search

epam / edp-cluster-add-ons

This repository contains a collection of pre-configured solutions for the KubeRocketCI Kubernetes Cluster deployments. It follows the GitOps methodology and utilizes the ArgoCD App of Apps pattern for streamlined configuration and deployment.
https://docs.kuberocketci.io/
Apache License 2.0
11 stars 12 forks source link

Implement Backup Settings for Sonar and Keycloak Databases #69

Closed Artem-Zahumonnyi closed 6 months ago

Artem-Zahumonnyi commented 6 months ago

Is your feature request related to a problem? Please describe. Currently, our Sonar and Keycloak databases lack a robust backup solution, leaving our critical data at risk of loss or corruption. This vulnerability poses a significant operational risk and can potentially lead to downtime and data recovery challenges.

Describe the solution you'd like I propose implementing backup settings for our Sonar and Keycloak databases using the PostgreSQL Operator (PGO) approach, as provided by Crunchy Data. This method offers a comprehensive and reliable backup and restore system that can be easily integrated into our existing Kubernetes environment. Specifically, I suggest configuring the PostgresCluster resources for both databases with the following specifications to enable automated backups with pgBackRest:

For Sonar Database:

For Keycloak Database:

Describe alternatives you've considered While there are other backup solutions available, such as manual backups or third-party services, the PGO approach is specifically designed for PostgreSQL databases running in Kubernetes. It offers seamless integration, Kubernetes-native operations, and the reliability of Crunchy Data's PostgreSQL expertise. This makes it a superior choice for our needs.

Additional context Examples

{{ if .Values.pgo.enabled}}
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
  name: keycloak
spec:
  image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.8-0
  postgresVersion: 14
  instances:
    - name: pgha1
      replicas: 2
      resources:
        requests:
          cpu: 50m
          memory: 512Mi
        limits:
          cpu: 500m
          memory: 1Gi
      dataVolumeClaimSpec:
        accessModes:
          - "ReadWriteOnce"
        resources:
          requests:
            storage: 5Gi
  users:
    - name: admin
      databases:
        - keycloak
      options: "SUPERUSER"
      password:
        type: AlphaNumeric

  backups:
    pgbackrest:
      image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.45-0
      global:
        log-level-console: info
        log-level-file: info
        repo1-retention-full: "14"
        repo1-retention-full-type: time
      repos:
        - name: repo1
          schedules:
            full: "40 14 * * 3"
            incremental: "20 */2 * * *"
          volume:
            volumeClaimSpec:
              accessModes:
                - "ReadWriteOnce"
              resources:
                requests:
                  storage: 5Gi
  patroni:
    dynamicConfiguration:
      postgresql:
        pg_hba:
          - "host all all 0.0.0.0/0 trust"
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
  name: postgresql
spec:
  image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.8-0
  postgresVersion: 14
  instances:
    - name: pgha1
      replicas: 2
      resources:
        requests:
          cpu: 50m
          memory: 512Mi
        limits:
          cpu: 500m
          memory: 1Gi
      dataVolumeClaimSpec:
        accessModes:
          - "ReadWriteOnce"
        resources:
          requests:
            storage: 5Gi
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            podAffinityTerm:
              topologyKey: topology.kubernetes.io/region
              labelSelector:
                matchLabels:
                  postgres-operator.crunchydata.com/cluster: postgresql
                  postgres-operator.crunchydata.com/instance-set: pgha1

  users:
    - name: sonar
      databases:
        - sonar
      options: "SUPERUSER"
      password:
        type: AlphaNumeric

  backups:
    pgbackrest:
      image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.45-0
      global:
        log-level-console: info
        log-level-file: info
        repo1-retention-full: "14"
        repo1-retention-full-type: time
      repos:
        - name: repo1
          schedules:
            full: "0 12 * * 1"
            incremental: "10 14 * * *"
          volume:
            volumeClaimSpec:
              accessModes:
                - "ReadWriteOnce"
              resources:
                requests:
                  storage: 5Gi
Artem-Zahumonnyi commented 6 months ago

The changes have been implemented