-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathetcd-backup.yaml
51 lines (51 loc) · 1.96 KB
/
etcd-backup.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
apiVersion: batch/v1
kind: CronJob
metadata:
name: backup
namespace: kube-system
spec:
schedule: "@hourly"
jobTemplate:
spec:
template:
spec:
imagePullSecrets:
- name: registry-docker-hub
containers:
- name: backup
image: alpine:3.21.3
imagePullPolicy: IfNotPresent
volumeMounts:
- name: backups
mountPath: /backups
- mountPath: /var/run/secrets/talos.dev
name: talos-secrets
readOnly: true
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
command:
- /bin/sh
- -c
- |
wget -O /usr/local/bin/talosctl https://github.com/siderolabs/talos/releases/download/v1.9.5/talosctl-linux-amd64 \
&& chmod +x /usr/local/bin/talosctl \
&& back=$(date +%s) \
&& talosctl -n 192.168.1.249 etcd snapshot /tmp/etcd-chi.kubernetes-$back.db \
&& gzip -9 /tmp/etcd-chi.kubernetes-$back.db \
&& mv /tmp/etcd-chi.kubernetes-$back.db.gz /backups/etcd-chi.kubernetes-$back.db.gz \
&& talosctl -n 192.168.1.250 etcd snapshot /tmp/etcd-psi.kubernetes-$back.db \
&& gzip -9 /tmp/etcd-psi.kubernetes-$back.db \
&& mv /tmp/etcd-psi.kubernetes-$back.db.gz /backups/etcd-psi.kubernetes-$back.db.gz \
&& talosctl -n 192.168.1.251 etcd snapshot /tmp/etcd-omega.kubernetes-$back.db \
&& gzip -9 /tmp/etcd-omega.kubernetes-$back.db \
&& mv /tmp/etcd-omega.kubernetes-$back.db.gz /backups/etcd-omega.kubernetes-$back.db.gz
restartPolicy: OnFailure
volumes:
- name: backups
nfs:
server: 192.168.1.135
path: /mnt/data/backups/Homelab/etcd
- name: talos-secrets
secret:
secretName: etcd-backup-talos-secrets