README
¶
NectGmbH - db-backup-controller
This controller is intended to act as a generic backup solution for all databases in the cluster.
It is deployed once and configured with one or more DatabaseBackupStorageClass defining where and how to store the backups. Each DatabaseBackupStorageClass can contain multiple locations (i.e. an S3 bucket and a GCS bucket for multiple storage locations).
When the DatabaseBackupStorageClasses are configured, DatabaseBackups are created for each database to backup. These tell the controller which databases you want to have backed up into which DatabaseBackupStorageClass. Also these define how long to store the backups and how to retain backups (i.e. using a simple time-based retention or a grandfather-father-son retention).
After the controller is running and DatabaseBackupStorageClass as well as DatabaseBackup are configured the controller will create a new runner deployment inside your databases namespace which then will execute the backup in your configured interval.
As soon as that runner deployment is running you can kubernetes exec into it to trigger a backup immediately or trigger a restore of the backed up database to a point-in-time or to a specific backup.
Deployment
The controller is built using Github Actions and published into the Github Container Registry as a Helm chart and as Docker images. The most simple way to deploy it is to just execute a Helm deployment:
helm upgrade \
--create-namespace \
--install \
--namespace 'db-backup-controller' \
--version '<release-tag, i.e. "0.5.0">' \
db-backup-controller \
oci://ghcr.io/nectgmbh/db-backup-controller
The chart as well as the images are published using the git describe --tags --always version format while tags are created in SemVer. So there are v1.2.3 tags resulting in ...:1.2.3 tags for the Helm chart and the Docker images. You would deploy that using --version 1.2.3. Additionally there are ...:1.2.3-g56789ab tags for development builds. Please advice: Those are not guaranteed to be stable, so do not use them for important databases.
Development
Code Generation
The controller relies on generated CRDs and Kubernetes code. After changing anything within the pkg/apis/... directory you need to re-generate the CRDs and the Kubernetes code using make generate-code.
For this to work you need a fully set up Go development environment. Have a look at the Makefile for details around the code-generation.
Adding a new Backup-Engine
- Have a look at the
pkg/backupengine/interface.godefinition - See for example the
cockroach(advanced) orpostgres(simple) engines for implementation examples - Create a new
pkg/backupengine/<yourengine>/...package and implement the interface - Create a
Dockerfileor someDockerfile.<version>inside your package for thebackup-runnerimage - Register your new engine in the
pkg/backupengine/registry.go - Edit the
DatabaseBackupSpecto add the config for your new engine - Build all the docker-stuff (including your new engine runner-image)
Local Test Deployment
For local testing a Minikube cluster is recommended. Also you need a registry to push the images to which is accessible from your local machine and the cluster you've set up. As your registry probably differs from the value of the LOCAL_IMAGE variable in the Makefile you need to export your local-image-prefix as LOCAL_IMAGE (i.e. export LOCAL_IMAGE=http://10.0.0.1:5000/db-backup-controller:latest) before executing the following make-targets:
make deploy-local- Builds all Docker images required, pushes them into the registry mentioned in theLOCAL_IMAGEand then deploys thedb-backup-controllerchart into your current Kubernetes context (which should be the Minikube)make deploy-testenv- Deploys a test environment consisting of a CockroachDB including test data, MinIO,DatabaseBackupStorageClassandDatabaseBackupinto your current Kubernetes context. When settingTESTENV_HUGEDATA=trueduring the deployment a large amount of data is inserted into the database which might take a while. This is intended to test big backups so make sure you do have enough storage space to accomodate for all the data.make force-local-backup- Executes a backup in the testenv (will fail when testenv is not deployed). See the logs of the backup-runner in thedb-backup-controller-testenvnamespace for its current status.make force-local-dbdelete- Removes thedatabasedatabase from the CRDB instance so theforce-local-restorecan indeed restore the databasemake force-local-restore- Executes a restore of the last backup of the testenv. Again look for logs in the runner in the namespace. It will fail if you don't delete the database before executing the restore (intended behavior as CRDB refuses to restore over an existing database).
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
backup-controller
Module
|
|
|
backup-runner
Module
|
|
|
backup-unpack
Module
|
|
|
pkg
|
|
|
apis/v1
Package v1 contains version 1 of the custom resource definitions
|
Package v1 contains version 1 of the custom resource definitions |
|
backupengine
Package backupengine contains a definition how to implement a backup engine
|
Package backupengine contains a definition how to implement a backup engine |
|
backupengine/base
Package base contains a simple engine to return a predefined (YAML) pod-spec in order not to invent the wheel over and over again
|
Package base contains a simple engine to return a predefined (YAML) pod-spec in order not to invent the wheel over and over again |
|
backupengine/cockroach
Package cockroach contains the implementation of the backupengine for CockroachDB
|
Package cockroach contains the implementation of the backupengine for CockroachDB |
|
backupengine/opts
Package opts contains helpers for the backup-engines to prevent import-cycles when importing engines into a registry
|
Package opts contains helpers for the backup-engines to prevent import-cycles when importing engines into a registry |
|
backupengine/postgres
Package postgres contains the implementation of the backupengine for PostgreSQL
|
Package postgres contains the implementation of the backupengine for PostgreSQL |
|
cryptostream
Package cryptostream implements transparent encryption on ReaderAt and Writer streams in order to enforce encrypted backups
|
Package cryptostream implements transparent encryption on ReaderAt and Writer streams in order to enforce encrypted backups |
|
generated/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
|
generated/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
|
generated/clientset/versioned/typed/apis/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
generated/clientset/versioned/typed/apis/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
|
labelmanager
Package labelmanager contains a store to manage retention of backups through "labels" assigned in a specific format
|
Package labelmanager contains a store to manage retention of backups through "labels" assigned in a specific format |
|
rssgenerator
Package rssgenerator contains generation of resources required to start a db-backup runner through the Kubernetes API
|
Package rssgenerator contains generation of resources required to start a db-backup runner through the Kubernetes API |
|
storage
Package storage describes how to interact with underlying storage
|
Package storage describes how to interact with underlying storage |
|
storage/helper
Package helper contains simple utilities to help with storage management
|
Package helper contains simple utilities to help with storage management |
|
storage/s3
Package s3 provides a storage.Manager for S3
|
Package s3 provides a storage.Manager for S3 |