hads/postgres-backup
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
postgres-backup/k8s-cronjob.yaml
Hadley Rich ac44356633
All checks were successful
Docker Build and Push / build (push) Successful in 35s
Details
Add healthchecks
2025-07-30 15:53:51 +12:00

92 lines
3.0 KiB
YAML
Raw Permalink Blame History

apiVersion: batch/v1
kind: CronJob
metadata:
name: postgres-backup
namespace: default
spec:
# Run daily at 2:00 AM
schedule: "0 2 * * *"
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: postgres-backup
image: your-registry/postgres-backup:latest
imagePullPolicy: Always
env:
# PostgreSQL connection settings
- name: POSTGRES_HOST
value: "postgres-service.database.svc.cluster.local"
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-backup-secret
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-backup-secret
key: postgres-password
# Optionally specify specific databases (comma-separated)
# If not set, all databases will be backed up
- name: POSTGRES_DATABASES
value: "myapp,analytics"
# S3-compatible storage settings
- name: S3_BUCKET
value: "my-postgres-backups"
- name: S3_PREFIX
value: "production/postgres-backups"
- name: S3_ENDPOINT
value: "https://s3.your-provider.com" # Required for third-party S3
- name: S3_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: postgres-backup-secret
key: s3-access-key-id
- name: S3_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: postgres-backup-secret
key: s3-secret-access-key
- name: S3_REGION
value: "us-east-1"
# Backup settings
- name: BACKUP_RETENTION_DAYS
value: "7"
# Healthchecks.io monitoring
- name: HEALTHCHECKS_URL
valueFrom:
secretKeyRef:
name: postgres-backup-secret
key: healthchecks-url
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
# Security context
securityContext:
runAsNonRoot: true
runAsUser: 1001
runAsGroup: 1001
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
# Temporary volume for backup files
volumeMounts:
- name: tmp-volume
mountPath: /backups
volumes:
- name: tmp-volume
emptyDir: {}
# Job settings
activeDeadlineSeconds: 3600 # 1 hour timeout
backoffLimit: 2
Reference in New Issue View Git Blame Copy Permalink