From 3265b97db77769287fa1269245e1a69ac0b5b2de Mon Sep 17 00:00:00 2001 From: Naseem Date: Sat, 22 Feb 2020 20:11:09 -0500 Subject: [PATCH 1/2] Add Backup/Restore section to README, minor tweaks to backup cronjob. --- charts/influxdb/Chart.yaml | 2 +- charts/influxdb/README.md | 77 +++++++++++++++++++ charts/influxdb/templates/backup-cronjob.yaml | 22 +++--- 3 files changed, 89 insertions(+), 12 deletions(-) diff --git a/charts/influxdb/Chart.yaml b/charts/influxdb/Chart.yaml index 7ec29b28..2e84554e 100755 --- a/charts/influxdb/Chart.yaml +++ b/charts/influxdb/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: influxdb -version: 4.2.5 +version: 4.2.7 appVersion: 1.7.9 description: Scalable datastore for metrics, events, and real-time analytics. keywords: diff --git a/charts/influxdb/README.md b/charts/influxdb/README.md index b76df3f1..7c9514e9 100644 --- a/charts/influxdb/README.md +++ b/charts/influxdb/README.md @@ -116,6 +116,83 @@ Make sure to uncomment or configure the job settings after enabling it. If a pas Alternatively, if `.Values.setDefaultUser.user.existingSecret` is set the user and password are obtained from an existing Secret, the expected keys are `influxdb-user` and `influxdb-password`. Use this variable if you need to check in the `values.yaml` in a repository to avoid exposing your secrets. +## Backing up and restoring + +Before proceeding, please read [Backing up and restoring in InfluxDB OSS](https://docs.influxdata.com/influxdb/v1.7/administration/backup_and_restore/). While the chart offers backups by means of the [`backup-cronjob`](./templates/backup-cronjob.yaml), restores do not fall under the chart's scope today but can be achieved by one-off kubernetes jobs. + +### Backups + +When enabled, the[`backup-cronjob`](./templates/backup-cronjob.yaml) runs on the configured schedule. One can create a job from the backup cronjob on demand as follows: + +```sh +kubectl create job --from=cronjobs/influxdb-backup influx-backup-$(date +%Y%m%d%H%M%S) +``` + +### Restores + +It is up to the end user to configure their own one-off restore jobs. Below is just an example, which assumes that the backups are stored in GCS and that all dbs in the backup already exist and should be restored. It is to be used as a reference only; configure the init-container and the command and of the `influxdb-restore` container as well as both containers' resources to suit your needs. + +```yaml +apiVersion: batch/v1 +kind: Job +metadata: + generateName: influxdb-restore- + namespace: monitoring +spec: + template: + spec: + volumes: + - name: backup + emptyDir: {} + serviceAccountName: influxdb + initContainers: + - name: init-gsutil-cp + image: google/cloud-sdk:alpine + command: + - /bin/sh + args: + - "-c" + - | + gsutil -m cp -r gs:///* /backup + volumeMounts: + - name: backup + mountPath: /backup + resources: + requests: + cpu: 1 + memory: 4Gi + limits: + cpu: 2 + memory: 8Gi + containers: + - name: influxdb-restore + image: influxdb:1.7-alpine + volumeMounts: + - name: backup + mountPath: /backup + command: + - /bin/sh + args: + - "-c" + - | + #!/bin/sh + INFLUXDB_HOST=influxdb.monitoring.svc + for db in $(influx -host $INFLUXDB_HOST -execute 'SHOW DATABASES' | tail -n +5); do + influxd restore -host $INFLUXDB_HOST:8088 -portable -db "$db" -newdb "$db"_bak /backup + done + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 500m + memory: 512Mi + restartPolicy: OnFailure +``` + +At which point the data from the new `_bak` dbs would have to be side loaded into the original dbs. +Please see [InfluxDB documentation for more restore examples](https://docs.influxdata.com/influxdb/v1.7/administration/backup_and_restore/#restore-examples). + ## Upgrading ### From < 1.0.0 To >= 1.0.0 diff --git a/charts/influxdb/templates/backup-cronjob.yaml b/charts/influxdb/templates/backup-cronjob.yaml index 772df2b6..2f2cb460 100644 --- a/charts/influxdb/templates/backup-cronjob.yaml +++ b/charts/influxdb/templates/backup-cronjob.yaml @@ -9,7 +9,7 @@ metadata: annotations: {{- toYaml .Values.backup.annotations | nindent 4 }} spec: - schedule: {{.Values.backup.schedule | quote }} + schedule: {{ .Values.backup.schedule | quote }} concurrencyPolicy: Forbid jobTemplate: spec: @@ -20,7 +20,7 @@ spec: spec: restartPolicy: OnFailure volumes: - - name: backups + - name: backup emptyDir: {} {{- if .Values.backup.gcs }} {{- if .Values.backup.gcs.serviceAccountSecret }} @@ -34,14 +34,14 @@ spec: - name: influxdb-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" volumeMounts: - - name: backups - mountPath: /backups + - name: backup + mountPath: /backup command: - /bin/sh args: - '-c' - | - influxd backup -host {{ include "influxdb.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.config.rpc.bind_address | default 8088 }} -portable /backups/backup_$(date +%Y%m%d_%H%M%S) + influxd backup -host {{ include "influxdb.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.config.rpc.bind_address | default 8088 }} -portable /backup/$(date +%Y%m%d%H%M%S) containers: {{- if .Values.backup.gcs }} - name: gsutil-cp @@ -56,15 +56,15 @@ spec: fi gsutil -m cp -r "$SRC_URL" "$DST_URL" volumeMounts: - - name: backups - mountPath: /backups + - name: backup + mountPath: /backup {{- if .Values.backup.gcs.serviceAccountSecretKey}} - name: google-cloud-key mountPath: /var/secrets/google/ {{- end }} env: - name: SRC_URL - value: /backups + value: /backup - name: DST_URL value: {{ .Values.backup.gcs.destination}} {{- if .Values.backup.gcs.serviceAccountSecretKey}} @@ -83,11 +83,11 @@ spec: az storage container create --name "$DST_CONTAINER" az storage blob upload-batch --destination "$DST_CONTAINER" --destination-path "$DST_PATH" --source "$SRC_URL" volumeMounts: - - name: backups - mountPath: /backups + - name: backup + mountPath: /backup env: - name: SRC_URL - value: /backups + value: /backup - name: DST_CONTAINER value: {{ .Values.backup.azure.destination_container }} - name: DST_PATH From 1f04f01c0be49aedcbfcad5ffe8a3509bbfdecff Mon Sep 17 00:00:00 2001 From: Naseem Date: Mon, 24 Feb 2020 10:44:59 -0500 Subject: [PATCH 2/2] Copy timestamped folder within the backup volume, directly into cloud storage By copying /backup/* we are copying all contents, in this case the timestamped backup folder, without the prepending /backup --- charts/influxdb/templates/backup-cronjob.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/influxdb/templates/backup-cronjob.yaml b/charts/influxdb/templates/backup-cronjob.yaml index 2f2cb460..25b4599a 100644 --- a/charts/influxdb/templates/backup-cronjob.yaml +++ b/charts/influxdb/templates/backup-cronjob.yaml @@ -54,7 +54,7 @@ spec: if [ -n "$KEY_FILE" ]; then gcloud auth activate-service-account --key-file $KEY_FILE fi - gsutil -m cp -r "$SRC_URL" "$DST_URL" + gsutil -m cp -r /backup/* "$DST_URL" volumeMounts: - name: backup mountPath: /backup @@ -63,8 +63,6 @@ spec: mountPath: /var/secrets/google/ {{- end }} env: - - name: SRC_URL - value: /backup - name: DST_URL value: {{ .Values.backup.gcs.destination}} {{- if .Values.backup.gcs.serviceAccountSecretKey}}