describe pw change process
This commit is contained in:
parent
d6dcf6d08d
commit
d3f77e0f23
4 changed files with 41 additions and 10 deletions
doc
infrastructure/backup/image/resources
src
|
|
@ -9,16 +9,12 @@
|
|||
|
||||
## Manual backup
|
||||
|
||||
1. Scale Cloud deployment down:
|
||||
`kubectl -n nextcloud scale deployment cloud-deployment --replicas=0`
|
||||
1. Scale backup-restore deployment up:
|
||||
`kubectl -n nextcloud scale deployment backup-restore --replicas=1`
|
||||
1. exec into pod and execute restore pod
|
||||
2. exec into pod and execute restore pod
|
||||
`kubectl -n nextcloud exec -it backup-restore -- backup.bb`
|
||||
1. Scale backup-restore deployment down:
|
||||
3. Scale backup-restore deployment down:
|
||||
`kubectl -n nextcloud scale deployment backup-restore --replicas=0`
|
||||
1. Scale Cloud deployment up:
|
||||
`kubectl -n nextcloud scale deployment cloud-deployment --replicas=1`
|
||||
|
||||
## Manual restore
|
||||
|
||||
|
|
@ -32,3 +28,40 @@
|
|||
`kubectl -n nextcloud scale deployment backup-restore --replicas=0`
|
||||
5. Scale Cloud deployment up:
|
||||
`kubectl -n nextcloud scale deployment cloud-deployment --replicas=1`
|
||||
|
||||
## Change Password
|
||||
|
||||
1. Apply restic-new-password to secret & backup deployment
|
||||
```
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: backup-restore
|
||||
spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: backup-app
|
||||
env:
|
||||
- name: RESTIC_NEW_PASSWORD_FILE
|
||||
value: /var/run/secrets/backup-secrets/restic-new-password
|
||||
---
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: backup-secret
|
||||
data:
|
||||
restic-password: old
|
||||
restic-new-password: new
|
||||
```
|
||||
2. Scale backup-restore deployment up:
|
||||
`kubectl -n nextcloud scale deployment backup-restore --replicas=1`
|
||||
3. exec into pod and execute restore pod
|
||||
`kubectl -n nextcloud exec -it backup-restore -- change-password.bb`
|
||||
4. Scale backup-restore deployment down:
|
||||
`kubectl -n nextcloud scale deployment backup-restore --replicas=0`
|
||||
5. Replace restic-password with restic-new-password in secret
|
||||
```
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: backup-secret
|
||||
data:
|
||||
restic-password: new
|
||||
```
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
(in/install! "backup.bb")
|
||||
(in/install! "restore.bb")
|
||||
(in/install! "list-snapshots.bb")
|
||||
(in/install! "change-password.bb")
|
||||
(in/install! "start-maintenance.sh")
|
||||
(in/install! "end-maintenance.sh")
|
||||
(in/install! "restore.bb")
|
||||
|
|
|
|||
|
|
@ -53,8 +53,6 @@ spec:
|
|||
key: restic-repository
|
||||
- name: RESTIC_PASSWORD_FILE
|
||||
value: /var/run/secrets/backup-secrets/restic-password
|
||||
- name: RESTIC_NEW_PASSWORD_FILE
|
||||
value: /var/run/secrets/backup-secrets/restic-new-password
|
||||
volumeMounts:
|
||||
- name: cloud-data-volume
|
||||
mountPath: /var/backups
|
||||
|
|
|
|||
|
|
@ -85,8 +85,7 @@
|
|||
{:name "AWS_ACCESS_KEY_ID_FILE", :value "/var/run/secrets/backup-secrets/aws-access-key-id"}
|
||||
{:name "AWS_SECRET_ACCESS_KEY_FILE", :value "/var/run/secrets/backup-secrets/aws-secret-access-key"}
|
||||
{:name "RESTIC_REPOSITORY", :valueFrom {:configMapKeyRef {:name "backup-config", :key "restic-repository"}}}
|
||||
{:name "RESTIC_PASSWORD_FILE", :value "/var/run/secrets/backup-secrets/restic-password"}
|
||||
{:name "RESTIC_NEW_PASSWORD_FILE", :value "/var/run/secrets/backup-secrets/restic-new-password"}]
|
||||
{:name "RESTIC_PASSWORD_FILE", :value "/var/run/secrets/backup-secrets/restic-password"}]
|
||||
:volumeMounts
|
||||
[{:name "cloud-data-volume", :mountPath "/var/backups"}
|
||||
{:name "backup-secret-volume", :mountPath "/var/run/secrets/backup-secrets", :readOnly true}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue