Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / d518f733756ef9d9b1b7015d509906152d6a1288 / . / kubernetes / common / mariadb-galera / templates / backup / cronjob.yaml
blob: 1a174d1bb25e038deae65974e68260f8bb66348f [file] [log] [blame]
{{/*
# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics
# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
{{- if and .Values.backup.enabled .Values.global.mariadbGalera.useOperator }}
{{ include "common.mariadbOpBackup" . }}
{{ else }}
{{- if and .Values.backup.enabled .Values.persistence.enabled }}
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: {{ include "common.fullname" . }}-backup
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
spec:
schedule: {{ .Values.backup.cron | quote }}
concurrencyPolicy: Forbid
startingDeadlineSeconds: 120
jobTemplate:
spec:
template:
metadata:
annotations:
# Workarround to exclude K8S API from istio communication
# as init-container (readinessCheck) does not work with the
# Istio CNI plugin, see:
# (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
traffic.sidecar.istio.io/excludeOutboundPorts: "443"
spec:
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
{{ include "common.podSecurityContext" . | indent 10 | trim}}
restartPolicy: Never
initContainers: {{- include "common.readinessCheck.waitFor" . | nindent 12 }}
- name: mariadb-galera-backup-init
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: false
command:
- /bin/bash
- -c
- |
remove_dir(){
dirToRemove=$1
rm -rf $dirToRemove
echo "Failed" > /backup/backup.log
echo "Backup failed!!!"
}
target_dir=/backup/backup-`date +%s`
mkdir -p $target_dir
mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }}
mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost
ret_code=$?
if [ $ret_code -ne 0 ]; then
remove_dir $target_dir
exit 0
fi
echo "Starting Backup Preparation!!!"
mariabackup --prepare --target-dir=$target_dir
ret_code=$?
if [ $ret_code -ne 0 ]; then
remove_dir $target_dir
exit 0
fi
echo "Success" > /backup/backup.log
echo "Backup Successful!!!"
env:
- name: DB_PASS
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }}
resources: {{ include "common.resources" . | nindent 16 }}
volumeMounts:
- name: backup-dir
mountPath: /backup
- name: data
mountPath: /bitnami/mariadb
containers:
- name: mariadb-backup-validate
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: false
env:
- name: MARIADB_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }}
command:
- /bin/bash
- -c
- |
remove_dir(){
dirToRemove=$1
rm -rf $dirToRemove
echo "Validation Failed!!!";
}
backup_result=`cat /backup/backup.log`
rm -rf /backup/backup.log
if [ "$backup_result" == "Failed" ]; then
echo "Backup Failed!!! Validation Failed!!!";
exit 0
fi
target_dir=$(ls -td -- /backup/backup-* | head -n 1)
cp -Ra $target_dir/* /bitnami/mariadb/data
if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then
remove_dir $target_dir
exit 0
fi
/opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh &
count=0
until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1";
do sleep 3;
count=`expr $count + 1`;
if [ $count -ge 30 ]; then
remove_dir $target_dir
exit 0;
fi;
done
mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log
error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l`
cat /tmp/output.log
if [ $error_lines -gt 1 ];then
remove_dir $target_dir
else
echo "Validation successful!!!"
cd /backup
totalFiles=`ls -t | grep "backup-" | wc -l`
if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then
filestoDelete=`expr $totalFiles - {{ .Values.backup.retentionPeriod }}`
ls -tr | grep backup | head -$filestoDelete | xargs rm -rf
fi
fi
resources: {{ include "common.resources" . | nindent 16 }}
volumeMounts:
- mountPath: /bitnami/mariadb/data
name: tmp-data
- mountPath: /opt/bitnami/mariadb/tmp
name: tmp
- mountPath: /etc/localtime
name: localtime
readOnly: true
- name: backup-dir
mountPath: /backup
imagePullSecrets:
- name: {{ include "common.namespace" . }}-docker-registry-key
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- name: data
persistentVolumeClaim:
{{- if .Values.persistence.existingClaim }}
claimName: {{ .Values.persistence.existingClaim }}
{{- else }}
claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0
{{- end }}
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
- name: tmp-data
emptyDir: {}
- name: tmp
emptyDir: {}
{{- end }}
{{- end }}