From 4c7bd01ac15206267e0a277b1f6e271cffefef87 Mon Sep 17 00:00:00 2001 From: Fleur Kelpin Date: Fri, 7 Sep 2018 18:09:51 +0200 Subject: [PATCH] feat: Add backup cronjob Needs to run under service account created by the etcd-operator subchart so there's some template magic needed to figure out what it's called. --- molgenis-vault/resources/backup.yaml | 12 ------------ molgenis-vault/resources/restore.yaml | 3 ++- molgenis-vault/templates/backup-cronjob.yaml | 1 + 3 files changed, 3 insertions(+), 13 deletions(-) delete mode 100644 molgenis-vault/resources/backup.yaml diff --git a/molgenis-vault/resources/backup.yaml b/molgenis-vault/resources/backup.yaml deleted file mode 100644 index 3945a00..0000000 --- a/molgenis-vault/resources/backup.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: "etcd.database.coreos.com/v1beta2" -kind: "EtcdBackup" -metadata: - name: backup - namespace: "vault-operator" -spec: - etcdEndpoints: ["https://vault-etcd-client:2379"] - storageType: ABS - clientTLSSecret: vault-etcd-client-tls - abs: - path: vault/backup - absSecret: abs \ No newline at end of file diff --git a/molgenis-vault/resources/restore.yaml b/molgenis-vault/resources/restore.yaml index a819724..c7db422 100644 --- a/molgenis-vault/resources/restore.yaml +++ b/molgenis-vault/resources/restore.yaml @@ -1,3 +1,4 @@ +# Use kubectl create -f restore.yaml to manually execute a restore of the vault apiVersion: "etcd.database.coreos.com/v1beta2" kind: "EtcdRestore" metadata: @@ -10,5 +11,5 @@ spec: name: vault-etcd backupStorageType: ABS abs: - path: vault/backup + path: vault/backup- absSecret: abs \ No newline at end of file diff --git a/molgenis-vault/templates/backup-cronjob.yaml b/molgenis-vault/templates/backup-cronjob.yaml index a3c47ae..e5687fc 100644 --- a/molgenis-vault/templates/backup-cronjob.yaml +++ b/molgenis-vault/templates/backup-cronjob.yaml @@ -1,4 +1,5 @@ {{- if .Values.backupJob.enable }} +# cronjob that creates etcdbackups using the etcd backup serviceaccount apiVersion: batch/v1beta1 kind: CronJob metadata: