Running all stack
This commit is contained in:
@@ -28,8 +28,8 @@ metadata:
|
||||
{{- end }}
|
||||
spec:
|
||||
schedule: {{ quote .Values.backup.cronjob.schedule }}
|
||||
{{- if .Values.backup.cronjob.timezone }}
|
||||
timeZone: {{ .Values.backup.cronjob.timezone | quote }}
|
||||
{{- if .Values.backup.cronjob.timeZone }}
|
||||
timeZone: {{ .Values.backup.cronjob.timeZone | quote }}
|
||||
{{- end }}
|
||||
concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }}
|
||||
failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }}
|
||||
@@ -70,6 +70,7 @@ spec:
|
||||
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
enableServiceLinks: {{ .Values.enableServiceLinks }}
|
||||
serviceAccountName: {{ .Values.backup.cronjob.serviceAccount.name | quote }}
|
||||
{{- if .Values.tls.enabled }}
|
||||
initContainers:
|
||||
- name: generate-tls-certs
|
||||
@@ -84,6 +85,10 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.hostIP
|
||||
{{- if include "common.fips.enabled" . }}
|
||||
- name: OPENSSL_FIPS
|
||||
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.tls.fips "global" .Values.global) | quote }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: empty-dir
|
||||
mountPath: /tmp
|
||||
@@ -114,27 +119,39 @@ spec:
|
||||
{{- else if ne .Values.tls.resourcesPreset "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 16 }}
|
||||
{{- end }}
|
||||
{{- if .Values.tls.securityContext }}
|
||||
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.tls.securityContext "context" $) | nindent 16 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ include "mongodb.fullname" . }}-mongodump
|
||||
image: {{ include "mongodb.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
env:
|
||||
{{- if .Values.auth.enabled }}
|
||||
{{- if .Values.auth.enabled }}
|
||||
- name: MONGODB_ROOT_USER
|
||||
value: {{ .Values.auth.rootUser | quote }}
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: MONGODB_ROOT_PASSWORD_FILE
|
||||
value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
|
||||
{{- else }}
|
||||
- name: MONGODB_ROOT_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "mongodb.secretName" . }}
|
||||
key: mongodb-root-password
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- name: MONGODB_SERVICE_NAME
|
||||
value: {{ include "mongodb.service.nameOverride" . }}
|
||||
- name: MONGODB_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.mongodb | quote }}
|
||||
- name: MONGODUMP_DIR
|
||||
value: {{ .Values.backup.cronjob.storage.mountPath }}
|
||||
{{- if include "common.fips.enabled" . }}
|
||||
- name: OPENSSL_FIPS
|
||||
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.backup.cronjob.fips "global" .Values.global) | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enabled }}
|
||||
- name: MONGODB_CLIENT_EXTRA_FLAGS
|
||||
value: --ssl --sslPEMKeyFile=/certs/mongodb.pem --sslCAFile=/certs/mongodb-ca-cert
|
||||
@@ -143,9 +160,13 @@ spec:
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
|
||||
{{- else }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- /bin/bash
|
||||
- -c
|
||||
- "mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz"
|
||||
- |
|
||||
{{- if and .Values.auth.enabled .Values.usePasswordFiles }}
|
||||
export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
|
||||
{{- end }}
|
||||
mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz
|
||||
{{- end }}
|
||||
{{- if .Values.backup.cronjob.resources }}
|
||||
resources: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.resources "context" $) | nindent 14 }}
|
||||
@@ -156,6 +177,10 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /tmp
|
||||
subPath: tmp-dir
|
||||
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
|
||||
- name: mongodb-secrets
|
||||
mountPath: /opt/bitnami/mongodb/secrets
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enabled }}
|
||||
- name: certs
|
||||
mountPath: /certs
|
||||
@@ -181,7 +206,12 @@ spec:
|
||||
- name: common-scripts
|
||||
configMap:
|
||||
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
|
||||
defaultMode: 0o550
|
||||
defaultMode: 0550
|
||||
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
|
||||
- name: mongodb-secrets
|
||||
secret:
|
||||
secretName: {{ include "mongodb.secretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enabled }}
|
||||
- name: certs
|
||||
emptyDir: {}
|
||||
@@ -192,10 +222,10 @@ spec:
|
||||
items:
|
||||
- key: mongodb-ca-cert
|
||||
path: mongodb-ca-cert
|
||||
mode: 0o600
|
||||
mode: 0600
|
||||
- key: mongodb-ca-key
|
||||
path: mongodb-ca-key
|
||||
mode: 0o600
|
||||
mode: 0600
|
||||
{{- else }}
|
||||
- name: mongodb-certs-0
|
||||
secret:
|
||||
|
||||
Reference in New Issue
Block a user