SGBackupConfig

Kind: SGBackupConfig

listKind: SGBackupConfigList

plural: sgbackupconfigs

singular: sgbackupconfig

shortNames sgbac

WARNING: This CRD has been deprecated and is replaced by the SGObjectStorage CRD that have to be specified by the new section .spec.configurations.backups in the SGCluster CRD.

Backup configuration allows to specify when and how backups are performed. By default, this is done at 5am UTC in a window of 1 hour. You may change this value in order to perform backups for another time zone and period of time. The SGBackupConfig custom resource represents the backup configuration of a Postgres cluster.

Example:

apiVersion: stackgres.io/v1
kind: SGBackupConfig
metadata:
  name: backupconf
spec:
  baseBackups:
    retention: 5
    cronSchedule: 0 5 * * *
    compression: lz4
    performance:
      maxDiskBandwitdh: 26214400 #25 MB per seceod
      maxNetworkBandwitdh: 52428800 #50 MB per second
      uploadDiskConcurrency: 2
  storage:
    type: s3Compatible
    s3Compatible:
      bucket: stackgres
      region: k8s
      enablePathStyleAddressing: true
      endpoint: http://my-cluster-minio:9000
      awsCredentials:
        secretKeySelectors:
          accessKeyId:
            key: accesskey
            name: my-cluster-minio
          secretAccessKey:
            key: secretkey
            name: my-cluster-minio

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

apiVersion string stackgres.io/v1
kind string SGBackupConfig
metadata object Refer to the Kubernetes API documentation for the fields of the metadata field.
spec object

SGBackupConfig.spec

↩ Parent

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

storage object Backup storage configuration.
baseBackups object Back backups configuration.

SGBackupConfig.spec.storage

↩ Parent

Backup storage configuration.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

type enum Determine the type of object storage used for storing the base backups and WAL segments. Possible values:

  • s3: Amazon Web Services S3 (Simple Storage Service).
  • s3Compatible: non-AWS services that implement a compatibility API with AWS S3.
  • gcs: Google Cloud Storage.
  • azureBlob: Microsoft Azure Blob Storage.

    Enum: s3, s3Compatible, gcs, azureBlob
azureBlob object Azure Blob Storage configuration.
gcs object Google Cloud Storage configuration.
s3 object Amazon Web Services S3 configuration.
s3Compatible object AWS S3-Compatible API configuration

SGBackupConfig.spec.storage.azureBlob

↩ Parent

Azure Blob Storage configuration.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

azureCredentials object The credentials to access Azure Blob Storage for writing and reading.
bucket string Azure Blob Storage bucket name.
path string Optional path within the Azure Blob bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the SGCluster.metadata.name.
SGBackupConfig.spec.storage.azureBlob.azureCredentials

↩ Parent

The credentials to access Azure Blob Storage for writing and reading.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

secretKeySelectors object Kubernetes SecretKeySelector(s) to reference the Secret(s) that contain the information about the azureCredentials. . Note that you may use the same or different Secrets for the storageAccount and the accessKey. In the former case, the keys that identify each must be, obviously, different.
SGBackupConfig.spec.storage.azureBlob.azureCredentials.secretKeySelectors

↩ Parent

Kubernetes SecretKeySelector(s) to reference the Secret(s) that contain the information about the azureCredentials. . Note that you may use the same or different Secrets for the storageAccount and the accessKey. In the former case, the keys that identify each must be, obviously, different.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

accessKey object The storage account access key.
storageAccount object The Storage Account that contains the Blob bucket to be used.
SGBackupConfig.spec.storage.azureBlob.azureCredentials.secretKeySelectors.accessKey

↩ Parent

The storage account access key.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.
SGBackupConfig.spec.storage.azureBlob.azureCredentials.secretKeySelectors.storageAccount

↩ Parent

The Storage Account that contains the Blob bucket to be used.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.

SGBackupConfig.spec.storage.gcs

↩ Parent

Google Cloud Storage configuration.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

bucket string GCS bucket name.
gcpCredentials object The credentials to access GCS for writing and reading.
path string Optional path within the GCS bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the SGCluster.metadata.name.
SGBackupConfig.spec.storage.gcs.gcpCredentials

↩ Parent

The credentials to access GCS for writing and reading.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

fetchCredentialsFromMetadataService boolean If true, the credentials will be fetched from the GCE/GKE metadata service and the field secretKeySelectors have to be set to null or omitted.

This is useful when running StackGres inside a GKE cluster using Workload Identity.

secretKeySelectors object A Kubernetes SecretKeySelector to reference the Secrets that contain the information about the Service Account to access GCS.
SGBackupConfig.spec.storage.gcs.gcpCredentials.secretKeySelectors

↩ Parent

A Kubernetes SecretKeySelector to reference the Secrets that contain the information about the Service Account to access GCS.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

serviceAccountJSON object A service account key from GCP. In JSON format, as downloaded from the GCP Console.
SGBackupConfig.spec.storage.gcs.gcpCredentials.secretKeySelectors.serviceAccountJSON

↩ Parent

A service account key from GCP. In JSON format, as downloaded from the GCP Console.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.

SGBackupConfig.spec.storage.s3

↩ Parent

Amazon Web Services S3 configuration.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

awsCredentials object The credentials to access AWS S3 for writing and reading.
bucket string AWS S3 bucket name.
path string Optional path within the S3 bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the SGCluster.metadata.name.
region string The AWS S3 region. The Region may be detected using s3:GetBucketLocation, but if you wish to avoid giving permissions to this API call or forbid it from the applicable IAM policy, you must then specify this property.
storageClass string The Amazon S3 Storage Class to use for the backup object storage. By default, the STANDARD storage class is used. Other supported values include STANDARD_IA for Infrequent Access and REDUCED_REDUNDANCY.
SGBackupConfig.spec.storage.s3.awsCredentials

↩ Parent

The credentials to access AWS S3 for writing and reading.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

secretKeySelectors object Kubernetes SecretKeySelector(s) to reference the Secrets that contain the information about the awsCredentials. Note that you may use the same or different Secrets for the accessKeyId and the secretAccessKey. In the former case, the keys that identify each must be, obviously, different.
SGBackupConfig.spec.storage.s3.awsCredentials.secretKeySelectors

↩ Parent

Kubernetes SecretKeySelector(s) to reference the Secrets that contain the information about the awsCredentials. Note that you may use the same or different Secrets for the accessKeyId and the secretAccessKey. In the former case, the keys that identify each must be, obviously, different.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

accessKeyId object AWS access key ID. For example, AKIAIOSFODNN7EXAMPLE.
secretAccessKey object AWS secret access key. For example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.
SGBackupConfig.spec.storage.s3.awsCredentials.secretKeySelectors.accessKeyId

↩ Parent

AWS access key ID. For example, AKIAIOSFODNN7EXAMPLE.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.
SGBackupConfig.spec.storage.s3.awsCredentials.secretKeySelectors.secretAccessKey

↩ Parent

AWS secret access key. For example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.

SGBackupConfig.spec.storage.s3Compatible

↩ Parent

AWS S3-Compatible API configuration

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

awsCredentials object The credentials to access AWS S3 for writing and reading.
bucket string Bucket name.
enablePathStyleAddressing boolean Enable path-style addressing (i.e. http://s3.amazonaws.com/BUCKET/KEY) when connecting to an S3-compatible service that lacks support for sub-domain style bucket URLs (i.e. http://BUCKET.s3.amazonaws.com/KEY).

Defaults to false.

endpoint string Overrides the default url to connect to an S3-compatible service. For example: http://s3-like-service:9000.
path string Optional path within the S3 bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the SGCluster.metadata.name.
region string The AWS S3 region. The Region may be detected using s3:GetBucketLocation, but if you wish to avoid giving permissions to this API call or forbid it from the applicable IAM policy, you must then specify this property.
storageClass string The Amazon S3 Storage Class to use for the backup object storage. By default, the STANDARD storage class is used. Other supported values include STANDARD_IA for Infrequent Access and REDUCED_REDUNDANCY.
SGBackupConfig.spec.storage.s3Compatible.awsCredentials

↩ Parent

The credentials to access AWS S3 for writing and reading.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

secretKeySelectors object Kubernetes SecretKeySelector(s) to reference the Secret(s) that contain the information about the awsCredentials. Note that you may use the same or different Secrets for the accessKeyId and the secretAccessKey. In the former case, the keys that identify each must be, obviously, different.
SGBackupConfig.spec.storage.s3Compatible.awsCredentials.secretKeySelectors

↩ Parent

Kubernetes SecretKeySelector(s) to reference the Secret(s) that contain the information about the awsCredentials. Note that you may use the same or different Secrets for the accessKeyId and the secretAccessKey. In the former case, the keys that identify each must be, obviously, different.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

accessKeyId object AWS access key ID. For example, AKIAIOSFODNN7EXAMPLE.
secretAccessKey object AWS secret access key. For example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.
SGBackupConfig.spec.storage.s3Compatible.awsCredentials.secretKeySelectors.accessKeyId

↩ Parent

AWS access key ID. For example, AKIAIOSFODNN7EXAMPLE.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.
SGBackupConfig.spec.storage.s3Compatible.awsCredentials.secretKeySelectors.secretAccessKey

↩ Parent

AWS secret access key. For example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

key string The key of the secret to select from. Must be a valid secret key.
name string Name of the referent. More information.

SGBackupConfig.spec.baseBackups

↩ Parent

Back backups configuration.

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

compression enum Specifies the backup compression algorithm. Possible options are: lz4, lzma, brotli. The default method is lz4. LZ4 is the fastest method, but compression ratio is the worst. LZMA is way slower, but it compresses backups about 6 times better than LZ4. Brotli is a good trade-off between speed and compression ratio, being about 3 times better than LZ4.

Enum: lz4, lzma, brotli
cronSchedule string Continuous Archiving backups are composed of periodic base backups and all the WAL segments produced in between those base backups. This parameter specifies at what time and with what frequency to start performing a new base backup.

Use cron syntax (m h dom mon dow) for this parameter, i.e., 5 values separated by spaces:

  • m: minute, 0 to 59.
  • h: hour, 0 to 23.
  • dom: day of month, 1 to 31 (recommended not to set it higher than 28).
  • mon: month, 1 to 12.
  • dow: day of week, 0 to 7 (0 and 7 both represent Sunday).

Also ranges of values (start-end), the symbol * (meaning first-last) or even */N, where N is a number, meaning ““every N, may be used. All times are UTC. It is recommended to avoid 00:00 as base backup time, to avoid overlapping with any other external operations happening at this time.

If not set, full backups are performed everyday at 05:00 UTC.

performance object
retention integer Define the number of backups with managed lifecycle to keep, in a sliding window.

Consequently, the time range covered by backups is periodicity*retention, where periodicity is the separation between backups as specified by the cronSchedule property.

WAL files before the oldest backup with managed lifecycle will also be removed. So that, when retention is applied, the oldest WAL available will be periodicity*retention old.

Default is 5.

Minimum: 1

SGBackupConfig.spec.baseBackups.performance

↩ Parent

Property
Required
Updatable
May Require Restart
Type
 Description

Workaround for hugo bug not rendering first table row

maxDiskBandwidth integer Maximum disk read I/O when performing a backup. In bytes (per second).
maxDiskBandwitdh integer Deprecated: use instead maxDiskBandwidth.

Maximum disk read I/O when performing a backup. In bytes (per second).

maxNetworkBandwidth integer Maximum storage upload bandwidth used when storing a backup. In bytes (per second).
maxNetworkBandwitdh integer Deprecated: use instead maxNetworkBandwidth.

Maximum storage upload bandwidth used when storing a backup. In bytes (per second).

uploadDiskConcurrency integer Backup storage may use several concurrent streams to store the data. This parameter configures the number of parallel streams to use. By default, it’s set to 1 (use one stream).

Minimum: 1