--- /dev/null
+{{- /*
+Copyright VMware, Inc.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if .Values.backup.enabled }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: {{ include "mongodb.fullname" . }}-mongodump
+ namespace: {{ include "mongodb.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/component: mongodump
+ {{- if .Values.backup.cronjob.labels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.backup.cronjob.annotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- end }}
+spec:
+ schedule: {{ quote .Values.backup.cronjob.schedule }}
+ concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }}
+ failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }}
+ successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }}
+ {{- if .Values.backup.cronjob.startingDeadlineSeconds }}
+ startingDeadlineSeconds: {{ .Values.backup.cronjob.startingDeadlineSeconds }}
+ {{- end }}
+ jobTemplate:
+ spec:
+ {{- if .Values.backup.cronjob.ttlSecondsAfterFinished }}
+ ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }}
+ {{- end }}
+ template:
+ metadata:
+ labels: {{- include "common.labels.standard" . | nindent 12 }}
+ app.kubernetes.io/component: mongodump
+ {{- if .Values.backup.cronjob.labels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.labels "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 12 }}
+ {{- end }}
+ {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.backup.cronjob.annotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.annotations "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 12 }}
+ {{- end }}
+ {{- end }}
+ spec:
+ {{- include "mongodb.imagePullSecrets" . | nindent 10 }}
+ {{- if .Values.podSecurityContext.enabled }}
+ securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ enableServiceLinks: {{ .Values.enableServiceLinks }}
+ {{- if .Values.tls.enabled }}
+ initContainers:
+ - name: generate-tls-certs
+ image: {{ include "mongodb.tls.image" . }}
+ imagePullPolicy: {{ .Values.tls.image.pullPolicy | quote }}
+ env:
+ - name: MY_POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: MY_POD_HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+ volumeMounts:
+ - name: empty-dir
+ mountPath: /tmp
+ subPath: tmp-dir
+ {{- if (include "mongodb.autoGenerateCerts" .) }}
+ - name: certs-volume
+ mountPath: /certs/CAs
+ {{- else }}
+ - name: mongodb-certs-0
+ mountPath: /certs-0
+ {{- end }}
+ - name: certs
+ mountPath: /certs
+ - name: common-scripts
+ mountPath: /bitnami/scripts
+ command:
+ - /bitnami/scripts/generate-certs.sh
+ args:
+ - -s {{ include "mongodb.service.nameOverride" . }}
+ {{- if .Values.externalAccess.service.loadBalancerIPs }}
+ - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
+ {{- end }}
+ {{- if .Values.tls.extraDnsNames }}
+ - -n {{ join "," .Values.tls.extraDnsNames }}
+ {{- end }}
+ {{- if .Values.tls.resources }}
+ resources: {{- toYaml .Values.tls.resources | nindent 16 }}
+ {{- else if ne .Values.tls.resourcesPreset "none" }}
+ resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 16 }}
+ {{- end }}
+ {{- end }}
+ containers:
+ - name: {{ include "mongodb.fullname" . }}-mongodump
+ image: {{ include "mongodb.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+ env:
+ {{- if .Values.auth.enabled }}
+ - name: MONGODB_ROOT_USER
+ value: {{ .Values.auth.rootUser | quote }}
+ - name: MONGODB_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mongodb.secretName" . }}
+ key: mongodb-root-password
+ {{- end }}
+ - name: MONGODB_SERVICE_NAME
+ value: {{ include "mongodb.service.nameOverride" . }}
+ - name: MONGODB_PORT_NUMBER
+ value: {{ .Values.containerPorts.mongodb | quote }}
+ - name: MONGODUMP_DIR
+ value: {{ .Values.backup.cronjob.storage.mountPath }}
+ {{- if .Values.tls.enabled }}
+ - name: MONGODB_CLIENT_EXTRA_FLAGS
+ value: --ssl --sslPEMKeyFile=/certs/mongodb.pem --sslCAFile=/certs/mongodb-ca-cert
+ {{- end }}
+ {{- if .Values.backup.cronjob.command }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
+ {{- else }}
+ command:
+ - /bin/sh
+ - -c
+ - "mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz"
+ {{- end }}
+ volumeMounts:
+ - name: empty-dir
+ mountPath: /tmp
+ subPath: tmp-dir
+ {{- if .Values.tls.enabled }}
+ - name: certs
+ mountPath: /certs
+ {{- if (include "mongodb.autoGenerateCerts" .) }}
+ - name: certs-volume
+ mountPath: /certs/CAs
+ {{- else }}
+ - name: mongodb-certs-0
+ mountPath: /certs-0
+ {{- end }}
+ {{- end }}
+ - name: datadir
+ mountPath: {{ .Values.backup.cronjob.storage.mountPath }}
+ subPath: {{ .Values.backup.cronjob.storage.subPath }}
+ {{- if .Values.backup.cronjob.containerSecurityContext.enabled }}
+ securityContext:
+ {{- include "common.tplvalues.render" ( dict "value" ( omit .Values.backup.cronjob.containerSecurityContext "enabled" ) "context" $) | nindent 14 }}
+ {{- end }}
+ restartPolicy: {{ .Values.backup.cronjob.restartPolicy }}
+ volumes:
+ - name: empty-dir
+ emptyDir: {}
+ - name: common-scripts
+ configMap:
+ name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
+ defaultMode: 0550
+ {{- if .Values.tls.enabled }}
+ - name: certs
+ emptyDir: {}
+ {{- if (include "mongodb.autoGenerateCerts" .) }}
+ - name: certs-volume
+ secret:
+ secretName: {{ template "mongodb.tlsSecretName" . }}
+ items:
+ - key: mongodb-ca-cert
+ path: mongodb-ca-cert
+ mode: 0600
+ - key: mongodb-ca-key
+ path: mongodb-ca-key
+ mode: 0600
+ {{- else }}
+ - name: mongodb-certs-0
+ secret:
+ secretName: {{ include "common.tplvalues.render" ( dict "value" .Values.tls.standalone.existingSecret "context" $) }}
+ defaultMode: 256
+ {{- end }}
+ {{- end }}
+ {{- if .Values.backup.cronjob.storage.existingClaim }}
+ - name: datadir
+ persistentVolumeClaim:
+ claimName: {{ printf "%s" (tpl .Values.backup.cronjob.storage.existingClaim .) }}
+ {{- else }}
+ - name: datadir
+ persistentVolumeClaim:
+ claimName: {{ include "mongodb.fullname" . }}-mongodump
+ {{- end }}
+{{- end }}
Code Review / oom.git / blobdiff