mirror of
https://github.com/bitnami/charts.git
synced 2026-03-15 14:57:16 +08:00
91 lines
4.1 KiB
YAML
91 lines
4.1 KiB
YAML
{{- if .Values.disasterRecovery.enabled -}}
|
|
apiVersion: batch/v1beta1
|
|
kind: CronJob
|
|
metadata:
|
|
name: {{ include "etcd.fullname" . }}-snapshotter
|
|
labels: {{- include "etcd.labels" . | nindent 4 }}
|
|
spec:
|
|
concurrencyPolicy: Forbid
|
|
schedule: {{ .Values.disasterRecovery.cronjob.schedule | quote }}
|
|
successfulJobsHistoryLimit: {{ .Values.disasterRecovery.cronjob.historyLimit }}
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels: {{- include "etcd.labels" . | nindent 12 }}
|
|
app.kubernetes.io/component: snapshotter
|
|
{{- if .Values.disasterRecovery.cronjob.podAnnotations }}
|
|
annotations: {{- include "etcd.tplValue" ( dict "value" .Values.disasterRecovery.cronjob.podAnnotations "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
{{- if .Values.securityContext.enabled }}
|
|
securityContext:
|
|
fsGroup: {{ .Values.securityContext.fsGroup }}
|
|
runAsUser: {{ .Values.securityContext.runAsUser }}
|
|
{{- end }}
|
|
containers:
|
|
- name: etcd-snapshotter
|
|
image: {{ include "etcd.image" . }}
|
|
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
|
command:
|
|
- /scripts/save-snapshot.sh
|
|
env:
|
|
- name: BITNAMI_SNAPSHOT_DEBUG
|
|
value: {{ ternary "true" "false" .Values.disasterRecovery.debug | quote }}
|
|
- name: BITNAMI_DEBUG
|
|
value: {{ ternary "true" "false" .Values.image.debug | quote }}
|
|
- name: ETCDCTL_API
|
|
value: "3"
|
|
{{- if .Values.auth.client.secureTransport }}
|
|
- name: ETCD_CERT_FILE
|
|
value: "/opt/bitnami/etcd/certs/client/{{ .Values.auth.client.certFilename }}"
|
|
- name: ETCD_KEY_FILE
|
|
value: "/opt/bitnami/etcd/certs/client/{{ .Values.auth.client.certKeyFilename }}"
|
|
{{- if .Values.auth.client.enableAuthentication }}
|
|
- name: ETCD_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_TRUSTED_CA_FILE
|
|
value: "/opt/bitnami/etcd/certs/client/{{ .Values.auth.client.caFilename | default "ca.crt"}}"
|
|
{{- else if .Values.auth.client.caFilename }}
|
|
- name: ETCD_TRUSTED_CA_FILE
|
|
value: "/opt/bitnami/etcd/certs/client/{{ .Values.auth.client.caFilename | default "ca.crt"}}"
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.auth.rbac.enabled }}
|
|
- name: ETCD_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ if .Values.auth.rbac.existingSecret }}{{ .Values.auth.rbac.existingSecret }}{{ else }}{{ include "etcd.fullname" . }}{{ end }}
|
|
key: etcd-root-password
|
|
{{- end }}
|
|
{{- if .Values.disasterRecovery.cronjob.resources }}
|
|
resources: {{- toYaml .Values.disasterRecovery.cronjob.resources | nindent 16 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: scripts
|
|
mountPath: /scripts/save-snapshot.sh
|
|
subPath: save-snapshot.sh
|
|
- name: snapshot-volume
|
|
mountPath: /snapshots
|
|
{{- if .Values.auth.client.secureTransport }}
|
|
- name: certs
|
|
mountPath: /opt/bitnami/etcd/certs/client
|
|
readOnly: true
|
|
{{- end }}
|
|
volumes:
|
|
{{- if .Values.auth.client.secureTransport }}
|
|
- name: certs
|
|
secret:
|
|
secretName: {{ required "A secret containinig the client certificates is required" .Values.auth.client.existingSecret }}
|
|
defaultMode: 256
|
|
{{- end }}
|
|
- name: scripts
|
|
configMap:
|
|
name: {{ include "etcd.fullname" . }}-scripts
|
|
defaultMode: 0755
|
|
- name: snapshot-volume
|
|
persistentVolumeClaim:
|
|
claimName: {{ include "etcd.disasterRecovery.pvc.name" . }}
|
|
{{- end }}
|