From d1c4a54bf736e9021516c75572342dd4f5742dcb Mon Sep 17 00:00:00 2001
From: Sergiy Markin <smarkin@mirantis.com>
Date: Fri, 1 Dec 2023 22:45:54 +0000
Subject: [PATCH] [backups] Added staggered backups

This PS adds staggered backups possibility by adding anti-affinity rules
to backups cronjobs that can be followed across several namespaces to
decrease load on remote backup destination server making sure that at
every moment in time there is only one backup upload is in progress.

Change-Id: I320c6ce6370b45c602114189819a4225e479f680
---
 charts/etcd/Chart.yaml                        |  2 +-
 .../etcd/templates/cron-job-etcd-backup.yaml  | 13 ++++++++--
 .../values_override/staggered-backups.yaml    | 25 +++++++++++++++++++
 3 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 charts/etcd/values_override/staggered-backups.yaml

diff --git a/charts/etcd/Chart.yaml b/charts/etcd/Chart.yaml
index 7806da69..80a6cf0c 100644
--- a/charts/etcd/Chart.yaml
+++ b/charts/etcd/Chart.yaml
@@ -15,4 +15,4 @@
 apiVersion: v1
 description: A chart for a DaemonSet-based etcd deployment.
 name: etcd
-version: 0.1.2
+version: 0.1.3
diff --git a/charts/etcd/templates/cron-job-etcd-backup.yaml b/charts/etcd/templates/cron-job-etcd-backup.yaml
index a8cf6309..e42144ad 100644
--- a/charts/etcd/templates/cron-job-etcd-backup.yaml
+++ b/charts/etcd/templates/cron-job-etcd-backup.yaml
@@ -16,7 +16,10 @@ limitations under the License.
 {{- if .Values.manifests.cron_etcd_backup }}
 {{- $envAll := . }}
 {{- $serviceAccountName := "etcd-backup" }}
-{{- $applicationName := "etcd-backup" }}
+# Strip off "etcd" from service name to get the application name
+# Note that application can either be kubernetes or calico for now
+# and may expand in scope in the future
+{{- $applicationName := .Values.service.name | replace "-etcd" "" }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -74,7 +77,7 @@ spec:
   jobTemplate:
     metadata:
       labels:
-{{ tuple $envAll $applicationName "etcd-anchor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+{{ tuple $envAll $applicationName "etcd-backup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
       annotations:
 {{ dict "envAll" $envAll "podName" "etcd-backup" "containerNames" (list "etcd-backup") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
@@ -83,6 +86,12 @@ spec:
 {{ dict "envAll" $envAll "application" "etcd-backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
           serviceAccountName: {{ .Values.service.name }}-{{ $serviceAccountName }}
           restartPolicy: OnFailure
+{{- if .Values.pod.etcd_backup }}
+{{- if .Values.pod.etcd_backup.affinity }}
+          affinity:
+{{  index .Values.pod.etcd_backup "affinity"  | toYaml | indent 12}}
+{{- end }}
+{{- end }}
           nodeSelector:
             {{ .Values.labels.anchor.node_selector_key }}: {{ .Values.labels.anchor.node_selector_value }}
           containers:
diff --git a/charts/etcd/values_override/staggered-backups.yaml b/charts/etcd/values_override/staggered-backups.yaml
new file mode 100644
index 00000000..e51a7898
--- /dev/null
+++ b/charts/etcd/values_override/staggered-backups.yaml
@@ -0,0 +1,25 @@
+---
+pod:
+  labels:
+    etcd-backup:
+      staggered-backups: enabled
+  etcd_backup:
+    affinity:
+      podAntiAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+                - key: status.phase
+                  operator: NotIn
+                  values:
+                    - Running
+                - key: staggered-backups
+                  operator: In
+                  values:
+                    - enabled
+            namespaces:
+              - openstack
+              - kube-system
+              - osh-infra
+            topologyKey: kubernetes.io/os
+...