-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathopenstack-api-backup-cron.yaml
More file actions
68 lines (67 loc) · 2.17 KB
/
openstack-api-backup-cron.yaml
File metadata and controls
68 lines (67 loc) · 2.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: openstack-api-backup
namespace: openstack-api-backup
spec:
schedule: "5 * * * *"
concurrencyPolicy: Replace
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
securityContext:
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
containers:
- name: openstack-api-backup
image: ghcr.io/nerc-project/openstack-api-backup:main
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
capabilities:
drop:
- ALL
env:
- name: HOME
value: '/tmp'
- name: S3_ENDPOINT
valueFrom:
configMapKeyRef:
name: openstack-api-backup
key: s3_endpoint
- name: S3_BUCKET_URI
valueFrom:
configMapKeyRef:
name: openstack-api-backup
key: s3_bucket_uri
- name: BACKUP_ROTATE
valueFrom:
configMapKeyRef:
name: openstack-api-backup
key: backup_rotate
- name: BACKUP_DIR
value: '/backups'
- name: AWSCLI_CREDS
value: '/tmp/.aws/credentials'
volumeMounts:
- name: openstack-api-backup
mountPath: "/backups"
- name: openstack-api-backup-awscli-creds
mountPath: "/tmp/.aws/credentials"
subPath: 'credentials'
volumes:
- name: openstack-api-backup
persistentVolumeClaim:
claimName: openstack-api-backup
- name: openstack-api-backup-awscli-creds
secret:
secretName: openstack-api-backup
items:
- key: 'aws_credentials'
path: 'credentials'
defaultMode: 0400