GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → kuberhost → Kube Backup

kuberhost / Kube Backup

Kubernetes resource yamls backup to git

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

kubernetesdevopskubernetes-monitoring

Projects that are alternatives of or similar to Kube Backup

Devops Guide
DevOps Guide - Development to Production all configurations with basic notes to debug efficiently.
Stars: ✭ 4,119 (+5319.74%)
Mutual labels:  devops, kubernetes-monitoring
Sematext Agent Docker
Sematext Docker Agent - host + container metrics, logs & event collector
Stars: ✭ 194 (+155.26%)
Mutual labels:  devops, kubernetes-monitoring
Kube Score
Kubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+1384.21%)
Mutual labels:  kubernetes-monitoring
Useful Tools
A list of useful tools and programs for developers, DevOps and SysAdmins
Stars: ✭ 74 (-2.63%)
Mutual labels:  devops
Awesome Cloud Native
A curated list for awesome cloud native tools, software and tutorials. - https://jimmysong.io/awesome-cloud-native/
Stars: ✭ 1,157 (+1422.37%)
Mutual labels:  devops
Roll
AWS Blue/Green deployment using Clojure flavoured devops
Stars: ✭ 66 (-13.16%)
Mutual labels:  devops
Saltstackcheatsheet
SaltStack Cheat Sheet
Stars: ✭ 70 (-7.89%)
Mutual labels:  devops
Terraform Modules
Reusable Terraform modules
Stars: ✭ 63 (-17.11%)
Mutual labels:  devops
Devops Resources
DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP
Stars: ✭ 1,194 (+1471.05%)
Mutual labels:  devops
Module Security Public
The public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers
Stars: ✭ 67 (-11.84%)
Mutual labels:  devops
Trusted Overlord
Aggregate AWS Trusted Advisor alarms, AWS Health notifications and AWS Support cases from several AWS accounts
Stars: ✭ 73 (-3.95%)
Mutual labels:  devops
Shell Operator
Shell-operator is a tool for running event-driven scripts in a Kubernetes cluster
Stars: ✭ 1,146 (+1407.89%)
Mutual labels:  devops
Docker Examples
There are many like it, but this one is mine.
Stars: ✭ 66 (-13.16%)
Mutual labels:  devops
Workflow Dispatch
A GitHub Action for triggering workflows, using the `workflow_dispatch` event
Stars: ✭ 72 (-5.26%)
Mutual labels:  devops
Catapult
💥 Catapult is a DevOps website management platform for development teams.
Stars: ✭ 64 (-15.79%)
Mutual labels:  devops
Cintodeutilidadesdocker
My Docker templates repository 🐳 ☁️ 🐳
Stars: ✭ 74 (-2.63%)
Mutual labels:  devops
Webterminal
ssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django
Stars: ✭ 1,124 (+1378.95%)
Mutual labels:  devops
Citrix Adc Metrics Exporter
Export metrics from Citrix ADC (NetScaler) to Prometheus
Stars: ✭ 67 (-11.84%)
Mutual labels:  devops
Sceptre
Build better AWS infrastructure
Stars: ✭ 1,160 (+1426.32%)
Mutual labels:  devops
Portable Ansible
Ansible without requirements to be installed (for pull-mode)
Stars: ✭ 75 (-1.32%)
Mutual labels:  devops
View All Similar Projects ➔

Kube-backup

Kubernetes resource state backup to git

Git structure

_global_ - global resources such as Node, ClusterRole, StorageClass
_grafana_ - grafana configs (when grafana enabled)
<namespace> - such as kube-system, default, etc...
  <ResourceType> - folder for each resource type
    <resource-name.yaml> - file for each resource

Screenshots

Deployment

Yaml manifests are in deploy folder.

Create Deployment Key

Github and gitlab support adding key only for one repository

  • Create repo
  • Generate ssh key ssh-keygen -f ./new_key
  • Add new ssh key to repo with write access
  • Save key to 2_config_map.yaml (see comments in file)

Testing Deployment

I recommend to run it periodically with kubernetes' CronJob resource, if you want to test how it works without waiting then can change running schedule or create pod with same parameters

Commands

  • kube_backup backup - pull remote git repository, save kubernetes state, make git commit in local repository
  • kube_backup push - push changes to remote repository
  • kube_backup help - shows help

Docker image by default runs kube_backup backup && kube_backup push

Config

  • GIT_REPO_URL - remote git URL like [email protected]:kuberhost/kube-backup.git (required)
  • BACKUP_VERBOSE use 1 to enable verbose logging
  • TARGET_PATH - local git repository folder, default ./kube_state
  • SKIP_NAMESPACES - namespaces to exclude, separated by coma (,)
  • ONLY_NAMESPACES - whitelist namespaces
  • GLOBAL_RESOURCES - override global resources list, default is node, apiservice, clusterrole, clusterrolebinding, podsecuritypolicy, storageclass, persistentvolume, customresourcedefinition, mutatingwebhookconfiguration, validatingwebhookconfiguration, priorityclass
  • EXTRA_GLOBAL_RESOURCES - use it to add resources to GLOBAL_RESOURCES list
  • SKIP_GLOBAL_RESOURCES - blacklist global resources
  • RESOURCES - default list of namespaces resources, see KubeBackup::TYPES
  • EXTRA_RESOURCES - use it to add resources to RESOURCES list
  • SKIP_RESOURCES - exclude resources
  • SKIP_OBJECTS - use it to skip individual objects, such as kube-backup/ConfigMap/kube-backup-ssh-config (separated by coma, spaces around coma ignored)
  • GIT_USER - default is kube-backup
  • GIT_EMAIL - default is [email protected]$(HOSTNAME)
  • GIT_BRANCH - Git branch, default is master
  • GIT_PREFIX - Path to the subdirectory in your repository
  • GRAFANA_URL - grafana api URL, e.g. https://grafana.my-cluster.com
  • GRAFANA_TOKEN - grafana API token, create at https://your-grafana/org/apikeys
  • TZ - timezone of commit times. e.g. :Europe/Berlin

Security

To avoid man in a middle attack it's recommended to provide known_hosts file. Default known_hosts contain keys for github.com, gitlab.com and bitbucket.org

Custom Resources

Let's say we have a cluster with prometheus and certmanager, they register custom resources and we want to add them in backup.

Get list of custom resource definitions:

$ kubectl get crd

NAME                                    CREATED AT
alertmanagers.monitoring.coreos.com     2018-06-27T10:33:00Z
certificates.certmanager.k8s.io         2018-06-27T09:39:43Z
clusterissuers.certmanager.k8s.io       2018-06-27T09:39:43Z
issuers.certmanager.k8s.io              2018-06-27T09:39:44Z
prometheuses.monitoring.coreos.com      2018-06-27T10:33:00Z
prometheusrules.monitoring.coreos.com   2018-06-27T10:33:00Z
servicemonitors.monitoring.coreos.com   2018-06-27T10:33:00Z

Or get more useful output:

$ kubectl get crd -o json | jq -r '.items | (.[] | [.spec.names.singular, .spec.group, .spec.scope]) | @tsv'
alertmanager    monitoring.coreos.com  Namespaced
certificate     certmanager.k8s.io     Namespaced
clusterissuer   certmanager.k8s.io     Cluster
issuer          certmanager.k8s.io     Namespaced
prometheus      monitoring.coreos.com  Namespaced
prometheusrule  monitoring.coreos.com  Namespaced
servicemonitor  monitoring.coreos.com  Namespaced

Set env variables in container spec:

env:
  - name: EXTRA_GLOBAL_RESOURCES
    value: clusterissuer
  - name: EXTRA_RESOURCES
    value: alertmanager, prometheus, prometheusrule, servicemonitor, certificate, issuer

Special thanks to Pieter Lange for original idea

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].