Skip to content

finleap-connect/backup-operator

Repository files navigation

Backup Operator

This project is discontinued.

Feel free to use it, but we will not put any effort in it anymore. Some of our usecases (mongodb backup) can be done by Velero instead.

Build status Coverage Status Go Report Card Go Reference GitHub release

Usage

Quick start

Add the helm repository to your list of repos:

helm repo add finleap-connect https://finleap-connect.github.io/charts/
helm repo update

Execute the following to get the complete list of values available:

helm show values finleap-connect/backup-operator --version <VERSION>

Install operator with the following command:

helm install finleap-connect/backup-operator --name myrealease --version <VERSION> --values values.yaml

Backup for MongoDB

Let's assume you want to backup a MongoDB replicaset. The only MongoDB specific configuration required is the MongoDB URI. However you'll want to insert the sensitive data using environment variables.

For example, let's assume you have two pre-existing secrets:

  • secret containing the password for the MongoDB user
  • secret containing the S3 credentials (and optional encryption key for SSE feature)

Note: The below YAML mixes both kubernetes environment composition in the env section and job environment substitution in the other parts.

The you might compose a MongoDBBackupPlan as in backup_v1alpha1_mongodbbackupplan.yaml.

The above specification will create a CronJob with the same name and the above env and also create a Secret with the rest of the specification and mount it into the CronJob as well.

Backup for Consul

For Consul the procedure is the same as above. However instead of providing the URI, the ConsulBackupPlan requires the follow fields: address, username and password, which hopefully are self-explanatory.

See example configuration in backup_v1alpha1_consulbackupplan.yaml.

Design

A common procedure of any production environments are backups. For this purpose we developed a backup operator, which can be used to setup a CronJob, which will take care of the backup for you.

The plan specification consists of several fields and an environment specification. This duality is very important as environment variables should be used to pass sensitive data to the resulting CronJob.

The operator will spawn a vanilla CronJob and setup the environment as specified by you. Once the job runs it will use environment substitution to replace any variables in your specification.

Therefore you should use the valueFrom.secretKeyRef to provide the sensitive parts of your environment.

The backup job will also push metrics into a prometheus pushgateway, if configured.

Once a job is finished, it will make sure to remove obsolete backups as specified by your retention.

Development

Tools

All required tools for development are automatically downloaded and stored in the bin sub-directory (see relevant section of Makefile for details).

Testing

The tests depend on docker and use ginkgo and gomega. To spin up containers for tests ory/dockertest is used.

Adding a new backup type

If you've extended the operator you need to test that the controller reconciles your new backup plan correctly. To do this, you have to add your new api type to variable planTypes in the file backupplan_controller_test.go. Additionally you have to provide a function to create a new instance of your new type and add it to the variable createTypeFuncs in the same file. After this all controller related functionally will be tested with your newly created type as well.