From 7e63796bb09c1f5a9f0671b993e0c6a6290ee708 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Tue, 12 Mar 2024 14:10:20 +0100 Subject: [PATCH] Add S3 configuration for the backup-restore-sidecar --- .../auditing-meili/defaults/main/main.yaml | 6 ++++ .../roles/auditing-meili/tasks/main.yaml | 5 +++ .../roles/headscale/defaults/main/db.yaml | 6 ++++ control-plane/roles/headscale/tasks/main.yaml | 5 +++ .../roles/ipam-db/defaults/main/main.yaml | 6 ++++ control-plane/roles/ipam-db/tasks/main.yaml | 5 +++ .../masterdata-db/defaults/main/main.yaml | 6 ++++ .../roles/masterdata-db/tasks/main.yaml | 5 +++ .../roles/meili-backup-restore/README.md | 5 +++ .../defaults/main/main.yaml | 6 ++++ .../templates/meilisearch.yaml | 32 +++++++++++++++++++ .../roles/metal-db/defaults/main/main.yaml | 6 ++++ control-plane/roles/metal-db/tasks/main.yaml | 5 +++ .../roles/postgres-backup-restore/README.md | 5 +++ .../defaults/main/main.yaml | 6 ++++ .../templates/postgres.yaml | 32 +++++++++++++++++++ .../roles/rethinkdb-backup-restore/README.md | 5 +++ .../defaults/main/main.yaml | 6 ++++ .../templates/rethinkdb.yaml | 32 +++++++++++++++++++ 19 files changed, 184 insertions(+) diff --git a/control-plane/roles/auditing-meili/defaults/main/main.yaml b/control-plane/roles/auditing-meili/defaults/main/main.yaml index a1dd1713..370af662 100644 --- a/control-plane/roles/auditing-meili/defaults/main/main.yaml +++ b/control-plane/roles/auditing-meili/defaults/main/main.yaml @@ -23,6 +23,12 @@ auditing_meili_backup_restore_sidecar_gcp_backup_location: auditing_meili_backup_restore_sidecar_gcp_project_id: auditing_meili_backup_restore_sidecar_gcp_serviceaccount_json: +auditing_meili_backup_restore_sidecar_s3_bucket_name: +auditing_meili_backup_restore_sidecar_s3_region: +auditing_meili_backup_restore_sidecar_s3_endpoint: +auditing_meili_backup_restore_sidecar_s3_access_key: +auditing_meili_backup_restore_sidecar_s3_secret_key: + auditing_meili_resources: requests: memory: "256Mi" diff --git a/control-plane/roles/auditing-meili/tasks/main.yaml b/control-plane/roles/auditing-meili/tasks/main.yaml index 1c4377a6..e4805090 100644 --- a/control-plane/roles/auditing-meili/tasks/main.yaml +++ b/control-plane/roles/auditing-meili/tasks/main.yaml @@ -39,5 +39,10 @@ meilisearch_backup_restore_sidecar_gcp_backup_location: "{{ auditing_meili_backup_restore_sidecar_gcp_backup_location }}" meilisearch_backup_restore_sidecar_gcp_project_id: "{{ auditing_meili_backup_restore_sidecar_gcp_project_id }}" meilisearch_backup_restore_sidecar_gcp_serviceaccount_json: "{{ auditing_meili_backup_restore_sidecar_gcp_serviceaccount_json }}" + meilisearch_backup_restore_sidecar_s3_bucket_name: "{{ auditing_meili_backup_restore_sidecar_s3_bucket_name }}" + meilisearch_backup_restore_sidecar_s3_region: "{{ auditing_meili_backup_restore_sidecar_s3_region }}" + meilisearch_backup_restore_sidecar_s3_endpoint: "{{ auditing_meili_backup_restore_sidecar_s3_endpoint }}" + meilisearch_backup_restore_sidecar_s3_access_key: "{{ auditing_meili_backup_restore_sidecar_s3_access_key }}" + meilisearch_backup_restore_sidecar_s3_secret_key: "{{ auditing_meili_backup_restore_sidecar_s3_secret_key }}" meilisearch_resources: "{{ auditing_meili_resources }}" meilisearch_backup_restore_sidecar_object_max_keep: "{{ auditing_meili_backup_restore_sidecar_object_max_keep }}" diff --git a/control-plane/roles/headscale/defaults/main/db.yaml b/control-plane/roles/headscale/defaults/main/db.yaml index d08fb0e6..11b2019c 100644 --- a/control-plane/roles/headscale/defaults/main/db.yaml +++ b/control-plane/roles/headscale/defaults/main/db.yaml @@ -18,6 +18,12 @@ headscale_db_backup_restore_sidecar_gcp_backup_location: headscale_db_backup_restore_sidecar_gcp_project_id: headscale_db_backup_restore_sidecar_gcp_serviceaccount_json: +headscale_db_backup_restore_sidecar_s3_bucket_name: +headscale_db_backup_restore_sidecar_s3_region: +headscale_db_backup_restore_sidecar_s3_endpoint: +headscale_db_backup_restore_sidecar_s3_access_key: +headscale_db_backup_restore_sidecar_s3_secret_key: + headscale_db_resources: requests: memory: "256Mi" diff --git a/control-plane/roles/headscale/tasks/main.yaml b/control-plane/roles/headscale/tasks/main.yaml index 9f184f73..300c9cb5 100644 --- a/control-plane/roles/headscale/tasks/main.yaml +++ b/control-plane/roles/headscale/tasks/main.yaml @@ -51,6 +51,11 @@ postgres_backup_restore_sidecar_gcp_backup_location: "{{ headscale_db_backup_restore_sidecar_gcp_backup_location }}" postgres_backup_restore_sidecar_gcp_project_id: "{{ headscale_db_backup_restore_sidecar_gcp_project_id }}" postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ headscale_db_backup_restore_sidecar_gcp_serviceaccount_json }}" + postgres_backup_restore_sidecar_s3_bucket_name: "{{ headscale_db_backup_restore_sidecar_s3_bucket_name }}" + postgres_backup_restore_sidecar_s3_region: "{{ headscale_db_backup_restore_sidecar_s3_region }}" + postgres_backup_restore_sidecar_s3_endpoint: "{{ headscale_db_backup_restore_sidecar_s3_endpoint }}" + postgres_backup_restore_sidecar_s3_access_key: "{{ headscale_db_backup_restore_sidecar_s3_access_key }}" + postgres_backup_restore_sidecar_s3_secret_key: "{{ headscale_db_backup_restore_sidecar_s3_secret_key }}" postgres_resources: "{{ headscale_db_resources }}" - name: Deploy headscale diff --git a/control-plane/roles/ipam-db/defaults/main/main.yaml b/control-plane/roles/ipam-db/defaults/main/main.yaml index a304e7b9..f95f2fc6 100644 --- a/control-plane/roles/ipam-db/defaults/main/main.yaml +++ b/control-plane/roles/ipam-db/defaults/main/main.yaml @@ -23,6 +23,12 @@ ipam_db_backup_restore_sidecar_gcp_backup_location: ipam_db_backup_restore_sidecar_gcp_project_id: ipam_db_backup_restore_sidecar_gcp_serviceaccount_json: +ipam_db_backup_restore_sidecar_s3_bucket_name: +ipam_db_backup_restore_sidecar_s3_region: +ipam_db_backup_restore_sidecar_s3_endpoint: +ipam_db_backup_restore_sidecar_s3_access_key: +ipam_db_backup_restore_sidecar_s3_secret_key: + ipam_db_resources: requests: memory: "128Mi" diff --git a/control-plane/roles/ipam-db/tasks/main.yaml b/control-plane/roles/ipam-db/tasks/main.yaml index ac77cf2c..ec692859 100644 --- a/control-plane/roles/ipam-db/tasks/main.yaml +++ b/control-plane/roles/ipam-db/tasks/main.yaml @@ -40,6 +40,11 @@ postgres_backup_restore_sidecar_gcp_backup_location: "{{ ipam_db_backup_restore_sidecar_gcp_backup_location }}" postgres_backup_restore_sidecar_gcp_project_id: "{{ ipam_db_backup_restore_sidecar_gcp_project_id }}" postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ ipam_db_backup_restore_sidecar_gcp_serviceaccount_json }}" + postgres_backup_restore_sidecar_s3_bucket_name: "{{ ipam_db_backup_restore_sidecar_s3_bucket_name }}" + postgres_backup_restore_sidecar_s3_region: "{{ ipam_db_backup_restore_sidecar_s3_region }}" + postgres_backup_restore_sidecar_s3_endpoint: "{{ ipam_db_backup_restore_sidecar_s3_endpoint }}" + postgres_backup_restore_sidecar_s3_access_key: "{{ ipam_db_backup_restore_sidecar_s3_access_key }}" + postgres_backup_restore_sidecar_s3_secret_key: "{{ ipam_db_backup_restore_sidecar_s3_secret_key }}" postgres_resources: "{{ ipam_db_resources }}" postgres_backup_restore_sidecar_object_max_keep: "{{ ipam_db_backup_restore_sidecar_object_max_keep }}" diff --git a/control-plane/roles/masterdata-db/defaults/main/main.yaml b/control-plane/roles/masterdata-db/defaults/main/main.yaml index 1e62ab0d..2880dde8 100644 --- a/control-plane/roles/masterdata-db/defaults/main/main.yaml +++ b/control-plane/roles/masterdata-db/defaults/main/main.yaml @@ -23,6 +23,12 @@ masterdata_db_backup_restore_sidecar_gcp_backup_location: masterdata_db_backup_restore_sidecar_gcp_project_id: masterdata_db_backup_restore_sidecar_gcp_serviceaccount_json: +masterdata_db_backup_restore_sidecar_s3_bucket_name: +masterdata_db_backup_restore_sidecar_s3_region: +masterdata_db_backup_restore_sidecar_s3_endpoint: +masterdata_db_backup_restore_sidecar_s3_access_key: +masterdata_db_backup_restore_sidecar_s3_secret_key: + masterdata_db_resources: requests: memory: "128Mi" diff --git a/control-plane/roles/masterdata-db/tasks/main.yaml b/control-plane/roles/masterdata-db/tasks/main.yaml index 14def4b0..65704ca8 100644 --- a/control-plane/roles/masterdata-db/tasks/main.yaml +++ b/control-plane/roles/masterdata-db/tasks/main.yaml @@ -40,5 +40,10 @@ postgres_backup_restore_sidecar_gcp_backup_location: "{{ masterdata_db_backup_restore_sidecar_gcp_backup_location }}" postgres_backup_restore_sidecar_gcp_project_id: "{{ masterdata_db_backup_restore_sidecar_gcp_project_id }}" postgres_backup_restore_sidecar_gcp_serviceaccount_json: "{{ masterdata_db_backup_restore_sidecar_gcp_serviceaccount_json }}" + postgres_backup_restore_sidecar_s3_bucket_name: "{{ masterdata_db_backup_restore_sidecar_s3_bucket_name }}" + postgres_backup_restore_sidecar_s3_region: "{{ masterdata_db_backup_restore_sidecar_s3_region }}" + postgres_backup_restore_sidecar_s3_endpoint: "{{ masterdata_db_backup_restore_sidecar_s3_endpoint }}" + postgres_backup_restore_sidecar_s3_access_key: "{{ masterdata_db_backup_restore_sidecar_s3_access_key }}" + postgres_backup_restore_sidecar_s3_secret_key: "{{ masterdata_db_backup_restore_sidecar_s3_secret_key }}" postgres_resources: "{{ masterdata_db_resources }}" postgres_backup_restore_sidecar_object_max_keep: "{{ masterdata_db_backup_restore_sidecar_object_max_keep }}" diff --git a/control-plane/roles/meili-backup-restore/README.md b/control-plane/roles/meili-backup-restore/README.md index 7ee81d4e..b77c1eff 100644 --- a/control-plane/roles/meili-backup-restore/README.md +++ b/control-plane/roles/meili-backup-restore/README.md @@ -31,4 +31,9 @@ You can look up all the default values of this role [here](defaults/main/main.ya | meilisearch_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket | | meilisearch_backup_restore_sidecar_gcp_project_id | | GCP project name | | meilisearch_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) | +| meilisearch_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket | +| meilisearch_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located | +| meilisearch_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service | +| meilisearch_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 | +| meilisearch_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 | | meilisearch_resources | | The kubernetes resources for the actual meilisearch container | diff --git a/control-plane/roles/meili-backup-restore/defaults/main/main.yaml b/control-plane/roles/meili-backup-restore/defaults/main/main.yaml index e3600ec9..c335efd7 100644 --- a/control-plane/roles/meili-backup-restore/defaults/main/main.yaml +++ b/control-plane/roles/meili-backup-restore/defaults/main/main.yaml @@ -23,6 +23,12 @@ meilisearch_backup_restore_sidecar_gcp_backup_location: meilisearch_backup_restore_sidecar_gcp_project_id: meilisearch_backup_restore_sidecar_gcp_serviceaccount_json: +meilisearch_backup_restore_sidecar_s3_bucket_name: +meilisearch_backup_restore_sidecar_s3_region: +meilisearch_backup_restore_sidecar_s3_endpoint: +meilisearch_backup_restore_sidecar_s3_access_key: +meilisearch_backup_restore_sidecar_s3_secret_key: + meilisearch_resources: requests: memory: "256Mi" diff --git a/control-plane/roles/meili-backup-restore/templates/meilisearch.yaml b/control-plane/roles/meili-backup-restore/templates/meilisearch.yaml index d100275b..56ea0aed 100644 --- a/control-plane/roles/meili-backup-restore/templates/meilisearch.yaml +++ b/control-plane/roles/meili-backup-restore/templates/meilisearch.yaml @@ -130,6 +130,32 @@ spec: name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} - name: GOOGLE_APPLICATION_CREDENTIALS value: /gcp/credentials/serviceaccount.json +{% elif meilisearch_backup_restore_sidecar_provider == "s3" %} + - name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME + valueFrom: + secretKeyRef: + key: bucketName + name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_REGION + valueFrom: + secretKeyRef: + key: region + name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY + valueFrom: + secretKeyRef: + key: accessKey + name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY + valueFrom: + secretKeyRef: + key: secretKey + name: backup-restore-sidecar-backup-provider-config-{{ meilisearch_name }} {% endif %} volumeMounts: - name: data @@ -246,6 +272,12 @@ data: bucketLocation: {{ meilisearch_backup_restore_sidecar_gcp_backup_location | b64encode }} projectID: {{ meilisearch_backup_restore_sidecar_gcp_project_id | b64encode }} serviceaccount.json: {{ meilisearch_backup_restore_sidecar_gcp_serviceaccount_json | to_json | b64encode }} +{% elif meilisearch_backup_restore_sidecar_provider == "s3" %} + bucketName: {{ meilisearch_backup_restore_sidecar_s3_bucket_name | b64encode }} + region: {{ meilisearch_backup_restore_sidecar_s3_region | b64encode }} + endpoint: {{ meilisearch_backup_restore_sidecar_s3_endpoint | b64encode }} + accessKey: {{ meilisearch_backup_restore_sidecar_s3_access_key | b64encode }} + secretKey: {{ meilisearch_backup_restore_sidecar_s3_secret_key | b64encode }} {% endif %} --- apiVersion: v1 diff --git a/control-plane/roles/metal-db/defaults/main/main.yaml b/control-plane/roles/metal-db/defaults/main/main.yaml index 90219a82..2274924e 100644 --- a/control-plane/roles/metal-db/defaults/main/main.yaml +++ b/control-plane/roles/metal-db/defaults/main/main.yaml @@ -20,6 +20,12 @@ metal_db_backup_restore_sidecar_gcp_backup_location: metal_db_backup_restore_sidecar_gcp_project_id: metal_db_backup_restore_sidecar_gcp_serviceaccount_json: +metal_db_backup_restore_sidecar_s3_bucket_name: +metal_db_backup_restore_sidecar_s3_region: +metal_db_backup_restore_sidecar_s3_endpoint: +metal_db_backup_restore_sidecar_s3_access_key: +metal_db_backup_restore_sidecar_s3_secret_key: + metal_db_expose_frontend: no metal_db_ingress_dns: rethinkdb.{{ metal_control_plane_ingress_dns }} diff --git a/control-plane/roles/metal-db/tasks/main.yaml b/control-plane/roles/metal-db/tasks/main.yaml index 3a121a41..529bb108 100644 --- a/control-plane/roles/metal-db/tasks/main.yaml +++ b/control-plane/roles/metal-db/tasks/main.yaml @@ -36,6 +36,11 @@ rethinkdb_backup_restore_sidecar_gcp_backup_location: "{{ metal_db_backup_restore_sidecar_gcp_backup_location }}" rethinkdb_backup_restore_sidecar_gcp_project_id: "{{ metal_db_backup_restore_sidecar_gcp_project_id }}" rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json: "{{ metal_db_backup_restore_sidecar_gcp_serviceaccount_json }}" + rethinkdb_backup_restore_sidecar_s3_bucket_name: "{{ metal_db_backup_restore_sidecar_s3_bucket_name }}" + rethinkdb_backup_restore_sidecar_s3_region: "{{ metal_db_backup_restore_sidecar_s3_region }}" + rethinkdb_backup_restore_sidecar_s3_endpoint: "{{ metal_db_backup_restore_sidecar_s3_endpoint }}" + rethinkdb_backup_restore_sidecar_s3_access_key: "{{ metal_db_backup_restore_sidecar_s3_access_key }}" + rethinkdb_backup_restore_sidecar_s3_secret_key: "{{ metal_db_backup_restore_sidecar_s3_secret_key }}" rethinkdb_expose_frontend: "{{ metal_db_expose_frontend }}" rethinkdb_ingress_dns: "{{ metal_db_ingress_dns }}" rethinkdb_resources: "{{ metal_db_resources }}" diff --git a/control-plane/roles/postgres-backup-restore/README.md b/control-plane/roles/postgres-backup-restore/README.md index 6640b69e..7c084b3f 100644 --- a/control-plane/roles/postgres-backup-restore/README.md +++ b/control-plane/roles/postgres-backup-restore/README.md @@ -32,6 +32,11 @@ You can look up all the default values of this role [here](defaults/main/main.ya | postgres_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket | | postgres_backup_restore_sidecar_gcp_project_id | | GCP project name | | postgres_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) | +| postgres_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket | +| postgres_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located | +| postgres_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service | +| postgres_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 | +| postgres_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 | | postgres_expose_frontend | | Exposes the postgres over ingress (only use for dev environments) | | postgres_ingress_dns | | The virtual host to reach the postgres frontend when exposed via ingress | | postgres_resources | | The kubernetes resources for the actual postgres container | diff --git a/control-plane/roles/postgres-backup-restore/defaults/main/main.yaml b/control-plane/roles/postgres-backup-restore/defaults/main/main.yaml index df0fc6a9..5a87af03 100644 --- a/control-plane/roles/postgres-backup-restore/defaults/main/main.yaml +++ b/control-plane/roles/postgres-backup-restore/defaults/main/main.yaml @@ -29,6 +29,12 @@ postgres_backup_restore_sidecar_gcp_backup_location: postgres_backup_restore_sidecar_gcp_project_id: postgres_backup_restore_sidecar_gcp_serviceaccount_json: +postgres_backup_restore_sidecar_s3_bucket_name: +postgres_backup_restore_sidecar_s3_region: +postgres_backup_restore_sidecar_s3_endpoint: +postgres_backup_restore_sidecar_s3_access_key: +postgres_backup_restore_sidecar_s3_secret_key: + postgres_resources: requests: memory: "128Mi" diff --git a/control-plane/roles/postgres-backup-restore/templates/postgres.yaml b/control-plane/roles/postgres-backup-restore/templates/postgres.yaml index 566a8325..ebc5b793 100644 --- a/control-plane/roles/postgres-backup-restore/templates/postgres.yaml +++ b/control-plane/roles/postgres-backup-restore/templates/postgres.yaml @@ -154,6 +154,32 @@ spec: name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} - name: GOOGLE_APPLICATION_CREDENTIALS value: /gcp/credentials/serviceaccount.json +{% elif postgres_backup_restore_sidecar_provider == "s3" %} + - name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME + valueFrom: + secretKeyRef: + key: bucketName + name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_REGION + valueFrom: + secretKeyRef: + key: region + name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY + valueFrom: + secretKeyRef: + key: accessKey + name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY + valueFrom: + secretKeyRef: + key: secretKey + name: backup-restore-sidecar-backup-provider-config-{{ postgres_name }} {% endif %} volumeMounts: - name: {{ postgres_name }} @@ -265,6 +291,12 @@ data: bucketLocation: {{ postgres_backup_restore_sidecar_gcp_backup_location | b64encode }} projectID: {{ postgres_backup_restore_sidecar_gcp_project_id | b64encode }} serviceaccount.json: {{ postgres_backup_restore_sidecar_gcp_serviceaccount_json | to_json | b64encode }} +{% elif postgres_backup_restore_sidecar_provider == "s3" %} + bucketName: {{ postgres_backup_restore_sidecar_s3_bucket_name | b64encode }} + region: {{ postgres_backup_restore_sidecar_s3_region | b64encode }} + endpoint: {{ postgres_backup_restore_sidecar_s3_endpoint | b64encode }} + accessKey: {{ postgres_backup_restore_sidecar_s3_access_key | b64encode }} + secretKey: {{ postgres_backup_restore_sidecar_s3_secret_key | b64encode }} {% endif %} --- apiVersion: v1 diff --git a/control-plane/roles/rethinkdb-backup-restore/README.md b/control-plane/roles/rethinkdb-backup-restore/README.md index 2147d214..7420894d 100644 --- a/control-plane/roles/rethinkdb-backup-restore/README.md +++ b/control-plane/roles/rethinkdb-backup-restore/README.md @@ -29,6 +29,11 @@ You can look up all the default values of this role [here](defaults/main/main.ya | rethinkdb_backup_restore_sidecar_gcp_backup_location | | Location of the GCP bucket | | rethinkdb_backup_restore_sidecar_gcp_project_id | | GCP project name | | rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json | | GCP Serviceaccount JSON string (service account requires bucket access) | +| rethinkdb_backup_restore_sidecar_s3_bucket_name | | The name of the S3 bucket | +| rethinkdb_backup_restore_sidecar_s3_region | | The region where the S3 bucket is located | +| rethinkdb_backup_restore_sidecar_s3_endpoint | | The endpoint URL for the S3 storage service | +| rethinkdb_backup_restore_sidecar_s3_access_key | | The access key for authenticating with S3 | +| rethinkdb_backup_restore_sidecar_s3_secret_key | | The secret key for authenticating with S3 | | rethinkdb_expose_frontend | | Exposes the rethinkdb over ingress (only use for dev environments) | | rethinkdb_ingress_dns | | The virtual host to reach the rethinkdb frontend when exposed via ingress | | rethinkdb_resources | | The kubernetes resources for the actual rethinkdb container | diff --git a/control-plane/roles/rethinkdb-backup-restore/defaults/main/main.yaml b/control-plane/roles/rethinkdb-backup-restore/defaults/main/main.yaml index 6a30a1d5..8fd94bfc 100644 --- a/control-plane/roles/rethinkdb-backup-restore/defaults/main/main.yaml +++ b/control-plane/roles/rethinkdb-backup-restore/defaults/main/main.yaml @@ -18,6 +18,12 @@ rethinkdb_backup_restore_sidecar_gcp_backup_location: rethinkdb_backup_restore_sidecar_gcp_project_id: rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json: +rethinkdb_backup_restore_sidecar_s3_bucket_name: +rethinkdb_backup_restore_sidecar_s3_region: +rethinkdb_backup_restore_sidecar_s3_endpoint: +rethinkdb_backup_restore_sidecar_s3_access_key: +rethinkdb_backup_restore_sidecar_s3_secret_key: + rethinkdb_backup_restore_sidecar_object_max_keep: rethinkdb_expose_frontend: no diff --git a/control-plane/roles/rethinkdb-backup-restore/templates/rethinkdb.yaml b/control-plane/roles/rethinkdb-backup-restore/templates/rethinkdb.yaml index 035a4289..1e7e4af7 100644 --- a/control-plane/roles/rethinkdb-backup-restore/templates/rethinkdb.yaml +++ b/control-plane/roles/rethinkdb-backup-restore/templates/rethinkdb.yaml @@ -85,6 +85,32 @@ spec: name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} - name: GOOGLE_APPLICATION_CREDENTIALS value: /gcp/credentials/serviceaccount.json +{% elif rethinkdb_backup_restore_sidecar_provider == "s3" %} + - name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME + valueFrom: + secretKeyRef: + key: bucketName + name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_REGION + valueFrom: + secretKeyRef: + key: region + name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY + valueFrom: + secretKeyRef: + key: accessKey + name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} + - name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY + valueFrom: + secretKeyRef: + key: secretKey + name: backup-restore-sidecar-backup-provider-config-{{ rethinkdb_name }} {% endif %} volumeMounts: - mountPath: /data @@ -233,6 +259,12 @@ data: bucketLocation: {{ rethinkdb_backup_restore_sidecar_gcp_backup_location | b64encode }} projectID: {{ rethinkdb_backup_restore_sidecar_gcp_project_id | b64encode }} serviceaccount.json: {{ rethinkdb_backup_restore_sidecar_gcp_serviceaccount_json | to_json | b64encode }} +{% elif rethinkdb_backup_restore_sidecar_provider == "s3" %} + bucketName: {{ rethinkdb_backup_restore_sidecar_s3_bucket_name | b64encode }} + region: {{ rethinkdb_backup_restore_sidecar_s3_region | b64encode }} + endpoint: {{ rethinkdb_backup_restore_sidecar_s3_endpoint | b64encode }} + accessKey: {{ rethinkdb_backup_restore_sidecar_s3_access_key | b64encode }} + secretKey: {{ rethinkdb_backup_restore_sidecar_s3_secret_key | b64encode }} {% endif %} {% if rethinkdb_expose_frontend %} ---