K8s Script Pack

Kubernetes-focused shell scripts intended for cronjobs and operational utilities.

Scripts

`automated-nfs-backup.sh`

Backs up each top-level folder found in NFS_SOURCE_PATH into an encrypted .7z archive, with optional Kubernetes workload quiescing when a folder name exactly matches a namespace name.

Behavior:

Exact folder-to-namespace mapping only.
Unmapped folder: backup still runs, Kubernetes scale actions are skipped.
Mapped folder: saves replicas, scales selected workloads down, waits, runs backup, restores replicas, waits again.
Scale-down issues are warnings by policy (backup still runs).
Restore issues are warnings by policy (run can still complete successfully).

Environment Variables

Required:

NFS_SOURCE_PATH: Root path containing folders to back up.
BACKUP_OUTPUT_PATH: Destination path for generated .7z archives.
BACKUP_PASSWORD: Password used for 7z encryption.

Optional:

KUBECTL_BIN (default: kubectl)
KUBE_CONTEXT (default: empty)
WORKLOAD_KINDS (default: deployment,statefulset,replicaset,replicationcontroller)
ARCHIVE_PREFIX (default: nfs-backup)
ARCHIVE_TS_FORMAT (default: %Y%m%d_%H%M%S)
SEVENZ_METHOD (default: lzma2)
SEVENZ_LEVEL (default: 9)
SEVENZ_HEADER_ENCRYPT (default: on)
SEVENZ_THREADS (default: on)
SCALE_TIMEOUT_SECONDS (default: 600)
SCALE_RETRY_COUNT (default: 3)
SCALE_RETRY_DELAY_SECONDS (default: 5)
LOG_LEVEL (default: info)
TMP_STATE_DIR (default: /tmp/k8s-nfs-backup)
NOTIFY_SUCCESS_URL (default: empty, disabled)
NOTIFY_FAILURE_URL (default: empty, disabled)
NOTIFY_TITLE (default: Kubernetes)
NOTIFY_ASSET (default: kube config)

Notification payload (success and failure):

{
  "title": "Kubernetes",
  "asset": "kube config",
  "backupSizeInMB": 123
}

Cronjob Notes

Script is designed to run sequentially (one folder at a time).
Provide Kubernetes RBAC allowing get, list, and scale on configured workload kinds in target namespaces.
Ensure kubectl context and credentials are present in the runtime.
Ensure 7z is installed in the runtime image/host.

Failure Semantics

Missing required env vars, missing commands, invalid paths, or inability to list namespaces: script exits non-zero immediately.
Folder backup failures: counted and script exits non-zero at end.
Scale-down warnings/timeouts: logged and counted, backup continues.
Restore warnings/timeouts: logged and counted, script does not fail solely because of restore warnings.
If NOTIFY_SUCCESS_URL is set, success notification is sent at the end of a successful run.
If NOTIFY_FAILURE_URL is set, failure notification is sent when backup failures are detected.
Final summary always logs:
- processed
- mapped
- unmapped
- backup_successes
- backup_failures
- scale_warnings
- restore_warnings

2.9 KiB Raw Blame History