From d316409fbd71426b820a4906c3630db5abbfe04b Mon Sep 17 00:00:00 2001 From: "Markin, Sergiy (sm515x)" Date: Tue, 23 Aug 2022 18:03:13 -0500 Subject: [PATCH] [CPID-354] Improve MariaDB Backup/Restore validation process Updating etcd chart with added backup validation function empty implementation(subject for future realization). This has to be done because helm-toolkit chart in openstack-helm-infra is now calling that function verify_databases_backup_archives() as part of backup_databases() function implementation: https://review.opendev.org/c/openstack/openstack-helm-infra/+/853027 Changed apiVersion of etcd cronjob from batch/v1beta to batch/v1 and fixed securityContext for etcd_backup. Also bumping up HTK version to 0.2.48 from a commit id obtained from merge of https://review.opendev.org/c/openstack/openstack-helm-infra/+/853027 and set proper commit id in this file: tools/helm_tk.sh Change-Id: Ie047dd0e6a2aae6483ace89cad22d6720890cdfc --- .gitignore | 3 +++ charts/etcd/Chart.yaml | 2 +- charts/etcd/templates/bin/_etcdbackup.tpl | 9 +++++++++ charts/etcd/templates/cron-job-etcd-backup.yaml | 6 +++--- tools/helm_tk.sh | 4 +++- 5 files changed, 19 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 4f262807..722ef2f2 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,6 @@ ENV/ # pycharm-ide .idea/ + +# vscode ide +.vscode diff --git a/charts/etcd/Chart.yaml b/charts/etcd/Chart.yaml index aa913eb3..ba120505 100644 --- a/charts/etcd/Chart.yaml +++ b/charts/etcd/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: A chart for a DaemonSet-based etcd deployment. name: etcd -version: 0.1.0 +version: 0.1.1 diff --git a/charts/etcd/templates/bin/_etcdbackup.tpl b/charts/etcd/templates/bin/_etcdbackup.tpl index e57444a5..9c58b9fd 100644 --- a/charts/etcd/templates/bin/_etcdbackup.tpl +++ b/charts/etcd/templates/bin/_etcdbackup.tpl @@ -48,6 +48,15 @@ dump_databases_to_directory() { fi } +# Verify all the databases backup archives +verify_databases_backup_archives() { + #################################### + # TODO: add implementation of local backup verification + #################################### + return 0 +} + + if ! [ -x "$(which etcdctl)" ]; then log ERROR $DB_NAME "etcdctl not available, Please use the correct image." SKIP_BACKUP=1 diff --git a/charts/etcd/templates/cron-job-etcd-backup.yaml b/charts/etcd/templates/cron-job-etcd-backup.yaml index 9961903d..a8cf6309 100644 --- a/charts/etcd/templates/cron-job-etcd-backup.yaml +++ b/charts/etcd/templates/cron-job-etcd-backup.yaml @@ -62,7 +62,7 @@ subjects: name: {{ .Values.service.name }}-{{ $serviceAccountName }} namespace: {{ $envAll.Release.Namespace }} --- -apiVersion: batch/v1beta1 +apiVersion: batch/v1 kind: CronJob metadata: name: {{ .Values.service.name }}-backup @@ -76,11 +76,11 @@ spec: labels: {{ tuple $envAll $applicationName "etcd-anchor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} annotations: -{{ dict "envAll" $envAll "podName" "etcd-backup" "containerNames" (list "etcd-backup") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }} +{{ dict "envAll" $envAll "podName" "etcd-backup" "containerNames" (list "etcd-backup") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: -{{ dict "envAll" $envAll "application" "etcd_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} template: spec: +{{ dict "envAll" $envAll "application" "etcd-backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }} serviceAccountName: {{ .Values.service.name }}-{{ $serviceAccountName }} restartPolicy: OnFailure nodeSelector: diff --git a/tools/helm_tk.sh b/tools/helm_tk.sh index 88e175f3..50416708 100755 --- a/tools/helm_tk.sh +++ b/tools/helm_tk.sh @@ -17,7 +17,9 @@ set -eux HTK_REPO=${HTK_REPO:-"https://opendev.org/openstack/openstack-helm-infra.git"} -HTK_STABLE_COMMIT=${HTK_COMMIT:-"ee331fd0d38e3584fecbefbf6218ba0c8e112338"} +HTK_STABLE_COMMIT=${HTK_COMMIT:-"5c4056ad341afcc577e63902b6ddbfb222d757e1"} + + TMP_DIR=$(mktemp -d)