################################################################################ # Copyright (c) 2021 HCL Technolgies Limited. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # # You may obtain a copy of the License at # # # # http://www.apache.org/licenses/LICENSE-2.0 # # # # Unless required by applicable law or agreed to in writing, software # # distributed under the License is distributed on an "AS IS" BASIS, # # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # # See the License for the specific language governing permissions and # # limitations under the License. # ################################################################################ {{- if .Values.backup.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: name: {{ include "common.fullname.influxdb" . }}-backup labels: {{- include "common.influxdb.labels" . | nindent 4 }} app.kubernetes.io/component: backup annotations: {{- toYaml .Values.backup.annotations | nindent 4 }} spec: schedule: {{ .Values.backup.schedule | quote }} startingDeadlineSeconds: {{ .Values.backup.startingDeadlineSeconds }} concurrencyPolicy: Forbid jobTemplate: spec: template: metadata: {{- if .Values.backup.podAnnotations }} annotations: {{ toYaml .Values.backup.podAnnotations | nindent 12 }} {{- end }} labels: {{- include "common.influxdb.selectorLabels" . | nindent 12 }} spec: restartPolicy: OnFailure volumes: - name: backup {{- if .Values.backup.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname.influxdb" . }}-backup {{- else }} emptyDir: {} {{- end }} {{- if .Values.backup.gcs }} {{- if .Values.backup.gcs.serviceAccountSecret }} - name: google-cloud-key secret: secretName: {{ .Values.backup.gcs.serviceAccountSecret | quote }} {{- end }} {{- end }} {{- if .Values.backup.s3 }} {{- if .Values.backup.s3.credentialsSecret }} - name: aws-credentials-secret secret: secretName: {{ .Values.backup.s3.credentialsSecret | quote }} {{- end }} {{- end }} serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }} initContainers: - name: influxdb-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" volumeMounts: - name: backup mountPath: /backup command: - /bin/sh args: - '-c' - | influxd backup \ -host {{ include "common.fullname.influxdb" . }}.{{ .Release.Namespace }}.svc:{{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }} \ -portable /backup/"$(date +%Y%m%d%H%M%S)" resources: {{- toYaml .Values.backup.resources | nindent 14 }} containers: {{- if .Values.backup.gcs }} - name: gsutil-cp image: google/cloud-sdk:alpine command: - /bin/sh args: - '-c' - '-e' - | if [ -n "$KEY_FILE" ]; then gcloud auth activate-service-account --key-file $KEY_FILE fi gsutil -m cp -r /backup/* "$DST_URL" rm -rf /backup/* volumeMounts: - name: backup mountPath: /backup {{- if .Values.backup.gcs.serviceAccountSecretKey}} - name: google-cloud-key mountPath: /var/secrets/google/ {{- end }} env: - name: DST_URL value: {{ .Values.backup.gcs.destination}} {{- if .Values.backup.gcs.serviceAccountSecretKey}} - name: KEY_FILE value: /var/secrets/google/{{ .Values.backup.gcs.serviceAccountSecretKey }} {{- end }} resources: {{- toYaml .Values.backup.resources | nindent 14 }} {{- end }} {{- if .Values.backup.azure }} - name: azure-cli image: microsoft/azure-cli command: - /bin/sh args: - '-c' - '-e' - | az storage container create --name "$DST_CONTAINER" az storage blob upload-batch --destination "$DST_CONTAINER" --destination-path "$DST_PATH" --source "$SRC_URL" rm -rf /backup/* volumeMounts: - name: backup mountPath: /backup env: - name: SRC_URL value: /backup - name: DST_CONTAINER value: {{ .Values.backup.azure.destination_container }} - name: DST_PATH value: {{ .Values.backup.azure.destination_path }} - name: AZURE_STORAGE_CONNECTION_STRING valueFrom: secretKeyRef: name: {{ .Values.backup.azure.storageAccountSecret }} key: connection-string resources: {{- toYaml .Values.backup.resources | nindent 14 }} {{- end }} {{- if .Values.backup.s3 }} - name: aws-cli image: amazon/aws-cli command: - /bin/sh args: - '-c' - '-e' - | aws {{- if .Values.backup.s3.endpointUrl }} --endpoint-url={{ .Values.backup.s3.endpointUrl }} {{- end }} s3 cp --recursive "$SRC_URL" "$DST_URL" rm -rf /backup/* volumeMounts: - name: backup mountPath: /backup {{- if .Values.backup.s3.credentialsSecret}} - name: aws-credentials-secret mountPath: /var/secrets/aws/ {{- end }} env: - name: AWS_CONFIG_FILE value: /var/secrets/aws/credentials - name: SRC_URL value: /backup - name: DST_URL value: {{ .Values.backup.s3.destination }} resources: {{- toYaml .Values.backup.resources | nindent 14 }} {{- end }} {{- end }}