From c8573acbc1a8d1d22b6f1a91b92138b59f37bb84 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sun, 14 Dec 2025 01:41:45 +0000 Subject: [PATCH] save --- .../scripts/backup_k8s_storage_to_s3.sh | 30 +++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/mist_infra/scripts/backup_k8s_storage_to_s3.sh b/mist_infra/scripts/backup_k8s_storage_to_s3.sh index b904ed0..afa59d7 100644 --- a/mist_infra/scripts/backup_k8s_storage_to_s3.sh +++ b/mist_infra/scripts/backup_k8s_storage_to_s3.sh @@ -6,7 +6,6 @@ set -euo pipefail # ----------------------------- NAMESPACE="default" - PG_ENABLED=true PG_SECRET_NAME="postgres-secret" PG_POD_SELECTOR="app=postgres" @@ -31,10 +30,16 @@ echo "=== Backup started at $(date -u) ===" if [[ "$PG_ENABLED" == "true" ]]; then echo "=== Postgres pg_dump enabled ===" - POSTGRES_POD=$(kubectl get pod \ + POSTGRES_POD=$(kubectl get pods \ -n "$NAMESPACE" \ -l "$PG_POD_SELECTOR" \ - -o jsonpath='{.items[0].metadata.name}') + -o jsonpath='{.items[*].metadata.name}' | awk '{print $1}') + + if [[ -z "$POSTGRES_POD" ]]; then + echo "❌ No Postgres pod found" + kubectl get pods -n "$NAMESPACE" + exit 1 + fi POSTGRES_USER=$(kubectl get secret "$PG_SECRET_NAME" \ -n "$NAMESPACE" \ @@ -53,6 +58,14 @@ if [[ "$PG_ENABLED" == "true" ]]; then echo "✔ pg_dump complete ($(du -h "$BACKUP_DIR/postgres.sql" | cut -f1))" fi +# ----------------------------- +# Normalise permissions (IMPORTANT) +# ----------------------------- +echo "=== Normalising permissions on $K8S_STORAGE_ROOT ===" + +# Ensure backup user can read everything, without breaking apps +sudo chmod -R a+rX "$K8S_STORAGE_ROOT" || true + # ----------------------------- # Build tar exclude args # ----------------------------- @@ -66,11 +79,14 @@ done # ----------------------------- echo "=== Archiving k8s storage ===" -tar -czf "$BACKUP_DIR/k8s_storage_$DATE.tar.gz" \ +tar \ + --ignore-failed-read \ + --warning=no-file-changed \ + -czf "$BACKUP_DIR/k8s_storage_$DATE.tar.gz" \ "${TAR_EXCLUDE_ARGS[@]}" \ "$K8S_STORAGE_ROOT" -echo "✔ k8s_storage archived" +echo "✔ k8s_storage archived ($(du -h "$BACKUP_DIR/k8s_storage_$DATE.tar.gz" | cut -f1))" # ----------------------------- # Upload to S3 @@ -85,7 +101,9 @@ echo "✔ Uploaded to $S3_BUCKET" # Restore instructions # ----------------------------- echo "" -echo "=== RESTORE GUIDE ===" +echo "========================================" +echo "=== RESTORE GUIDE" +echo "========================================" echo "" echo "Restore volumes:" echo " sudo tar -xzf k8s_storage_$DATE.tar.gz -C /"