) BuildBackup(namespace string) (*velerov1api.Backup, erro
ExcludedNamespaces(o.ExcludeNamespaces...).
IncludedResources(o.IncludeResources...).
ExcludedResources(o.ExcludeResources...).
IncludedClusterScopeResources(o.IncludeClusterScopeResources...).
ExcludedClusterScopeResources(o.ExcludeClusterScopeResources...).
IncludedNamespacedResources(o.IncludeNamespacedResources...).
ExcludedNamespacedResources(o.ExcludeNamespacedResources...).
IncludedClusterScopedResources(o.IncludeClusterScopedResources...).
ExcludedClusterScopedResources(o.ExcludeClusterScopedResources...).
IncludedNamespaceScopedResources(o.IncludeNamespaceScopedResources...).
ExcludedNamespaceScopedResources(o.ExcludeNamespaceScopedResources...).
LabelSelector(o.Selector.LabelSelector).
TTL(o.TTL).
StorageLocation(o.StorageLocation).
@ -390,10 +390,10 @@ func (o *CreateOptions) oldAndNewFilterParametersUsedTogether() bool {
haveOldResourceFilterParameters := len(o.IncludeResources) > 0 ||
len(o.ExcludeResources) > 0 ||
o.IncludeClusterResources.Value != nil
haveNewResourceFilterParameters := len(o.IncludeClusterScopeResources) > 0 ||
(len(o.ExcludeClusterScopeResources) > 0) ||
(len(o.IncludeNamespacedResources) > 0) ||
(len(o.ExcludeNamespacedResources) > 0)
haveNewResourceFilterParameters := len(o.IncludeClusterScopedResources) > 0 ||
(len(o.ExcludeClusterScopedResources) > 0) ||
(len(o.IncludeNamespaceScopedResources) > 0) ||
(len(o.ExcludeNamespaceScopedResources) > 0)
return haveOldResourceFilterParameters && haveNewResourceFilterParameters
}

36
pkg/cmd/cli/schedule/create.go
View File

@ -135,24 +135,24 @@ func (o *CreateOptions) Run(c *cobra.Command, f client.Factory) error {
},
Spec: api.ScheduleSpec{
Template: api.BackupSpec{
IncludedNamespaces: o.BackupOptions.IncludeNamespaces,
ExcludedNamespaces: o.BackupOptions.ExcludeNamespaces,
IncludedResources: o.BackupOptions.IncludeResources,
ExcludedResources: o.BackupOptions.ExcludeResources,
IncludedClusterScopeResources: o.BackupOptions.IncludeClusterScopeResources,
ExcludedClusterScopeResources: o.BackupOptions.ExcludeClusterScopeResources,
IncludedNamespacedResources: o.BackupOptions.IncludeNamespacedResources,
ExcludedNamespacedResources: o.BackupOptions.ExcludeNamespacedResources,
IncludeClusterResources: o.BackupOptions.IncludeClusterResources.Value,
LabelSelector: o.BackupOptions.Selector.LabelSelector,
SnapshotVolumes: o.BackupOptions.SnapshotVolumes.Value,
TTL: metav1.Duration{Duration: o.BackupOptions.TTL},
StorageLocation: o.BackupOptions.StorageLocation,
VolumeSnapshotLocations: o.BackupOptions.SnapshotLocations,
DefaultVolumesToFsBackup: o.BackupOptions.DefaultVolumesToFsBackup.Value,
OrderedResources: orders,
CSISnapshotTimeout: metav1.Duration{Duration: o.BackupOptions.CSISnapshotTimeout},
ItemOperationTimeout: metav1.Duration{Duration: o.BackupOptions.ItemOperationTimeout},
IncludedNamespaces: o.BackupOptions.IncludeNamespaces,
ExcludedNamespaces: o.BackupOptions.ExcludeNamespaces,
IncludedResources: o.BackupOptions.IncludeResources,
ExcludedResources: o.BackupOptions.ExcludeResources,
IncludedClusterScopedResources: o.BackupOptions.IncludeClusterScopedResources,
ExcludedClusterScopedResources: o.BackupOptions.ExcludeClusterScopedResources,
IncludedNamespaceScopedResources: o.BackupOptions.IncludeNamespaceScopedResources,
ExcludedNamespaceScopedResources: o.BackupOptions.ExcludeNamespaceScopedResources,
IncludeClusterResources: o.BackupOptions.IncludeClusterResources.Value,
LabelSelector: o.BackupOptions.Selector.LabelSelector,
SnapshotVolumes: o.BackupOptions.SnapshotVolumes.Value,
TTL: metav1.Duration{Duration: o.BackupOptions.TTL},
StorageLocation: o.BackupOptions.StorageLocation,
VolumeSnapshotLocations: o.BackupOptions.SnapshotLocations,
DefaultVolumesToFsBackup: o.BackupOptions.DefaultVolumesToFsBackup.Value,
OrderedResources: orders,
CSISnapshotTimeout: metav1.Duration{Duration: o.BackupOptions.CSISnapshotTimeout},
ItemOperationTimeout: metav1.Duration{Duration: o.BackupOptions.ItemOperationTimeout},
},
Schedule: o.Schedule,
UseOwnerReferencesInBackup: &o.UseOwnerReferencesInBackup,

22
pkg/cmd/util/output/backup_describer.go
View File

@ -150,8 +150,8 @@ func DescribeBackupSpec(d *Describer, spec velerov1api.BackupSpec) {
d.Printf("\tExcluded:\t%s\n", s)
d.Println()
d.Printf("Resources:\n")
if collections.UseOldResourceFilters(spec) {
d.Printf("Resources:\n")
if len(spec.IncludedResources) == 0 {
s = "*"
} else {
@ -166,31 +166,31 @@ func DescribeBackupSpec(d *Describer, spec velerov1api.BackupSpec) {
d.Printf("\tExcluded:\t%s\n", s)
d.Printf("\tCluster-scoped:\t%s\n", BoolPointerString(spec.IncludeClusterResources, "excluded", "included", "auto"))
} else {
if len(spec.IncludedClusterScopeResources) == 0 {
if len(spec.IncludedClusterScopedResources) == 0 {
s = emptyDisplay
} else {
s = strings.Join(spec.IncludedClusterScopeResources, ", ")
s = strings.Join(spec.IncludedClusterScopedResources, ", ")
}
d.Printf("\tIncluded cluster-scoped:\t%s\n", s)
if len(spec.ExcludedClusterScopeResources) == 0 {
if len(spec.ExcludedClusterScopedResources) == 0 {
s = emptyDisplay
} else {
s = strings.Join(spec.ExcludedClusterScopeResources, ", ")
s = strings.Join(spec.ExcludedClusterScopedResources, ", ")
}
d.Printf("\tExcluded cluster-scoped:\t%s\n", s)
if len(spec.IncludedNamespacedResources) == 0 {
if len(spec.IncludedNamespaceScopedResources) == 0 {
s = "*"
} else {
s = strings.Join(spec.IncludedNamespacedResources, ", ")
s = strings.Join(spec.IncludedNamespaceScopedResources, ", ")
}
d.Printf("\tIncluded namespaced:\t%s\n", s)
if len(spec.ExcludedNamespacedResources) == 0 {
d.Printf("\tIncluded namespace-scoped:\t%s\n", s)
if len(spec.ExcludedNamespaceScopedResources) == 0 {
s = emptyDisplay
} else {
s = strings.Join(spec.ExcludedNamespacedResources, ", ")
s = strings.Join(spec.ExcludedNamespaceScopedResources, ", ")
}
d.Printf("\tExcluded namespaced:\t%s\n", s)
d.Printf("\tExcluded namespace-scoped:\t%s\n", s)
}
d.Println()

20
pkg/controller/backup_controller.go
View File

@ -435,10 +435,10 @@ func (b *backupReconciler) prepareBackupRequest(backup *velerov1api.Backup, logg
}
// validate whether Included/Excluded resources and IncludedClusterResource are mixed with
// Included/Excluded cluster-scoped/namespaced resources.
// Included/Excluded cluster-scoped/namespace-scoped resources.
if oldAndNewFilterParametersUsedTogether(request.Spec) {
validatedError := fmt.Sprintf("include-resources, exclude-resources and include-cluster-resources are old filter parameters.\n" +
"include-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources are new filter parameters.\n" +
"include-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources are new filter parameters.\n" +
"They cannot be used together")
request.Status.ValidationErrors = append(request.Status.ValidationErrors, validatedError)
}
@ -449,13 +449,13 @@ func (b *backupReconciler) prepareBackupRequest(backup *velerov1api.Backup, logg
}
// validate the cluster-scoped included/excluded resources
for _, err := range collections.ValidateScopedIncludesExcludes(request.Spec.IncludedClusterScopeResources, request.Spec.ExcludedClusterScopeResources) {
for _, err := range collections.ValidateScopedIncludesExcludes(request.Spec.IncludedClusterScopedResources, request.Spec.ExcludedClusterScopedResources) {
request.Status.ValidationErrors = append(request.Status.ValidationErrors, fmt.Sprintf("Invalid cluster-scoped included/excluded resource lists: %s", err))
}
// validate the namespaced included/excluded resources
for _, err := range collections.ValidateScopedIncludesExcludes(request.Spec.IncludedNamespacedResources, request.Spec.ExcludedNamespacedResources) {
request.Status.ValidationErrors = append(request.Status.ValidationErrors, fmt.Sprintf("Invalid namespaced included/excluded resource lists: %s", err))
// validate the namespace-scoped included/excluded resources
for _, err := range collections.ValidateScopedIncludesExcludes(request.Spec.IncludedNamespaceScopedResources, request.Spec.ExcludedNamespaceScopedResources) {
request.Status.ValidationErrors = append(request.Status.ValidationErrors, fmt.Sprintf("Invalid namespace-scoped included/excluded resource lists: %s", err))
}
// validate the included/excluded namespaces
@ -1146,10 +1146,10 @@ func oldAndNewFilterParametersUsedTogether(backupSpec velerov1api.BackupSpec) bo
haveOldResourceFilterParameters := len(backupSpec.IncludedResources) > 0 ||
(len(backupSpec.ExcludedResources) > 0) ||
(backupSpec.IncludeClusterResources != nil)
haveNewResourceFilterParameters := len(backupSpec.IncludedClusterScopeResources) > 0 ||
(len(backupSpec.ExcludedClusterScopeResources) > 0) ||
(len(backupSpec.IncludedNamespacedResources) > 0) ||
(len(backupSpec.ExcludedNamespacedResources) > 0)
haveNewResourceFilterParameters := len(backupSpec.IncludedClusterScopedResources) > 0 ||
(len(backupSpec.ExcludedClusterScopedResources) > 0) ||
(len(backupSpec.IncludedNamespaceScopedResources) > 0) ||
(len(backupSpec.ExcludedNamespaceScopedResources) > 0)
return haveOldResourceFilterParameters && haveNewResourceFilterParameters
}

4
pkg/controller/backup_controller_test.go
View File

@ -182,9 +182,9 @@ func TestProcessBackupValidationFailures(t *testing.T) {
},
{
name: "use old filter parameters and new filter parameters together",
backup: defaultBackup().IncludeClusterResources(true).IncludedNamespacedResources("Deployment").IncludedNamespaces("default").Result(),
backup: defaultBackup().IncludeClusterResources(true).IncludedNamespaceScopedResources("Deployment").IncludedNamespaces("default").Result(),
backupLocation: defaultBackupLocation,
expectedErrs: []string{"include-resources, exclude-resources and include-cluster-resources are old filter parameters.\ninclude-cluster-scope-resources, exclude-cluster-scope-resources, include-namespaced-resources and exclude-namespaced-resources are new filter parameters.\nThey cannot be used together"},
expectedErrs: []string{"include-resources, exclude-resources and include-cluster-resources are old filter parameters.\ninclude-cluster-scoped-resources, exclude-cluster-scoped-resources, include-namespace-scoped-resources and exclude-namespace-scoped-resources are new filter parameters.\nThey cannot be used together"},
},
}

72
pkg/util/collections/includes_excludes.go
View File

@ -189,20 +189,20 @@ func (ie *GlobalIncludesExcludes) ShouldExclude(typeName string) bool {
}
type ScopeIncludesExcludes struct {
namespaceResourceFilter IncludesExcludes // namespace scope resource filter
clusterResourceFilter IncludesExcludes // cluster scope resource filter
namespaceFilter IncludesExcludes // namespace filter
namespaceScopedResourceFilter IncludesExcludes // namespace-scoped resource filter
clusterScopedResourceFilter IncludesExcludes // cluster-scoped resource filter
namespaceFilter IncludesExcludes // namespace filter
helper discovery.Helper
logger logrus.FieldLogger
}
// ShouldInclude returns whether the specified resource should be included or not.
// The function will check whether the resource is namespaced resource first.
// For namespaced resource, except resources listed in excludes, other things should be included.
// For cluster resource, except resources listed in excludes, only include the resource specified by the included.
// The function will check whether the resource is namespace-scoped resource first.
// For namespace-scoped resource, except resources listed in excludes, other things should be included.
// For cluster-scoped resource, except resources listed in excludes, only include the resource specified by the included.
// It also has some exceptional checks. For namespace, as long as it's not excluded, it is involved.
// If all namespace resources are included, all cluster resource are returned to get a full backup.
// If all namespace-scoped resources are included, all cluster-scoped resource are returned to get a full backup.
func (ie *ScopeIncludesExcludes) ShouldInclude(typeName string) bool {
_, resource, err := ie.helper.ResourceFor(schema.ParseGroupResource(typeName).WithVersion(""))
if err != nil {
@ -211,30 +211,30 @@ func (ie *ScopeIncludesExcludes) ShouldInclude(typeName string) bool {
}
if resource.Namespaced {
if ie.namespaceResourceFilter.excludes.Has("*") || ie.namespaceResourceFilter.excludes.match(typeName) {
if ie.namespaceScopedResourceFilter.excludes.Has("*") || ie.namespaceScopedResourceFilter.excludes.match(typeName) {
return false
}
// len=0 means include everything
return ie.namespaceResourceFilter.includes.Len() == 0 || ie.namespaceResourceFilter.includes.Has("*") || ie.namespaceResourceFilter.includes.match(typeName)
return ie.namespaceScopedResourceFilter.includes.Len() == 0 || ie.namespaceScopedResourceFilter.includes.Has("*") || ie.namespaceScopedResourceFilter.includes.match(typeName)
}
if ie.clusterResourceFilter.excludes.Has("*") || ie.clusterResourceFilter.excludes.match(typeName) {
if ie.clusterScopedResourceFilter.excludes.Has("*") || ie.clusterScopedResourceFilter.excludes.match(typeName) {
return false
}
// when IncludedClusterScopeResources and ExcludedClusterScopeResources are not specified,
// when IncludedClusterScopedResources and ExcludedClusterScopedResources are not specified,
// only directly back up cluster-scoped resources if we're doing a full-cluster
// (all namespaces and all namespace scope types) backup.
if len(ie.clusterResourceFilter.includes.List()) == 0 &&
len(ie.clusterResourceFilter.excludes.List()) == 0 &&
// (all namespaces and all namespace-scoped types) backup.
if len(ie.clusterScopedResourceFilter.includes.List()) == 0 &&
len(ie.clusterScopedResourceFilter.excludes.List()) == 0 &&
ie.namespaceFilter.IncludeEverything() &&
ie.namespaceResourceFilter.IncludeEverything() {
ie.namespaceScopedResourceFilter.IncludeEverything() {
return true
}
// Also include namespace resource by default.
return ie.clusterResourceFilter.includes.Has("*") || ie.clusterResourceFilter.includes.match(typeName) || typeName == kuberesource.Namespaces.String()
return ie.clusterScopedResourceFilter.includes.Has("*") || ie.clusterScopedResourceFilter.includes.match(typeName) || typeName == kuberesource.Namespaces.String()
}
// ShouldExclude returns whether the resource type should be excluded or not.
@ -248,11 +248,11 @@ func (ie *ScopeIncludesExcludes) ShouldExclude(typeName string) bool {
}
if resource.Namespaced {
if ie.namespaceResourceFilter.excludes.match(typeName) {
if ie.namespaceScopedResourceFilter.excludes.match(typeName) {
return true
}
} else {
if ie.clusterResourceFilter.excludes.match(typeName) {
if ie.clusterScopedResourceFilter.excludes.match(typeName) {
return true
}
}
@ -286,11 +286,11 @@ func (ie *IncludesExcludes) IncludeEverything() bool {
func newScopeIncludesExcludes(nsIncludesExcludes IncludesExcludes, helper discovery.Helper, logger logrus.FieldLogger) *ScopeIncludesExcludes {
ret := &ScopeIncludesExcludes{
namespaceResourceFilter: IncludesExcludes{
namespaceScopedResourceFilter: IncludesExcludes{
includes: newGlobStringSet(),
excludes: newGlobStringSet(),
},
clusterResourceFilter: IncludesExcludes{
clusterScopedResourceFilter: IncludesExcludes{
includes: newGlobStringSet(),
excludes: newGlobStringSet(),
},
@ -353,7 +353,7 @@ func ValidateNamespaceIncludesExcludes(includesList, excludesList []string) []er
return errs
}
// ValidateScopedIncludesExcludes checks provided lists of namespaced or cluster-scoped
// ValidateScopedIncludesExcludes checks provided lists of namespace-scoped or cluster-scoped
// included and excluded items to ensure they are a valid set of IncludesExcludes data.
func ValidateScopedIncludesExcludes(includesList, excludesList []string) []error {
var errs []error
@ -447,10 +447,10 @@ func generateIncludesExcludes(includes, excludes []string, mapFunc func(string)
func generateScopedIncludesExcludes(namespacedIncludes, namespacedExcludes, clusterIncludes, clusterExcludes []string, mapFunc func(string, bool) string, nsIncludesExcludes IncludesExcludes, helper discovery.Helper, logger logrus.FieldLogger) *ScopeIncludesExcludes {
res := newScopeIncludesExcludes(nsIncludesExcludes, helper, logger)
generateFilter(res.namespaceResourceFilter.includes, namespacedIncludes, mapFunc, true)
generateFilter(res.namespaceResourceFilter.excludes, namespacedExcludes, mapFunc, true)
generateFilter(res.clusterResourceFilter.includes, clusterIncludes, mapFunc, false)
generateFilter(res.clusterResourceFilter.excludes, clusterExcludes, mapFunc, false)
generateFilter(res.namespaceScopedResourceFilter.includes, namespacedIncludes, mapFunc, true)
generateFilter(res.namespaceScopedResourceFilter.excludes, namespacedExcludes, mapFunc, true)
generateFilter(res.clusterScopedResourceFilter.includes, clusterIncludes, mapFunc, false)
generateFilter(res.clusterScopedResourceFilter.excludes, clusterExcludes, mapFunc, false)
return res
}
@ -509,7 +509,7 @@ func GetGlobalResourceIncludesExcludes(helper discovery.Helper, logger logrus.Fi
}
// GetScopeResourceIncludesExcludes's function is similar with GetResourceIncludesExcludes,
// but it's used for scoped Includes/Excludes, and can handle both cluster and namespace resources.
// but it's used for scoped Includes/Excludes, and can handle both cluster-scoped and namespace-scoped resources.
func GetScopeResourceIncludesExcludes(helper discovery.Helper, logger logrus.FieldLogger, namespaceIncludes, namespaceExcludes, clusterIncludes, clusterExcludes []string, nsIncludesExcludes IncludesExcludes) *ScopeIncludesExcludes {
ret := generateScopedIncludesExcludes(
namespaceIncludes,
@ -532,27 +532,27 @@ func GetScopeResourceIncludesExcludes(helper discovery.Helper, logger logrus.Fie
helper,
logger,
)
logger.Infof("Including namespace scope resources: %s", ret.namespaceResourceFilter.IncludesString())
logger.Infof("Excluding namespace scope resources: %s", ret.namespaceResourceFilter.ExcludesString())
logger.Infof("Including cluster scope resources: %s", ret.clusterResourceFilter.GetIncludes())
logger.Infof("Excluding cluster scope resources: %s", ret.clusterResourceFilter.ExcludesString())
logger.Infof("Including namespace-scoped resources: %s", ret.namespaceScopedResourceFilter.IncludesString())
logger.Infof("Excluding namespace-scoped resources: %s", ret.namespaceScopedResourceFilter.ExcludesString())
logger.Infof("Including cluster-scoped resources: %s", ret.clusterScopedResourceFilter.GetIncludes())
logger.Infof("Excluding cluster-scoped resources: %s", ret.clusterScopedResourceFilter.ExcludesString())
return ret
}
// UseOldResourceFilters checks whether to use old resource filters (IncludeClusterResources,
// IncludedResources and ExcludedResources), depending the backup's filters setting.
// New filters are IncludeClusterScopedResources, ExcludeClusterScopedResources,
// IncludeNamespacedResources and ExcludeNamespacedResources.
// New filters are IncludedClusterScopedResources, ExcludedClusterScopedResources,
// IncludedNamespaceScopedResources and ExcludedNamespaceScopedResources.
func UseOldResourceFilters(backupSpec velerov1api.BackupSpec) bool {
// If all resource filters are none, it is treated as using old parameter filters.
if backupSpec.IncludeClusterResources == nil &&
len(backupSpec.IncludedResources) == 0 &&
len(backupSpec.ExcludedResources) == 0 &&
len(backupSpec.IncludedClusterScopeResources) == 0 &&
len(backupSpec.ExcludedClusterScopeResources) == 0 &&
len(backupSpec.IncludedNamespacedResources) == 0 &&
len(backupSpec.ExcludedNamespacedResources) == 0 {
len(backupSpec.IncludedClusterScopedResources) == 0 &&
len(backupSpec.ExcludedClusterScopedResources) == 0 &&
len(backupSpec.IncludedNamespaceScopedResources) == 0 &&
len(backupSpec.ExcludedNamespaceScopedResources) == 0 {
return true
}

320
pkg/util/collections/includes_excludes_test.go
View File

@ -370,14 +370,14 @@ func TestValidateScopedIncludesExcludes(t *testing.T) {
}
}
func TestNamespaceScopeShouldInclude(t *testing.T) {
func TestNamespaceScopedShouldInclude(t *testing.T) {
tests := []struct {
name string
namespaceIncludes []string
namespaceExcludes []string
item string
want bool
apiResources []*test.APIResource
name string
namespaceScopedIncludes []string
namespaceScopedExcludes []string
item string
want bool
apiResources []*test.APIResource
}{
{
name: "empty string should include every item",
@ -388,104 +388,104 @@ func TestNamespaceScopeShouldInclude(t *testing.T) {
},
},
{
name: "include * should include every item",
namespaceIncludes: []string{"*"},
item: "pods",
want: true,
name: "include * should include every item",
namespaceScopedIncludes: []string{"*"},
item: "pods",
want: true,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "item in includes list should include item",
namespaceIncludes: []string{"foo", "bar", "pods"},
item: "pods",
want: true,
name: "item in includes list should include item",
namespaceScopedIncludes: []string{"foo", "bar", "pods"},
item: "pods",
want: true,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "item not in includes list should not include item",
namespaceIncludes: []string{"foo", "baz"},
item: "pods",
want: false,
name: "item not in includes list should not include item",
namespaceScopedIncludes: []string{"foo", "baz"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "include *, excluded item should not include item",
namespaceIncludes: []string{"*"},
namespaceExcludes: []string{"pods"},
item: "pods",
want: false,
name: "include *, excluded item should not include item",
namespaceScopedIncludes: []string{"*"},
namespaceScopedExcludes: []string{"pods"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "include *, exclude foo, bar should be included",
namespaceIncludes: []string{"*"},
namespaceExcludes: []string{"foo"},
item: "pods",
want: true,
name: "include *, exclude foo, bar should be included",
namespaceScopedIncludes: []string{"*"},
namespaceScopedExcludes: []string{"foo"},
item: "pods",
want: true,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "an item both included and excluded should not be included",
namespaceIncludes: []string{"pods"},
namespaceExcludes: []string{"pods"},
item: "pods",
want: false,
name: "an item both included and excluded should not be included",
namespaceScopedIncludes: []string{"pods"},
namespaceScopedExcludes: []string{"pods"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "wildcard should include item",
namespaceIncludes: []string{"*s"},
item: "pods",
want: true,
name: "wildcard should include item",
namespaceScopedIncludes: []string{"*s"},
item: "pods",
want: true,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "wildcard mismatch should not include item",
namespaceIncludes: []string{"*.bar"},
item: "pods",
want: false,
name: "wildcard mismatch should not include item",
namespaceScopedIncludes: []string{"*.bar"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "exclude * should include nothing",
namespaceExcludes: []string{"*"},
item: "pods",
want: false,
name: "exclude * should include nothing",
namespaceScopedExcludes: []string{"*"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "wildcard exclude should not include item",
namespaceIncludes: []string{"*"},
namespaceExcludes: []string{"*s"},
item: "pods",
want: false,
name: "wildcard exclude should not include item",
namespaceScopedIncludes: []string{"*"},
namespaceScopedExcludes: []string{"*s"},
item: "pods",
want: false,
apiResources: []*test.APIResource{
test.Pods(),
},
},
{
name: "wildcard exclude mismatch should include item",
namespaceExcludes: []string{"*.bar"},
item: "pods",
want: true,
name: "wildcard exclude mismatch should include item",
namespaceScopedExcludes: []string{"*.bar"},
item: "pods",
want: true,
apiResources: []*test.APIResource{
test.Pods(),
},
@ -501,7 +501,7 @@ func TestNamespaceScopeShouldInclude(t *testing.T) {
t.Run(tc.name, func(t *testing.T) {
discoveryHelper := setupDiscoveryClientWithResources(tc.apiResources)
logger := logrus.StandardLogger()
scopeIncludesExcludes := GetScopeResourceIncludesExcludes(discoveryHelper, logger, tc.namespaceIncludes, tc.namespaceExcludes, []string{}, []string{}, *NewIncludesExcludes())
scopeIncludesExcludes := GetScopeResourceIncludesExcludes(discoveryHelper, logger, tc.namespaceScopedIncludes, tc.namespaceScopedExcludes, []string{}, []string{}, *NewIncludesExcludes())
if got := scopeIncludesExcludes.ShouldInclude((tc.item)); got != tc.want {
t.Errorf("want %t, got %t", tc.want, got)
@ -512,13 +512,13 @@ func TestNamespaceScopeShouldInclude(t *testing.T) {
func TestClusterScopedShouldInclude(t *testing.T) {
tests := []struct {
name string
clusterIncludes []string
clusterExcludes []string
nsIncludes []string
item string
want bool
apiResources []*test.APIResource
name string
clusterScopedIncludes []string
clusterScopedExcludes []string
nsIncludes []string
item string
want bool
apiResources []*test.APIResource
}{
{
name: "empty string should include nothing",
@ -530,106 +530,106 @@ func TestClusterScopedShouldInclude(t *testing.T) {
},
},
{
name: "include * should include every item",
clusterIncludes: []string{"*"},
item: "persistentvolumes",
want: true,
name: "include * should include every item",
clusterScopedIncludes: []string{"*"},
item: "persistentvolumes",
want: true,
apiResources: []*test.APIResource{
test.PVs(),
},
},
{
name: "item in includes list should include item",
clusterIncludes: []string{"namespaces", "bar", "baz"},
item: "namespaces",
want: true,
name: "item in includes list should include item",
clusterScopedIncludes: []string{"namespaces", "bar", "baz"},
item: "namespaces",
want: true,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "item not in includes list should not include item",
clusterIncludes: []string{"foo", "baz"},
nsIncludes: []string{"default"},
item: "persistentvolumes",
want: false,
name: "item not in includes list should not include item",
clusterScopedIncludes: []string{"foo", "baz"},
nsIncludes: []string{"default"},
item: "persistentvolumes",
want: false,
apiResources: []*test.APIResource{
test.PVs(),
},
},
{
name: "include *, excluded item should not include item",
clusterIncludes: []string{"*"},
clusterExcludes: []string{"namespaces"},
item: "namespaces",
want: false,
name: "include *, excluded item should not include item",
clusterScopedIncludes: []string{"*"},
clusterScopedExcludes: []string{"namespaces"},
item: "namespaces",
want: false,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "include *, exclude foo, bar should be included",
clusterIncludes: []string{"*"},
clusterExcludes: []string{"foo"},
item: "namespaces",
want: true,
name: "include *, exclude foo, bar should be included",
clusterScopedIncludes: []string{"*"},
clusterScopedExcludes: []string{"foo"},
item: "namespaces",
want: true,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "an item both included and excluded should not be included",
clusterIncludes: []string{"namespaces"},
clusterExcludes: []string{"namespaces"},
item: "namespaces",
want: false,
name: "an item both included and excluded should not be included",
clusterScopedIncludes: []string{"namespaces"},
clusterScopedExcludes: []string{"namespaces"},
item: "namespaces",
want: false,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "wildcard should include item",
clusterIncludes: []string{"*spaces"},
item: "namespaces",
want: true,
name: "wildcard should include item",
clusterScopedIncludes: []string{"*spaces"},
item: "namespaces",
want: true,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "wildcard mismatch should not include item",
clusterIncludes: []string{"*.bar"},
nsIncludes: []string{"default"},
item: "persistentvolumes",
want: false,
name: "wildcard mismatch should not include item",
clusterScopedIncludes: []string{"*.bar"},
nsIncludes: []string{"default"},
item: "persistentvolumes",
want: false,
apiResources: []*test.APIResource{
test.PVs(),
},
},
{
name: "exclude * should include nothing",
clusterExcludes: []string{"*"},
item: "namespaces",
want: false,
name: "exclude * should include nothing",
clusterScopedExcludes: []string{"*"},
item: "namespaces",
want: false,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "wildcard exclude should not include item",
clusterIncludes: []string{"*"},
clusterExcludes: []string{"*spaces"},
item: "namespaces",
want: false,
name: "wildcard exclude should not include item",
clusterScopedIncludes: []string{"*"},
clusterScopedExcludes: []string{"*spaces"},
item: "namespaces",
want: false,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "wildcard exclude mismatch should not include item",
clusterExcludes: []string{"*spaces"},
item: "namespaces",
want: false,
name: "wildcard exclude mismatch should not include item",
clusterScopedExcludes: []string{"*spaces"},
item: "namespaces",
want: false,
apiResources: []*test.APIResource{
test.Namespaces(),
},
@ -640,31 +640,31 @@ func TestClusterScopedShouldInclude(t *testing.T) {
want: false,
},
{
name: "even namespaces is not in the include list, it should also be involved.",
clusterIncludes: []string{"foo", "baz"},
item: "namespaces",
want: true,
name: "even namespaces is not in the include list, it should also be involved.",
clusterScopedIncludes: []string{"foo", "baz"},
item: "namespaces",
want: true,
apiResources: []*test.APIResource{
test.Namespaces(),
},
},
{
name: "When all namespaces and namespace scope resources are included, cluster resource should be included.",
clusterIncludes: []string{},
nsIncludes: []string{"*"},
item: "persistentvolumes",
want: true,
name: "When all namespaces and namespace scope resources are included, cluster resource should be included.",
clusterScopedIncludes: []string{},
nsIncludes: []string{"*"},
item: "persistentvolumes",
want: true,
apiResources: []*test.APIResource{
test.PVs(),
},
},
{
name: "When all namespaces and namespace scope resources are included, but cluster resource is excluded.",
clusterIncludes: []string{},
clusterExcludes: []string{"persistentvolumes"},
nsIncludes: []string{"*"},
item: "persistentvolumes",
want: false,
name: "When all namespaces and namespace scope resources are included, but cluster resource is excluded.",
clusterScopedIncludes: []string{},
clusterScopedExcludes: []string{"persistentvolumes"},
nsIncludes: []string{"*"},
item: "persistentvolumes",
want: false,
apiResources: []*test.APIResource{
test.PVs(),
},
@ -675,7 +675,7 @@ func TestClusterScopedShouldInclude(t *testing.T) {
discoveryHelper := setupDiscoveryClientWithResources(tc.apiResources)
logger := logrus.StandardLogger()
nsIncludeExclude := NewIncludesExcludes().Includes(tc.nsIncludes...)
scopeIncludesExcludes := GetScopeResourceIncludesExcludes(discoveryHelper, logger, []string{}, []string{}, tc.clusterIncludes, tc.clusterExcludes, *nsIncludeExclude)
scopeIncludesExcludes := GetScopeResourceIncludesExcludes(discoveryHelper, logger, []string{}, []string{}, tc.clusterScopedIncludes, tc.clusterScopedExcludes, *nsIncludeExclude)
if got := scopeIncludesExcludes.ShouldInclude((tc.item)); got != tc.want {
t.Errorf("want %t, got %t", tc.want, got)
@ -686,25 +686,25 @@ func TestClusterScopedShouldInclude(t *testing.T) {
func TestGetScopedResourceIncludesExcludes(t *testing.T) {
tests := []struct {
name string
namespaceIncludes []string
namespaceExcludes []string
clusterIncludes []string
clusterExcludes []string
expectedNamespaceIncludes []string
expectedNamespaceExcludes []string
expectedClusterIncludes []string
expectedClusterExcludes []string
apiResources []*test.APIResource
name string
namespaceScopedIncludes []string
namespaceScopedExcludes []string
clusterScopedIncludes []string
clusterScopedExcludes []string
expectedNamespaceScopedIncludes []string
expectedNamespaceScopedExcludes []string
expectedClusterScopedIncludes []string
expectedClusterScopedExcludes []string
apiResources []*test.APIResource
}{
{
name: "only include namespace resources in IncludesExcludes, when namespaced is set to true",
namespaceIncludes: []string{"deployments.apps", "persistentvolumes"},
namespaceExcludes: []string{"pods", "persistentvolumes"},
expectedNamespaceIncludes: []string{"deployments.apps"},
expectedNamespaceExcludes: []string{"pods"},
expectedClusterIncludes: []string{},
expectedClusterExcludes: []string{},
name: "only include namespace-scoped resources in IncludesExcludes",
namespaceScopedIncludes: []string{"deployments.apps", "persistentvolumes"},
namespaceScopedExcludes: []string{"pods", "persistentvolumes"},
expectedNamespaceScopedIncludes: []string{"deployments.apps"},
expectedNamespaceScopedExcludes: []string{"pods"},
expectedClusterScopedIncludes: []string{},
expectedClusterScopedExcludes: []string{},
apiResources: []*test.APIResource{
test.Deployments(),
test.PVs(),
@ -712,13 +712,13 @@ func TestGetScopedResourceIncludesExcludes(t *testing.T) {
},
},
{
name: "only include cluster-scoped resources in IncludesExcludes, when namespaced is set to false",
clusterIncludes: []string{"deployments.apps", "persistentvolumes"},
clusterExcludes: []string{"pods", "persistentvolumes"},
expectedNamespaceIncludes: []string{},
expectedNamespaceExcludes: []string{},
expectedClusterIncludes: []string{"persistentvolumes"},
expectedClusterExcludes: []string{"persistentvolumes"},
name: "only include cluster-scoped resources in IncludesExcludes",
clusterScopedIncludes: []string{"deployments.apps", "persistentvolumes"},
clusterScopedExcludes: []string{"pods", "persistentvolumes"},
expectedNamespaceScopedIncludes: []string{},
expectedNamespaceScopedExcludes: []string{},
expectedClusterScopedIncludes: []string{"persistentvolumes"},
expectedClusterScopedExcludes: []string{"persistentvolumes"},
apiResources: []*test.APIResource{
test.Deployments(),
test.PVs(),
@ -732,12 +732,12 @@ func TestGetScopedResourceIncludesExcludes(t *testing.T) {
logger := logrus.StandardLogger()
nsIncludeExclude := NewIncludesExcludes()
resources := GetScopeResourceIncludesExcludes(setupDiscoveryClientWithResources(tc.apiResources), logger, tc.namespaceIncludes, tc.namespaceExcludes, tc.clusterIncludes, tc.clusterExcludes, *nsIncludeExclude)
resources := GetScopeResourceIncludesExcludes(setupDiscoveryClientWithResources(tc.apiResources), logger, tc.namespaceScopedIncludes, tc.namespaceScopedExcludes, tc.clusterScopedIncludes, tc.clusterScopedExcludes, *nsIncludeExclude)
assert.Equal(t, tc.expectedNamespaceIncludes, resources.namespaceResourceFilter.includes.List())
assert.Equal(t, tc.expectedNamespaceExcludes, resources.namespaceResourceFilter.excludes.List())
assert.Equal(t, tc.expectedClusterIncludes, resources.clusterResourceFilter.includes.List())
assert.Equal(t, tc.expectedClusterExcludes, resources.clusterResourceFilter.excludes.List())
assert.Equal(t, tc.expectedNamespaceScopedIncludes, resources.namespaceScopedResourceFilter.includes.List())
assert.Equal(t, tc.expectedNamespaceScopedExcludes, resources.namespaceScopedResourceFilter.excludes.List())
assert.Equal(t, tc.expectedClusterScopedIncludes, resources.clusterScopedResourceFilter.includes.List())
assert.Equal(t, tc.expectedClusterScopedExcludes, resources.clusterScopedResourceFilter.excludes.List())
})
}
}
@ -760,7 +760,7 @@ func TestUseOldResourceFilters(t *testing.T) {
},
{
name: "backup with only new filters should use new filters",
backup: *defaultBackup().IncludedClusterScopeResources("StorageClass").Result(),
backup: *defaultBackup().IncludedClusterScopedResources("StorageClass").Result(),
useOldResourceFilters: false,
},
{
@ -768,7 +768,7 @@ func TestUseOldResourceFilters(t *testing.T) {
// filters used together. So this is only used for UT checking, and I assume old filters
// have higher priority, because old parameter should be the default one.
name: "backup with both old and new filters should use old filters",
backup: *defaultBackup().IncludeClusterResources(true).IncludedClusterScopeResources("StorageClass").Result(),
backup: *defaultBackup().IncludeClusterResources(true).IncludedClusterScopedResources("StorageClass").Result(),
useOldResourceFilters: true,
},
}

16
site/content/docs/main/api-types/backup.md
View File

@ -77,22 +77,22 @@ spec:
# (for example 'sc' for 'storageclasses'), or fully-qualified. If unspecified,
# no additional cluster-scoped resources are excluded. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
excludedClusterScopeResources: {}
excludedClusterScopedResources: {}
# Array of cluster-scoped resources to include from the backup. Resources may be shortcuts
# (for example 'sc' for 'storageclasses'), or fully-qualified. If unspecified,
# no additional cluster-scoped resources are included. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
includedClusterScopeResources: {}
# Array of namespace resources to exclude from the backup. Resources may be shortcuts
includedClusterScopedResources: {}
# Array of namespace-scoped resources to exclude from the backup. Resources may be shortcuts
# (for example 'cm' for 'configmaps'), or fully-qualified. If unspecified,
# no namespace resources are excluded. Optional.
# no namespace-scoped resources are excluded. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
excludedNamespacedResources: {}
# Array of namespace resources to include from the backup. Resources may be shortcuts
excludedNamespaceScopedResources: {}
# Array of namespace-scoped resources to include from the backup. Resources may be shortcuts
# (for example 'cm' for 'configmaps'), or fully-qualified. If unspecified,
# all namespace resources are included. Optional.
# all namespace-scoped resources are included. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
includedNamespacedResources: {}
includedNamespaceScopedResources: {}
# Individual objects must match this label selector to be included in the backup. Optional.
labelSelector:
matchLabels:

16
site/content/docs/main/api-types/schedule.md
View File

@ -73,22 +73,22 @@ spec:
# (for example 'sc' for 'storageclasses'), or fully-qualified. If unspecified,
# no additional cluster-scoped resources are excluded. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
excludedClusterScopeResources: {}
excludedClusterScopedResources: {}
# Array of cluster-scoped resources to include from the backup. Resources may be shortcuts
# (for example 'sc' for 'storageclasses'), or fully-qualified. If unspecified,
# no additional cluster-scoped resources are included. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
includedClusterScopeResources: {}
# Array of namespace resources to exclude from the backup. Resources may be shortcuts
includedClusterScopedResources: {}
# Array of namespace-scoped resources to exclude from the backup. Resources may be shortcuts
# (for example 'cm' for 'configmaps'), or fully-qualified. If unspecified,
# no namespace resources are excluded. Optional.
# no namespace-scoped resources are excluded. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
excludedNamespacedResources: {}
# Array of namespace resources to include from the backup. Resources may be shortcuts
excludedNamespaceScopedResources: {}
# Array of namespace-scoped resources to include from the backup. Resources may be shortcuts
# (for example 'cm' for 'configmaps'), or fully-qualified. If unspecified,
# all namespace resources are included. Optional.
# all namespace-scoped resources are included. Optional.
# Cannot work with include-resources, exclude-resources and include-cluster-resources.
includedNamespacedResources: {}
includedNamespaceScopedResources: {}
# Individual objects must match this label selector to be included in the scheduled backup. Optional.
labelSelector:
matchLabels:

8
site/content/docs/main/manual-testing.md
View File

@ -92,7 +92,7 @@ The following are test cases that are not currently performed as part of a Veler
- `velero.io/exclude-from-backup=true` label
- Since v1.11, new resource filters are added. The new filters only work for backup, and cannot work with old filters (`--include-resources`, `--exclude-resources` and `--include-cluster-resources`). Need to verify backups correctly apply the following new resource filters:
- `--exclude-cluster-scope-resources`
- `--include-cluster-scope-resources`
- `--exclude-namespaced-resources`
- `--include-namespaced-resources`
- `--exclude-cluster-scoped-resources`
- `--include-cluster-scoped-resources`
- `--exclude-namespace-scoped-resources`
- `--include-namespace-scoped-resources`

30
site/content/docs/main/resource-filtering.md
View File

@ -33,7 +33,7 @@ Namespaces to include. Default is `*`, all namespaces.
### --include-resources
Kubernetes resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io (use `*` for all resources). Cannot work with `--include-cluster-scope-resources`, `--exclude-cluster-scope-resources`, `--include-namespaced-resources` and `--exclude-namespaced-resources`.
Kubernetes resources to include in the backup, formatted as resource.group, such as storageclasses.storage.k8s.io (use `*` for all resources). Cannot work with `--include-cluster-scoped-resources`, `--exclude-cluster-scoped-resources`, `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources`.
* Backup all deployments in the cluster.
@ -55,7 +55,7 @@ Kubernetes resources to include in the backup, formatted as resource.group, such
### --include-cluster-resources
Includes cluster-scoped resources. Cannot work with `--include-cluster-scope-resources`, `--exclude-cluster-scope-resources`, `--include-namespaced-resources` and `--exclude-namespaced-resources`. This option can have three possible values:
Includes cluster-scoped resources. Cannot work with `--include-cluster-scoped-resources`, `--exclude-cluster-scoped-resources`, `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources`. This option can have three possible values:
* `true`: all cluster-scoped resources are included.
@ -101,35 +101,35 @@ Includes cluster-scoped resources. Cannot work with `--include-cluster-scope-res
For more information read the [Kubernetes label selector documentation](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors)
### --include-cluster-scope-resources
### --include-cluster-scoped-resources
Kubernetes cluster-scoped resources to include in the backup, formatted as resource.group, such as `storageclasses.storage.k8s.io`(use '*' for all resources). Cannot work with `--include-resources`, `--exclude-resources` and `--include-cluster-resources`. This parameter only works for backup, not for restore.
* Backup all StorageClasses and ClusterRoles in the cluster.
```bash
velero backup create <backup-name> --include-cluster-scope-resources="storageclasses,clusterroles"
velero backup create <backup-name> --include-cluster-scoped-resources="storageclasses,clusterroles"
```
* Backup all cluster-scoped resources in the cluster.
```bash
velero backup create <backup-name> --include-cluster-scope-resources="*"
velero backup create <backup-name> --include-cluster-scoped-resources="*"
```
### --include-namespaced-resources
### --include-namespace-scoped-resources
Kubernetes namespace resources to include in the backup, formatted as resource.group, such as `deployments.apps`(use '*' for all resources). Cannot work with `--include-resources`, `--exclude-resources` and `--include-cluster-resources`. This parameter only works for backup, not for restore.
* Backup all Deployments and ConfigMaps in the cluster.
```bash
velero backup create <backup-name> --include-namespaced-resources="deployments.apps,configmaps"
velero backup create <backup-name> --include-namespace-scoped-resources="deployments.apps,configmaps"
```
* Backup all namespace resources in the cluster.
```bash
velero backup create <backup-name> --include-namespaced-resources="*"
velero backup create <backup-name> --include-namespace-scoped-resources="*"
```
## Excludes
@ -156,7 +156,7 @@ Namespaces to exclude.
### --exclude-resources
Kubernetes resources to exclude, formatted as resource.group, such as storageclasses.storage.k8s.io. Cannot work with `--include-cluster-scope-resources`, `--exclude-cluster-scope-resources`, `--include-namespaced-resources` and `--exclude-namespaced-resources`.
Kubernetes resources to exclude, formatted as resource.group, such as storageclasses.storage.k8s.io. Cannot work with `--include-cluster-scoped-resources`, `--exclude-cluster-scoped-resources`, `--include-namespace-scoped-resources` and `--exclude-namespace-scoped-resources`.
* Exclude secrets from the backup.
@ -174,34 +174,34 @@ Kubernetes resources to exclude, formatted as resource.group, such as storagecla
* Resources with the label `velero.io/exclude-from-backup=true` are not included in backup, even if it contains a matching selector label.
### --exclude-cluster-scope-resources
### --exclude-cluster-scoped-resources
Kubernetes cluster-scoped resources to exclude from the backup, formatted as resource.group, such as `storageclasses.storage.k8s.io`(use '*' for all resources). Cannot work with `--include-resources`, `--exclude-resources` and `--include-cluster-resources`. This parameter only works for backup, not for restore.
* Exclude StorageClasses and ClusterRoles from the backup.
```bash
velero backup create <backup-name> --exclude-cluster-scope-resources="storageclasses,clusterroles"
velero backup create <backup-name> --exclude-cluster-scoped-resources="storageclasses,clusterroles"
```
* Exclude all cluster-scoped resources from the backup.
```bash
velero backup create <backup-name> --exclude-cluster-scope-resources="*"
velero backup create <backup-name> --exclude-cluster-scoped-resources="*"
```
### --exclude-namespaced-resources
### --exclude-namespace-scoped-resources
Kubernetes namespace resources to exclude from the backup, formatted as resource.group, such as `deployments.apps`(use '*' for all resources). Cannot work with `--include-resources`, `--exclude-resources` and `--include-cluster-resources`. This parameter only works for backup, not for restore.
* Exclude all Deployments and ConfigMaps from the backup.
```bash
velero backup create <backup-name> --exclude-namespaced-resources="deployments.apps,configmaps"
velero backup create <backup-name> --exclude-namespace-scoped-resources="deployments.apps,configmaps"
```
* Exclude all namespace resources from the backup.
```bash
velero backup create <backup-name> --exclude-namespaced-resources="*"
velero backup create <backup-name> --exclude-namespace-scoped-resources="*"
```
## Resource policies