Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add S3 configuration for the backup-restore-sidecar #271

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Add S3 configuration for the backup-restore-sidecar #271

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
7e63796
Add S3 configuration for the backup-restore-sidecar
robertvolkmann Mar 12, 2024
208caa4
Merge branch 'master' into s3-backup-restore-sidecar
robertvolkmann Mar 20, 2024
bb195c4
Merge branch 'master' into s3-backup-restore-sidecar
robertvolkmann Apr 17, 2024
8adb0a8
Merge branch 'master' into s3-backup-restore-sidecar
robertvolkmann Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions control-plane/roles/auditing-meili/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ auditing_meili_backup_restore_sidecar_gcp_backup_location:
auditing_meili_backup_restore_sidecar_gcp_project_id:
auditing_meili_backup_restore_sidecar_gcp_serviceaccount_json:

auditing_meili_backup_restore_sidecar_s3_bucket_name:
auditing_meili_backup_restore_sidecar_s3_region:
auditing_meili_backup_restore_sidecar_s3_endpoint:
auditing_meili_backup_restore_sidecar_s3_access_key:
auditing_meili_backup_restore_sidecar_s3_secret_key:

auditing_meili_resources:
requests:
memory: "256Mi"
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/auditing-meili/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,10 @@
meilisearch_backup_restore_sidecar_gcp_backup_location: "{{ auditing_meili_backup_restore_sidecar_gcp_backup_location }}"
meilisearch_backup_restore_sidecar_gcp_project_id: "{{ auditing_meili_backup_restore_sidecar_gcp_project_id }}"
meilisearch_backup_restore_sidecar_gcp_serviceaccount_json: "{{ auditing_meili_backup_restore_sidecar_gcp_serviceaccount_json }}"
meilisearch_backup_restore_sidecar_s3_bucket_name: "{{ auditing_meili_backup_restore_sidecar_s3_bucket_name }}"
meilisearch_backup_restore_sidecar_s3_region: "{{ auditing_meili_backup_restore_sidecar_s3_region }}"
meilisearch_backup_restore_sidecar_s3_endpoint: "{{ auditing_meili_backup_restore_sidecar_s3_endpoint }}"
meilisearch_backup_restore_sidecar_s3_access_key: "{{ auditing_meili_backup_restore_sidecar_s3_access_key }}"
meilisearch_backup_restore_sidecar_s3_secret_key: "{{ auditing_meili_backup_restore_sidecar_s3_secret_key }}"
meilisearch_resources: "{{ auditing_meili_resources }}"
meilisearch_backup_restore_sidecar_object_max_keep: "{{ auditing_meili_backup_restore_sidecar_object_max_keep }}"
6 changes: 6 additions & 0 deletions control-plane/roles/headscale/defaults/main/db.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@ headscale_db_backup_restore_sidecar_gcp_backup_location:
headscale_db_backup_restore_sidecar_gcp_project_id:
headscale_db_backup_restore_sidecar_gcp_serviceaccount_json:

headscale_db_backup_restore_sidecar_s3_bucket_name:
headscale_db_backup_restore_sidecar_s3_region:
headscale_db_backup_restore_sidecar_s3_endpoint:
headscale_db_backup_restore_sidecar_s3_access_key:
headscale_db_backup_restore_sidecar_s3_secret_key:

headscale_db_resources:
requests:
memory: "256Mi"
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/headscale/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@
postgres_backup_restore_sidecar_gcp_backup_location: "{{ headscale_db_backup_restore_sidecar_gcp_backup_location }}"
postgres_backup_restore_sidecar_gcp_project_id: "{{ headscale_db_backup_restore_sidecar_gcp_project_id }}"
postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ headscale_db_backup_restore_sidecar_gcp_serviceaccount_json }}"
postgres_backup_restore_sidecar_s3_bucket_name: "{{ headscale_db_backup_restore_sidecar_s3_bucket_name }}"
postgres_backup_restore_sidecar_s3_region: "{{ headscale_db_backup_restore_sidecar_s3_region }}"
postgres_backup_restore_sidecar_s3_endpoint: "{{ headscale_db_backup_restore_sidecar_s3_endpoint }}"
postgres_backup_restore_sidecar_s3_access_key: "{{ headscale_db_backup_restore_sidecar_s3_access_key }}"
postgres_backup_restore_sidecar_s3_secret_key: "{{ headscale_db_backup_restore_sidecar_s3_secret_key }}"
postgres_resources: "{{ headscale_db_resources }}"

- name: Deploy headscale
Expand Down
6 changes: 6 additions & 0 deletions control-plane/roles/ipam-db/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ ipam_db_backup_restore_sidecar_gcp_backup_location:
ipam_db_backup_restore_sidecar_gcp_project_id:
ipam_db_backup_restore_sidecar_gcp_serviceaccount_json:

ipam_db_backup_restore_sidecar_s3_bucket_name:
ipam_db_backup_restore_sidecar_s3_region:
ipam_db_backup_restore_sidecar_s3_endpoint:
ipam_db_backup_restore_sidecar_s3_access_key:
ipam_db_backup_restore_sidecar_s3_secret_key:

ipam_db_resources:
requests:
memory: "128Mi"
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/ipam-db/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,11 @@
postgres_backup_restore_sidecar_gcp_backup_location: "{{ ipam_db_backup_restore_sidecar_gcp_backup_location }}"
postgres_backup_restore_sidecar_gcp_project_id: "{{ ipam_db_backup_restore_sidecar_gcp_project_id }}"
postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ ipam_db_backup_restore_sidecar_gcp_serviceaccount_json }}"
postgres_backup_restore_sidecar_s3_bucket_name: "{{ ipam_db_backup_restore_sidecar_s3_bucket_name }}"
postgres_backup_restore_sidecar_s3_region: "{{ ipam_db_backup_restore_sidecar_s3_region }}"
postgres_backup_restore_sidecar_s3_endpoint: "{{ ipam_db_backup_restore_sidecar_s3_endpoint }}"
postgres_backup_restore_sidecar_s3_access_key: "{{ ipam_db_backup_restore_sidecar_s3_access_key }}"
postgres_backup_restore_sidecar_s3_secret_key: "{{ ipam_db_backup_restore_sidecar_s3_secret_key }}"
postgres_resources: "{{ ipam_db_resources }}"
postgres_backup_restore_sidecar_object_max_keep: "{{ ipam_db_backup_restore_sidecar_object_max_keep }}"

6 changes: 6 additions & 0 deletions control-plane/roles/masterdata-db/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ masterdata_db_backup_restore_sidecar_gcp_backup_location:
masterdata_db_backup_restore_sidecar_gcp_project_id:
masterdata_db_backup_restore_sidecar_gcp_serviceaccount_json:

masterdata_db_backup_restore_sidecar_s3_bucket_name:
masterdata_db_backup_restore_sidecar_s3_region:
masterdata_db_backup_restore_sidecar_s3_endpoint:
masterdata_db_backup_restore_sidecar_s3_access_key:
masterdata_db_backup_restore_sidecar_s3_secret_key:

masterdata_db_resources:
requests:
memory: "128Mi"
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/masterdata-db/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,5 +40,10 @@
postgres_backup_restore_sidecar_gcp_backup_location: "{{ masterdata_db_backup_restore_sidecar_gcp_backup_location }}"
postgres_backup_restore_sidecar_gcp_project_id: "{{ masterdata_db_backup_restore_sidecar_gcp_project_id }}"
postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ masterdata_db_backup_restore_sidecar_gcp_serviceaccount_json }}"
postgres_backup_restore_sidecar_s3_bucket_name: "{{ masterdata_db_backup_restore_sidecar_s3_bucket_name }}"
postgres_backup_restore_sidecar_s3_region: "{{ masterdata_db_backup_restore_sidecar_s3_region }}"
postgres_backup_restore_sidecar_s3_endpoint: "{{ masterdata_db_backup_restore_sidecar_s3_endpoint }}"
postgres_backup_restore_sidecar_s3_access_key: "{{ masterdata_db_backup_restore_sidecar_s3_access_key }}"
postgres_backup_restore_sidecar_s3_secret_key: "{{ masterdata_db_backup_restore_sidecar_s3_secret_key }}"
postgres_resources: "{{ masterdata_db_resources }}"
postgres_backup_restore_sidecar_object_max_keep: "{{ masterdata_db_backup_restore_sidecar_object_max_keep }}"
5 changes: 5 additions & 0 deletions control-plane/roles/meili-backup-restore/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,9 @@ You can look up all the default values of this role [here](defaults/main/main.ya
| meilisearch_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket |
| meilisearch_backup_restore_sidecar_gcp_project_id | | GCP project name |
| meilisearch_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) |
| meilisearch_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket |
| meilisearch_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located |
| meilisearch_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service |
| meilisearch_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 |
| meilisearch_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 |
| meilisearch_resources | | The kubernetes resources for the actual meilisearch container |
6 changes: 6 additions & 0 deletions control-plane/roles/meili-backup-restore/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ meilisearch_backup_restore_sidecar_gcp_backup_location:
meilisearch_backup_restore_sidecar_gcp_project_id:
meilisearch_backup_restore_sidecar_gcp_serviceaccount_json:

meilisearch_backup_restore_sidecar_s3_bucket_name:
meilisearch_backup_restore_sidecar_s3_region:
meilisearch_backup_restore_sidecar_s3_endpoint:
meilisearch_backup_restore_sidecar_s3_access_key:
meilisearch_backup_restore_sidecar_s3_secret_key:

meilisearch_resources:
requests:
memory: "256Mi"
Expand Down
32 changes: 32 additions & 0 deletions control-plane/roles/meili-backup-restore/templates/meilisearch.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,32 @@ spec:
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /gcp/credentials/serviceaccount.json
{% elif meilisearch_backup_restore_sidecar_provider == "s3" %}
- name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME
valueFrom:
secretKeyRef:
key: bucketName
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_REGION
valueFrom:
secretKeyRef:
key: region
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT
valueFrom:
secretKeyRef:
key: endpoint
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY
valueFrom:
secretKeyRef:
key: accessKey
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY
valueFrom:
secretKeyRef:
key: secretKey
name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }}
{% endif %}
volumeMounts:
- name: data
Expand Down Expand Up @@ -246,6 +272,12 @@ data:
bucketLocation: {{ meilisearch_backup_restore_sidecar_gcp_backup_location | b64encode }}
projectID: {{ meilisearch_backup_restore_sidecar_gcp_project_id | b64encode }}
serviceaccount.json: {{ meilisearch_backup_restore_sidecar_gcp_serviceaccount_json | to_json | b64encode }}
{% elif meilisearch_backup_restore_sidecar_provider == "s3" %}
bucketName: {{ meilisearch_backup_restore_sidecar_s3_bucket_name | b64encode }}
region: {{ meilisearch_backup_restore_sidecar_s3_region | b64encode }}
endpoint: {{ meilisearch_backup_restore_sidecar_s3_endpoint | b64encode }}
accessKey: {{ meilisearch_backup_restore_sidecar_s3_access_key | b64encode }}
secretKey: {{ meilisearch_backup_restore_sidecar_s3_secret_key | b64encode }}
{% endif %}
---
apiVersion: v1
Expand Down
6 changes: 6 additions & 0 deletions control-plane/roles/metal-db/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ metal_db_backup_restore_sidecar_gcp_backup_location:
metal_db_backup_restore_sidecar_gcp_project_id:
metal_db_backup_restore_sidecar_gcp_serviceaccount_json:

metal_db_backup_restore_sidecar_s3_bucket_name:
metal_db_backup_restore_sidecar_s3_region:
metal_db_backup_restore_sidecar_s3_endpoint:
metal_db_backup_restore_sidecar_s3_access_key:
metal_db_backup_restore_sidecar_s3_secret_key:

metal_db_expose_frontend: no
metal_db_ingress_dns: rethinkdb.{{ metal_control_plane_ingress_dns }}

Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/metal-db/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,11 @@
rethinkdb_backup_restore_sidecar_gcp_backup_location: "{{ metal_db_backup_restore_sidecar_gcp_backup_location }}"
rethinkdb_backup_restore_sidecar_gcp_project_id: "{{ metal_db_backup_restore_sidecar_gcp_project_id }}"
rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json: "{{ metal_db_backup_restore_sidecar_gcp_serviceaccount_json }}"
rethinkdb_backup_restore_sidecar_s3_bucket_name: "{{ metal_db_backup_restore_sidecar_s3_bucket_name }}"
rethinkdb_backup_restore_sidecar_s3_region: "{{ metal_db_backup_restore_sidecar_s3_region }}"
rethinkdb_backup_restore_sidecar_s3_endpoint: "{{ metal_db_backup_restore_sidecar_s3_endpoint }}"
rethinkdb_backup_restore_sidecar_s3_access_key: "{{ metal_db_backup_restore_sidecar_s3_access_key }}"
rethinkdb_backup_restore_sidecar_s3_secret_key: "{{ metal_db_backup_restore_sidecar_s3_secret_key }}"
rethinkdb_expose_frontend: "{{ metal_db_expose_frontend }}"
rethinkdb_ingress_dns: "{{ metal_db_ingress_dns }}"
rethinkdb_resources: "{{ metal_db_resources }}"
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/postgres-backup-restore/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,11 @@ You can look up all the default values of this role [here](defaults/main/main.ya
| postgres_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket |
| postgres_backup_restore_sidecar_gcp_project_id | | GCP project name |
| postgres_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) |
| postgres_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket |
| postgres_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located |
| postgres_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service |
| postgres_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 |
| postgres_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 |
| postgres_expose_frontend | | Exposes the postgres over ingress (only use for dev environments) |
| postgres_ingress_dns | | The virtual host to reach the postgres frontend when exposed via ingress |
| postgres_resources | | The kubernetes resources for the actual postgres container |
Expand Down
6 changes: 6 additions & 0 deletions control-plane/roles/postgres-backup-restore/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,12 @@ postgres_backup_restore_sidecar_gcp_backup_location:
postgres_backup_restore_sidecar_gcp_project_id:
postgres_backup_restore_sidecar_gcp_serviceaccount_json:

postgres_backup_restore_sidecar_s3_bucket_name:
postgres_backup_restore_sidecar_s3_region:
postgres_backup_restore_sidecar_s3_endpoint:
postgres_backup_restore_sidecar_s3_access_key:
postgres_backup_restore_sidecar_s3_secret_key:

postgres_resources:
requests:
memory: "128Mi"
Expand Down
32 changes: 32 additions & 0 deletions control-plane/roles/postgres-backup-restore/templates/postgres.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,32 @@ spec:
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /gcp/credentials/serviceaccount.json
{% elif postgres_backup_restore_sidecar_provider == "s3" %}
- name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME
valueFrom:
secretKeyRef:
key: bucketName
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_REGION
valueFrom:
secretKeyRef:
key: region
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT
valueFrom:
secretKeyRef:
key: endpoint
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY
valueFrom:
secretKeyRef:
key: accessKey
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
- name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY
valueFrom:
secretKeyRef:
key: secretKey
name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }}
{% endif %}
volumeMounts:
- name: {{ postgres_name }}
Expand Down Expand Up @@ -265,6 +291,12 @@ data:
bucketLocation: {{ postgres_backup_restore_sidecar_gcp_backup_location | b64encode }}
projectID: {{ postgres_backup_restore_sidecar_gcp_project_id | b64encode }}
serviceaccount.json: {{ postgres_backup_restore_sidecar_gcp_serviceaccount_json | to_json | b64encode }}
{% elif postgres_backup_restore_sidecar_provider == "s3" %}
bucketName: {{ postgres_backup_restore_sidecar_s3_bucket_name | b64encode }}
region: {{ postgres_backup_restore_sidecar_s3_region | b64encode }}
endpoint: {{ postgres_backup_restore_sidecar_s3_endpoint | b64encode }}
accessKey: {{ postgres_backup_restore_sidecar_s3_access_key | b64encode }}
secretKey: {{ postgres_backup_restore_sidecar_s3_secret_key | b64encode }}
{% endif %}
---
apiVersion: v1
Expand Down
5 changes: 5 additions & 0 deletions control-plane/roles/rethinkdb-backup-restore/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ You can look up all the default values of this role [here](defaults/main/main.ya
| rethinkdb_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket |
| rethinkdb_backup_restore_sidecar_gcp_project_id | | GCP project name |
| rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) |
| rethinkdb_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket |
| rethinkdb_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located |
| rethinkdb_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service |
| rethinkdb_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 |
| rethinkdb_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 |
| rethinkdb_expose_frontend | | Exposes the rethinkdb over ingress (only use for dev environments) |
| rethinkdb_ingress_dns | | The virtual host to reach the rethinkdb frontend when exposed via ingress |
| rethinkdb_resources | | The kubernetes resources for the actual rethinkdb container |
Expand Down
6 changes: 6 additions & 0 deletions control-plane/roles/rethinkdb-backup-restore/defaults/main/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@ rethinkdb_backup_restore_sidecar_gcp_backup_location:
rethinkdb_backup_restore_sidecar_gcp_project_id:
rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json:

rethinkdb_backup_restore_sidecar_s3_bucket_name:
rethinkdb_backup_restore_sidecar_s3_region:
rethinkdb_backup_restore_sidecar_s3_endpoint:
rethinkdb_backup_restore_sidecar_s3_access_key:
rethinkdb_backup_restore_sidecar_s3_secret_key:

rethinkdb_backup_restore_sidecar_object_max_keep:

rethinkdb_expose_frontend: no
Expand Down
Loading
Loading