Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-06 23:47:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mongodb] Add trivial backup option (#17816)

Browse Source 
* [bitnami/mongodb] add trivial backup for mongodb

Signed-off-by: Pat Riehecky <riehecky@fnal.gov>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* Fix template EOF and values style

Signed-off-by: Fran de Paz <fdepaz@vmware.com>

---------

Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
Signed-off-by: Fran de Paz <fdepaz@vmware.com>
Signed-off-by: Fran de Paz Galán <fdepaz@vmware.com>
Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
Co-authored-by: Fran de Paz <fdepaz@vmware.com>
This commit is contained in:
Pat Riehecky
2023-08-30 02:43:15 -05:00
committed by GitHub
parent 21f6397c8d
commit 323d4fbba3
5 changed files with 315 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bitnami/mongodb/Chart.yaml
View File

@@ -38,5 +38,5 @@ maintainers:
url: https://github.com/bitnami/charts
name: mongodb
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/mongodb
version: 13.17.2
- https://github.com/bitnami/charts/tree/main/bitnami/mongodb
version: 13.18.0

32
bitnami/mongodb/README.md
View File

@@ -310,6 +310,38 @@ Refer to the [chart documentation for more information on each of these architec
| `persistence.volumeClaimTemplates.requests` | Custom PVC requests attributes | `{}` |
| `persistence.volumeClaimTemplates.dataSource` | Add dataSource to the VolumeClaimTemplate | `{}` |
### Backup parameters
| Name | Description | Value |
| ------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
| `backup.enabled` | Enable the logical dump of the database "regularly" | `false` |
| `backup.cronjob.schedule` | Set the cronjob parameter schedule | `@daily` |
| `backup.cronjob.concurrencyPolicy` | Set the cronjob parameter concurrencyPolicy | `Allow` |
| `backup.cronjob.failedJobsHistoryLimit` | Set the cronjob parameter failedJobsHistoryLimit | `1` |
| `backup.cronjob.successfulJobsHistoryLimit` | Set the cronjob parameter successfulJobsHistoryLimit | `3` |
| `backup.cronjob.startingDeadlineSeconds` | Set the cronjob parameter startingDeadlineSeconds | `""` |
| `backup.cronjob.ttlSecondsAfterFinished` | Set the cronjob parameter ttlSecondsAfterFinished | `""` |
| `backup.cronjob.restartPolicy` | Set the cronjob parameter restartPolicy | `OnFailure` |
| `backup.cronjob.containerSecurityContext.runAsUser` | User ID for the backup container | `1001` |
| `backup.cronjob.containerSecurityContext.runAsGroup` | Group ID for the backup container | `0` |
| `backup.cronjob.containerSecurityContext.runAsNonRoot` | Set backup container's Security Context runAsNonRoot | `true` |
| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem` | Is the container itself readonly | `true` |
| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | Is it possible to escalate backup pod(s) privileges | `false` |
| `backup.cronjob.containerSecurityContext.seccompProfile.type` | Set backup container's Security Context seccompProfile type | `RuntimeDefault` |
| `backup.cronjob.containerSecurityContext.capabilities.drop` | Set backup container's Security Context capabilities to drop | `["ALL"]` |
| `backup.cronjob.command` | Set backup container's command to run | `[]` |
| `backup.cronjob.labels` | Set the cronjob labels | `{}` |
| `backup.cronjob.annotations` | Set the cronjob annotations | `{}` |
| `backup.cronjob.storage.existingClaim` | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) | `""` |
| `backup.cronjob.storage.resourcePolicy` | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""` |
| `backup.cronjob.storage.storageClass` | PVC Storage Class for the backup data volume | `""` |
| `backup.cronjob.storage.accessModes` | PV Access Mode | `["ReadWriteOnce"]` |
| `backup.cronjob.storage.size` | PVC Storage Request for the backup data volume | `8Gi` |
| `backup.cronjob.storage.annotations` | PVC annotations | `{}` |
| `backup.cronjob.storage.mountPath` | Path to mount the volume at | `/backup/mongodb` |
| `backup.cronjob.storage.subPath` | Subdirectory of the volume to mount at | `""` |
| `backup.cronjob.storage.volumeClaimTemplates.selector` | A label query over volumes to consider for binding (e.g. when using local volumes) | `{}` |
### RBAC parameters
| Name | Description | Value |

133
bitnami/mongodb/templates/backup/cronjob.yaml Normal file
View File

@@ -0,0 +1,133 @@
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if .Values.backup.enabled }}
apiVersion: batch/v1
kind: CronJob
metadata:
name: {{ include "mongodb.fullname" . }}-mongodump
namespace: {{ include "mongodb.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodump
{{- if .Values.backup.cronjob.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.backup.cronjob.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
schedule: {{ quote .Values.backup.cronjob.schedule }}
concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }}
failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }}
successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }}
{{- if .Values.backup.cronjob.startingDeadlineSeconds }}
startingDeadlineSeconds: {{ .Values.backup.cronjob.startingDeadlineSeconds }}
{{- end }}
jobTemplate:
spec:
{{- if .Values.backup.cronjob.ttlSecondsAfterFinished }}
ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }}
{{- end }}
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 12 }}
app.kubernetes.io/component: mongodump
{{- if .Values.backup.cronjob.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 12 }}
{{- end }}
{{- if or .Values.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.backup.cronjob.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 12 }}
{{- end }}
{{- end }}
spec:
containers:
- name: {{ include "mongodb.fullname" . }}-mongodump
image: {{ include "mongodb.image" . }}
env:
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
- name: MONGODB_SERVICE_NAME
value: {{ include "mongodb.service.nameOverride" . }}
- name: MONGODB_PORT_NUMBER
value: {{ .Values.containerPorts.mongodb | quote }}
- name: MONGODUMP_DIR
value: {{ .Values.backup.cronjob.storage.mountPath }}
{{- if .Values.tls.enabled }}
- name: MONGODB_CLIENT_EXTRA_FLAGS
value: --tls --tlsCertificateKeyFile=/certs/mongodb.pem --tlsCAFile=/certs/mongodb-ca-cert
{{- end }}
{{- if .Values.backup.cronjob.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
{{- else }}
command:
- /bin/sh
- -c
- "mongodump --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} --oplog --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz"
{{- end }}
volumeMounts:
{{- if .Values.tls.enabled }}
- name: certs
mountPath: /certs
{{- end }}
- name: datadir
mountPath: {{ .Values.backup.cronjob.storage.mountPath }}
subPath: {{ .Values.backup.cronjob.storage.subPath }}
securityContext:
{{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.containerSecurityContext "context" $) | nindent 14 }}
restartPolicy: {{ .Values.backup.cronjob.restartPolicy }}
volumes:
{{- if .Values.tls.enabled }}
- name: certs
emptyDir: {}
{{- if (include "mongodb.autoGenerateCerts" .) }}
- name: certs-volume
secret:
secretName: {{ template "mongodb.tlsSecretName" . }}
items:
- key: mongodb-ca-cert
path: mongodb-ca-cert
mode: 0600
- key: mongodb-ca-key
path: mongodb-ca-key
mode: 0600
{{- else }}
- name: mongodb-certs-0
secret:
secretName: {{ include "common.tplvalues.render" ( dict "value" .Values.tls.standalone.existingSecret "context" $) }}
defaultMode: 256
{{- end }}
{{- end }}
{{- if .Values.backup.cronjob.storage.existingClaim }}
- name: datadir
persistentVolumeClaim:
claimName: {{ printf "%s" (tpl .Values.backup.cronjob.storage.existingClaim .) }}
{{- else }}
- name: datadir
persistentVolumeClaim:
claimName: {{ include "mongodb.fullname" . }}-mongodump
{{- end }}
{{- end }}

41
bitnami/mongodb/templates/backup/pvc.yaml Normal file
View File

@@ -0,0 +1,41 @@
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if and .Values.backup.enabled (not .Values.backup.cronjob.storage.existingClaim) -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "mongodb.fullname" . }}-mongodump
namespace: {{ include "mongodb.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodump
{{- if .Values.backup.cronjob.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations .Values.backup.cronjob.storage.resourcePolicy}}
annotations:
{{- if .Values.backup.cronjob.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.backup.cronjob.storage.resourcePolicy }}
helm.sh/resource-policy: {{ .Values.backup.cronjob.storage.resourcePolicy | quote }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.backup.cronjob.storage.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.backup.cronjob.storage.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.backup.cronjob.storage "global" .Values.global) | nindent 2 }}
{{- end }}

107
bitnami/mongodb/values.yaml
View File

@@ -1064,6 +1064,113 @@ persistence:
##
dataSource: {}
## @section Backup parameters
## This section implements a trivial logical dump cronjob of the database.
## This only comes with the consistency guarantees of the dump program.
## This is not a snapshot based roll forward/backward recovery backup.
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/
##
backup:
## @param backup.enabled Enable the logical dump of the database "regularly"
##
enabled: false
## Fine tuning cronjob's config
##
cronjob:
## @param backup.cronjob.schedule Set the cronjob parameter schedule
##
schedule: "@daily"
## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy
##
concurrencyPolicy: Allow
## @param backup.cronjob.failedJobsHistoryLimit Set the cronjob parameter failedJobsHistoryLimit
##
failedJobsHistoryLimit: 1
## @param backup.cronjob.successfulJobsHistoryLimit Set the cronjob parameter successfulJobsHistoryLimit
##
successfulJobsHistoryLimit: 3
## @param backup.cronjob.startingDeadlineSeconds Set the cronjob parameter startingDeadlineSeconds
##
startingDeadlineSeconds: ""
## @param backup.cronjob.ttlSecondsAfterFinished Set the cronjob parameter ttlSecondsAfterFinished
##
ttlSecondsAfterFinished: ""
## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy
##
restartPolicy: OnFailure
## backup container's Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param backup.cronjob.containerSecurityContext.runAsUser User ID for the backup container
## @param backup.cronjob.containerSecurityContext.runAsGroup Group ID for the backup container
## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set backup container's Security Context runAsNonRoot
## @param backup.cronjob.containerSecurityContext.readOnlyRootFilesystem Is the container itself readonly
## @param backup.cronjob.containerSecurityContext.allowPrivilegeEscalation Is it possible to escalate backup pod(s) privileges
## @param backup.cronjob.containerSecurityContext.seccompProfile.type Set backup container's Security Context seccompProfile type
## @param backup.cronjob.containerSecurityContext.capabilities.drop Set backup container's Security Context capabilities to drop
##
containerSecurityContext:
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
## @param backup.cronjob.command Set backup container's command to run
##
command: []
## @param backup.cronjob.labels Set the cronjob labels
##
labels: {}
## @param backup.cronjob.annotations Set the cronjob annotations
##
annotations: {}
## Backup container's
##
storage:
## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
## If defined, PVC must be created manually before volume will be bound
##
existingClaim: ""
## @param backup.cronjob.storage.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
##
resourcePolicy: ""
## @param backup.cronjob.storage.storageClass PVC Storage Class for the backup data volume
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner.
##
storageClass: ""
## @param backup.cronjob.storage.accessModes PV Access Mode
##
accessModes:
- ReadWriteOnce
## @param backup.cronjob.storage.size PVC Storage Request for the backup data volume
##
size: 8Gi
## @param backup.cronjob.storage.annotations PVC annotations
##
annotations: {}
## @param backup.cronjob.storage.mountPath Path to mount the volume at
##
mountPath: /backup/mongodb
## @param backup.cronjob.storage.subPath Subdirectory of the volume to mount at
## and one PV for multiple services.
##
subPath: ""
## Fine tuning for volumeClaimTemplates
##
volumeClaimTemplates:
## @param backup.cronjob.storage.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
## A label query over volumes to consider for binding (e.g. when using local volumes)
## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
##
selector: {}
## @section RBAC parameters
##