diff --git a/chart/templates/velero/gitrepository.yaml b/chart/templates/velero/gitrepository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..7f8db7ccbac700c01679466e02fa8cde97337644
--- /dev/null
+++ b/chart/templates/velero/gitrepository.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.istio.enabled .Values.addons.velero.enabled }}
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+ name: velero
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app.kubernetes.io/name: velero
+ app.kubernetes.io/component: "utilities"
+ {{- include "commonLabels" . | nindent 4}}
+spec:
+ interval: {{ .Values.flux.interval }}
+ url: {{ .Values.addons.velero.git.repo }}
+ ref:
+ {{- include "validRef" .Values.addons.velero.git | nindent 4 }}
+ {{ include "gitIgnore" . }}
+ {{- include "gitCreds" . | nindent 2 }}
+{{- end }}
diff --git a/chart/templates/velero/namespace.yaml b/chart/templates/velero/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..def8e437e63c0b7454b7bcf1f59891cd7df5d9de
--- /dev/null
+++ b/chart/templates/velero/namespace.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.addons.velero.enabled }}
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: velero
+ labels:
+ app.kubernetes.io/name: velero
+ app.kubernetes.io/component: "cluster-utilities"
+ {{- include "commonLabels" . | nindent 4 }}
+ {{- if .Values.istio.enabled }}
+ istio-injection: enabled
+ {{- end }}
+
+{{- if ( include "imagePullSecret" . ) }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: velero
+ labels:
+ app.kubernetes.io/name: velero
+ app.kubernetes.io/component: "cluster-utilities"
+ {{- include "commonLabels" . | nindent 4 }}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/velero/values.yaml b/chart/templates/velero/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9962c136ab8b5c84826630f2d17b67dc229a0fe0
--- /dev/null
+++ b/chart/templates/velero/values.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.addons.velero.enabled }}
+{{- include "values-secret" (dict "root" $ "package" .Values.addons.velero "name" "velero" "defaults" (include "bigbang.defaults.velero" .)) }}
+{{- end }}
+
+{{- define "bigbang.defaults.velero" -}}
+hostname: {{ .Values.hostname }}
+
+istio:
+ enabled: {{ .Values.istio.enabled }}
+
+monitoring:
+ enabled: {{ .Values.monitoring.enabled }}
+
+imagePullSecrets:
+- name: private-registry
+{{- end -}}
diff --git a/chart/templates/velero/velero-helmrelease.yaml b/chart/templates/velero/velero-helmrelease.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1d200a73ee473fe850a7d7cf97b9e2c58b03e087
--- /dev/null
+++ b/chart/templates/velero/velero-helmrelease.yaml
@@ -0,0 +1,50 @@
+{{- if .Values.addons.velero.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: velero
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app.kubernetes.io/name: velero
+ app.kubernetes.io/component: "utilities"
+ {{- include "commonLabels" . | nindent 4}}
+spec:
+ targetNamespace: velero
+ chart:
+ spec:
+ chart: {{ .Values.addons.velero.git.path }}
+ interval: 5m
+ sourceRef:
+ kind: GitRepository
+ name: velero
+ namespace: {{ .Release.Namespace }}
+
+ {{- with .Values.flux }}
+ interval: {{ .interval }}
+ test:
+ enable: false
+ install:
+ remediation:
+ retries: {{ .install.retries }}
+ upgrade:
+ remediation:
+ retries: {{ .upgrade.retries }}
+ remediateLastFailure: true
+ cleanupOnFail: true
+ rollback:
+ timeout: {{ .rollback.timeout }}
+ cleanupOnFail: {{ .rollback.cleanupOnFail }}
+ {{- end }}
+
+ valuesFrom:
+ - name: {{ .Release.Name }}-velero-values
+ kind: Secret
+ valuesKey: "common"
+ - name: {{ .Release.Name }}-velero-values
+ kind: Secret
+ valuesKey: "defaults"
+ - name: {{ .Release.Name }}-velero-values
+ kind: Secret
+ valuesKey: "overlays"
+
+{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 5c53cda1716e2dafe30f77bc14583bc68117e523..45b62e710ae675d684e140639cf85c67bf57442b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -652,6 +652,21 @@ addons:
# -- Values to passthrough to the Mattermost chart: https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost/-/blob/main/chart/values.yaml
values: {}
+
+ velero:
+ # -- Toggle deployment of Velero.
+ enabled: false
+
+ git:
+ repo: https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero.git
+ path: "./chart"
+ tag: "2.14.8-bb.0"
+
+ # -- Values to passthrough to the Velero chart: https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero/-/blob/main/chart/values.yaml
+ values:
+ # Requires at least one plugin installed. Current supported values: aws, azure
+ plugins: []
+ # - aws
#
# ----------------------------------------------------------------------------------------------------------------------
diff --git a/charter/BigBangPackages.md b/charter/BigBangPackages.md
index bedc609ecb15edb35a32930935022c72ee6d71f6..2b85f2f6c30abee2d25e2af085e8fa53b7000eba 100644
--- a/charter/BigBangPackages.md
+++ b/charter/BigBangPackages.md
@@ -658,6 +658,25 @@ Owners:
* @runyontr - Runyon Solutions
* @still - Parsons
+### Cluster Utilities
+
+Packages that provider cluster level utility, such as RWX storage or generic backup capabilities.
+
+#### Velero
+
+Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes
+
+* [Velero](https://velero.io/)
+
+Repository:
+
+* [Velero Package](https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero/-/tree/main)
+
+Owners:
+
+* @tunde - Oteemo
+* @adam.toy - Rancher Federal
+
### Sandbox
The [Sandbox](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox) is an area for packages that are currently being or will be worked that do not yet meet the requirements of a supported package. Due to the fluidity of sandbox apps, they are not tracked in the charter.
diff --git a/tests/ci/k3d/values.yaml b/tests/ci/k3d/values.yaml
index 42196c9e50b0e7b64cbca10e29448273b381fbe9..d5a79c48a893bf2076df21e9ded670fd607706fd 100644
--- a/tests/ci/k3d/values.yaml
+++ b/tests/ci/k3d/values.yaml
@@ -346,3 +346,49 @@ addons:
zones:
servers: 1
volumesPerServer: 1
+
+ velero:
+ enabled: false
+ values:
+ installCRDs: true
+
+ # Set provider name and backup storage location bucket name
+ configuration:
+ provider: aws
+ # TODO: Bucket for this
+ backupStorageLocation:
+ bucket: bigbang-dogfood-velero
+ prefix: ci
+ # config:
+ # region: us-west-1
+ # profile: test
+ # volumeSnapshotLocation:
+ # provider: aws
+ # config:
+ # bucket: velero
+ # region: us-west-1
+
+ # Default to AWS Plugin, update to others as they are supported
+ plugins:
+ - aws
+
+ #schedules:
+ # mybackup:
+ # labels:
+ # myenv: foo
+ # schedule: "0 0 * * *"
+ # template:
+ # ttl: "240h"
+ # includedNamespaces:
+ # - foo
+
+ # Set a service account so that the CRD clean up job has proper permissions to delete CRDs
+ serviceAccount:
+ server:
+ name: velero
+
+ # Whether or not to clean up CustomResourceDefintions when deleting a release.
+ # Cleaning up CRDs will delete the BackupStorageLocation and VolumeSnapshotLocation instances, which would have to be reconfigured.
+ # Backup data in object storage will _not_ be deleted, however Backup instances in the Kubernetes API will.
+ # Always clean up CRDs in CI.
+ cleanUpCRDs: true