From 20b9fd021fda4be89175097eab1f0a361f88db7f Mon Sep 17 00:00:00 2001 From: ATM Platform Date: Tue, 16 Jun 2026 19:59:33 +0000 Subject: [PATCH] feat: backup diario pg_dump por tenant (CronJob + PVC) --- tenants/demo/50-backup.yaml | 55 +++++++++++++++++++++++++++++++++++ tenants/piloto/50-backup.yaml | 55 +++++++++++++++++++++++++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 tenants/demo/50-backup.yaml create mode 100644 tenants/piloto/50-backup.yaml diff --git a/tenants/demo/50-backup.yaml b/tenants/demo/50-backup.yaml new file mode 100644 index 0000000..a179e9b --- /dev/null +++ b/tenants/demo/50-backup.yaml @@ -0,0 +1,55 @@ +# Backup diario do Postgres do tenant demo (pg_dump -> PVC, retencao 7 dias) +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pg-backups + namespace: demo-prod +spec: + accessModes: [ReadWriteOnce] + storageClassName: local-path + resources: + requests: + storage: 5Gi +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: pg-backup + namespace: demo-prod +spec: + schedule: "0 2 * * *" + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 3 + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: pg-backup + image: postgres:16 + env: + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-credentials + key: password + command: ["/bin/sh", "-c"] + args: + - | + set -e + TS=$(date +%Y%m%d-%H%M%S) + for DB in athleticmap keycloak; do + echo "dump $DB ..." + pg_dump -h postgres -U atm -d "$DB" | gzip > "/backups/${DB}-${TS}.sql.gz" + done + find /backups -name '*.sql.gz' -mtime +7 -delete + echo "backups atuais:"; ls -lh /backups | tail -20 + volumeMounts: + - name: backups + mountPath: /backups + volumes: + - name: backups + persistentVolumeClaim: + claimName: pg-backups diff --git a/tenants/piloto/50-backup.yaml b/tenants/piloto/50-backup.yaml new file mode 100644 index 0000000..a1c5b2e --- /dev/null +++ b/tenants/piloto/50-backup.yaml @@ -0,0 +1,55 @@ +# Backup diario do Postgres do tenant piloto (pg_dump -> PVC, retencao 7 dias) +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pg-backups + namespace: piloto-prod +spec: + accessModes: [ReadWriteOnce] + storageClassName: local-path + resources: + requests: + storage: 5Gi +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: pg-backup + namespace: piloto-prod +spec: + schedule: "0 2 * * *" # diariamente 02:00 + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 3 + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: pg-backup + image: postgres:16 + env: + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-credentials + key: password + command: ["/bin/sh", "-c"] + args: + - | + set -e + TS=$(date +%Y%m%d-%H%M%S) + for DB in athleticmap keycloak; do + echo "dump $DB ..." + pg_dump -h postgres -U atm -d "$DB" | gzip > "/backups/${DB}-${TS}.sql.gz" + done + find /backups -name '*.sql.gz' -mtime +7 -delete + echo "backups atuais:"; ls -lh /backups | tail -20 + volumeMounts: + - name: backups + mountPath: /backups + volumes: + - name: backups + persistentVolumeClaim: + claimName: pg-backups