I have an Azure Kubernetes cluster with Velero installed. A Service Principal was created for Velero, per option 1 of the instructions.
Velero was working fine until the credentials for the Service Principal were reset. Now the scheduled backups are failing.
NAME STATUS ERRORS WARNINGS CREATED EXPIRES STORAGE LOCATION SELECTOR
daily-entire-cluster-20210727030055 Failed 0 0 2021-07-26 23:00:55 -0000 13d default <none>How can I update the secret for Velero?
First, update your credentials file (for most providers, this is credentials-velero and the contents are described in the plugin installation instructions: AWS, Azure, GCP)
Now update the velero secret. On linux:
kubectl patch -n velero secret cloud-credentials -p '{"data": {"cloud": "'$(base64 -w 0 credentials-velero)'"}}'patch tells kubectl to update a resource by merging the provided data-n velero tells kubectl to use the velero namespacesecret is the resource typecloud-credentials is the name of the secret used by Velero to store credentials-p specifies that the next word is the patch data. It's more common to patch using JSON rather than YAML'{"data": {"cloud": "<your-base64-encoded-secret-will-go-here>"}}' this is the JSON data that matches the existing structure of the Velero secret in Kubernetes. <your-base64-encoded-secret-will-go-here> is a placeholder for the command we'll insert.$(base64 -w 0 credentials-velero) reads the file credentials-velero in the current directory, turns off word wrapping of the output (-w 0), BASE64-encodes the contents of the file, and inserts the result in the data.