Use storage class to dynamically create volume for backups

2026-03-26 21:33:14 +00:00 · 2021-03-23 01:40:25 -04:00
parent e037feafbf
commit 4a5ca184c0
5 changed files with 29 additions and 52 deletions
--- a/roles/backup/defaults/main.yml
+++ b/roles/backup/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-deployment_type: awx
+deployment_type: "{{ meta.name | default('awx', true)}}"

 # Secret to lookup that provide the secret key
 #
--- a/roles/backup/tasks/main.yml
+++ b/roles/backup/tasks/main.yml
@@ -46,6 +46,14 @@
  set_fact:
    now: '{{ lookup("pipe", "date +%F-%T") }}'

+- name: Delete any existing management pod
+  community.kubernetes.k8s:
+    name: "{{ deployment_type }}-db-management"
+    kind: Pod
+    namespace: "{{ meta.namespace }}"
+    state: absent
+    force: true
+    wait: true

 # Check to make sure provided pvc exists, error loudly if not.  Otherwise, the management pod will just stay in pending state forever.
 - name: Check provided PVC exists
@@ -57,47 +65,31 @@
  when:
    - tower_backup_pvc != '' or tower_backup_pvc is defined

-# or should we automatically create a PVC for them with this name if it doesn't exist?
 - name: Fail early if pvc is defined but does not exist
  fail:
    msg: "{{ tower_backup_pvc }} does not exist, please create this pvc first."
  when: provided_pvc.resources | length == 0

 # If tower_backup_pvc is defined, use in management-pod.yml.j2
- name: Set default pvc name # to get around nested jinja2 vars
+- name: Set default pvc name
  set_fact:
-    _default_backup_pvc: "{{ deployment_type }}-backup-pvc"
+    _default_backup_pvc: "{{ deployment_type }}-backup-claim"

 - name: Set PVC to use for backup
  set_fact:
    backup_pvc: "{{ tower_backup_pvc | default(_default_backup_pvc, true)}}"

-# TODO: handle re-using existing pv and pvc, or make new onces with auto-generated name?
- block:
-  - name: Create PV for backup
-    community.kubernetes.k8s:
-      name: "{{ deployment_type }}-backup-pv"
-      kind: PersistentVolume
-      namespace: "{{ meta.namespace }}"
-      template: "backup_pv.yml.j2"
+# TODO: re-use the old pvc if already created (unless pvc is provided)
+# TODO: allow users to configure their own storage class for dynamically creating a pvc?

-  - name: Create PVC for backup
-    community.kubernetes.k8s:
-      name: "{{ deployment_type }}-backup-pvc"
-      kind: PersistentVolumeClaim
-      namespace: "{{ meta.namespace }}"
-      template: "backup_pvc.yml.j2"
+- name: Create PVC for backup
+  community.kubernetes.k8s:
+    kind: PersistentVolumeClaim
+    namespace: "{{ meta.namespace }}"
+    template: "backup_pvc.yml.j2"
  when:
    - tower_backup_pvc == '' or tower_backup_pvc is not defined

- name: Delete any existing management pod
-  community.kubernetes.k8s:
-    name: "{{ deployment_type }}-db-management"
-    kind: Deployment
-    namespace: "{{ meta.namespace }}"
-    state: absent
-    force: true
-
 - name: Create management pod from templated deployment config
  community.kubernetes.k8s:
    name: "{{ deployment_type }}-db-management"
@@ -131,10 +123,9 @@
    pod: "{{ deployment_type }}-db-management"
    command: >-
      chmod 0600 {{ _backup_dir }}/tower.db
-      chown postgres:postgres {{ _backup_dir }}/tower.db

 - name: Set pg_dump command
-  set_fact: 
+  set_fact:
    pgdump: >-
      pg_dump --clean --create
      -h {{ awx_postgres_host }}
@@ -150,12 +141,12 @@
      bash -c "PGPASSWORD={{ awx_postgres_pass }} {{ pgdump }} > {{ _backup_dir }}/tower.db"
  register: data_migration

-# Backup secret key and other secrets - look at trad tower backup pattern
+# TODO: Backup secret key and other secrets - look at trad tower backup pattern

 - name: Delete any existing management pod
  community.kubernetes.k8s:
    name: "{{ deployment_type }}-db-management"
-    kind: Deployment
+    kind: Pod
    namespace: "{{ meta.namespace }}"
    state: absent
    force: true
--- a/roles/backup/templates/backup_pv.yml.j2
+++ b/roles/backup/templates/backup_pv.yml.j2
@@ -1,16 +0,0 @@
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: {{ deployment_type }}-backup-pv
-  namespace: {{ meta.namespace}}
-  labels:
-    type: awx-backup
-spec:
-  storageClassName: standard
-  capacity:
-    storage: "{{ tower_backup_size | default('5Gi', true) }}"
-  accessModes:
-    - ReadWriteOnce
-  hostPath:
-    path: "/mnt/data"
--- a/roles/backup/templates/backup_pvc.yml.j2
+++ b/roles/backup/templates/backup_pvc.yml.j2
@@ -2,12 +2,12 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: "{{ deployment_type }}-backup-pvc"
+  name: {{ deployment_type }}-backup-claim
+  namespace: {{ meta.namespace}}
 spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: standard
  resources:
    requests:
-      storage: "{{ tower_backup_size | default('5Gi', true) }}"
-  volumeName: "{{ deployment_type }}-backup-pv"
+      storage: {{ tower_backup_size | default('5Gi', true) }}
--- a/roles/backup/templates/management-pod.yml.j2
+++ b/roles/backup/templates/management-pod.yml.j2
@@ -11,10 +11,12 @@ spec:
    imagePullPolicy: Always
    command: ["sleep", "infinity"]
    volumeMounts:
-    - name: "{{ deployment_type }}-backup"
+    - name: {{ deployment_type }}-backup
      mountPath: /backups
+      readOnly: false
  volumes:
-    - name: "{{ deployment_type }}-backup"
+    - name: {{ deployment_type }}-backup
      persistentVolumeClaim:
-        claimName: "{{ backup_pvc }}"
+        claimName: {{ backup_pvc }}
+        readOnly: false
  restartPolicy: Never