From 6115b0a1215fa54f96b041083d6d51bac9e4081b Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Fri, 1 Oct 2021 13:43:37 +0000 Subject: [PATCH] use deployment for manual backup restore --- README.md | 2 +- doc/BackupAndRestore.md | 34 ++++++------- .../docker-backup/image/resources/backup.sh | 3 +- .../docker-backup/image/resources/restore.sh | 13 ++--- infrastructure/docker-backup/test/Dockerfile | 3 ++ src/main/cljc/dda/c4k_jira/backup.cljc | 15 ++++-- src/main/cljc/dda/c4k_jira/core.cljc | 3 +- src/main/cljs/dda/c4k_jira/browser.cljs | 10 ++-- .../backup/backup-restore-deployment.yaml | 50 +++++++++++++++++++ src/main/resources/backup/backup-restore.yaml | 41 --------------- src/test/cljc/dda/c4k_jira/core_test.cljc | 4 +- 11 files changed, 96 insertions(+), 82 deletions(-) create mode 100644 src/main/resources/backup/backup-restore-deployment.yaml delete mode 100644 src/main/resources/backup/backup-restore.yaml diff --git a/README.md b/README.md index 1968d19..44eaff8 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ target/graalvm/c4k-jira src/test/resources/valid-config.edn src/test/resources/v ## Documentation * [Example Setup on Hetzner](doc/SetupOnHetzner.md) -* [Backup and Restore](doc/BackupAndResotre.md) +* [Backup and Restore](doc/BackupAndRestore.md) ## License diff --git a/doc/BackupAndRestore.md b/doc/BackupAndRestore.md index 0c9df64..8eacac4 100644 --- a/doc/BackupAndRestore.md +++ b/doc/BackupAndRestore.md @@ -10,40 +10,40 @@ ## Manual init the restic repository for the first time 1. apply backup-and-restore pod: - `kubectl apply -f src/main/resources/backup/backup-restore.yaml` -1. exec into pod and execute restore pod - `kubectl exec -it backup-restore -- /usr/local/bin/init.sh` + `kubectl scale deployment backup-restore --replicas=1` +1. exec into pod and execute restore pod (press tab to get your exact pod name) + `kubectl exec -it backup-restore-... -- /usr/local/bin/init.sh` 1. remove backup-and-restore pod: - `kubectl delete pod backup-restore + `kubectl scale deployment backup-restore --replicas=0` ## Manual backup the restic repository for the first time 1.Create a jira export: Jira > Settings > System -> Backup system -1. Choose a filename `backup-filename.xml`. Your file will be stored to `/var/backup/export`. +1. Choose a filename `backup-filename.zip`. Your file will be stored to `/var/backup/export`. 1. apply backup-and-restore pod: - `kubectl apply -f src/main/resources/backup/backup-restore.yaml` -1. exec into pod and execute restore pod - `kubectl exec -it backup-restore -- /usr/local/bin/backup.sh` + `kubectl scale deployment backup-restore --replicas=1` +1. exec into pod and execute restore pod (press tab to get your exact pod name) + `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh` 1. remove backup-and-restore pod: - `kubectl delete pod backup-restore` + `kubectl scale deployment backup-restore --replicas=0` ## Manual restore 1. apply backup-and-restore pod: - `kubectl apply -f src/main/resources/backup/backup-restore.yaml` -1. exec into pod and execute restore pod - `kubectl exec -it backup-restore -- /usr/local/bin/restore.sh` + `kubectl scale deployment backup-restore --replicas=1` +1. exec into pod and execute restore pod (press tab to get your exact pod name) + `kubectl exec -it backup-restore-... -- /usr/local/bin/restore.sh` 1. In case of already set up server: 1. Import one of Jira exportet backups: Jira > Settings > System > Restore System - 1. Choose one of your bakcuped files located at `/var/jira/restic-restore/export/`. - E.g. `/var/jira/restic-restore/export/backup-filename.xml`. + 1. Choose one of your backuped files located at `/var/jira/import/`. + E.g. `backup-filename.zip`. 1. In case of installation wizzard: 1. Choose restore from backup - 1. Choose one of your bakcuped files located at `/var/jira/restic-restore/export/`. - E.g. `/var/jira/restic-restore/export/backup-filename.xml` + 1. Choose one of your backuped files located at `/var/jira/import/`. + E.g. `backup-filename.zip` 1. remove backup-and-restore pod: - `kubectl delete pod backup-restore` + `kubectl scale deployment backup-restore --replicas=0` diff --git a/infrastructure/docker-backup/image/resources/backup.sh b/infrastructure/docker-backup/image/resources/backup.sh index ddd013c..921163f 100755 --- a/infrastructure/docker-backup/image/resources/backup.sh +++ b/infrastructure/docker-backup/image/resources/backup.sh @@ -7,8 +7,7 @@ function main() { file_env AWS_SECRET_ACCESS_KEY file_env RESTIC_DAYS_TO_KEEP 14 - backup-roles "" - backup-fs-from-directory '/var/backups/' 'data/' + backup-fs-from-directory '/var/backups/' 'export/' } source /usr/local/lib/functions.sh diff --git a/infrastructure/docker-backup/image/resources/restore.sh b/infrastructure/docker-backup/image/resources/restore.sh index f8782a0..a4828ad 100755 --- a/infrastructure/docker-backup/image/resources/restore.sh +++ b/infrastructure/docker-backup/image/resources/restore.sh @@ -7,15 +7,12 @@ function main() { file_env AWS_ACCESS_KEY_ID file_env AWS_SECRET_ACCESS_KEY - # Restore latest snapshot into /var/backups/restic-restore - rm -rf /var/backups/restic-restore - restore-directory '/var/backups/restic-restore' + # Restore latest snapshot into /var/backups/restore + rm -rf /var/backups/restore + restore-directory '/var/backups/restore' - # Restore data dir backup - rm -rf /var/backups/data/* - cp -a /var/backups/restic-restore/data/* /var/backups/data - - # /opt/atlassian-jira-software-standalone/bin/start-jira.sh + cp /var/backups/restore/export/*.zip /var/backups/import/ + chown 901:901 /var/backups/import/*.zip } source /usr/local/lib/functions.sh diff --git a/infrastructure/docker-backup/test/Dockerfile b/infrastructure/docker-backup/test/Dockerfile index 79bf2c5..f2e19b6 100644 --- a/infrastructure/docker-backup/test/Dockerfile +++ b/infrastructure/docker-backup/test/Dockerfile @@ -1,5 +1,8 @@ FROM c4k-jira-backup +RUN apt update +RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless + RUN curl -L -o /tmp/serverspec.jar \ https://github.com/DomainDrivenArchitecture/dda-serverspec-crate/releases/download/2.0.0/dda-serverspec-standalone.jar diff --git a/src/main/cljc/dda/c4k_jira/backup.cljc b/src/main/cljc/dda/c4k_jira/backup.cljc index 5668c0e..bebf960 100644 --- a/src/main/cljc/dda/c4k_jira/backup.cljc +++ b/src/main/cljc/dda/c4k_jira/backup.cljc @@ -4,12 +4,13 @@ #?(:cljs [shadow.resource :as rc]) [dda.c4k-common.yaml :as yaml] [dda.c4k-common.base64 :as b64] - [dda.c4k-common.common :as cm])) + [dda.c4k-common.common :as cm] + [dda.c4k-common.prefixes :as pf])) -(s/def ::aws-access-key-id cm/bash-env-string?) -(s/def ::aws-secret-access-key cm/bash-env-string?) -(s/def ::restic-password cm/bash-env-string?) -(s/def ::restic-repository cm/bash-env-string?) +(s/def ::aws-access-key-id pf/bash-env-string?) +(s/def ::aws-secret-access-key pf/bash-env-string?) +(s/def ::restic-password pf/bash-env-string?) +(s/def ::restic-repository pf/bash-env-string?) #?(:cljs (defmethod yaml/load-resource :backup [resource-name] @@ -17,6 +18,7 @@ "backup/config.yaml" (rc/inline "backup/config.yaml") "backup/cron.yaml" (rc/inline "backup/cron.yaml") "backup/secret.yaml" (rc/inline "backup/secret.yaml") + "backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml") (throw (js/Error. "Undefined Resource!"))))) (defn generate-config [my-conf] @@ -28,6 +30,9 @@ (defn generate-cron [] (yaml/from-string (yaml/load-resource "backup/cron.yaml"))) +(defn generate-backup-restore-deployment [] + (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))) + (defn generate-secret [my-auth] (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth] (-> diff --git a/src/main/cljc/dda/c4k_jira/core.cljc b/src/main/cljc/dda/c4k_jira/core.cljc index e30db60..55da8f9 100644 --- a/src/main/cljc/dda/c4k_jira/core.cljc +++ b/src/main/cljc/dda/c4k_jira/core.cljc @@ -39,7 +39,8 @@ (when (contains? config :restic-repository) [(yaml/to-string (backup/generate-config config)) (yaml/to-string (backup/generate-secret config)) - (yaml/to-string (backup/generate-cron))])))) + (yaml/to-string (backup/generate-cron)) + (yaml/to-string (backup/generate-backup-restore-deployment))])))) (defn-spec generate any? [my-config config? diff --git a/src/main/cljs/dda/c4k_jira/browser.cljs b/src/main/cljs/dda/c4k_jira/browser.cljs index 1f92174..cdbe3cd 100644 --- a/src/main/cljs/dda/c4k_jira/browser.cljs +++ b/src/main/cljs/dda/c4k_jira/browser.cljs @@ -15,11 +15,11 @@ (br/generate-input-field "restic-repository" "(Optional) Your restic-repository:" "restic-repository" "dda.c4k_jira.browser") (br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "" "dda.c4k_jira.browser") [(br/generate-br)] - (br/generate-text-area "auth" "Your auth.edn:" "{:postgres-db-user \" jira \" - :postgres-db-password \" jira-db-password \" - :aws-access-key-id \" aws-id \" - :aws-secret-access-key \" aws-secret \" - :restic-password \" restic-password \"}" + (br/generate-text-area "auth" "Your auth.edn:" "{:postgres-db-user \"jira\" + :postgres-db-password \"jira-db-password\" + :aws-access-key-id \"aws-id\" + :aws-secret-access-key \"aws-secret\" + :restic-password \"restic-password\"}" "5" "dda.c4k_jira.browser") [(br/generate-br)] (br/generate-button "generate-button" "Generate c4k yaml"))))] diff --git a/src/main/resources/backup/backup-restore-deployment.yaml b/src/main/resources/backup/backup-restore-deployment.yaml new file mode 100644 index 0000000..2453b5e --- /dev/null +++ b/src/main/resources/backup/backup-restore-deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backup-restore +spec: + replicas: 0 + selector: + matchLabels: + app: backup-restore + strategy: + type: Recreate + template: + metadata: + labels: + app: backup-restore + app.kubernetes.io/name: backup-restore + app.kubernetes.io/part-of: jira + spec: + containers: + - image: domaindrivenarchitecture/c4k-jira-backup + name: backup-app + imagePullPolicy: IfNotPresent + command: ["/entrypoint-start-and-wait.sh"] + env: + - name: AWS_DEFAULT_REGION + value: eu-central-1 + - name: AWS_ACCESS_KEY_ID_FILE + value: /var/run/secrets/backup-secrets/aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY_FILE + value: /var/run/secrets/backup-secrets/aws-secret-access-key + - name: RESTIC_REPOSITORY + valueFrom: + configMapKeyRef: + name: backup-config + key: restic-repository + - name: RESTIC_PASSWORD_FILE + value: /var/run/secrets/backup-secrets/restic-password + volumeMounts: + - name: jira-data-volume + mountPath: /var/backups + - name: backup-secret-volume + mountPath: /var/run/secrets/backup-secrets + readOnly: true + volumes: + - name: jira-data-volume + persistentVolumeClaim: + claimName: jira-pvc + - name: backup-secret-volume + secret: + secretName: backup-secret \ No newline at end of file diff --git a/src/main/resources/backup/backup-restore.yaml b/src/main/resources/backup/backup-restore.yaml deleted file mode 100644 index 8ae869a..0000000 --- a/src/main/resources/backup/backup-restore.yaml +++ /dev/null @@ -1,41 +0,0 @@ -kind: Pod -apiVersion: v1 -metadata: - name: backup-restore - labels: - app.kubernetes.io/name: backup-restore - app.kubernetes.io/part-of: jira -spec: - containers: - - name: backup-app - image: domaindrivenarchitecture/c4k-jira-backup - imagePullPolicy: IfNotPresent - command: ["/entrypoint-start-and-wait.sh"] - env: - - name: AWS_DEFAULT_REGION - value: eu-central-1 - - name: AWS_ACCESS_KEY_ID_FILE - value: /var/run/secrets/backup-secrets/aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY_FILE - value: /var/run/secrets/backup-secrets/aws-secret-access-key - - name: RESTIC_REPOSITORY - valueFrom: - configMapKeyRef: - name: backup-config - key: restic-repository - - name: RESTIC_PASSWORD_FILE - value: /var/run/secrets/backup-secrets/restic-password - volumeMounts: - - name: jira-data-volume - mountPath: /var/backups - - name: backup-secret-volume - mountPath: /var/run/secrets/backup-secrets - readOnly: true - volumes: - - name: jira-data-volume - persistentVolumeClaim: - claimName: jira-pvc - - name: backup-secret-volume - secret: - secretName: backup-secret - restartPolicy: OnFailure \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_jira/core_test.cljc b/src/test/cljc/dda/c4k_jira/core_test.cljc index ae55bb5..8e62dea 100644 --- a/src/test/cljc/dda/c4k_jira/core_test.cljc +++ b/src/test/cljc/dda/c4k_jira/core_test.cljc @@ -5,7 +5,7 @@ [dda.c4k-jira.core :as cut])) (deftest should-k8s-objects - (is (= 15 + (is (= 16 (count (cut/k8s-objects {:fqdn "jira-neu.prod.meissa-gmbh.de" :postgres-db-user "jira" :postgres-db-password "jira-db-password" @@ -16,7 +16,7 @@ :aws-secret-access-key "aws-secret" :restic-password "restic-pw" :restic-repository "restic-repository"})))) - (is (= 13 + (is (= 14 (count (cut/k8s-objects {:fqdn "jira-neu.prod.meissa-gmbh.de" :postgres-db-user "jira" :postgres-db-password "jira-db-password"