k/forgejo: add pvc snapshots
This commit is contained in:
ryan-distrust.co
parent
811bfc4aa3
commit
1c16a03900
GPG Key ID:
8E401478A3FBEF72
|
|
@ -5,6 +5,7 @@ resources:
|
|||
- namespace.yaml
|
||||
- resources.yaml
|
||||
- ingress.yaml
|
||||
- snapshots
|
||||
patches:
|
||||
- path: forgejo-env-vars.patch.yaml
|
||||
target:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: snapshot.storage.k8s.io/v1
|
||||
kind: VolumeSnapshot
|
||||
metadata:
|
||||
name: TEMPLATE_NAME
|
||||
spec:
|
||||
source:
|
||||
persistentVolumeClaimName: TEMPLATE_PVC_NAME
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- resources.yaml
|
||||
- rbac.yaml
|
||||
configMapGenerator:
|
||||
- name: forgejo-volume-snapshot-template
|
||||
files:
|
||||
- forgejo-volume-snapshot-template.yaml
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
apiVersion: v1
|
||||
automountServiceAccountToken: true
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: forgejo-snapshot
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: forgejo-snapshot
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- namespaces
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- snapshot.storage.k8s.io
|
||||
resources:
|
||||
- volumesnapshots
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: forgejo-snapshot
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: forgejo-snapshot
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: forgejo-snapshot
|
||||
namespace: default
|
||||
|
|
@ -0,0 +1,70 @@
|
|||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: snapshot-creator
|
||||
spec:
|
||||
schedule: "@daily"
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
serviceAccountName: forgejo-snapshot
|
||||
initContainers:
|
||||
- name: template-snapshot-name
|
||||
image: bitnami/kubectl:1.27.1
|
||||
command: ["/bin/sh"]
|
||||
args:
|
||||
- -c
|
||||
- |-
|
||||
sed \
|
||||
-e "s/TEMPLATE_NAME/forgejo-snapshot-$(date -u --rfc-3339=date)/" \
|
||||
-e "s/TEMPLATE_PVC_NAME/forgejo-data-forgejo-0/" \
|
||||
< /in/forgejo-volume-snapshot-template.yaml \
|
||||
> /out/forgejo-volume-snapshot.yaml
|
||||
volumeMounts:
|
||||
- name: snapshot-template
|
||||
mountPath: /in
|
||||
- name: snapshot-yaml
|
||||
mountPath: /out
|
||||
containers:
|
||||
- name: create-volume-snapshot
|
||||
image: bitnami/kubectl:1.27.1
|
||||
args:
|
||||
- -n
|
||||
- $(POD_NAMESPACE)
|
||||
- apply
|
||||
- -f
|
||||
- /in/forgejo-volume-snapshot.yaml
|
||||
env:
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
volumeMounts:
|
||||
- name: snapshot-yaml
|
||||
mountPath: /in
|
||||
- name: cleanup-volume-snapshot
|
||||
image: bitnami/kubectl:1.27.1
|
||||
command: ["sh"]
|
||||
args:
|
||||
- -c
|
||||
- |-
|
||||
datestr="$(date -d '2 weeks ago' -Ins --utc | sed 's/+0000/Z/')"
|
||||
kubectl -n forgejo get volumesnapshots \
|
||||
--template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' \
|
||||
| while read snapshot_name snapshot_date; do
|
||||
echo "$snapshot_name" "$snapshot_date" "$datestr" | awk '$2 <= $3 { print $1 }'
|
||||
done \
|
||||
| xargs -n 1 kubectl -n $(POD_NAMESPACE) delete volumesnapshot "$snapshot_name"
|
||||
env:
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
volumes:
|
||||
- name: snapshot-template
|
||||
configMap:
|
||||
name: forgejo-volume-snapshot-template
|
||||
- name: snapshot-yaml
|
||||
emptyDir: {}
|
||||
Loading…
Reference in New Issue