Configuring Che to use a backup server

To configure a backup server for Che, a user needs to create the CheBackupServerConfiguration Custom Resource object in the eclipse-che namespace. The object’s spec property is divided in several sections where each corresponds to a specific backup server type:

  • REST

  • AWS S3 or API compatible

  • SFTP

    • The Custom Resource object, stored in the eclipse-che namespace, must have only one section configured in the spec property.

    • It is possible to configure as many backup servers as needed, but each in a separate Custom Resource.

    • Referenced secrets for each server type must exist and have required fields specified. See the description of each secret in the corresponding server-type chapters.

Configuring REST server

apiVersion: org.eclipse.che/v1
kind: CheBackupServerConfiguration
metadata:
  name: backup-server-configuration
spec:
  rest:
    protocol: http                                                 (1)
    hostname: my-domain.net                                        (2)
    port: 1234                                                     (3)
    repositoryPath: Che-backups                           (4)
    repositoryPasswordSecretRef: backup-encryption-password-secret (5)
    credentialsSecretRef: rest-server-auth-secret                  (6)
1 Optional property that specifies the protocol to be used. The default value is https with http as the second allowed option.
2 Backup server hostname.
3 Optional property that specifies the port on which the backup server is running. The default value is 8000.
4 Path on the backup server where the backup snapshots are stored.
5 Secret name containing a repository password, stored in the repo-password field. If the secret contains only one field, its name is arbitrary. The password is used to encrypt and decrypt backup snapshots data.
6 Optional property that specifies the name of the secret with the REST server user credentials, stored in the username and password fields.

Configuring AWS S3 or API compatible server

apiVersion: org.eclipse.che/v1
kind: CheBackupServerConfiguration
metadata:
  name: backup-server-configuration
spec:
  awss3:
    protocol: https                                                (1)
    hostname: my-domain.net                                        (2)
    port: 1234                                                     (3)
    repositoryPath: Che-backups                           (4)
    repositoryPasswordSecretRef: backup-encryption-password-secret (5)
    awsAccessKeySecretRef: aws-user-credentials-secret             (6)
1 Optional property that specifies the protocol to be used. The default value is https with http as the second allowed option.
2 Optional property that specifies the S3 hostname. The default value is s3.amazonaws.com.
3 Optional property that specifies the port on which the backup server is running.
4 The name of the bucket resource where the backup snapshots are stored. The bucket resource must be manually pre-created.
5 The name of the secret containing a repository password, stored in the repo-password field. If the secret contains only one field, this name is arbitrary. The password is used to encrypt and decrypt backup snapshots data.
6 The name of the secret containing user credentials stored in the awsAccessKeyId and awsSecretAccessKey fields.

Configuring SFTP server

apiVersion: org.eclipse.che/v1
kind: CheBackupServerConfiguration
metadata:
  name: backup-server-configuration
spec:
  awss3:
    username: user                                                 (1)
    hostname: my-domain.net                                        (2)
    port: 1234                                                     (3)
    repositoryPath: Che-backups                           (4)
    repositoryPasswordSecretRef: backup-encryption-password-secret (5)
    sshKeySecretRef: ssh-key-secret                                (6)
1 User name on the remote server to login with using the SSH protocol.
2 Remote server hostname.
3 Optional property that specifies the port on which an SFTP server is running. The default value is 22.
4 Absolute or relative path on the server where backup snapshots are stored.
5 The name of the secret containing a repository password, stored in the repo-password field. If the secret contains only one field, this name is arbitrary. The password is used to encrypt and decrypt backup snapshots data.
6 The name of the secret containing a private SSH key, stored in the ssh-privatekey field. This SSH key can be used to perform a login without a password on an SFTP server.