Skip to content

Commit

Permalink
Add backups to postgres-operator example (#52)
Browse files Browse the repository at this point in the history
Signed-off-by: Jeff McCoy <code@jeffm.us>
  • Loading branch information
RothAndrew authored and jeff-mccoy committed Sep 17, 2021
1 parent cc9fe50 commit 72479d4
Show file tree
Hide file tree
Showing 10 changed files with 400 additions and 9 deletions.
6 changes: 6 additions & 0 deletions examples/postgres-operator/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ After looking at several alternatives, Zalando's postgres operator felt like the
- Connection // Username: `zarf`
- Connection // Password: (run the command in the table below)
- SSL // SSL mode: `Require`
5. Create the backups bucket in MinIO (TODO: Figure out how to create the bucket automatically)
1. Navigate to [https://minio-console.localhost:8443](https://minio-console.localhost:8443)
2. Log in - Username: `minio` - Password: `minio123`
3. Buckets -> Create Bucket
- Bucket Name: `postgres-operator-backups`

## Logins

Expand All @@ -28,6 +33,7 @@ After looking at several alternatives, Zalando's postgres operator felt like the
| Postgres Operator UI | [https://postgres-operator-ui.localhost:8443](https://postgres-operator-ui.localhost:8443) | N/A | N/A |
| PGAdmin | [https://pgadmin.localhost:8443](https://pgadmin.localhost:8443) | `zarf@example.local` | Run: `zarf tools get-admin-password` |
| Example Postgres Database | `acid-zarf-test.postgres-operator.svc.cluster.local` | `zarf` | Run: `echo $(kubectl get secret zarf.acid-zarf-test.credentials.postgresql.acid.zalan.do -n postgres-operator --template={{.data.password}} \| base64 -d)` |
| Minio Console | [https://minio-console.localhost:8443](https://minio-console.localhost:8443) | `minio` | `minio123` |

## References
- https://blog.flant.com/comparing-kubernetes-operators-for-postgresql/
Expand Down
64 changes: 64 additions & 0 deletions examples/postgres-operator/manifests/minio-instance.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: minio-instance
namespace: minio-operator
spec:
chart: https://%{KUBERNETES_API}%/static/charts/minio-instance-4.2.3-bb.1.tgz
targetNamespace: minio-operator
# https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio/-/blob/4.2.3-bb.1/chart/values.yaml
valuesContent: |-
hostname: minio.localhost
tenants:
pools:
## Servers specifies the number of MinIO Tenant Pods / Servers in this pool.
## For standalone mode, supply 1. For distributed mode, supply 4 or more.
## Note that the operator does not support upgrading from standalone to distributed mode.
- servers: 1
## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server.
volumesPerServer: 4
## size specifies the capacity per volume
size: 1Gi
## storageClass specifies the storage class name to be used for this pool
storageClassName: local-path
## Used to specify a toleration for a pod
tolerations: {}
## nodeSelector parameters for MinIO Pods. It specifies a map of key-value pairs. For the pod to be
## eligible to run on a node, the node must have each of the
## indicated key-value pairs as labels.
## Read more here: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
nodeSelector: {}
## Affinity settings for MinIO pods. Read more about affinity
## here: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity.
affinity: {}
## Configure resource requests and limits for MinIO containers
resources:
requests:
cpu: "250m"
memory: "1Gi"
limits:
cpu: "500m"
memory: "1Gi"
## Configure security context
## BB Note: Defaults for Ironbank image are 1001 for user, group, and fsGroup
securityContext:
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
console:
enabled: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: minio-console-ingressroute
namespace: minio-operator
spec:
entryPoints:
- websecure
routes:
- match: Host(`minio-console.localhost`)
kind: Rule
services:
- name: minio-instance-console
port: 9090
23 changes: 23 additions & 0 deletions examples/postgres-operator/manifests/minio-operator.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: minio-operator
namespace: minio-operator
spec:
chart: https://%{KUBERNETES_API}%/static/charts/minio-operator-4.2.3-bb.1.tgz
targetNamespace: minio-operator
# https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator/-/blob/2.0.9-bb.3/chart/values.yaml
valuesContent: |-
operator:
image:
repository: registry1.dso.mil/ironbank/opensource/minio/operator
tag: v4.2.3
resources:
requests:
cpu: 200m
memory: 256Mi
ephemeral-storage: 500Mi
limits:
cpu: 200m
memory: 256Mi
4 changes: 0 additions & 4 deletions examples/postgres-operator/manifests/namespace.yaml

This file was deleted.

9 changes: 9 additions & 0 deletions examples/postgres-operator/manifests/namespaces.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: v1
kind: Namespace
metadata:
name: postgres-operator
---
apiVersion: v1
kind: Namespace
metadata:
name: minio-operator
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ spec:
zarf: []
databases:
zarf: zarf
enableLogicalBackup: true
logicalBackupSchedule: "*/2 * * * *"
resources:
requests:
cpu: 100m
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,19 @@ spec:
targetNamespace: "postgres-operator"
teams:
- "acid"
extraEnvs:
- name: WALE_S3_ENDPOINT
value: "http+path://minio.minio-operator.svc.cluster.local:80"
- name: AWS_ENDPOINT
value: "http://minio.minio-operator.svc.cluster.local"
- name: SPILO_S3_BACKUP_PREFIX
value: "spilo/"
- name: AWS_ACCESS_KEY_ID
value: "minio"
- name: AWS_SECRET_ACCESS_KEY
value: "minio123"
- name: SPILO_S3_BACKUP_BUCKET
value: "postgres-operator-backups"
# We are defining our own Ingress manifest
ingress:
enabled: false
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,18 @@ spec:
default_memory_limit: "500Mi"
min_cpu_limit: "250m"
min_memory_limit: "250Mi"
# configLogicalBackup:
configAwsOrGcp:
wal_s3_bucket: "postgres-operator-backups"
configLogicalBackup:
# logical_backup_docker_image: "registry1.dso.mil/.../logical-backup:v1.7.0"
# logical_backup_s3_endpoint: ""
# logical_backup_s3_access_key_id: ""
# logical_backup_s3_secret_access_key : ""
# logical_backup_schedule: "30 00 * * *"
logical_backup_s3_endpoint: "http://minio.minio-operator.svc.cluster.local"
logical_backup_s3_access_key_id: "minio"
logical_backup_s3_bucket: "postgres-operator-backups"
logical_backup_s3_secret_access_key : "minio123"
logical_backup_s3_sse: ""
logical_backup_schedule: "*/2 * * * *"
configKubernetes:
pod_environment_configmap: "postgres-operator/postgres-pod-config"
configConnectionPooler:
# connection_pooler_image: "registry1.dso.mil/.../pgbouncer:master-18"
connection_pooler_default_cpu_request: "100m"
Expand All @@ -46,3 +52,19 @@ spec:
runAsNonRoot: true
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
---
apiVersion: v1
kind: ConfigMap
metadata:
name: postgres-pod-config
namespace: postgres-operator
data:
AWS_ENDPOINT: http://minio.minio-operator.svc.cluster.local
AWS_ACCESS_KEY_ID: minio
AWS_SECRET_ACCESS_KEY: minio123
BACKUP_NUM_TO_RETAIN: "3"
BACKUP_SCHEDULE: "*/2 * * * *"
USE_WALG_BACKUP: "true"
WALG_DISABLE_S3_SSE: "true"
USE_WALG_RESTORE: "false"
AWS_S3_FORCE_PATH_STYLE: "true"
9 changes: 9 additions & 0 deletions examples/postgres-operator/zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ kind: ZarfPackageConfig
metadata:
name: postgres-operator-demo
description: "Demo of prod-like Postgres database(s) on an edge cluster"
# uncompressed: true

local:
manifests: manifests
Expand All @@ -16,6 +17,12 @@ local:
- name: pgadmin4
url: https://helm.runix.net
version: 1.7.2
- name: minio-operator
url: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git
version: 4.2.3-bb.1
- name: minio-instance
url: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio.git
version: 4.2.3-bb.1

images:
- registry.opensource.zalan.do/acid/postgres-operator:v1.7.0
Expand All @@ -24,3 +31,5 @@ local:
- registry.opensource.zalan.do/acid/pgbouncer:master-18
- registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.0
- docker.io/dpage/pgadmin4:5.5
- registry1.dso.mil/ironbank/opensource/minio/operator:v4.2.3
- registry1.dso.mil/ironbank/opensource/minio/minio:RELEASE.2021-08-31T05-46-54Z
Loading

0 comments on commit 72479d4

Please sign in to comment.