Stash supports Google Cloud Storage(GCS) as a backend. This tutorial will show you how to use this backend.
In order to use Google Cloud Storage as backend, you have to create a
Secret and a
Repository object pointing to the desired GCS bucket.
If the bucket already exists, the Google Cloud service account you provide to Stash only needs
Storage Object Creatorrole permission. However, if the bucket does not exist, Stash will create the bucket during the first backup. In this case, the Google Cloud service account key used for Stash must have
Storage Object Adminrole permission. To avoid giving this elevated level of permission to Stash, create the bucket manually (either from GCP console or gcloud cli) ahead of time.
To configure storage secret for this backend, following secret keys are needed:
||Password that will be used to encrypt the backup snapshots.|
||Google Cloud project ID.|
||Google Cloud service account json key.|
Create storage secret as below,
$ echo -n 'changeit' > RESTIC_PASSWORD $ echo -n '<your-project-id>' > GOOGLE_PROJECT_ID $ mv downloaded-sa-json.key GOOGLE_SERVICE_ACCOUNT_JSON_KEY $ kubectl create secret generic -n demo gcs-secret \ --from-file=./RESTIC_PASSWORD \ --from-file=./GOOGLE_PROJECT_ID \ --from-file=./GOOGLE_SERVICE_ACCOUNT_JSON_KEY secret/gcs-secret created
Now, you have to create a
Repository crd. You have to provide the storage secret that we have created earlier in
Following parameters are available for
||Name of Bucket. If the bucket does not exist yet, it will be created in the default location (US). It is not possible at the moment for Stash to create a new bucket in a different location, so you need to create it using Google cloud console.|
||Path prefix inside the bucket where backed up data will be stored.|
||Maximum number of parallel connections to use for uploading backup data. By default, Stash will use maximum 5 parallel connections.|
Below, the YAML of a sample
Repository crd that uses a GCS bucket as a backend.
apiVersion: stash.appscode.com/v1alpha1 kind: Repository metadata: name: gcs-repo namespace: demo spec: backend: gcs: bucket: stash-backup prefix: /demo/deployment/my-deploy storageSecretName: gcs-secret
Repository we have shown above using the following command,
$ kubectl apply -f https://github.com/stashed/docs/raw/v2021.11.24/docs/examples/guides/latest/backends/gcs.yaml repository/gcs-repo created
Now, we are ready to use this backend to backup our desired data using Stash.