A simple project for exporting current Kubernetes resource files. Intended destination: git, bitbucket Supports multiple projects for destination paths.
Assuming python3 is installed.
pip3 install -r requirements.txt
check out the config.yaml
file for possible configurations.
Add or remove namespaces by modifying namespaces
Filter the kube-system
namespace if wanted: add kube-system to the list of namespaces
, and add apps to backup in the list of kube_system_filter
, or leave it blank []
define path to backup dir by modifying: repo_path
Add or remove apis by modifying resource_types
.
Note that the resource_types must have been defined in the k8s_client_apis.yaml
.
Define new resource types when necessary at k8s_client_apis.yaml
. Find the list of available APIS here: https://github.com/kubernetes-client/python/blob/master/kubernetes/README.md
Run:
k8s_yaml_exporter.py
-> exports resources from current cluster torepo_path
, assuming the cluster name is defined in the local cluster config in the formatSOMEIDENTIFIER_CLUSTERNAME
orCLUSTERNAME
. Iterates throughresource_types
.
python3 k8s_yaml_exporter.py
or run:
main.py
-> pullsremote_repo
torepo_path
assuming~/.ssh
exist locally. Exports resources from current cluster torepo_path
and overwrites any files with same name, commits changes, and pushes it toremote_repo
onremote_branch
.
python3 main.py
NOTE There are two environment variables available:
- CLUSTER_NAME: Overwrites the folder name
- KEEP_OLD: defaults to True. Set to false to delete files that are no longer running in cluster.
Run as cronjob in local kubernetes cluster.
Build docker image: docker build -t k8s-resources-backup:TAG .
You need to add id_rsa and known_hosts files as secret to the cluster.
Either run:
kubectl create secret generic k8s-resources-backup-ssh --from-file=id_rsa=id_rsa --from-file=known_hosts=known_hosts
or
apiVersion: v1
data:
id_rsa: <base64 encoded private-key>
known_hosts: <base64 encoded known_hosts>
kind: Secret
metadata:
name: k8s-resources-backup-ssh
namespace: default
type: Opaque
Deploying using kubectl
-
create secret;
kubectl create secret generic k8s-resources-backup-ssh --from-file=id_rsa=id_rsa --from-file=known_hosts=known_hosts
-
apply rbac;
kubectl apply -f k8s-resources-backup-rbac.yaml
If any errors, you might need permissions. try;
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin \
--user $(gcloud config get-value account)
-
apply configmap;
kubectl apply -f k8s-resources-backup-configmap.yaml
-
run cronjob;
kubectl apply -f k8s-resources-backup-cronjob.yaml
1