Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(kubernetes-etcd-backup): s3 support for kubernetes etcd backups #1341

Merged
merged 11 commits into from
Jan 10, 2025
Merged

feat(kubernetes-etcd-backup): s3 support for kubernetes etcd backups #1341

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
511c952
feat(): s3 support for kubernetes etcd backups
norbertgruszka Nov 25, 2024
054195c
fix(): remove extra parameters
norbertgruszka Nov 25, 2024
3cd7ec7
feat(): bump version
norbertgruszka Dec 23, 2024
12c158f
Merge branch 'main' into feat/k8s-etcd-backup-s3
norbertgruszka Dec 23, 2024
d54eff8
fix(): update README.md
norbertgruszka Dec 23, 2024
68fc492
fix(): Update main README.md
norbertgruszka Dec 23, 2024
5215c69
fix(): Update root readme
norbertgruszka Dec 23, 2024
1811026
feat(): allow using custom CA
norbertgruszka Dec 23, 2024
2d47499
fix(): update helm docs
norbertgruszka Dec 23, 2024
3afd2c9
feat(): update Chart.yaml with correct image tag
norbertgruszka Jan 10, 2025
61a2ae8
fix(): update README.md
norbertgruszka Jan 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

11 changes: 7 additions & 4 deletions charts/kubernetes-etcd-backup/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ apiVersion: v2
name: kubernetes-etcd-backup
description: Chart for kubernetes-etcd-backup solution
type: application
version: 1.4.2
appVersion: v1.2.1
version: 1.5.1
appVersion: v1.4.0
keywords:
- kubernetes-etcd-backup
- kubernetes
Expand All @@ -20,5 +20,8 @@ maintainers:
annotations:
artifacthub.io/containsSecurityUpdates: "false"
artifacthub.io/changes: |
- kind: fixed
description: "disallow concurrent job runs"
- kind: changed
description: "Add support for s3 storage"
links:
- name: "kubernetes-etcd-backup v1.4.0"
url: https://github.com/adfinis/kubernetes-etcd-backup/releases/tag/v1.4.0
14 changes: 13 additions & 1 deletion charts/kubernetes-etcd-backup/README.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions charts/kubernetes-etcd-backup/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ metadata:
labels:
{{- include "kubernetes-etcd-backup.labels" . | nindent 4 }}
data:
ETCD_BACKUP_S3: {{ .Values.persistence.s3.enabled | quote }}
ETCD_BACKUP_SUBDIR: {{ .Values.backup.subdir | quote }}
ETCD_BACKUP_DIRNAME: {{ .Values.backup.dirname | quote }}
ETCD_BACKUP_EXPIRE_TYPE: {{ .Values.backup.expiretype | quote }}
Expand Down
24 changes: 21 additions & 3 deletions charts/kubernetes-etcd-backup/templates/cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,28 +14,39 @@ spec:
template:
spec:
securityContext:
runAsUser: 1000
fsGroup: 1000
{{- toYaml .Values.podSecurityContext | nindent 12 }}
containers:
- command:
- /bin/sh
- /usr/local/bin/backup.sh
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 14 }}
envFrom:
- configMapRef:
name: {{ include "kubernetes-etcd-backup.fullname" . }}
{{- if .Values.persistence.s3.enabled }}
- secretRef:
{{- if .Values.persistence.s3.existingSecret }}
name: "{{ .Values.persistence.s3.existingSecret }}"
{{- else }}
name: {{ include "kubernetes-etcd-backup.fullname" . }}-secret
{{- end }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 14 }}
volumeMounts:
- name: etcd-peer-tls
mountPath: /etc/kubernetes/pki/etcd-peer
- name: etcd-server-ca
mountPath: /etc/kubernetes/pki/etcd-ca
{{- if or .Values.persistence.nfs.enabled .Values.persistence.provisioning.enabled }}
- name: volume-backup
mountPath: /backup
{{- if and (.Values.persistence.s3.enabled) (.Values.persistence.s3.ca.enabled) }}
- name: s3-ca
mountPath: /etc/pki/ca-trust/source/anchors
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
Expand All @@ -48,6 +59,11 @@ spec:
- name: etcd-server-ca
secret:
secretName: {{ .Values.etcdCertification.etcdServerCaName }}
{{- if and (.Values.persistence.s3.enabled) (.Values.persistence.s3.ca.enabled) }}
- name: s3-ca
secret:
secretName: {{ .Values.persistence.s3.ca.secretName }}
{{- end }}
- name: volume-backup
{{- if .Values.persistence.nfs.enabled }}
nfs:
Expand All @@ -59,6 +75,8 @@ spec:
{{- else if .Values.persistence.existingClaim }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.extraVolumes }}
{{- toYaml .Values.extraVolumes | nindent 10 }}
Expand Down
15 changes: 15 additions & 0 deletions charts/kubernetes-etcd-backup/templates/secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{{- if and (.Values.persistence.s3.enabled) (not .Values.persistence.s3.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
labels:
{{- include "kubernetes-etcd-backup.labels" . | nindent 4 }}
name: {{ include "kubernetes-etcd-backup.fullname" . }}-secret
data:
ETCD_BACKUP_S3_NAME: "{{ .Values.persistence.s3.name | b64enc }}"
ETCD_BACKUP_S3_HOST: "{{ .Values.persistence.s3.host | b64enc }}"
ETCD_BACKUP_S3_BUCKET: "{{ .Values.persistence.s3.bucket | b64enc }}"
ETCD_BACKUP_S3_ACCESS_KEY: "{{ .Values.persistence.s3.accessKey | b64enc }}"
ETCD_BACKUP_S3_SECRET_KEY: "{{ .Values.persistence.s3.secretKey | b64enc }}"
type: Opaque
{{- end }}
31 changes: 31 additions & 0 deletions charts/kubernetes-etcd-backup/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,24 @@ persistence:
storageClass: ""
# -- Use an exising PVC
existingClaim: ""
s3:
# -- Enable S3 backend storage
enabled: false
# -- S3 endpoint name
name: etcd-backup
# -- S3 endpoint host
host: https://minio.local:9000
# -- S3 bucket name
bucket: etcd-backup
# -- S3 access key
accessKey: mysuperaccesskey
# -- S3 secret key
secretKey: mysupersecretkey
# -- S3 use an existing Secret instead of creating one
existingSecret: ""
ca:
enabled: false
secretName: "changeme"

image:
# -- Repository image to use
Expand Down Expand Up @@ -116,3 +134,16 @@ extraVolumes: []
## Additional volumes to the pod.
# - name: additional-volume
# emptyDir: {}

securityContext: {}
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
# Settings required when s3 persistence is used
# Required because of `update-ca-trust` command
# # -- Run pod as privileged
# privileged: true
# # -- Set user ID
# runAsUser: 0
# # -- Set group ID
# runAsGroup: 0
Loading