| ################################################################################ |
| # Copyright (c) 2021 HCL Technolgies Limited. # |
| # # |
| # Licensed under the Apache License, Version 2.0 (the "License"); # |
| # you may not use this file except in compliance with the License. # |
| # You may obtain a copy of the License at # |
| # # |
| # http://www.apache.org/licenses/LICENSE-2.0 # |
| # # |
| # Unless required by applicable law or agreed to in writing, software # |
| # distributed under the License is distributed on an "AS IS" BASIS, # |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # |
| # See the License for the specific language governing permissions and # |
| # limitations under the License. # |
| ################################################################################ |
| {{- if .Values.backup.enabled }} |
| apiVersion: batch/v1beta1 |
| kind: CronJob |
| metadata: |
| name: {{ include "common.fullname.influxdb" . }}-backup |
| labels: |
| {{- include "common.influxdb.labels" . | nindent 4 }} |
| app.kubernetes.io/component: backup |
| annotations: |
| {{- toYaml .Values.backup.annotations | nindent 4 }} |
| spec: |
| schedule: {{ .Values.backup.schedule | quote }} |
| startingDeadlineSeconds: {{ .Values.backup.startingDeadlineSeconds }} |
| concurrencyPolicy: Forbid |
| jobTemplate: |
| spec: |
| template: |
| metadata: |
| {{- if .Values.backup.podAnnotations }} |
| annotations: |
| {{ toYaml .Values.backup.podAnnotations | nindent 12 }} |
| {{- end }} |
| labels: |
| {{- include "common.influxdb.selectorLabels" . | nindent 12 }} |
| spec: |
| restartPolicy: OnFailure |
| volumes: |
| - name: backup |
| {{- if .Values.backup.persistence.enabled }} |
| persistentVolumeClaim: |
| claimName: {{ include "common.fullname.influxdb" . }}-backup |
| {{- else }} |
| emptyDir: {} |
| {{- end }} |
| {{- if .Values.backup.gcs }} |
| {{- if .Values.backup.gcs.serviceAccountSecret }} |
| - name: google-cloud-key |
| secret: |
| secretName: {{ .Values.backup.gcs.serviceAccountSecret | quote }} |
| {{- end }} |
| {{- end }} |
| {{- if .Values.backup.s3 }} |
| {{- if .Values.backup.s3.credentialsSecret }} |
| - name: aws-credentials-secret |
| secret: |
| secretName: {{ .Values.backup.s3.credentialsSecret | quote }} |
| {{- end }} |
| {{- end }} |
| serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }} |
| initContainers: |
| - name: influxdb-backup |
| image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" |
| volumeMounts: |
| - name: backup |
| mountPath: /backup |
| command: |
| - /bin/sh |
| args: |
| - '-c' |
| - | |
| influxd backup \ |
| -host {{ include "common.fullname.influxdb" . }}.{{ .Release.Namespace }}.svc:{{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }} \ |
| -portable /backup/"$(date +%Y%m%d%H%M%S)" |
| resources: |
| {{- toYaml .Values.backup.resources | nindent 14 }} |
| containers: |
| {{- if .Values.backup.gcs }} |
| - name: gsutil-cp |
| image: google/cloud-sdk:alpine |
| command: |
| - /bin/sh |
| args: |
| - '-c' |
| - '-e' |
| - | |
| if [ -n "$KEY_FILE" ]; then |
| gcloud auth activate-service-account --key-file $KEY_FILE |
| fi |
| gsutil -m cp -r /backup/* "$DST_URL" |
| rm -rf /backup/* |
| volumeMounts: |
| - name: backup |
| mountPath: /backup |
| {{- if .Values.backup.gcs.serviceAccountSecretKey}} |
| - name: google-cloud-key |
| mountPath: /var/secrets/google/ |
| {{- end }} |
| env: |
| - name: DST_URL |
| value: {{ .Values.backup.gcs.destination}} |
| {{- if .Values.backup.gcs.serviceAccountSecretKey}} |
| - name: KEY_FILE |
| value: /var/secrets/google/{{ .Values.backup.gcs.serviceAccountSecretKey }} |
| {{- end }} |
| resources: |
| {{- toYaml .Values.backup.resources | nindent 14 }} |
| {{- end }} |
| {{- if .Values.backup.azure }} |
| - name: azure-cli |
| image: microsoft/azure-cli |
| command: |
| - /bin/sh |
| args: |
| - '-c' |
| - '-e' |
| - | |
| az storage container create --name "$DST_CONTAINER" |
| az storage blob upload-batch --destination "$DST_CONTAINER" --destination-path "$DST_PATH" --source "$SRC_URL" |
| rm -rf /backup/* |
| volumeMounts: |
| - name: backup |
| mountPath: /backup |
| env: |
| - name: SRC_URL |
| value: /backup |
| - name: DST_CONTAINER |
| value: {{ .Values.backup.azure.destination_container }} |
| - name: DST_PATH |
| value: {{ .Values.backup.azure.destination_path }} |
| - name: AZURE_STORAGE_CONNECTION_STRING |
| valueFrom: |
| secretKeyRef: |
| name: {{ .Values.backup.azure.storageAccountSecret }} |
| key: connection-string |
| resources: |
| {{- toYaml .Values.backup.resources | nindent 14 }} |
| {{- end }} |
| {{- if .Values.backup.s3 }} |
| - name: aws-cli |
| image: amazon/aws-cli |
| command: |
| - /bin/sh |
| args: |
| - '-c' |
| - '-e' |
| - | |
| aws {{- if .Values.backup.s3.endpointUrl }} --endpoint-url={{ .Values.backup.s3.endpointUrl }} {{- end }} s3 cp --recursive "$SRC_URL" "$DST_URL" |
| rm -rf /backup/* |
| volumeMounts: |
| - name: backup |
| mountPath: /backup |
| {{- if .Values.backup.s3.credentialsSecret}} |
| - name: aws-credentials-secret |
| mountPath: /var/secrets/aws/ |
| {{- end }} |
| env: |
| - name: AWS_CONFIG_FILE |
| value: /var/secrets/aws/credentials |
| - name: SRC_URL |
| value: /backup |
| - name: DST_URL |
| value: {{ .Values.backup.s3.destination }} |
| resources: |
| {{- toYaml .Values.backup.resources | nindent 14 }} |
| {{- end }} |
| {{- end }} |