| {{- /* |
| Copyright VMware, Inc. |
| SPDX-License-Identifier: APACHE-2.0 |
| */}} |
| |
| {{- if .Values.backup.enabled }} |
| apiVersion: batch/v1 |
| kind: CronJob |
| metadata: |
| name: {{ include "mongodb.fullname" . }}-mongodump |
| namespace: {{ include "mongodb.namespace" . | quote }} |
| labels: {{- include "common.labels.standard" . | nindent 4 }} |
| app.kubernetes.io/component: mongodump |
| {{- if .Values.backup.cronjob.labels }} |
| {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 4 }} |
| {{- end }} |
| {{- if .Values.commonLabels }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} |
| {{- end }} |
| {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }} |
| annotations: |
| {{- if .Values.backup.cronjob.annotations }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 4 }} |
| {{- end }} |
| {{- if .Values.commonAnnotations }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} |
| {{- end }} |
| {{- end }} |
| spec: |
| schedule: {{ quote .Values.backup.cronjob.schedule }} |
| concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }} |
| failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }} |
| successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }} |
| {{- if .Values.backup.cronjob.startingDeadlineSeconds }} |
| startingDeadlineSeconds: {{ .Values.backup.cronjob.startingDeadlineSeconds }} |
| {{- end }} |
| jobTemplate: |
| spec: |
| {{- if .Values.backup.cronjob.ttlSecondsAfterFinished }} |
| ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }} |
| {{- end }} |
| template: |
| metadata: |
| labels: {{- include "common.labels.standard" . | nindent 12 }} |
| app.kubernetes.io/component: mongodump |
| {{- if .Values.backup.cronjob.labels }} |
| {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 12 }} |
| {{- end }} |
| {{- if .Values.commonLabels }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 12 }} |
| {{- end }} |
| {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }} |
| annotations: |
| {{- if .Values.backup.cronjob.annotations }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 12 }} |
| {{- end }} |
| {{- if .Values.commonAnnotations }} |
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 12 }} |
| {{- end }} |
| {{- end }} |
| spec: |
| {{- include "mongodb.imagePullSecrets" . | nindent 10 }} |
| {{- if .Values.podSecurityContext.enabled }} |
| securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 12 }} |
| {{- end }} |
| enableServiceLinks: {{ .Values.enableServiceLinks }} |
| {{- if .Values.tls.enabled }} |
| initContainers: |
| - name: generate-tls-certs |
| image: {{ include "mongodb.tls.image" . }} |
| imagePullPolicy: {{ .Values.tls.image.pullPolicy | quote }} |
| env: |
| - name: MY_POD_NAMESPACE |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.namespace |
| - name: MY_POD_HOST_IP |
| valueFrom: |
| fieldRef: |
| fieldPath: status.hostIP |
| volumeMounts: |
| - name: empty-dir |
| mountPath: /tmp |
| subPath: tmp-dir |
| {{- if (include "mongodb.autoGenerateCerts" .) }} |
| - name: certs-volume |
| mountPath: /certs/CAs |
| {{- else }} |
| - name: mongodb-certs-0 |
| mountPath: /certs-0 |
| {{- end }} |
| - name: certs |
| mountPath: /certs |
| - name: common-scripts |
| mountPath: /bitnami/scripts |
| command: |
| - /bitnami/scripts/generate-certs.sh |
| args: |
| - -s {{ include "mongodb.service.nameOverride" . }} |
| {{- if .Values.externalAccess.service.loadBalancerIPs }} |
| - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }} |
| {{- end }} |
| {{- if .Values.tls.extraDnsNames }} |
| - -n {{ join "," .Values.tls.extraDnsNames }} |
| {{- end }} |
| {{- if .Values.tls.resources }} |
| resources: {{- toYaml .Values.tls.resources | nindent 16 }} |
| {{- else if ne .Values.tls.resourcesPreset "none" }} |
| resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 16 }} |
| {{- end }} |
| {{- end }} |
| containers: |
| - name: {{ include "mongodb.fullname" . }}-mongodump |
| image: {{ include "mongodb.image" . }} |
| imagePullPolicy: {{ .Values.image.pullPolicy | quote }} |
| env: |
| {{- if .Values.auth.enabled }} |
| - name: MONGODB_ROOT_USER |
| value: {{ .Values.auth.rootUser | quote }} |
| - name: MONGODB_ROOT_PASSWORD |
| valueFrom: |
| secretKeyRef: |
| name: {{ include "mongodb.secretName" . }} |
| key: mongodb-root-password |
| {{- end }} |
| - name: MONGODB_SERVICE_NAME |
| value: {{ include "mongodb.service.nameOverride" . }} |
| - name: MONGODB_PORT_NUMBER |
| value: {{ .Values.containerPorts.mongodb | quote }} |
| - name: MONGODUMP_DIR |
| value: {{ .Values.backup.cronjob.storage.mountPath }} |
| {{- if .Values.tls.enabled }} |
| - name: MONGODB_CLIENT_EXTRA_FLAGS |
| value: --ssl --sslPEMKeyFile=/certs/mongodb.pem --sslCAFile=/certs/mongodb-ca-cert |
| {{- end }} |
| {{- if .Values.backup.cronjob.command }} |
| command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }} |
| {{- else }} |
| command: |
| - /bin/sh |
| - -c |
| - "mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz" |
| {{- end }} |
| volumeMounts: |
| - name: empty-dir |
| mountPath: /tmp |
| subPath: tmp-dir |
| {{- if .Values.tls.enabled }} |
| - name: certs |
| mountPath: /certs |
| {{- if (include "mongodb.autoGenerateCerts" .) }} |
| - name: certs-volume |
| mountPath: /certs/CAs |
| {{- else }} |
| - name: mongodb-certs-0 |
| mountPath: /certs-0 |
| {{- end }} |
| {{- end }} |
| - name: datadir |
| mountPath: {{ .Values.backup.cronjob.storage.mountPath }} |
| subPath: {{ .Values.backup.cronjob.storage.subPath }} |
| {{- if .Values.backup.cronjob.containerSecurityContext.enabled }} |
| securityContext: |
| {{- include "common.tplvalues.render" ( dict "value" ( omit .Values.backup.cronjob.containerSecurityContext "enabled" ) "context" $) | nindent 14 }} |
| {{- end }} |
| restartPolicy: {{ .Values.backup.cronjob.restartPolicy }} |
| volumes: |
| - name: empty-dir |
| emptyDir: |
| sizeLimit: 64Mi |
| - name: common-scripts |
| configMap: |
| name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }} |
| defaultMode: 0550 |
| {{- if .Values.tls.enabled }} |
| - name: certs |
| emptyDir: |
| sizeLimit: 64Mi |
| {{- if (include "mongodb.autoGenerateCerts" .) }} |
| - name: certs-volume |
| secret: |
| secretName: {{ template "mongodb.tlsSecretName" . }} |
| items: |
| - key: mongodb-ca-cert |
| path: mongodb-ca-cert |
| mode: 0600 |
| - key: mongodb-ca-key |
| path: mongodb-ca-key |
| mode: 0600 |
| {{- else }} |
| - name: mongodb-certs-0 |
| secret: |
| secretName: {{ include "common.tplvalues.render" ( dict "value" .Values.tls.standalone.existingSecret "context" $) }} |
| defaultMode: 256 |
| {{- end }} |
| {{- end }} |
| {{- if .Values.backup.cronjob.storage.existingClaim }} |
| - name: datadir |
| persistentVolumeClaim: |
| claimName: {{ printf "%s" (tpl .Values.backup.cronjob.storage.existingClaim .) }} |
| {{- else }} |
| - name: datadir |
| persistentVolumeClaim: |
| claimName: {{ include "mongodb.fullname" . }}-mongodump |
| {{- end }} |
| {{- end }} |