search

vitobotta / hetzner-k3s

The easiest and fastest way to create and manage Kubernetes clusters in Hetzner Cloud using the lightweight distribution k3s by Rancher.
MIT License
1.91k stars 141 forks source link

add support for etcd backups with s3 storage #471

Open Kennybll opened 1 month ago

Kennybll commented 1 month ago

K3S has built in support for uploading snapshots of the embedded etcd database to S3. This PR adds the settings to enable that to the configuration file.

If the s3 settings are not included it will default to not being enabled, to ensure backward compatibility.

I also added a check to make sure it is only enabled when using the etcd datastore mode.

It may also work with other S3 compatible providers. I cannot give a list, however I tested it with Backblaze B2 and it worked.

An example when uploading to AWS S3 in the us-east-1 region:

datastore:
  mode: etcd
  s3:
    enabled: true
    access_key: EXAMPLE_ACCESS_KEY
    secret_key: EXAMPLE_SECRET_KEY
    bucket: EXAMPLE_BUCKET
Kennybll commented 3 weeks ago

I realize it was outside the scope of this PR, but after the request to refactor the structor of the cluster_config.yaml options I figured I would add some of the additional back up options.

The only backup option I could not figure out was schedule_cron. I could not get it to work correctly for the life of me. Maybe it's the way the string was getting parsed with all of the quotes. That can be saved for a future PR. Note to self, I was looking at creating a /etc/rancher/k3s/config.yaml file with the snapshot-cron value, instead of passing it as an arg to the k3s binary.

vitobotta commented 3 weeks ago

I realize it was outside the scope of this PR, but after the request to refactor the structor of the cluster_config.yaml options I figured I would add some of the additional back up options.

The only backup option I could not figure out was schedule_cron. I could not get it to work correctly for the life of me. Maybe it's the way the string was getting parsed with all of the quotes. That can be saved for a future PR. Note to self, I was looking at creating a /etc/rancher/k3s/config.yaml file with the snapshot-cron value, instead of passing it as an arg to the k3s binary.

Can you share more details on the issue you had with that setting? It should be a regular string if it's in cron format, isn't that the case?

Kennybll commented 3 weeks ago

The only backup option I could not figure out was schedule_cron. I could not get it to work correctly for the life of me. Maybe it's the way the string was getting parsed with all of the quotes. That can be saved for a future PR. Note to self, I was looking at creating a /etc/rancher/k3s/config.yaml file with the snapshot-cron value, instead of passing it as an arg to the k3s binary.

Can you share more details on the issue you had with that setting? It should be a regular string if it's in cron format, isn't that the case?

I tried every variation I could think of for a cli flag. None of them worked. I even tried manually setting it in master_install_script.sh in case it was the YAML parser being weird. If you are able to get it to work that would be awesome as it would be cleaner. --etcd-snapshot-schedule-cron="* * * * *" --etcd-snapshot-schedule-cron='* * * * *' --etcd-snapshot-schedule-cron=* * * * * --etcd-snapshot-schedule-cron * * * * *

Based on this comment https://github.com/k3s-io/k3s/issues/5983#issuecomment-1215741365, I was able to get it to work using a config file. So if snapshot-cron is set, the master_install_script.sh will create a file /etc/rancher/k3s/config.yaml.d/hetzner-k3s.yaml with the flag. If the option is removed, then it will delete that config file if it exists.

Whenever a cli flag changes the k3s service will automatically restart when rerunning the master_install_script.sh. However, if a config file changes, the service will not restart. I created an issue in the k3s repo https://github.com/k3s-io/k3s/issues/11180. But in the meantime we would have to manually restart the k3s service, just in case there are changes in a config file, even if there are none.

vitobotta commented 3 weeks ago

I see, good idea to open an issue there. Did you also try normal escaping with \"?

sonarcloud[bot] commented 3 weeks ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Kennybll commented 3 weeks ago

Yes, I tried escaping with \\" and also \\\\" just in case

vitobotta commented 3 weeks ago

Yes, I tried escaping with \" and also \\" just in case

I see. Thanks for the clarification

Thijmen commented 6 hours ago

I saw this PR and I am very curious about this. What is the timeline for this PR, when can we expect it in a possible release?

vitobotta commented 5 hours ago

I saw this PR and I am very curious about this. What is the timeline for this PR, when can we expect it in a possible release?

I can't say exactly when it'll be done because I have some other important things to take care of right now, but it will definitely be part of one of the upcoming releases.

Thijmen commented 4 hours ago

@vitobotta thanks for getting back with me, I'll just keep an eye on this PR in that case! :)

vitobotta commented 3 hours ago

@vitobotta thanks for getting back with me, I'll just keep an eye on this PR in that case! :)

Np :)