Design for global volume policies by reasonerjt · Pull Request #9901 · velero-io/velero

reasonerjt · 2026-06-10T11:55:43Z

Add the design for global volume policies to address the requirement in #9858

Accepted the DCO. Commits without the DCO will delay acceptance.
Created a changelog file (make new-changelog) or comment /kind changelog-not-required on this PR.
Updated the corresponding documentation in site/content/docs/main.

netlify · 2026-06-10T11:55:52Z

✅ Deploy Preview for velero canceled.

Name	Link
🔨 Latest commit	`8a31544`
🔍 Latest deploy log	https://app.netlify.com/projects/velero/deploys/6a30f86e0affb600084ca2fe

codecov · 2026-06-10T12:06:33Z

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

chlins

lgtm

kaovilai

would be nice if you clarify what happens when configmap configured is missing. warn/error/no-error.

shubham-pampattiwar · 2026-06-15T19:27:18Z

+
+## Design
+
+A new Velero server flag, `--global-backup-volume-policies-configmap`, accepts the name of a ConfigMap that lives in the Velero install namespace. The ConfigMap has the exact same format as an existing per-backup resource policies ConfigMap (a single data key holding a `ResourcePolicies` YAML document).


The design should specify the behavior when --global-backup-volume-policies-configmap is set but the referenced ConfigMap doesn't exist, both at server startup and at backup time (in case it's deleted after startup). Should the backup fail with a validation error? Or warn and proceed without global policies?

Sure I'll update it to add more details.

I added a "Validation" section.

shubham-pampattiwar · 2026-06-15T19:30:31Z

+
+The merge combines two `ResourcePolicies` documents: the global policy (`G`) and the backup-level policy (`B`). The guiding principle is that the global policy provides a baseline, and the backup-level policy is layered with it.
+
+- **`volumePolicies`**: `volumePolicies` is an ordered list where the *first* matching policy wins (per the existing `Policies.match` logic). The merged list is the concatenation of the backup-level policies followed by the global policies:


The issue description says the global policy should be merged "if the VolumePolicy is absent," which reads like a fallback-only behavior. This design proposes always merging (backup-level first, then global). The Alternatives section acknowledges the fallback approach but rejects it. Always-merge means existing backups that already have volume policies will start picking up global rules they didn't have before, which could be surprising.

I think this is the intention, b/c when the admin configures the global volume policy for velero he wanna influence the behavior of all backups, unless over-written by the user. I clarified it in the "Compatibility" section.

shubham-pampattiwar · 2026-06-15T19:34:35Z

+
+## Design
+
+A new Velero server flag, `--global-backup-volume-policies-configmap`, accepts the name of a ConfigMap that lives in the Velero install namespace. The ConfigMap has the exact same format as an existing per-backup resource policies ConfigMap (a single data key holding a `ResourcePolicies` YAML document).


Minor: the flag name --global-backup-volume-policies-configmap is quite long. Since it's a server flag (already global scope) and the value is always a ConfigMap name, something shorter like --default-volume-policy or --global-volume-policy might be friendlier. Not a blocker, just a usability thought.

There are currently two issues around global settings for backup and restore. Do you think we need to align the naming around these two flag names?

Two issues related to "global" settings.
#9858: global default for Backup volume policy.
#9719: global default for Restore resource mutation policy.


		## Design

		A new Velero server flag, `--global-backup-volume-policies-configmap`, accepts the name of a ConfigMap that lives in the Velero install namespace. The ConfigMap has the exact same format as an existing per-backup resource policies ConfigMap (a single data key holding a `ResourcePolicies` YAML document).


		The merge combines two `ResourcePolicies` documents: the global policy (`G`) and the backup-level policy (`B`). The guiding principle is that the global policy provides a baseline, and the backup-level policy is layered with it.

		- `volumePolicies`: `volumePolicies` is an ordered list where the first matching policy wins (per the existing `Policies.match` logic). The merged list is the concatenation of the backup-level policies followed by the global policies:

Conversation

reasonerjt commented Jun 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

netlify Bot commented Jun 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Deploy Preview for velero canceled.

Uh oh!

codecov Bot commented Jun 10, 2026

Codecov Report

Uh oh!

Uh oh!

chlins left a comment

Choose a reason for hiding this comment

Uh oh!

kaovilai left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

reasonerjt Jun 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

reasonerjt commented Jun 10, 2026 •

edited

Loading

netlify Bot commented Jun 10, 2026 •

edited

Loading

reasonerjt Jun 16, 2026 •

edited

Loading