[Feat] Create helm-chart etcd-autobackup

etcd-autobackup/Chart.yaml

@@ -0,0 +1,4 @@
+apiVersion: v2
+name: etcd-autobackup  # 차트의 이름
+version: 1.0.0  # 차트의 버전
+description: A Helm chart for etcd-autobackup service  # 차트의 간단한 설명

etcd-autobackup/templates/NOTES.txt

@@ -0,0 +1,8 @@
+Thank you for installing {{ .Chart.Name }}.
+
+Your release is named {{ .Release.Name }}.
+
+To learn more about the release, try:
+
+  $ helm status {{ .Release.Name }}
+  $ helm get all {{ .Release.Name }}

etcd-autobackup/templates/aws/etcd-backup-configmap-aws.yaml

@@ -0,0 +1,67 @@
+{{- if eq .Values.cloudProvider "aws" }}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: etcd-backup-configmap-aws
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+data:
+  test.sh: |
+    #!/bin/sh
+
+    #== aws config ==
+    # create directory 
+    mkdir -p ~/.aws
+
+    # create configure file
+    cat > ~/.aws/config << EOF
+    [default]
+    region = {{ .Values.aws.region }}
+    output = json
+    EOF
+
+    # create credential file 
+    cat > ~/.aws/credentials << EOF
+    [default]
+    aws_access_key_id = {{ .Values.aws.access_key_id }}
+    aws_secret_access_key = {{ .Values.aws.secret_access_key }}
+    EOF
+
+    # authentication
+    chmod 600 ~/.aws/config ~/.aws/credentials
+
+    #== create s3 ==
+    BUCKET_NAME='jujy-etcd-backup-{{ .Values.aws.region }}'
+    
+    if aws s3 ls "s3://$BUCKET_NAME" --region {{ .Values.aws.region }} 2>&1 | grep -q 'NoSuchBucket'; then
+      echo "Creating S3 bucket: $BUCKET_NAME"
+      aws s3 mb s3://$BUCKET_NAME --region {{ .Values.aws.region }}
+      if [ $? -eq 0 ]; then
+        echo "S3 bucket '$BUCKET_NAME' created successfully."
+      else
+        echo "Failed to create S3 bucket '$BUCKET_NAME'. Please check the error message."
+      fi
+
+    else
+      echo "Bucket already exists: $BUCKET_NAME"
+    fi
+    #== Apply s3 lifecycle ==
+    aws s3api put-bucket-lifecycle-configuration --bucket $BUCKET_NAME --lifecycle-configuration file://root/aws-lifecycle.json
+
+    #take a snapshot
+    echo 'ETCD_ENDPOINT={{ .Values.etcd.endpoint }}'
+    ETCDCTL_API=3 etcdctl snapshot save --endpoints={{ .Values.etcd.endpoint }} --cacert=/cert/ca.crt  --cert=/cert/server.crt  --key=/cert/server.key  etcd-backup.db --debug
+    ETCDCTL_API=3 etcdctl --write-out=table snapshot status etcd-backup.db
+
+    #timestamp in seconds
+    timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S")
+    #tiemstamp in days
+    folder_name=$(date -u +"%Y-%m-%d")
+
+    aws s3 cp /etcd-backup.db s3://$BUCKET_NAME/${folder_name}/etcd-backup-${timestamp}.db
+
+    echo "Snapshot Uploaded a to AWS Bucket Successfully." 
+
+{{- end }}

etcd-autobackup/templates/aws/etcd-backup-deploy-watchapi-aws.yaml

@@ -0,0 +1,38 @@
+{{- if eq .Values.cloudProvider "aws" }}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: aws-watchapi-deploy
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: etcd
+  template:
+    metadata:
+      labels:
+        app: etcd
+    spec:
+      tolerations:
+      - key: node-role.kubernetes.io/control-plane
+        operator: Exists
+        effect: NoSchedule
+      containers:
+      - name: watchapi
+        image: gwmelody/aws-watchapi:v4
+        imagePullPolicy: Always
+        volumeMounts:
+        - name: kubeconfig-volume
+          mountPath: /root/.kube/config
+      volumes:
+      - name: kubeconfig-volume
+        hostPath:
+          path: /root/.kube/config
+          type: File
+      restartPolicy: Always
+
+{{- end }}

etcd-autobackup/templates/etcdautobackup-ns.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: etcd-autobackup

etcd-autobackup/templates/ncp/etcd-backup-configmap-ncp.yaml

@@ -0,0 +1,74 @@
+{{- if eq .Values.cloudProvider "ncp" }}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: etcd-backup-configmap-ncp
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+data:
+  test.sh: |
+    #!/bin/sh
+
+     #== aws config ==
+    # create directory 
+    mkdir -p ~/.aws
+
+    # create configure file 
+    cat > ~/.aws/config << EOF
+    [default]
+    region = {{ .Values.ncp.region }}
+    output = json
+    EOF
+
+    # create credential file 
+    cat > ~/.aws/credentials << EOF
+    [default]
+    aws_access_key_id = {{ .Values.ncp.access_key_id }}
+    aws_secret_access_key = {{ .Values.ncp.secret_access_key }}
+    EOF
+
+    # authorization
+    chmod 600 ~/.aws/config ~/.aws/credentials
+
+    #== Create s3 ==
+    BUCKET_NAME='jujy-etcd-backup-{{ .Values.ncp.region }}'
+    NCP_ENDPOINT_URL=https://kr.object.ncloudstorage.com
+
+    # check if bucket exists
+    existing_bucket=$(aws --endpoint-url=$NCP_ENDPOINT_URL s3api list-buckets --query "Buckets[?Name=='$BUCKET_NAME'].Name" --output text)
+
+    if [ "$existing_bucket" = "$BUCKET_NAME" ]; then
+    echo "Bucket '$BUCKET_NAME' is already exists"
+    else
+      # create bucket 
+      if aws --endpoint-url=$NCP_ENDPOINT_URL s3api create-bucket --bucket "$BUCKET_NAME" --region {{ .Values.ncp.region }} 2>/dev/null; then
+        echo "Created bucket '$BUCKET_NAME' Successfully."
+      else
+        echo "Failed to create bucket '$BUCKET_NAME'. Please check the error message." >&2
+        exit 1
+      fi
+    fi
+
+    #== Apply s3 lifecycle ==
+    aws  --endpoint-url=$NCP_ENDPOINT_URL s3api put-bucket-lifecycle-configuration --bucket $BUCKET_NAME --lifecycle-configuration file://root/aws-lifecycle.json
+
+
+    #take a snapshot
+    echo "ETCD_ENDPOINT=$ETCD_ENDPOINT"
+    ETCDCTL_API=3 etcdctl snapshot save --endpoints={{ .Values.etcd.endpoint }} --cacert=/cert/ca.crt  --cert=/cert/server.crt  --key=/cert/server.key  etcd-backup.db --debug
+    ETCDCTL_API=3 etcdctl --write-out=table snapshot status etcd-backup.db
+
+    #backup to the ncp storage
+
+    #timestamp in seconds
+    timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S")
+    #tiemstamp in days
+    folder_name=$(date -u +"%Y-%m-%d")
+
+    aws --endpoint-url=$NCP_ENDPOINT_URL s3 cp /etcd-backup.db s3://$BUCKET_NAME/${folder_name}/etcd-backup-${timestamp}.db
+
+    echo "Snapshot Uploaded a to NCP Storage Successfully." 
+
+{{- end }}

etcd-autobackup/templates/ncp/etcd-backup-deploy-watchapi-ncp.yaml.yaml

@@ -0,0 +1,38 @@
+{{- if eq .Values.cloudProvider "ncp" }}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ncp-watchapi-deploy
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: etcd
+  template:
+    metadata:
+      labels:
+        app: etcd
+    spec:
+      tolerations:
+      - key: node-role.kubernetes.io/control-plane
+        operator: Exists
+        effect: NoSchedule
+      containers:
+      - name: watchapi
+        image: gwmelody/ncp-watchapi:v4
+        imagePullPolicy: Always
+        volumeMounts:
+        - name: kubeconfig-volume
+          mountPath: /root/.kube/config
+      volumes:
+      - name: kubeconfig-volume
+        hostPath:
+          path: /root/.kube/config
+          type: File
+      restartPolicy: Always
+
+{{- end }}

etcd-autobackup/templates/oci/etcd-backup-configmap-oci.yaml

@@ -0,0 +1,66 @@
+{{- if eq .Values.cloudProvider "oci" }}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: etcd-backup-configmap-oci
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+data:
+  test.sh: |
+    #!/bin/sh
+    ######creating oci-key
+    echo "{{ .Values.oci.api_key_content }}" > oci_key.pem
+
+    ######oci configure ; automation using expect 
+    echo "Configuring OCI-CLI."
+
+    expect -c "
+    spawn $HOME/bin/oci setup config
+
+    expect \"Enter a location for your config\"
+    send -- \"$HOME/.oci/config\r\"
+
+    expect \"Enter a user OCID\"
+    send -- \"{{ .Values.oci.user_ocid }}\r\"
+
+    expect \"Enter a tenancy OCID\"
+    send -- \"{{ .Values.oci.tenancy_ocid }}\r\"
+
+    expect \"Enter a region\"
+    send -- \"{{ .Values.oci.bucket_region }}\r\"
+
+    expect \"Do you want to generate a new API Signing RSA key pair?\"
+    send -- \"n\r\"
+
+    expect \"Enter the location of your private key file\"
+    send -- \"oci_key.pem\r\"
+
+    expect eof
+    "
+
+    echo "Successfully configured oci-cli"
+
+
+    #take a snapshot
+    echo "Taking Snapshot."
+    echo "ETCD_ENDPOINT={{ .Values.etcd.endpoint }}"
+    ETCDCTL_API=3 etcdctl snapshot save --endpoints={{ .Values.etcd.endpoint }} --cacert=/cert/ca.crt  --cert=/cert/server.crt  --key=/cert/server.key  etcd-backup.db --debug
+    ETCDCTL_API=3 etcdctl --write-out=table snapshot status etcd-backup.db
+
+
+    #backup to the oci storage
+    echo "Upload Snapshot to Oracle Storage."
+    BUCKET_NAME='jujy-etcd-backup-{{ .Values.oci.bucket_region }}'
+
+    #timestamp in seconds
+    timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S")
+    #tiemstamp in days
+    folder_name=$(date -u +"%Y-%m-%d")
+
+    $HOME/bin/oci os object put --bucket-name $BUCKET_NAME --file etcd-backup.db --namespace {{ .Values.oci.namespace }} --name "${folder_name}/etcd-backup-${timestamp}.db"
+    
+    echo "Snapshot Uploaded a to OCI Bucket Successfully."  
+
+{{- end }}

etcd-autobackup/templates/oci/etcd-backup-deploy-watchapi-oci.yaml.yaml

@@ -0,0 +1,38 @@
+{{- if eq .Values.cloudProvider "oci" }}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: oci-watchapi-deploy
+  namespace: etcd-autobackup
+  labels:
+    app: etcd
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: etcd
+  template:
+    metadata:
+      labels:
+        app: etcd
+    spec:
+      tolerations:
+      - key: node-role.kubernetes.io/control-plane
+        operator: Exists
+        effect: NoSchedule
+      containers:
+      - name: watchapi
+        image: gwmelody/oci-watchapi:v4
+        imagePullPolicy: Always
+        volumeMounts:
+        - name: kubeconfig-volume
+          mountPath: /root/.kube/config
+      volumes:
+      - name: kubeconfig-volume
+        hostPath:
+          path: /root/.kube/config
+          type: File
+      restartPolicy: Always
+
+{{- end }}

etcd-autobackup/values.yaml

@@ -0,0 +1,42 @@
+#Fill in the blanks according to the applicable environment
+
+
+ #===================================== etcd certification =====================================
+etcd:
+  ##Directory that including ca.crt, server.crt, server.key. Please write the path from the master node. Please write an absolute path.
+  cert_path: /etc/kubernetes/pki/etcd/  
+  #endpoint of etcd with port. This must be Private IP.
+  endpoint: 
+
+
+#===================================== cloudProvider =========================================
+#Select the cloudProvider where the etcd backup snapshot will be saved.
+#Uncomment what you want. default is oracle cloud.
+cloudProvider: oci
+#cloudProvider: aws
+#cloudProvider: ncp
+
+
+#Fill in below, if you choosed Oracle Cloud Infrastructure.
+oci:
+  user_ocid: 
+  tenancy_ocid: 
+  api_key_content:  #Copy and paste the contents of the oci key file
+  bucket_region: 
+  namespace: 
+
+
+#Fill in below, if you choosed Amazon Web Service.
+aws:
+  access_key_id:
+  secret_access_key:
+  region:
+
+
+
+#Fill in below, if you choosed Naver Cloud Platform.
+ncp:
+  access_key_id:
+  secret_access_key:
+  region:
+