From 7cb3b84ecb64df840f9f2166c951e6a5f860fea8 Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Sat, 28 Mar 2026 03:15:39 +0000 Subject: [PATCH] feat: Replace custom pgdump job with CNPG ScheduledBackup --- infrastructure/addons/cnpg/kustomization.yaml | 2 +- .../addons/cnpg/pgdump-cronjob.yaml | 61 ------------------- .../addons/cnpg/scheduled-backup-rancher.yaml | 11 ++++ 3 files changed, 12 insertions(+), 62 deletions(-) delete mode 100644 infrastructure/addons/cnpg/pgdump-cronjob.yaml create mode 100644 infrastructure/addons/cnpg/scheduled-backup-rancher.yaml diff --git a/infrastructure/addons/cnpg/kustomization.yaml b/infrastructure/addons/cnpg/kustomization.yaml index a242d32..1fd6e97 100644 --- a/infrastructure/addons/cnpg/kustomization.yaml +++ b/infrastructure/addons/cnpg/kustomization.yaml @@ -8,4 +8,4 @@ resources: - cnpg-cluster-rw-svc.yaml - role-b2-reader.yaml - rolebinding-b2-reader.yaml - - pgdump-cronjob.yaml \ No newline at end of file + - scheduled-backup-rancher.yaml diff --git a/infrastructure/addons/cnpg/pgdump-cronjob.yaml b/infrastructure/addons/cnpg/pgdump-cronjob.yaml deleted file mode 100644 index 6231a5f..0000000 --- a/infrastructure/addons/cnpg/pgdump-cronjob.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: pgdump-rancher - namespace: cnpg-cluster -spec: - schedule: "0 2 * * 0" - concurrencyPolicy: Forbid - successfulJobsHistoryLimit: 4 - failedJobsHistoryLimit: 4 - jobTemplate: - spec: - backoffLimit: 3 - template: - spec: - restartPolicy: OnFailure - containers: - - name: pgdump - image: ghcr.io/cloudnative-pg/pgbackrest:latest - command: - - /bin/sh - - -c - - | - set -e - export AWS_ACCESS_KEY_ID=$(cat /etc/b2/credentials/B2_ACCOUNT_ID) - export AWS_SECRET_ACCESS_KEY=$(cat /etc/b2/credentials/B2_APPLICATION_KEY) - export AWS_ENDPOINT=https://s3.us-east-005.backblazeb2.com - - BACKUP_FILE="rancher-backup-$(date +%Y%m%d-%H%M%S).sql.gz" - - pg_dump -h cnpg-cluster-rw.cnpg-cluster.svc -U postgres -d postgres --no-owner --clean | gzip | \ - aws s3 cp - s3://HetznerTerra/rancher-backups/$BACKUP_FILE - - echo "Backup completed: $BACKUP_FILE" - env: - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: rancher-db-password - key: password - volumeMounts: - - name: b2-credentials - mountPath: /etc/b2/credentials - readOnly: true - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 500m - memory: 512Mi - volumes: - - name: b2-credentials - secret: - secretName: b2-credentials - nodeSelector: - kubernetes.io/hostname: k8s-cluster-cp-1 - tolerations: - - key: node-role.kubernetes.io/control-plane - operator: Exists - effect: NoSchedule \ No newline at end of file diff --git a/infrastructure/addons/cnpg/scheduled-backup-rancher.yaml b/infrastructure/addons/cnpg/scheduled-backup-rancher.yaml new file mode 100644 index 0000000..7deffa3 --- /dev/null +++ b/infrastructure/addons/cnpg/scheduled-backup-rancher.yaml @@ -0,0 +1,11 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: ScheduledBackup +metadata: + name: rancher-db-weekly + namespace: cnpg-cluster +spec: + schedule: "0 0 2 * * 0" + backupOwnerReference: self + cluster: + name: rancher-db + target: primary