adding k8s pack
All checks were successful
Check scripts syntax / check-scripts-syntax (push) Successful in 34s
All checks were successful
Check scripts syntax / check-scripts-syntax (push) Successful in 34s
This commit is contained in:
77
k8s/README.md
Normal file
77
k8s/README.md
Normal file
@@ -0,0 +1,77 @@
|
||||
# K8s Script Pack
|
||||
|
||||
Kubernetes-focused shell scripts intended for cronjobs and operational utilities.
|
||||
|
||||
## Scripts
|
||||
|
||||
### `automated-nfs-backup.sh`
|
||||
|
||||
Backs up each top-level folder found in `NFS_SOURCE_PATH` into an encrypted `.7z` archive, with optional Kubernetes workload quiescing when a folder name exactly matches a namespace name.
|
||||
|
||||
Behavior:
|
||||
- Exact folder-to-namespace mapping only.
|
||||
- Unmapped folder: backup still runs, Kubernetes scale actions are skipped.
|
||||
- Mapped folder: saves replicas, scales selected workloads down, waits, runs backup, restores replicas, waits again.
|
||||
- Scale-down issues are warnings by policy (backup still runs).
|
||||
- Restore issues are warnings by policy (run can still complete successfully).
|
||||
|
||||
## Environment Variables
|
||||
|
||||
Required:
|
||||
- `NFS_SOURCE_PATH`: Root path containing folders to back up.
|
||||
- `BACKUP_OUTPUT_PATH`: Destination path for generated `.7z` archives.
|
||||
- `BACKUP_PASSWORD`: Password used for 7z encryption.
|
||||
|
||||
Optional:
|
||||
- `KUBECTL_BIN` (default: `kubectl`)
|
||||
- `KUBE_CONTEXT` (default: empty)
|
||||
- `WORKLOAD_KINDS` (default: `deployment,statefulset,replicaset,replicationcontroller`)
|
||||
- `ARCHIVE_PREFIX` (default: `nfs-backup`)
|
||||
- `ARCHIVE_TS_FORMAT` (default: `%Y%m%d_%H%M%S`)
|
||||
- `SEVENZ_METHOD` (default: `lzma2`)
|
||||
- `SEVENZ_LEVEL` (default: `9`)
|
||||
- `SEVENZ_HEADER_ENCRYPT` (default: `on`)
|
||||
- `SEVENZ_THREADS` (default: `on`)
|
||||
- `SCALE_TIMEOUT_SECONDS` (default: `600`)
|
||||
- `SCALE_RETRY_COUNT` (default: `3`)
|
||||
- `SCALE_RETRY_DELAY_SECONDS` (default: `5`)
|
||||
- `LOG_LEVEL` (default: `info`)
|
||||
- `TMP_STATE_DIR` (default: `/tmp/k8s-nfs-backup`)
|
||||
- `NOTIFY_SUCCESS_URL` (default: empty, disabled)
|
||||
- `NOTIFY_FAILURE_URL` (default: empty, disabled)
|
||||
- `NOTIFY_TITLE` (default: `Kubernetes`)
|
||||
- `NOTIFY_ASSET` (default: `kube config`)
|
||||
|
||||
Notification payload (success and failure):
|
||||
|
||||
```json
|
||||
{
|
||||
"title": "Kubernetes",
|
||||
"asset": "kube config",
|
||||
"backupSizeInMB": 123
|
||||
}
|
||||
```
|
||||
|
||||
## Cronjob Notes
|
||||
|
||||
- Script is designed to run sequentially (one folder at a time).
|
||||
- Provide Kubernetes RBAC allowing `get`, `list`, and `scale` on configured workload kinds in target namespaces.
|
||||
- Ensure `kubectl` context and credentials are present in the runtime.
|
||||
- Ensure `7z` is installed in the runtime image/host.
|
||||
|
||||
## Failure Semantics
|
||||
|
||||
- Missing required env vars, missing commands, invalid paths, or inability to list namespaces: script exits non-zero immediately.
|
||||
- Folder backup failures: counted and script exits non-zero at end.
|
||||
- Scale-down warnings/timeouts: logged and counted, backup continues.
|
||||
- Restore warnings/timeouts: logged and counted, script does not fail solely because of restore warnings.
|
||||
- If `NOTIFY_SUCCESS_URL` is set, success notification is sent at the end of a successful run.
|
||||
- If `NOTIFY_FAILURE_URL` is set, failure notification is sent when backup failures are detected.
|
||||
- Final summary always logs:
|
||||
- `processed`
|
||||
- `mapped`
|
||||
- `unmapped`
|
||||
- `backup_successes`
|
||||
- `backup_failures`
|
||||
- `scale_warnings`
|
||||
- `restore_warnings`
|
||||
Reference in New Issue
Block a user