diff --git a/charts/cnpg-cluster/templates/backup-cron.yaml b/charts/cnpg-cluster/templates/backup-cron.yaml index 59bd692..45b1247 100644 --- a/charts/cnpg-cluster/templates/backup-cron.yaml +++ b/charts/cnpg-cluster/templates/backup-cron.yaml @@ -3,10 +3,10 @@ apiVersion: batch/v1 kind: CronJob metadata: labels: - app: sre + app: cnpg-backup-s3-client name: backup-cron spec: - schedule: "0 0 * * *" + schedule: {{ or .Values.backup.sqlDumpSchedule .Values.backup.schedule "0 0 * * *" }} concurrencyPolicy: Forbid jobTemplate: spec: @@ -14,7 +14,7 @@ spec: template: metadata: labels: - app: sre + app: cnpg-backup-s3-client name: backup-cron spec: securityContext: @@ -23,7 +23,7 @@ spec: fsGroup: 1001 restartPolicy: Never containers: - - name: image-checker + - name: s3-client image: ghcr.io/socialgouv/docker/s3-client:1 imagePullPolicy: IfNotPresent securityContext: diff --git a/charts/cnpg-cluster/templates/cluster.cnpg.yaml b/charts/cnpg-cluster/templates/cluster.cnpg.yaml index b32bebc..d183f68 100644 --- a/charts/cnpg-cluster/templates/cluster.cnpg.yaml +++ b/charts/cnpg-cluster/templates/cluster.cnpg.yaml @@ -80,7 +80,7 @@ spec: bootstrap: {{- if .Values.recovery.enabled }} recovery: - source: "{{ or .Values.recovery.externalClusterName "cnpg-cluster" }}" + source: "recovery-cluster" {{- if .Values.recovery.targetTime }} recoveryTarget: targetTime: "{{ .Values.recovery.targetTime }}" @@ -110,7 +110,7 @@ spec: {{- if .Values.recovery.enabled }} externalClusters: - - name: "{{ or .Values.recovery.externalClusterName "cnpg-cluster" }}" + - name: "recovery-cluster" barmanObjectStore: {{- toYaml .Values.recovery.barmanObjectStore | nindent 8 }} {{- end }} diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index 71b9688..4d1f3df 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -5,6 +5,52 @@ cluster with custom pgparams: work_mem: 512MB cluster with enabled backup and recovery: 1: | + concurrencyPolicy: Forbid + jobTemplate: + spec: + backoffLimit: 0 + template: + metadata: + labels: + app: cnpg-backup-s3-client + name: backup-cron + spec: + containers: + - env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + key: bucket_access_key + name: minio + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + key: bucket_secret_key + name: minio + - name: AWS_DEFAULT_REGION + valueFrom: + secretKeyRef: + key: bucket_region + name: minio + - name: AWS_ENDPOINT_URL + value: http://minio:9000 + - name: DESTINATION_PATH + value: s3://backups/dumps + envFrom: + - secretRef: + name: pg-hasura-app + image: ghcr.io/socialgouv/docker/s3-client:1 + imagePullPolicy: IfNotPresent + name: s3-client + securityContext: + allowPrivilegeEscalation: false + restartPolicy: Never + securityContext: + fsGroup: 1001 + runAsGroup: 1001 + runAsUser: 1001 + schedule: 4 5 * * 0 + 2: | backup: barmanObjectStore: destinationPath: s3://backups/ @@ -19,13 +65,12 @@ cluster with enabled backup and recovery: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: some-cluster retentionPolicy: 30d bootstrap: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-name-backup + source: recovery-cluster externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -37,8 +82,8 @@ cluster with enabled backup and recovery: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: recoveredCluster - name: my-cluster-name-backup + serverName: my-cluster-to-restore + name: recovery-cluster imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 @@ -50,7 +95,7 @@ cluster with enabled backup and recovery: parameters: null storage: size: 8Gi - 2: | + 3: | backupOwnerReference: self cluster: name: RELEASE-NAME-cnpg-cluster @@ -61,7 +106,7 @@ cluster with recovery enabled: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-name-backup + source: recovery-cluster externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -73,8 +118,8 @@ cluster with recovery enabled: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: recoveredCluster - name: my-cluster-name-backup + serverName: my-cluster-to-restore + name: recovery-cluster imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 @@ -102,7 +147,6 @@ cluster with scheduled backup enabled: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: some-cluster retentionPolicy: 30d bootstrap: initdb: diff --git a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml index 226ac38..9e13955 100644 --- a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml +++ b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml @@ -1,6 +1,7 @@ suite: test cnpg-cluster templates: - cluster.cnpg.yaml + - backup-cron.yaml - scheduledbackup.cnpg.yaml tests: - it: cluster should render @@ -11,6 +12,9 @@ tests: - template: cluster.cnpg.yaml hasDocuments: count: 1 + - template: backup-cron.yaml + hasDocuments: + count: 0 # waiting for release of https://github.com/helm-unittest/helm-unittest/commit/0ace2cc039c1fa33133ea1f26e7cae620443d42a # - containsDocument: # kind: CronJob @@ -48,6 +52,13 @@ tests: equal: path: spec.schedule value: "1 2 3 * * 0" + - template: backup-cron.yaml + equal: + path: spec.schedule + value: "4 5 * * 0" + - template: backup-cron.yaml + hasDocuments: + count: 1 - it: cluster with recovery enabled values: - ./values/recovery.yaml @@ -62,6 +73,9 @@ tests: asserts: - matchSnapshot: path: spec + - template: backup-cron.yaml + hasDocuments: + count: 1 - it: cluster with custom pgparams values: - ./values/pgparams.yaml diff --git a/charts/cnpg-cluster/tests/values/backup-recovery.yaml b/charts/cnpg-cluster/tests/values/backup-recovery.yaml deleted file mode 100644 index 99c5c94..0000000 --- a/charts/cnpg-cluster/tests/values/backup-recovery.yaml +++ /dev/null @@ -1,15 +0,0 @@ -recovery: - enabled: true - externalClusterName: my-cluster-name-backup - barmanObjectStore: - destinationPath: s3://backups/ - endpointURL: http://minio:9000 - serverName: "some-cluster-to-recover" - s3Credentials: - accessKeyId: - name: minio - key: ACCESS_KEY_ID - secretAccessKey: - name: minio - key: ACCESS_SECRET_KEY - retentionPolicy: "30d" diff --git a/charts/cnpg-cluster/tests/values/backup.yaml b/charts/cnpg-cluster/tests/values/backup.yaml index 33b30de..1a0f603 100644 --- a/charts/cnpg-cluster/tests/values/backup.yaml +++ b/charts/cnpg-cluster/tests/values/backup.yaml @@ -1,10 +1,10 @@ backup: enabled: true schedule: "1 2 3 * * 0" + sqlDumpSchedule: "4 5 * * 0" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 - serverName: "some-cluster" s3Credentials: accessKeyId: name: minio diff --git a/charts/cnpg-cluster/tests/values/recovery.yaml b/charts/cnpg-cluster/tests/values/recovery.yaml index c31bef2..26737c6 100644 --- a/charts/cnpg-cluster/tests/values/recovery.yaml +++ b/charts/cnpg-cluster/tests/values/recovery.yaml @@ -1,11 +1,10 @@ recovery: enabled: true - externalClusterName: my-cluster-name-backup targetTime: "2020-11-26 15:22:00.00000+00" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 - serverName: "recoveredCluster" + serverName: my-cluster-to-restore s3Credentials: accessKeyId: name: minio diff --git a/charts/cnpg-cluster/values.yaml b/charts/cnpg-cluster/values.yaml index ce55180..7e30844 100644 --- a/charts/cnpg-cluster/values.yaml +++ b/charts/cnpg-cluster/values.yaml @@ -75,6 +75,9 @@ backup: # this cron format has the seconds on the left schedule: "0 0 0 * * 0" + # -- Schedule the SQL dump backups, for instance every Sunday + sqlDumpSchedule: "0 0 * * 0" + # -- RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). # The retention policy is expressed in the form of XXu where XX is a positive integer and # u is in [dwm] - days, weeks, months. @@ -139,7 +142,6 @@ recovery: enabled: false # -- Name of the source cluster in the backups - externalClusterName: # -- Time to restore from, in RFC3339 format https://datatracker.ietf.org/doc/html/rfc3339 # targetTime: "2020-11-26 15:22:00.00000+00" @@ -149,6 +151,8 @@ recovery: barmanObjectStore: # destinationPath: # endpointURL: + # name of the recovery server on the s3 backups + # serverName: # s3Credentials: # accessKeyId: # name: