diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml index 9ebff0c5..92ad117c 100644 --- a/roles/backup/defaults/main.yml +++ b/roles/backup/defaults/main.yml @@ -1,5 +1,5 @@ --- -deployment_type: awx +deployment_type: "{{ meta.name | default('awx', true)}}" # Secret to lookup that provide the secret key # diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml index 27f6581e..7b52fd28 100644 --- a/roles/backup/tasks/main.yml +++ b/roles/backup/tasks/main.yml @@ -46,6 +46,14 @@ set_fact: now: '{{ lookup("pipe", "date +%F-%T") }}' +- name: Delete any existing management pod + community.kubernetes.k8s: + name: "{{ deployment_type }}-db-management" + kind: Pod + namespace: "{{ meta.namespace }}" + state: absent + force: true + wait: true # Check to make sure provided pvc exists, error loudly if not. Otherwise, the management pod will just stay in pending state forever. - name: Check provided PVC exists @@ -57,47 +65,31 @@ when: - tower_backup_pvc != '' or tower_backup_pvc is defined -# or should we automatically create a PVC for them with this name if it doesn't exist? - name: Fail early if pvc is defined but does not exist fail: msg: "{{ tower_backup_pvc }} does not exist, please create this pvc first." when: provided_pvc.resources | length == 0 # If tower_backup_pvc is defined, use in management-pod.yml.j2 -- name: Set default pvc name # to get around nested jinja2 vars +- name: Set default pvc name set_fact: - _default_backup_pvc: "{{ deployment_type }}-backup-pvc" + _default_backup_pvc: "{{ deployment_type }}-backup-claim" - name: Set PVC to use for backup set_fact: backup_pvc: "{{ tower_backup_pvc | default(_default_backup_pvc, true)}}" -# TODO: handle re-using existing pv and pvc, or make new onces with auto-generated name? -- block: - - name: Create PV for backup - community.kubernetes.k8s: - name: "{{ deployment_type }}-backup-pv" - kind: PersistentVolume - namespace: "{{ meta.namespace }}" - template: "backup_pv.yml.j2" +# TODO: re-use the old pvc if already created (unless pvc is provided) +# TODO: allow users to configure their own storage class for dynamically creating a pvc? - - name: Create PVC for backup - community.kubernetes.k8s: - name: "{{ deployment_type }}-backup-pvc" - kind: PersistentVolumeClaim - namespace: "{{ meta.namespace }}" - template: "backup_pvc.yml.j2" +- name: Create PVC for backup + community.kubernetes.k8s: + kind: PersistentVolumeClaim + namespace: "{{ meta.namespace }}" + template: "backup_pvc.yml.j2" when: - tower_backup_pvc == '' or tower_backup_pvc is not defined -- name: Delete any existing management pod - community.kubernetes.k8s: - name: "{{ deployment_type }}-db-management" - kind: Deployment - namespace: "{{ meta.namespace }}" - state: absent - force: true - - name: Create management pod from templated deployment config community.kubernetes.k8s: name: "{{ deployment_type }}-db-management" @@ -131,10 +123,9 @@ pod: "{{ deployment_type }}-db-management" command: >- chmod 0600 {{ _backup_dir }}/tower.db - chown postgres:postgres {{ _backup_dir }}/tower.db - name: Set pg_dump command - set_fact: + set_fact: pgdump: >- pg_dump --clean --create -h {{ awx_postgres_host }} @@ -150,12 +141,12 @@ bash -c "PGPASSWORD={{ awx_postgres_pass }} {{ pgdump }} > {{ _backup_dir }}/tower.db" register: data_migration -# Backup secret key and other secrets - look at trad tower backup pattern +# TODO: Backup secret key and other secrets - look at trad tower backup pattern - name: Delete any existing management pod community.kubernetes.k8s: name: "{{ deployment_type }}-db-management" - kind: Deployment + kind: Pod namespace: "{{ meta.namespace }}" state: absent force: true diff --git a/roles/backup/templates/backup_pv.yml.j2 b/roles/backup/templates/backup_pv.yml.j2 deleted file mode 100644 index cabc217a..00000000 --- a/roles/backup/templates/backup_pv.yml.j2 +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ deployment_type }}-backup-pv - namespace: {{ meta.namespace}} - labels: - type: awx-backup -spec: - storageClassName: standard - capacity: - storage: "{{ tower_backup_size | default('5Gi', true) }}" - accessModes: - - ReadWriteOnce - hostPath: - path: "/mnt/data" diff --git a/roles/backup/templates/backup_pvc.yml.j2 b/roles/backup/templates/backup_pvc.yml.j2 index 1b3bbc2a..14891d28 100644 --- a/roles/backup/templates/backup_pvc.yml.j2 +++ b/roles/backup/templates/backup_pvc.yml.j2 @@ -2,12 +2,12 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: "{{ deployment_type }}-backup-pvc" + name: {{ deployment_type }}-backup-claim + namespace: {{ meta.namespace}} spec: accessModes: - ReadWriteOnce storageClassName: standard resources: requests: - storage: "{{ tower_backup_size | default('5Gi', true) }}" - volumeName: "{{ deployment_type }}-backup-pv" + storage: {{ tower_backup_size | default('5Gi', true) }} diff --git a/roles/backup/templates/management-pod.yml.j2 b/roles/backup/templates/management-pod.yml.j2 index 0c914c0a..57b08f1f 100644 --- a/roles/backup/templates/management-pod.yml.j2 +++ b/roles/backup/templates/management-pod.yml.j2 @@ -11,10 +11,12 @@ spec: imagePullPolicy: Always command: ["sleep", "infinity"] volumeMounts: - - name: "{{ deployment_type }}-backup" + - name: {{ deployment_type }}-backup mountPath: /backups + readOnly: false volumes: - - name: "{{ deployment_type }}-backup" + - name: {{ deployment_type }}-backup persistentVolumeClaim: - claimName: "{{ backup_pvc }}" + claimName: {{ backup_pvc }} + readOnly: false restartPolicy: Never