-
Notifications
You must be signed in to change notification settings - Fork 158
/
Copy pathelasticsearch-blueprint.yaml
81 lines (81 loc) · 3.19 KB
/
elasticsearch-blueprint.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
apiVersion: cr.kanister.io/v1alpha1
kind: Blueprint
metadata:
name: elasticsearch-blueprint
actions:
backup:
outputArtifacts:
cloudObject:
keyValue:
backupLocation: "{{ .Phases.backupToObjectStore.Output.backupLocation }}"
phases:
- func: KubeTask
name: backupToObjectStore
objects:
esMasterCredSecret:
kind: Secret
name: "{{ index .Object.metadata.labels.app }}-credentials"
namespace: "{{ .StatefulSet.Namespace }}"
args:
namespace: "{{ .StatefulSet.Namespace }}"
image: "ghcr.io/kanisterio/es-sidecar:0.112.0"
command:
- bash
- -o
- errexit
- -o
- pipefail
- -c
- |
host_name="{{ .Object.spec.serviceName }}.{{ .StatefulSet.Namespace }}.svc.cluster.local"
BACKUP_LOCATION=es_backups/{{ .StatefulSet.Namespace }}/{{ .StatefulSet.Name }}/{{ toDate "2006-01-02T15:04:05.999999999Z07:00" .Time | date "2006-01-02T15:04:05Z07:00" }}/backup.gz
master_username="{{ index .Phases.backupToObjectStore.Secrets.esMasterCredSecret.Data "username" | toString }}"
master_password="{{ index .Phases.backupToObjectStore.Secrets.esMasterCredSecret.Data "password" | toString }}"
NODE_TLS_REJECT_UNAUTHORIZED=0 elasticdump --bulk=true --input=https://${master_username}:${master_password}@${host_name}:9200 --output=/backup
gzip /backup
kando location push --profile '{{ toJson .Profile }}' /backup.gz --path $BACKUP_LOCATION
kando output backupLocation $BACKUP_LOCATION
restore:
inputArtifactNames:
- cloudObject
phases:
- func: KubeTask
name: restoreFromObjectStore
objects:
esMasterCredSecret:
kind: Secret
name: "{{ index .Object.metadata.labels.app }}-credentials"
namespace: "{{ .StatefulSet.Namespace }}"
args:
namespace: "{{ .StatefulSet.Namespace }}"
image: "ghcr.io/kanisterio/es-sidecar:0.112.0"
command:
- bash
- -o
- errexit
- -o
- pipefail
- -c
- |
host_name="{{ .Object.spec.serviceName }}.{{ .StatefulSet.Namespace }}.svc.cluster.local"
master_username="{{ index .Phases.restoreFromObjectStore.Secrets.esMasterCredSecret.Data "username" | toString }}"
master_password="{{ index .Phases.restoreFromObjectStore.Secrets.esMasterCredSecret.Data "password" | toString }}"
kando location pull --profile '{{ toJson .Profile }}' --path '{{ .ArtifactsIn.cloudObject.KeyValue.backupLocation }}' - | gunzip | NODE_TLS_REJECT_UNAUTHORIZED=0 elasticdump --bulk=true --input=$ --output=https://${master_username}:${master_password}@${host_name}:9200
delete:
inputArtifactNames:
- cloudObject
phases:
- func: KubeTask
name: deleteFromObjectStore
args:
namespace: "{{ .Namespace.Name }}"
image: "ghcr.io/kanisterio/es-sidecar:0.112.0"
command:
- bash
- -o
- errexit
- -o
- pipefail
- -c
- |
kando location delete --profile '{{ toJson .Profile }}' --path '{{ .ArtifactsIn.cloudObject.KeyValue.backupLocation }}'