bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

longhorn: add b2 backup target

Browse Source
This commit is contained in:
Brad Stein 2026-02-06 18:28:05 -03:00
parent dd02a49626
commit e3ab256336
5 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
infrastructure/longhorn/core/backup-target.yaml Normal file
View File

@ -0,0 +1,10 @@
# infrastructure/longhorn/core/backup-target.yaml
apiVersion: longhorn.io/v1beta2
kind: BackupTarget
metadata:
name: default
namespace: longhorn-system
spec:
backupTargetURL: "s3://atlas-soteria@us-west-004/"
credentialSecret: longhorn-backup-b2
pollInterval: 5m0s

1
infrastructure/longhorn/core/kustomization.yaml
View File

@ -6,6 +6,7 @@ resources:
- vault-serviceaccount.yaml - vault-serviceaccount.yaml
- secretproviderclass.yaml - secretproviderclass.yaml
- vault-sync-deployment.yaml - vault-sync-deployment.yaml
- backup-target.yaml
- helmrelease.yaml - helmrelease.yaml
- longhorn-settings-ensure-job.yaml - longhorn-settings-ensure-job.yaml

18
infrastructure/longhorn/core/secretproviderclass.yaml
View File

@ -13,9 +13,27 @@ spec:
- objectName: "harbor-pull__dockerconfigjson" - objectName: "harbor-pull__dockerconfigjson"
secretPath: "kv/data/atlas/shared/harbor-pull" secretPath: "kv/data/atlas/shared/harbor-pull"
secretKey: "dockerconfigjson" secretKey: "dockerconfigjson"
- objectName: "longhorn_backup__AWS_ACCESS_KEY_ID"
secretPath: "kv/data/atlas/longhorn/backup-b2"
secretKey: "AWS_ACCESS_KEY_ID"
- objectName: "longhorn_backup__AWS_SECRET_ACCESS_KEY"
secretPath: "kv/data/atlas/longhorn/backup-b2"
secretKey: "AWS_SECRET_ACCESS_KEY"
- objectName: "longhorn_backup__AWS_ENDPOINTS"
secretPath: "kv/data/atlas/longhorn/backup-b2"
secretKey: "AWS_ENDPOINTS"
secretObjects: secretObjects:
- secretName: longhorn-registry - secretName: longhorn-registry
type: kubernetes.io/dockerconfigjson type: kubernetes.io/dockerconfigjson
data: data:
- objectName: harbor-pull__dockerconfigjson - objectName: harbor-pull__dockerconfigjson
key: .dockerconfigjson key: .dockerconfigjson
- secretName: longhorn-backup-b2
type: Opaque
data:
- objectName: longhorn_backup__AWS_ACCESS_KEY_ID
key: AWS_ACCESS_KEY_ID
- objectName: longhorn_backup__AWS_SECRET_ACCESS_KEY
key: AWS_SECRET_ACCESS_KEY
- objectName: longhorn_backup__AWS_ENDPOINTS
key: AWS_ENDPOINTS

3
services/maintenance/soteria-configmap.yaml
View File

@ -5,6 +5,9 @@ metadata:
name: soteria name: soteria
namespace: maintenance namespace: maintenance
data: data:
SOTERIA_BACKUP_DRIVER: "longhorn"
SOTERIA_LONGHORN_URL: "http://longhorn-backend.longhorn-system.svc:9500"
SOTERIA_LONGHORN_BACKUP_MODE: "incremental"
SOTERIA_RESTIC_REPOSITORY: "s3:s3.us-west-004.backblazeb2.com/atlas-soteria" SOTERIA_RESTIC_REPOSITORY: "s3:s3.us-west-004.backblazeb2.com/atlas-soteria"
SOTERIA_S3_ENDPOINT: "s3.us-west-004.backblazeb2.com" SOTERIA_S3_ENDPOINT: "s3.us-west-004.backblazeb2.com"
SOTERIA_S3_REGION: "us-west-004" SOTERIA_S3_REGION: "us-west-004"

3
services/maintenance/soteria-rbac.yaml
View File

@ -7,6 +7,9 @@ rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["secrets"] resources: ["secrets"]
verbs: ["get", "list", "create", "update", "delete"] verbs: ["get", "list", "create", "update", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims", "persistentvolumes"]
verbs: ["get", "list"]
- apiGroups: ["batch"] - apiGroups: ["batch"]
resources: ["jobs"] resources: ["jobs"]
verbs: ["get", "list", "create"] verbs: ["get", "list", "create"]