Add SFTP as a Kopia repository storage backend#9619
Open
bicisteadm wants to merge 1 commit intovelero-io:mainfrom
Open
Add SFTP as a Kopia repository storage backend#9619bicisteadm wants to merge 1 commit intovelero-io:mainfrom
bicisteadm wants to merge 1 commit intovelero-io:mainfrom
Conversation
github-actions
Bot
added
the
Dependencies
Wire Kopia's native SFTP blob storage (repo/blob/sftp) through Velero's
repository abstraction layer, enabling snapshotMoveData and fs-backup to
store deduplicated volume data on SFTP servers (e.g. Hetzner Storage Box).
Changes:
- config.go: add SFTPBackend type and extend IsBackendTypeValid()
- repo_options.go: add StorageTypeSftp and SFTP config option constants
(host, port, path, username, password, keyfile, keydata, knownhosts)
- unified_repo.go: add SFTP case in getStorageType(), getStorageVariables(),
and getStorageCredentials()
- backend/sftp.go: new Store implementation using kopia/repo/blob/sftp
- repo_init.go: register SFTPBackend in backendStores slice
BSL configuration example:
provider: sftp
config:
sftpHost: backup.example.com
sftpPort: "23"
sftpUsername: user
sftpPassword: secret
sftpPath: /backups/velero
sftpKnownHostsData: "[backup.example.com]:23 ssh-ed25519 AAAA..."
Requires a companion ObjectStore plugin registered as velero.io/sftp
for storing backup metadata (K8s resource tarballs).
Addresses velero-io#8707, velero-io#7364.
Signed-off-by: Adam Bičiště <adam@freshost.cz>
bicisteadm
force-pushed
the
sftp-backend
branch
from
b1fe737 to
332fa2c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Wire Kopia's native SFTP blob storage (
repo/blob/sftp) through Velero's repository abstraction layer, enablingsnapshotMoveDataandfs-backupto store deduplicated volume data on SFTP servers.Fixes #9617
Related: #8707 #7364
Changes
pkg/repository/config/config.goSFTPBackendtype, extendIsBackendTypeValid()pkg/repository/udmrepo/repo_options.goStorageTypeSftpand 8 SFTP config constantspkg/repository/provider/unified_repo.gogetStorageType(),getStorageVariables(),getStorageCredentials()pkg/repository/udmrepo/kopialib/backend/sftp.goSFTPBackendimplementingStoreinterface viakopia/repo/blob/sftppkg/repository/udmrepo/kopialib/repo_init.gobackendStoresslicego.mod/go.sumgithub.com/pkg/sftpdependency (already a transitive dep of Kopia)Motivation
Velero supports S3, Azure, GCS, and filesystem as Kopia backends. Users with self-hosted infrastructure (Hetzner Storage Box, Synology NAS, any SSH server) cannot use any existing backend without an S3 proxy. Kopia already has a native SFTP implementation — this PR simply connects it.
BSL Configuration
Authentication supports password, key file (
sftpKeyPath), or inline key data (sftpKeyData).Companion ObjectStore Plugin
The BSL
provider: sftpalso requires an ObjectStore plugin for backup metadata. A reference implementation is available: Freshost/velero-plugin-for-sftp.Testing
go test ./pkg/repository/...)snapshotMoveData+ SFTP (Hetzner Storage Box)Completed, data verified on remote SFTP server