반응형
이전에 3scale 백업에 대한 포스팅을 했고,
OCP 3scale Operator 백업하기
Operat" data-og-host="flowlog.tistory.com" data-og-source-url="https://flowlog.tistory.com/35" data-og-url="https://flowlog.tistory.com/35" data-og-image="https://scrap.kakaocdn.net/dn/baK7SQ/hyPuEm..
flowlog.tistory.com
이제 자동화를 어떻게 할지 고민을 하는 중, 크론잡(cronjob)을 통해 진행하기로 했다.
그러기 위해선 oc cli가 필요하기 때문에 이미지를 새로 만들어야한다.
base image는 redhat에 인증된 ubi8 을 사용했다.
1. Dockerfile 작성
oc(OpenShift Command Line Interface) 명령어를 사용할 수 있는 프로그램을 /usr/bin에 넣고,
3scale backup 에 필요했던 jq, rsync 패키지를 설치했다.
FROM registry.access.redhat.com/ubi8/ubi
USER root
LABEL maintainer="Joonhyeok Lim"
# Update image
RUN yum update --disablerepo=* --enablerepo=ubi-8-appstream --enablerepo=ubi-8-baseos -y && rm -rf /var/cache/yum
RUN yum install --disablerepo=* --enablerepo=ubi-8-appstream --enablerepo=ubi-8-baseos httpd -y && rm -rf /var/cache/yum
# oci ADD
COPY ./oc /usr/bin
# Add default Web page and expose port
RUN echo "This `oc` CMD install"
RUN yum install jq rsync -y
# Start the service
CMD ["oc"]
2. Image Build & Push
이미지를 OCP registry에 업로드하여 사용하려했으나 이상하게 403 error 가 지속적으로 발생하여,
dockerhub에 업로드하기로 했다.
2.1. Docker Build
$ docker build --tag joon95/ubi8-oci:latest .2.2. Docker Push
push는 간단히 dockerhub에 로그인하고! push해주면 끝
$ docker login
$ docker push joon95/ubi8-oci:latest
2.3. 이미지 정상 기동 확인
간단하게 로컬에 기동 후 명령어를 날려보았다.
$ docker run --name oci joon95/ubi8-oci:latest /bin/sleep 203. OCP - ServiceAccount 생성 및 Anyuid 권한부여
크론잡(cronjob)을 실행할 서비스유저를 생성해준다. 필자는 backup-3scale-user 라고 만듬
anyuid 권한을 준 이유는 oc login을 할 경우 ~/.kube/config 파일을 생성하는중 퍼미션에러가 발생해서 주었다.
$ oc create sa backup-3scale-user -n 3scale
$ oc adm policy add-scc-to-user anyuid -z backup-3scale-user -n 3scale
4. Cronjob 작성
크론잡은 테스트로 1분마다 실행하도록 하였고,
주요 작업은 oc login / pv 마운트 / 백업폴더생성(yymmdd_hhiiss) / 백업 최신 5개 유지 이다.
pv/pvc는 미리 만들어두었다. pvc name : 3scale-backup
apiVersion: batch/v1
kind: CronJob
metadata:
namespace: 3scale
name: 3scale-backup-cronjob
spec:
schedule: "*/1 * * * *"
concurrencyPolicy: "Replace"
#startingDeadlineSeconds: 200
#suspend: false
successfulJobsHistoryLimit: 2
failedJobsHistoryLimit: 1
jobTemplate:
spec:
template:
metadata:
labels:
parent: "3scale-backup-cronjob"
spec:
containers:
- command: ["/bin/sh", "-c"]
args: [
"oc login -ukubeadmin -pZW2AD-6LEjX-682K7-GLfZq --server=https://api.wxwjm6kv.australiaeast.aroapp.io:6443
;oc project 3scale
;export BACK_DIR=`date +%Y%m%d_%H%M%S`
;mkdir -p /tmp/$BACK_DIR/dir
;cd /tmp/$BACK_DIR
;echo '###################### Secret/ConfigMap Backup START ######################'
;oc get secrets system-smtp -o json > system-smtp.json
;oc get secrets system-seed -o json > system-seed.json
;oc get secrets system-database -o json > system-database.json
;oc get secrets backend-internal-api -o json > backend-internal-api.json
;oc get secrets system-events-hook -o json > system-events-hook.json
;oc get secrets system-app -o json > system-app.json
;oc get secrets system-recaptcha -o json > system-recaptcha.json
;oc get secrets system-redis -o json > system-redis.json
;oc get secrets zync -o json > zync.json
;oc get secrets system-master-apicast -o json > system-master-apicast.json
;oc get configmaps system-environment -o json > system-environment.json
;oc get configmaps apicast-environment -o json > apicast-environment.json
;echo '###################### Secret/ConfigMap Backup END ########################'
;echo '###################### Mysql Backup START ########################'
;echo '###################### Mysql Backup END ########################'
;oc rsh $(oc get pods -l 'deploymentConfig=system-mysql' -o json | jq -r '.items[0].metadata.name') bash -c 'export MYSQL_PWD=${MYSQL_ROOT_PASSWORD}
;mysqldump --single-transaction -hsystem-mysql -uroot system' | gzip > system-mysql-backup.gz
;echo '###################### system-storage Backup START ########################'
;echo '###################### system-storage Backup END ########################'
;oc rsync $(oc get pods -l 'deploymentConfig=system-app' -o json | jq '.items[0].metadata.name' -r):/opt/system/public/system ./dir
;echo '###################### backend-redis Backup START ########################'
;echo '###################### backend-redis Backup END ########################'
;oc cp $(oc get pods -l 'deploymentConfig=backend-redis' -o json | jq '.items[0].metadata.name' -r):/var/lib/redis/data/dump.rdb ./backend-redis-dump.rdb
;echo '###################### system-redis Backup START ########################'
;echo '###################### system-redis Backup END ########################'
;oc cp $(oc get pods -l 'deploymentConfig=system-redis' -o json | jq '.items[0].metadata.name' -r):/var/lib/redis/data/dump.rdb ./system-redis-dump.rdb
;echo '###################### Zync-database Backup START ########################'
;echo '###################### Zync-database Backup END ########################'
;oc rsh $(oc get pods -l 'deploymentConfig=zync-database' -o json | jq -r '.items[0].metadata.name') bash -c 'pg_dump zync_production' | gzip > zync-database-backup.gz
;echo '\n\n###################### BACKUP INFO ########################\n'
;echo 'BACKUP DIR : /tmp/'$BACK_DIR
;ls -lR /tmp/$BACK_DIR/
;echo '\n\n###################### old backup file remove (last 5) ##################'
;cd /tmp
;ls -t | tail -n +6 | xargs rm -rf
;echo '###################### old backup file rmove END ########################'
;sleep 2",
]
image: registry.hub.docker.com/joon95/ubi8-oci:latest
imagePullPolicy: Always
name: job-3scale-backup
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- name: 3scale-backup-pvc
mountPath: /tmp/
securityContext:
runAsUser: 0
dnsPolicy: ClusterFirst
serviceAccountName: backup-3scale-user
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
restartPolicy: OnFailure
volumes:
- name: 3scale-backup-pvc
persistentVolumeClaim:
claimName: 3scale-backup$ oc create -f cronjob-3scale.yaml등록이 되었다.
5. 결과 확인
Login successful.
You have access to 71 projects, the list has been suppressed. You can list all projects with 'oc projects'
Using project "3scale".
Welcome! See 'oc help' to get started.
Already on project "3scale" on server "https://api.wxwjm6kv.australiaeast.aroapp.io:6443".
###################### Secret/ConfigMap Backup START ######################
###################### Secret/ConfigMap Backup END ########################
###################### Mysql Backup START ########################
###################### Mysql Backup END ########################
###################### system-storage Backup START ########################
###################### system-storage Backup END ########################
receiving incremental file list
system/
system/provider-name/
system/provider-name/2022/
system/provider-name/2022/08/
system/provider-name/2022/08/23/
system/provider-name/2022/08/23/desk-1233ed99f4b250fa.jpg
system/provider-name/2022/08/23/desk-2eb1546b3ee9c588.jpg
system/provider-name/2022/08/23/desk-3bf3589db80d2b7a.jpg
system/provider-name/2022/08/23/desk-6fe808cca058bfb9.jpg
system/provider-name/2022/08/23/desk-83997d4437e5e17f.jpg
system/provider-name/2022/08/23/desk-8ce71dced8b300ad.jpg
system/provider-name/2022/08/23/desk-918f6a354f70a4f3.jpg
system/provider-name/2022/08/23/desk-a42bb24b74b3ae9e.jpg
system/provider-name/2022/08/23/desk-bcfdac7c4e4d24e5.jpg
system/provider-name/2022/08/23/desk-c67926e7549b443f.jpg
system/provider-name/2022/08/23/desk-cb14eada8f2f17a7.jpg
system/provider-name/2022/08/23/desk-f8a4e73b798fdd53.jpg
sent 276 bytes received 2,647,547 bytes 1,765,215.33 bytes/sec
total size is 2,645,856 speedup is 1.00
Defaulted container "system-master" out of: system-master, system-provider, system-developer
###################### backend-redis Backup START ########################
###################### backend-redis Backup END ########################
tar: Removing leading `/' from member names
###################### system-redis Backup START ########################
###################### system-redis Backup END ########################
tar: Removing leading `/' from member names
###################### Zync-database Backup START ########################
###################### Zync-database Backup END ########################
###################### BACKUP INFO ########################
BACKUP DIR : /tmp/20220823_084010
/tmp/20220823_084010/:
tal 75
-rwxrwxrwx. 1 root root 896 Aug 23 08:40 apicast-environment.json
-rwxrwxrwx. 1 root root 531 Aug 23 08:40 backend-internal-api.json
-rwxrwxrwx. 1 root root 3504 Aug 23 08:40 backend-redis-dump.rdb
drwxrwxrwx. 2 root root 0 Aug 23 08:40 dir
-rwxrwxrwx. 1 root root 675 Aug 23 08:40 system-app.json
-rwxrwxrwx. 1 root root 590 Aug 23 08:40 system-database.json
-rwxrwxrwx. 1 root root 1254 Aug 23 08:40 system-environment.json
-rwxrwxrwx. 1 root root 567 Aug 23 08:40 system-events-hook.json
-rwxrwxrwx. 1 root root 609 Aug 23 08:40 system-master-apicast.json
-rwxrwxrwx. 1 root root 43427 Aug 23 08:40 system-mysql-backup.gz
-rwxrwxrwx. 1 root root 499 Aug 23 08:40 system-recaptcha.json
-rwxrwxrwx. 1 root root 4088 Aug 23 08:40 system-redis-dump.rdb
-rwxrwxrwx. 1 root root 581 Aug 23 08:40 system-redis.json
-rwxrwxrwx. 1 root root 799 Aug 23 08:40 system-seed.json
-rwxrwxrwx. 1 root root 699 Aug 23 08:40 system-smtp.json
-rwxrwxrwx. 1 root root 12769 Aug 23 08:40 zync-database-backup.gz
-rwxrwxrwx. 1 root root 734 Aug 23 08:40 zync.json
/tmp/20220823_084010/dir:
total 0
drwxrwxrwx. 2 root root 0 Aug 23 08:40 system
/tmp/20220823_084010/dir/system:
total 0
drwxrwxrwx. 2 root root 0 Aug 23 08:40 provider-name
/tmp/20220823_084010/dir/system/provider-name:
total 0
drwxrwxrwx. 2 root root 0 Aug 23 08:40 2022
/tmp/20220823_084010/dir/system/provider-name/2022:
total 0
drwxrwxrwx. 2 root root 0 Aug 23 08:40 08
/tmp/20220823_084010/dir/system/provider-name/2022/08:
total 0
drwxrwxrwx. 2 root root 0 Aug 23 08:40 23
/tmp/20220823_084010/dir/system/provider-name/2022/08/23:
tal 2586
-rwxrwxrwx. 1 root root 220488 Aug 23 02:36 desk-1233ed99f4b250fa.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:20 desk-2eb1546b3ee9c588.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 03:45 desk-3bf3589db80d2b7a.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:31 desk-6fe808cca058bfb9.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:09 desk-83997d4437e5e17f.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:10 desk-8ce71dced8b300ad.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 05:39 desk-918f6a354f70a4f3.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:53 desk-a42bb24b74b3ae9e.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:11 desk-bcfdac7c4e4d24e5.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 08:27 desk-c67926e7549b443f.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:14 desk-cb14eada8f2f17a7.jpg
-rwxrwxrwx. 1 root root 220488 Aug 23 01:09 desk-f8a4e73b798fdd53.jpg
###################### old backup file remove (last 5) ##################
###################### old backup file rmove END ########################실제 저장된 pv 내용
백업은 최신 5개만 유지되고,
백업된 파일들이 쭉~있다.
이로써 3scale 작업은 모두 종료된 것 같다.!
반응형
'엔지니어링 > 3scale' 카테고리의 다른 글
| [OCP] 3scale 백업 자동화 고도화하기 - 1편(도입부) (0) | 2022.08.31 |
|---|---|
| [OCP] 3scale Operator 리소스 조정(관리) (0) | 2022.08.24 |
| [OCP] 3scale Operator 복원(복구)하기 (0) | 2022.08.19 |
| [OCP] 3scale Operator 백업하기 (0) | 2022.08.19 |
| [OCP] 3scale Operator 설치 (0) | 2022.08.09 |