Backup of postgres in a kubernetes pod (and a docker container)

Kubernetes is a lot of things, some cool, some vexsome.

One of the things is that it does not necessarily make it easy to make backups of data stored in pods.  And if the data is a database you can't really back it up from the outside in the data storage mount either since the backup is liable to become inconsistent and unusable. You have to deal with the database engine to get a consistent backup.

At work we have a self hosted kubernetes cluster and quite a bit og old fashioned infrastructure too.  Lately some postgres databases have been deployed here with the bitnami helm chart.

We use automation tools to set up backups and all kinds of things.  And in these tools we prefer not to put passwords if we can avoid it.

One _could_ make a backup using pg_dump or similar giving it the pod IP, username and password, but we'd like to avoid that.

Examining the bitnami postgres pod it was set up quite interestingly with postgres running at uid 1001 which does not have a user account associated. This is apparently to accomodate openshift.  It also makes it quite hard to run psql inside the pod:

$ psql  
psql: local user with ID 1001 does not exist

There are additional things that complicate it.  Studying the github issues for the helm chart I found that the makers of this had a workaround.  After experimenting with kubectl I managed to construct a command that does not require us to put the database password into the backup script:

kubectl exec -n $NAMESPACE $PODNAME -- bash -c ". /opt/bitnami/scripts/libpostgresql.sh && postgresql_enable_nss_wrapper && PGPASSWORD=\$POSTGRES_PASSWORD pg_dump $OPTS -c -U postgres $DB"

The magic is in libpostgresql.sh and the postgresql_enable_nss_wrapper, which makes the user "postgres" defined for the commands that follow.

You have to supply the environment variables NAMESPACE, PODNAME, the optional OPTS for options and DB yourself. POSTGRES_PASSWORD is taken from the deployed pod.


Comments

Popular posts from this blog

DLNA servers for our Samsung TV on Linux

Forbruker vs. selger

Bluray with menus on Linux - on Ubuntu