Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add backup routine for SPAR postgres DB #1556

Merged
merged 21 commits into from
Oct 11, 2024
Merged

feat: add backup routine for SPAR postgres DB #1556

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
493f4a8
feat: add backup files - tmp - wip
Aug 12, 2024
6c7ab20
feat: add backup files - tmp - wip
Aug 12, 2024
6381701
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Aug 20, 2024
c252602
feat: add backup-deploy workflow - wip
Aug 23, 2024
6c0f973
feat: add backup deployment file
Aug 26, 2024
dedd709
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Aug 26, 2024
078a969
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Sep 16, 2024
a1fef90
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Sep 26, 2024
0f4ebb0
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Oct 1, 2024
ad80b2b
chore: discard changes, switching gears to replicate forest client im…
Oct 1, 2024
17bca32
ci: add backup routine for SPAR
Oct 2, 2024
82f6b73
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Oct 2, 2024
a1fb7e4
Replace workflow with post_rollout param
DerekRoberts Oct 2, 2024
744a27a
Roll backup into standard deployments
DerekRoberts Oct 2, 2024
42b13d1
Fix envar
DerekRoberts Oct 2, 2024
6b384ce
Fix envar
DerekRoberts Oct 2, 2024
0fcb72d
Fix envar
DerekRoberts Oct 2, 2024
fef75b7
Fix param
DerekRoberts Oct 2, 2024
5b4a432
fix: table names to be excluded
Oct 3, 2024
00c4b04
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Oct 11, 2024
8055fe7
Merge branch 'main' into feat/1268-add-backup-routine-for-pg
Oct 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
248 changes: 248 additions & 0 deletions common/backup-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,248 @@
kind: Template
apiVersion: "template.openshift.io/v1"
metadata:
name: ${NAME}
labels:
app: ${NAME}-${ZONE}
parameters:
- name: NAME
description: Product name
value: nr-spar
- name: ZONE
description: Deployment zone, e.g. pr-### or prod
required: true
- name: COMPONENT
displayName: App Name
description: Used to group resources together. Defaults to backup-container
value: backup-container
- name: ROLE
displayName: ROLE
description: The role assigned to all of the resources. Defaults to backup-container
required: true
value: backup-container
- name: DATABASE_SERVICE_NAME
displayName: Database Service Name
description: Used for backward compatibility only. Not needed when using the recommended 'backup.conf' configuration. The name of the database service.
value: postgresql
- name: BACKUP_STRATEGY
displayName: Backup Strategy
description: The strategy to use for backups; for example daily, or rolling.
value: rolling
- name: NUM_BACKUPS
displayName: The number of backup files to be retained
description: (Is this needed since it'll be ignored?) Used for backward compatibility only. Ignored when using the recommended `rolling` backup strategy. The number of backup files to be retained. Used for the `daily` backup strategy.
required: false
value: ""
- name: DAILY_BACKUPS
displayName: Number of Daily Backups to Retain
description: The number of daily backup files to be retained. Used for the `rolling` backup strategy.
value: "3"
- name: WEEKLY_BACKUPS
displayName: Number of Weekly Backups to Retain
description: The number of weekly backup files to be retained. Used for the `rolling` backup strategy.
value: "2"
- name: MONTHLY_BACKUPS
displayName: Number of Monthly Backups to Retain
description: The number of monthly backup files to be retained. Used for the `rolling` backup strategy.
value: "1"
- name: BACKUP_PERIOD
displayName: Period (d,m,s) between backups in a format used by the sleep command
description: Used for backward compatibility only. Ignored when using the recommended `backup.conf` and cron backup strategy. Period (d,m,s) between backups in a format used by the sleep command
value: "1d"
- name: BACKUP_VOLUME_SIZE
displayName: Backup Volume Size
description: The size of the persistent volume used to store the backups, e.g. 512Mi, 1Gi, 2Gi. Ensure this is sized correctly. Refer to the container documentation for details.
required: true
value: 500Mi
- name: BACKUP_VOLUME_CLASS
displayName: Backup Volume Class
description: The class of the persistent volume used to store the backups; netapp-file-standard is the recommended default.
required: true
value: netapp-file-backup
- name: VERIFICATION_VOLUME_SIZE
displayName: Backup Volume Size
description: The size of the persistent volume used for restoring and verifying backups, e.g. 512Mi, 1Gi, 2Gi. Ensure this is sized correctly. It should be large enough to contain your largest database.
value: 200Mi
- name: VERIFICATION_VOLUME_CLASS
displayName: Backup Volume Class
description: The class of the persistent volume used for restoring and verifying backups; netapp-file-standard, netapp-block-standard.
required: true
value: netapp-file-standard
- name: VERIFICATION_VOLUME_MOUNT_PATH
displayName: Verification Volume Mount Path
description: The path on which to mount the verification volume. This is used by the database server to contain the database configuration and data files. For Mongo, please use /var/lib/mongodb/data . For MSSQL, please use /var/opt/mssql/data. For MariaDB, please use /var/lib/mysql/data
required: true
value: /var/lib/pgsql/data
- name: CPU_REQUEST
displayName: Resources CPU Request
description: The resources CPU request (in cores) for this build.
required: true
value: 25m
- name: CPU_LIMIT
displayName: Resources CPU Limit
description: The resources CPU limit (in cores) for this build.
required: true
value: 75m
- name: MEMORY_REQUEST
displayName: Resources Memory Request
description: The resources Memory request (in Mi, Gi, etc) for this build.
required: true
value: 2Gi
- name: MEMORY_LIMIT
displayName: Resources Memory Limit
description: The resources Memory limit (in Mi, Gi, etc) for this build.
required: true
value: 4Gi
objects:
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: ${NAME}-${ZONE}-backup-volume
labels:
name: ${NAME}
app: ${COMPONENT}
role: ${ROLE}
env: ${ZONE}
spec:
storageClassName: ${BACKUP_VOLUME_CLASS}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: ${BACKUP_VOLUME_SIZE}
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: ${NAME}-${ZONE}-backup-verification
labels:
name: ${NAME}
app: ${COMPONENT}
role: ${ROLE}
env: ${ZONE}
spec:
storageClassName: ${VERIFICATION_VOLUME_CLASS}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: ${VERIFICATION_VOLUME_SIZE}
- kind: ConfigMap
apiVersion: v1
metadata:
name: ${NAME}-${ZONE}-backup-config
data:
backup.conf: |
here
here
here
her
her
- kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: ${NAME}-${ZONE}
name: ${NAME}-${ZONE}-${COMPONENT}
spec:
strategy:
type: Recreate
replicas: 1
selector:
name: ${NAME}
matchLabels:
deployment: ${NAME}-${ZONE}-${COMPONENT}
template:
metadata:
labels:
app: ${NAME}-${ZONE}
deployment: ${NAME}-${ZONE}-${COMPONENT}
spec:
volumes:
- name: ${NAME}-${ZONE}-backup-volume
persistentVolumeClaim:
claimName: ${NAME}-${ZONE}-backup-volume
- name: ${NAME}-${ZONE}-backup-verification
persistentVolumeClaim:
claimName: ${NAME}-${ZONE}-backup-verification
- name: ${NAME}-${ZONE}-backup-config
configMap:
name: backup-conf
items:
- key: backup.conf
path: backup.conf
containers:
- name: ${NAME}
image: "bcgovimages/backup-container:2.9.0"
imagePullPolicy: Always
env:
- name: BACKUP_STRATEGY
value: ${BACKUP_STRATEGY}
- name: BACKUP_DIR
value: /backups
- name: NUM_BACKUPS
value: ${NUM_BACKUPS}
- name: DAILY_BACKUPS
value: ${DAILY_BACKUPS}
- name: WEEKLY_BACKUPS
value: ${WEEKLY_BACKUPS}
- name: MONTHLY_BACKUPS
value: ${MONTHLY_BACKUPS}
- name: BACKUP_PERIOD
value: ${BACKUP_PERIOD}
- name: DATABASE_SERVICE_NAME
value: ${DATABASE_SERVICE_NAME}
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-database
key: database-name
- name: TABLE_SCHEMA
value: ${NAME}
- name: DATABASE_USER
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-database
key: database-user
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-database
key: database-password
- name: FTP_URL
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-backup-ftp
key: ftp-url
- name: FTP_USER
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-backup-ftp
key: ftp-user
- name: FTP_PASSWORD
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-backup-ftp
key: ftp-password
- name: WEBHOOK_URL
valueFrom:
secretKeyRef:
name: ${NAME}-${ZONE}-backup-webhook
key: webhook-url
- name: ENVIRONMENT_FRIENDLY_NAME
value: ${ZONE}
- name: ENVIRONMENT_NAME
value: ${ZONE}
resources:
requests:
cpu: ${CPU_REQUEST}
memory: ${MEMORY_REQUEST}
limits:
cpu: ${CPU_LIMIT}
memory: ${MEMORY_LIMIT}
volumeMounts:
- name: ${NAME}-${ZONE}-backup-volume
mountPath: /backups
- name: ${NAME}-${ZONE}-backup-verification
mountPath: ${VERIFICATION_VOLUME_MOUNT_PATH}
- name: ${NAME}-${ZONE}-backup-config
mountPath: /backup.conf
59 changes: 59 additions & 0 deletions common/openshift.init.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,41 @@ parameters:
- name: VITE_USER_POOLS_WEB_CLIENT_ID
description: Cognito user pools web client ID
required: true
- name: WEBHOOK_URL
displayName: Webhook URL
description: The URL of the webhook to use for notifications. If not specified, the webhook integration feature is disabled.
required: false
value: ""
- name: WEBHOOK_URL_HOST
displayName: Webhook URL Hostname
description: Webhook URL Hostname. The backup-deploy.overrides.sh will parse this from the supplied WEBHOOK_URL, and fetch it from a secret for updates.
required: false
value:
- name: FTP_SECRET_KEY
displayName: FTP Secret Key
description: The FTP secret key is used to wire up the credentials associated to the FTP.
required: false
value: ftp-secret
- name: FTP_URL
displayName: FTP Server URL
description: The URL of the backup FTP server
required: false
value: ""
- name: FTP_URL_HOST
displayName: Ftp URL Hostname
description: Ftp URL Hostname. The backup-deploy.overrides.sh will parse this from the supplied FTP_URL, and fetch it from a secret for updates.
required: false
value:
- name: FTP_USER
displayName: FTP user name
description: FTP user name
required: false
value: ""
- name: FTP_PASSWORD
displayName: FTP password
description: FTP password
required: false
value: ""
objects:
- apiVersion: v1
kind: Secret
Expand Down Expand Up @@ -88,6 +123,30 @@ objects:
app: ${NAME}-${ZONE}
stringData:
vite-user-pools-web-client-id: ${VITE_USER_POOLS_WEB_CLIENT_ID}
--
- apiVersion: v1
kind: Secret
metadata:
name: ${NAME}-${ZONE}-backup-webhook
labels:
app: ${NAME}-${ZONE}
stringData:
webhook-url: ${WEBHOOK_URL}
webhook-url-host: ${WEBHOOK_URL_HOST}
--
- kind: Secret
apiVersion: v1
metadata:
name: ${NAME}-${ZONE}-backup-ftp
labels:
app: ${NAME}-${ZONE}
type: Opaque
stringData:
ftp-url: ${FTP_URL}
ftp-user: ${FTP_USER}
ftp-password: ${FTP_PASSWORD}
ftp-url-host: ${FTP_URL_HOST}
--
- apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
Expand Down
Loading