blob: 2e884b14b9d43c9fda773ea4f26e43b860bf4e9b [file] [log] [blame]
Andreas Geisslercde4a782024-02-28 16:08:06 +01001{{- /*
2Copyright VMware, Inc.
3SPDX-License-Identifier: APACHE-2.0
4*/}}
5
6{{- if .Values.backup.enabled }}
7apiVersion: batch/v1
8kind: CronJob
9metadata:
10 name: {{ include "mongodb.fullname" . }}-mongodump
11 namespace: {{ include "mongodb.namespace" . | quote }}
12 labels: {{- include "common.labels.standard" . | nindent 4 }}
13 app.kubernetes.io/component: mongodump
14 {{- if .Values.backup.cronjob.labels }}
15 {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 4 }}
16 {{- end }}
17 {{- if .Values.commonLabels }}
18 {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
19 {{- end }}
20 {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }}
21 annotations:
22 {{- if .Values.backup.cronjob.annotations }}
23 {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 4 }}
24 {{- end }}
25 {{- if .Values.commonAnnotations }}
26 {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
27 {{- end }}
28 {{- end }}
29spec:
30 schedule: {{ quote .Values.backup.cronjob.schedule }}
31 concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }}
32 failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }}
33 successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }}
34 {{- if .Values.backup.cronjob.startingDeadlineSeconds }}
35 startingDeadlineSeconds: {{ .Values.backup.cronjob.startingDeadlineSeconds }}
36 {{- end }}
37 jobTemplate:
38 spec:
39 {{- if .Values.backup.cronjob.ttlSecondsAfterFinished }}
40 ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }}
41 {{- end }}
42 template:
43 metadata:
44 labels: {{- include "common.labels.standard" . | nindent 12 }}
45 app.kubernetes.io/component: mongodump
46 {{- if .Values.backup.cronjob.labels }}
47 {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 12 }}
48 {{- end }}
49 {{- if .Values.commonLabels }}
50 {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 12 }}
51 {{- end }}
52 {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }}
53 annotations:
54 {{- if .Values.backup.cronjob.annotations }}
55 {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 12 }}
56 {{- end }}
57 {{- if .Values.commonAnnotations }}
58 {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 12 }}
59 {{- end }}
60 {{- end }}
61 spec:
62 {{- include "mongodb.imagePullSecrets" . | nindent 10 }}
63 {{- if .Values.podSecurityContext.enabled }}
64 securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 12 }}
65 {{- end }}
66 enableServiceLinks: {{ .Values.enableServiceLinks }}
67 {{- if .Values.tls.enabled }}
68 initContainers:
69 - name: generate-tls-certs
70 image: {{ include "mongodb.tls.image" . }}
71 imagePullPolicy: {{ .Values.tls.image.pullPolicy | quote }}
72 env:
73 - name: MY_POD_NAMESPACE
74 valueFrom:
75 fieldRef:
76 fieldPath: metadata.namespace
77 - name: MY_POD_HOST_IP
78 valueFrom:
79 fieldRef:
80 fieldPath: status.hostIP
81 volumeMounts:
82 - name: empty-dir
83 mountPath: /tmp
84 subPath: tmp-dir
85 {{- if (include "mongodb.autoGenerateCerts" .) }}
86 - name: certs-volume
87 mountPath: /certs/CAs
88 {{- else }}
89 - name: mongodb-certs-0
90 mountPath: /certs-0
91 {{- end }}
92 - name: certs
93 mountPath: /certs
94 - name: common-scripts
95 mountPath: /bitnami/scripts
96 command:
97 - /bitnami/scripts/generate-certs.sh
98 args:
99 - -s {{ include "mongodb.service.nameOverride" . }}
100 {{- if .Values.externalAccess.service.loadBalancerIPs }}
101 - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
102 {{- end }}
103 {{- if .Values.tls.extraDnsNames }}
104 - -n {{ join "," .Values.tls.extraDnsNames }}
105 {{- end }}
106 {{- if .Values.tls.resources }}
107 resources: {{- toYaml .Values.tls.resources | nindent 16 }}
108 {{- else if ne .Values.tls.resourcesPreset "none" }}
109 resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 16 }}
110 {{- end }}
111 {{- end }}
112 containers:
113 - name: {{ include "mongodb.fullname" . }}-mongodump
114 image: {{ include "mongodb.image" . }}
115 imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
116 env:
117 {{- if .Values.auth.enabled }}
118 - name: MONGODB_ROOT_USER
119 value: {{ .Values.auth.rootUser | quote }}
120 - name: MONGODB_ROOT_PASSWORD
121 valueFrom:
122 secretKeyRef:
123 name: {{ include "mongodb.secretName" . }}
124 key: mongodb-root-password
125 {{- end }}
126 - name: MONGODB_SERVICE_NAME
127 value: {{ include "mongodb.service.nameOverride" . }}
128 - name: MONGODB_PORT_NUMBER
129 value: {{ .Values.containerPorts.mongodb | quote }}
130 - name: MONGODUMP_DIR
131 value: {{ .Values.backup.cronjob.storage.mountPath }}
132 {{- if .Values.tls.enabled }}
133 - name: MONGODB_CLIENT_EXTRA_FLAGS
134 value: --ssl --sslPEMKeyFile=/certs/mongodb.pem --sslCAFile=/certs/mongodb-ca-cert
135 {{- end }}
136 {{- if .Values.backup.cronjob.command }}
137 command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
138 {{- else }}
139 command:
140 - /bin/sh
141 - -c
142 - "mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz"
143 {{- end }}
144 volumeMounts:
145 - name: empty-dir
146 mountPath: /tmp
147 subPath: tmp-dir
148 {{- if .Values.tls.enabled }}
149 - name: certs
150 mountPath: /certs
151 {{- if (include "mongodb.autoGenerateCerts" .) }}
152 - name: certs-volume
153 mountPath: /certs/CAs
154 {{- else }}
155 - name: mongodb-certs-0
156 mountPath: /certs-0
157 {{- end }}
158 {{- end }}
159 - name: datadir
160 mountPath: {{ .Values.backup.cronjob.storage.mountPath }}
161 subPath: {{ .Values.backup.cronjob.storage.subPath }}
162 {{- if .Values.backup.cronjob.containerSecurityContext.enabled }}
163 securityContext:
164 {{- include "common.tplvalues.render" ( dict "value" ( omit .Values.backup.cronjob.containerSecurityContext "enabled" ) "context" $) | nindent 14 }}
165 {{- end }}
166 restartPolicy: {{ .Values.backup.cronjob.restartPolicy }}
167 volumes:
168 - name: empty-dir
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200169 emptyDir:
170 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100171 - name: common-scripts
172 configMap:
173 name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
174 defaultMode: 0550
175 {{- if .Values.tls.enabled }}
176 - name: certs
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200177 emptyDir:
178 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100179 {{- if (include "mongodb.autoGenerateCerts" .) }}
180 - name: certs-volume
181 secret:
182 secretName: {{ template "mongodb.tlsSecretName" . }}
183 items:
184 - key: mongodb-ca-cert
185 path: mongodb-ca-cert
186 mode: 0600
187 - key: mongodb-ca-key
188 path: mongodb-ca-key
189 mode: 0600
190 {{- else }}
191 - name: mongodb-certs-0
192 secret:
193 secretName: {{ include "common.tplvalues.render" ( dict "value" .Values.tls.standalone.existingSecret "context" $) }}
194 defaultMode: 256
195 {{- end }}
196 {{- end }}
197 {{- if .Values.backup.cronjob.storage.existingClaim }}
198 - name: datadir
199 persistentVolumeClaim:
200 claimName: {{ printf "%s" (tpl .Values.backup.cronjob.storage.existingClaim .) }}
201 {{- else }}
202 - name: datadir
203 persistentVolumeClaim:
204 claimName: {{ include "mongodb.fullname" . }}-mongodump
205 {{- end }}
206{{- end }}