[backups] Added staggered backups

This PS adds staggered backups possibility by adding anti-affinity rules to backups cronjobs that can be followed across several namespaces to decrease load on remote backup destination server making sure that at every moment in time there is only one backup upload is in progress. Change-Id: I320c6ce6370b45c602114189819a4225e479f680
2023-12-01 22:45:54 +00:00 · 2023-12-01 22:45:54 +00:00 · d1c4a54bf7
parent 903b1363db
commit d1c4a54bf7
3 changed files with 37 additions and 3 deletions
--- a/charts/etcd/Chart.yaml
+++ b/charts/etcd/Chart.yaml
@ -15,4 +15,4 @@
 apiVersion: v1
 description: A chart for a DaemonSet-based etcd deployment.
 name: etcd
-version: 0.1.2
+version: 0.1.3
--- a/charts/etcd/templates/cron-job-etcd-backup.yaml
+++ b/charts/etcd/templates/cron-job-etcd-backup.yaml
@ -16,7 +16,10 @@ limitations under the License.
 {{- if .Values.manifests.cron_etcd_backup }}
 {{- $envAll := . }}
 {{- $serviceAccountName := "etcd-backup" }}
-{{- $applicationName := "etcd-backup" }}
+# Strip off "etcd" from service name to get the application name
+# Note that application can either be kubernetes or calico for now
+# and may expand in scope in the future
+{{- $applicationName := .Values.service.name | replace "-etcd" "" }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@ -74,7 +77,7 @@ spec:
  jobTemplate:
    metadata:
      labels:
-{{ tuple $envAll $applicationName "etcd-anchor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+{{ tuple $envAll $applicationName "etcd-backup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
      annotations:
 {{ dict "envAll" $envAll "podName" "etcd-backup" "containerNames" (list "etcd-backup") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
    spec:
@ -83,6 +86,12 @@ spec:
 {{ dict "envAll" $envAll "application" "etcd-backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
          serviceAccountName: {{ .Values.service.name }}-{{ $serviceAccountName }}
          restartPolicy: OnFailure
+{{- if .Values.pod.etcd_backup }}
+{{- if .Values.pod.etcd_backup.affinity }}
+          affinity:
+{{  index .Values.pod.etcd_backup "affinity"  | toYaml | indent 12}}
+{{- end }}
+{{- end }}
          nodeSelector:
            {{ .Values.labels.anchor.node_selector_key }}: {{ .Values.labels.anchor.node_selector_value }}
          containers:
--- a/charts/etcd/values_override/staggered-backups.yaml
+++ b/charts/etcd/values_override/staggered-backups.yaml
@ -0,0 +1,25 @@
+---
+pod:
+  labels:
+    etcd-backup:
+      staggered-backups: enabled
+  etcd_backup:
+    affinity:
+      podAntiAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+                - key: status.phase
+                  operator: NotIn
+                  values:
+                    - Running
+                - key: staggered-backups
+                  operator: In
+                  values:
+                    - enabled
+            namespaces:
+              - openstack
+              - kube-system
+              - osh-infra
+            topologyKey: kubernetes.io/os
+...