songtianlun
f27876c6ab
- Implement node affinity to prevent scheduling on vkvm-us2 - Update affinity section in daemonset.yaml - Ensure that the DaemonSet runs only on specific nodes This change introduces a node affinity rule to the DaemonSet configuration, allowing it to avoid scheduling on nodes labeled with `kubernetes.io/hostname` set to `vkvm-us2`. This helps to ensure resource allocation and performance by restricting the DaemonSet to the desired nodes.
120 lines
3.2 KiB
YAML
120 lines
3.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: node-backup-daemon
|
|
namespace: backup-system
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: node-backup
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: node-backup
|
|
spec:
|
|
#nodeSelector:
|
|
# kubernetes.io/hostname: "vkvm-us1"
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/hostname
|
|
operator: NotIn
|
|
values:
|
|
- vkvm-us2
|
|
# - matchExpressions:
|
|
# #- key: region
|
|
# # operator: NotIn
|
|
# # values:
|
|
# # - cn
|
|
# - key: kubernetes.io/hostname
|
|
# operator: In
|
|
# values:
|
|
# - zgocloud-us1
|
|
containers:
|
|
- name: backup-container
|
|
image: alpine:latest
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
# 安装依赖工具
|
|
apk add --no-cache bash s3cmd tar rsync curl jq
|
|
|
|
# 启动一个循环,每分钟检查一次触发文件
|
|
while true; do
|
|
bash /scripts/s3cmd-trigger.sh
|
|
date
|
|
sleep 60
|
|
done
|
|
env:
|
|
- name: NODE_NAME # 使用 Downward API 获取 Pod 运行的节点名
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: S3_ENDPOINT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: s3-credentials
|
|
key: endpoint
|
|
- name: S3_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: s3-credentials
|
|
key: access-key
|
|
- name: S3_SECRET_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: s3-credentials
|
|
key: secret-key
|
|
- name: S3_BUCKET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: s3-credentials
|
|
key: bucket
|
|
- name: S3_SUBPATH
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: backup-config
|
|
key: subpath
|
|
optional: true
|
|
- name: BACKUPS_TO_KEEP
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: backup-config
|
|
key: backups-to-keep
|
|
optional: true
|
|
- name: USE_HTTPS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: backup-config
|
|
key: use-https
|
|
optional: true
|
|
- name: SIGNATURE_V2
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: backup-config
|
|
key: signature-v2
|
|
optional: true
|
|
volumeMounts:
|
|
- name: host-data
|
|
mountPath: /data
|
|
- name: scripts
|
|
mountPath: /scripts
|
|
- name: feishu-webhook-volume
|
|
mountPath: /etc/feishu-webhook # 挂载飞书 Webhook Secret
|
|
readOnly: true
|
|
volumes:
|
|
- name: host-data
|
|
hostPath:
|
|
path: /data
|
|
- name: scripts
|
|
configMap:
|
|
name: backup-script
|
|
defaultMode: 0755
|
|
- name: feishu-webhook-volume
|
|
secret:
|
|
secretName: feishu-webhook
|