666 lines
38 KiB
YAML
666 lines
38 KiB
YAML
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
name: sgbackups.stackgres.io
|
|
spec:
|
|
group: stackgres.io
|
|
scope: Namespaced
|
|
names:
|
|
kind: SGBackup
|
|
listKind: SGBackupList
|
|
plural: sgbackups
|
|
singular: sgbackup
|
|
shortNames:
|
|
- sgbkp
|
|
versions:
|
|
- name: v1
|
|
served: true
|
|
storage: true
|
|
additionalPrinterColumns:
|
|
- name: cluster
|
|
type: string
|
|
jsonPath: .spec.sgCluster
|
|
- name: managed
|
|
type: string
|
|
jsonPath: .spec.managedLifecycle
|
|
- name: status
|
|
type: string
|
|
jsonPath: .status.process.status
|
|
- name: pg-version
|
|
type: string
|
|
jsonPath: .status.backupInformation.postgresVersion
|
|
priority: 1
|
|
- name: compressed-size
|
|
type: integer
|
|
format: byte
|
|
jsonPath: .status.backupInformation.size.compressed
|
|
priority: 1
|
|
- name: timeline
|
|
type: string
|
|
jsonPath: .status.backupInformation.timeline
|
|
priority: 1
|
|
schema:
|
|
openAPIV3Schema:
|
|
type: object
|
|
required: [metadata, spec]
|
|
description: |
|
|
A manual or automatically generated backup of an SGCluster configured with backups.
|
|
|
|
When a SGBackup is created a Job will perform a full backup of the database and update the status of the SGBackup
|
|
with the all the information required to restore it and some stats (or a failure message in case something unexpected
|
|
happened).
|
|
Backup generated by SGBackup are stored in the object storage configured with an SGObjectStorage together with the WAL
|
|
files or in a [VolumeSnapshot](https://kubernetes.io/docs/concepts/storage/volume-snapshots/) (separated from the WAL files that will be still stored in an object storage)
|
|
depending on the backup configuration of the targeted SGCluster.
|
|
After an SGBackup is created the same Job performs a reconciliation of the backups by applying the retention window
|
|
that has been configured in the SGCluster and removing the backups with managed lifecycle and the WAL files older
|
|
than the ones that fit in the retention window. The reconciliation also removes backups (excluding WAL files) that do
|
|
not belongs to any SGBackup (including copies). If the target storage is changed deletion of an SGBackup backups with
|
|
managed lifecycle and the WAL files older than the ones that fit in the retention window and of backups that do not
|
|
belongs to any SGBackup will not be performed anymore on the previous storage, only on the new target storage.
|
|
If the reconciliation of backups fails the backup itself do not fail and will be re-tried the next time a SGBackup
|
|
or shecduled backup Job take place.
|
|
properties:
|
|
metadata:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
maxLength: 56
|
|
pattern: "^[a-z]([-a-z0-9]*[a-z0-9])?$"
|
|
description: |
|
|
Name of the backup. Following [Kubernetes naming conventions](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/identifiers.md), it must be an rfc1035/rfc1123 subdomain, that is, up to 253 characters consisting of one or more lowercase labels separated by `.`. Where each label is an alphanumeric (a-z, and 0-9) string, with the `-` character allowed anywhere except the first or last character.
|
|
|
|
The name must be unique across all StackGres backups in the same namespace.
|
|
spec:
|
|
type: object
|
|
properties:
|
|
sgCluster:
|
|
type: string
|
|
description: |
|
|
The name of the `SGCluster` from which this backup is/will be taken.
|
|
|
|
If this is a copy of an existing completed backup in a different namespace
|
|
the value must be prefixed with the namespace of the source backup and a
|
|
dot `.` (e.g. `<cluster namespace>.<cluster name>`) or have the same value
|
|
if the source backup is also a copy.
|
|
managedLifecycle:
|
|
type: boolean
|
|
description: |
|
|
Indicate if this backup is not permanent and should be removed by the automated
|
|
retention policy. Default is `false`.
|
|
timeout:
|
|
type: integer
|
|
description: |
|
|
Allow to set a timeout for the backup creation.
|
|
|
|
If not set it will be disabled and the backup operation will continue until the backup completes or fail. If set to 0 is the same as not being set.
|
|
|
|
Make sure to set a reasonable high value in order to allow for any unexpected delays during backup creation (network low bandwidth, disk low throughput and so forth).
|
|
reconciliationTimeout:
|
|
type: integer
|
|
default: 300
|
|
description: |
|
|
Allow to set a timeout for the reconciliation process that take place after the backup.
|
|
|
|
If not set defaults to 300 (5 minutes). If set to 0 it will disable timeout.
|
|
|
|
Failure of reconciliation will not make the backup fail and will be re-tried the next time a SGBackup
|
|
or shecduled backup Job take place.
|
|
status:
|
|
type: object
|
|
properties:
|
|
internalName:
|
|
type: string
|
|
description: |
|
|
The name of the backup.
|
|
backupPath:
|
|
type: string
|
|
description: |
|
|
The path were the backup is stored.
|
|
process:
|
|
type: object
|
|
properties:
|
|
status:
|
|
type: string
|
|
description: |
|
|
Status of the backup.
|
|
failure:
|
|
type: string
|
|
description: |
|
|
If the status is `failed` this field will contain a message indicating the failure reason.
|
|
jobPod:
|
|
type: string
|
|
description: |
|
|
Name of the pod assigned to the backup. StackGres utilizes internally a locking mechanism based on the pod name of the job that creates the backup.
|
|
managedLifecycle:
|
|
type: boolean
|
|
description: |
|
|
Status (may be transient) until converging to `spec.managedLifecycle`.
|
|
timing:
|
|
type: object
|
|
properties:
|
|
start:
|
|
type: string
|
|
# format: date-time
|
|
description: |
|
|
Start time of backup.
|
|
end:
|
|
type: string
|
|
# format: date-time
|
|
description: |
|
|
End time of backup.
|
|
stored:
|
|
type: string
|
|
# format: date-time
|
|
description: |
|
|
Time at which the backup is safely stored in the object storage.
|
|
backupInformation:
|
|
type: object
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
description: |
|
|
Hostname of the instance where the backup is taken from.
|
|
sourcePod:
|
|
type: string
|
|
description: |
|
|
Pod where the backup is taken from.
|
|
systemIdentifier:
|
|
type: string
|
|
description: |
|
|
Postgres *system identifier* of the cluster this backup is taken from.
|
|
postgresVersion:
|
|
type: string
|
|
description: |
|
|
Postgres version of the server where the backup is taken from.
|
|
pgData:
|
|
type: string
|
|
description: |
|
|
Data directory where the backup is taken from.
|
|
size:
|
|
type: object
|
|
properties:
|
|
uncompressed:
|
|
type: integer
|
|
format: int64
|
|
description: |
|
|
Size (in bytes) of the uncompressed backup.
|
|
compressed:
|
|
type: integer
|
|
format: int64
|
|
description: |
|
|
Size (in bytes) of the compressed backup.
|
|
lsn:
|
|
type: object
|
|
properties:
|
|
start:
|
|
type: string
|
|
description: |
|
|
LSN of when the backup started.
|
|
end:
|
|
type: string
|
|
description: |
|
|
LSN of when the backup finished.
|
|
startWalFile:
|
|
type: string
|
|
description: |
|
|
WAL segment file name when the backup was started.
|
|
timeline:
|
|
type: string
|
|
description: |
|
|
Backup timeline.
|
|
controlData:
|
|
type: object
|
|
description: |
|
|
An object containing data from the output of pg_controldata on the backup.
|
|
properties:
|
|
pg_control version number:
|
|
type: string
|
|
Catalog version number:
|
|
type: string
|
|
Database system identifier:
|
|
type: string
|
|
Database cluster state:
|
|
type: string
|
|
pg_control last modified:
|
|
type: string
|
|
Latest checkpoint location:
|
|
type: string
|
|
Latest checkpoint's REDO location:
|
|
type: string
|
|
Latest checkpoint's REDO WAL file:
|
|
type: string
|
|
Latest checkpoint's TimeLineID:
|
|
type: string
|
|
Latest checkpoint's PrevTimeLineID:
|
|
type: string
|
|
Latest checkpoint's full_page_writes:
|
|
type: string
|
|
Latest checkpoint's NextXID:
|
|
type: string
|
|
Latest checkpoint's NextOID:
|
|
type: string
|
|
Latest checkpoint's NextMultiXactId:
|
|
type: string
|
|
Latest checkpoint's NextMultiOffset:
|
|
type: string
|
|
Latest checkpoint's oldestXID:
|
|
type: string
|
|
Latest checkpoint's oldestXID's DB:
|
|
type: string
|
|
Latest checkpoint's oldestActiveXID:
|
|
type: string
|
|
Latest checkpoint's oldestMultiXid:
|
|
type: string
|
|
Latest checkpoint's oldestMulti's DB:
|
|
type: string
|
|
"Latest checkpoint's oldestCommitTsXid":
|
|
type: string
|
|
"Latest checkpoint's newestCommitTsXid":
|
|
type: string
|
|
Time of latest checkpoint:
|
|
type: string
|
|
Fake LSN counter for unlogged rels:
|
|
type: string
|
|
Minimum recovery ending location:
|
|
type: string
|
|
Min recovery ending loc's timeline:
|
|
type: string
|
|
Backup start location:
|
|
type: string
|
|
Backup end location:
|
|
type: string
|
|
End-of-backup record required:
|
|
type: string
|
|
wal_level setting:
|
|
type: string
|
|
wal_log_hints setting:
|
|
type: string
|
|
max_connections setting:
|
|
type: string
|
|
max_worker_processes setting:
|
|
type: string
|
|
max_wal_senders setting:
|
|
type: string
|
|
max_prepared_xacts setting:
|
|
type: string
|
|
max_locks_per_xact setting:
|
|
type: string
|
|
track_commit_timestamp setting:
|
|
type: string
|
|
Maximum data alignment:
|
|
type: string
|
|
Database block size:
|
|
type: string
|
|
Blocks per segment of large relation:
|
|
type: string
|
|
WAL block size:
|
|
type: string
|
|
Bytes per WAL segment:
|
|
type: string
|
|
Maximum length of identifiers:
|
|
type: string
|
|
Maximum columns in an index:
|
|
type: string
|
|
Maximum size of a TOAST chunk:
|
|
type: string
|
|
Size of a large-object chunk:
|
|
type: string
|
|
Date/time type storage:
|
|
type: string
|
|
Float4 argument passing:
|
|
type: string
|
|
Float8 argument passing:
|
|
type: string
|
|
Data page checksum version:
|
|
type: string
|
|
Mock authentication nonce:
|
|
type: string
|
|
sgBackupConfig:
|
|
type: object
|
|
description: The backup configuration used to perform this backup.
|
|
properties:
|
|
baseBackups:
|
|
type: object
|
|
description: |
|
|
Back backups configuration.
|
|
properties:
|
|
cronSchedule:
|
|
type: string
|
|
description: |
|
|
Continuous Archiving backups are composed of periodic *base backups* and all the WAL segments produced in between those base backups. This parameter specifies at what time and with what frequency to start performing a new base backup.
|
|
|
|
Use cron syntax (`m h dom mon dow`) for this parameter, i.e., 5 values separated by spaces:
|
|
* `m`: minute, 0 to 59
|
|
* `h`: hour, 0 to 23
|
|
* `dom`: day of month, 1 to 31 (recommended not to set it higher than 28)
|
|
* `mon`: month, 1 to 12
|
|
* `dow`: day of week, 0 to 7 (0 and 7 both represent Sunday)
|
|
|
|
Also ranges of values (`start-end`), the symbol `*` (meaning `first-last`) or even `*/N`, where `N` is a number, meaning every `N`, may be used. All times are UTC. It is recommended to avoid 00:00 as base backup time, to avoid overlapping with any other external operations happening at this time.
|
|
retention:
|
|
type: integer
|
|
minimum: 1
|
|
description: |
|
|
Based on this parameter, an automatic retention policy is defined to delete old base backups.
|
|
This parameter specifies the number of base backups to keep, in a sliding window.
|
|
Consequently, the time range covered by backups is `periodicity*retention`, where `periodicity` is the separation between backups as specified by the `cronSchedule` property.
|
|
|
|
Default is 5.
|
|
compression:
|
|
type: string
|
|
description: |
|
|
Select the backup compression algorithm. Possible options are: lz4, lzma, brotli. The default method is `lz4`. LZ4 is the fastest method, but compression ratio is the worst. LZMA is way slower, but it compresses backups about 6 times better than LZ4. Brotli is a good trade-off between speed and compression ratio, being about 3 times better than LZ4.
|
|
enum: [ lz4, lzma, brotli ]
|
|
performance:
|
|
type: object
|
|
properties:
|
|
maxNetworkBandwitdh:
|
|
type: integer
|
|
description: |
|
|
**Deprecated**: use instead maxNetworkBandwidth.
|
|
|
|
Maximum storage upload bandwidth to be used when storing the backup. In bytes (per second).
|
|
maxDiskBandwitdh:
|
|
type: integer
|
|
description: |
|
|
**Deprecated**: use instead maxDiskBandwidth.
|
|
|
|
Maximum disk read I/O when performing a backup. In bytes (per second).
|
|
maxNetworkBandwidth:
|
|
type: integer
|
|
description: |
|
|
Maximum storage upload bandwidth to be used when storing the backup. In bytes (per second).
|
|
maxDiskBandwidth:
|
|
type: integer
|
|
description: |
|
|
Maximum disk read I/O when performing a backup. In bytes (per second).
|
|
uploadDiskConcurrency:
|
|
type: integer
|
|
minimum: 1
|
|
description: |
|
|
Backup storage may use several concurrent streams to store the data. This parameter configures the number of parallel streams to use to reading from disk. By default, it's set to 1 (use one stream).
|
|
uploadConcurrency:
|
|
type: integer
|
|
minimum: 1
|
|
description: |
|
|
Backup storage may use several concurrent streams to store the data. This parameter configures the number of parallel streams to use. By default, it's set to 1 (use one stream).
|
|
compression:
|
|
type: string
|
|
description: |
|
|
Select the backup compression algorithm. Possible options are: lz4, lzma, brotli. The default method is `lz4`. LZ4 is the fastest method, but compression ratio is the worst. LZMA is way slower, but it compresses backups about 6 times better than LZ4. Brotli is a good trade-off between speed and compression ratio, being about 3 times better than LZ4.
|
|
enum: [lz4, lzma, brotli]
|
|
storage:
|
|
type: object
|
|
description: |
|
|
Backup storage configuration.
|
|
properties:
|
|
type:
|
|
type: string
|
|
enum: [s3, s3Compatible, gcs, azureBlob]
|
|
description: |
|
|
Specifies the type of object storage used for storing the base backups and WAL segments.
|
|
Possible values:
|
|
* `s3`: Amazon Web Services S3 (Simple Storage Service).
|
|
* `s3Compatible`: non-AWS services that implement a compatibility API with AWS S3.
|
|
* `gcs`: Google Cloud Storage.
|
|
* `azureBlob`: Microsoft Azure Blob Storage.
|
|
s3:
|
|
type: object
|
|
description: |
|
|
Amazon Web Services S3 configuration.
|
|
properties:
|
|
bucket:
|
|
type: string
|
|
pattern: ^[^/]+(/[^/]*)*$
|
|
description: |
|
|
AWS S3 bucket name.
|
|
path:
|
|
type: string
|
|
pattern: ^(/[^/]*)*$
|
|
description: |
|
|
Optional path within the S3 bucket. Note that StackGres generates in any case a folder per
|
|
StackGres cluster, using the `SGCluster.metadata.name`.
|
|
region:
|
|
type: string
|
|
description: |
|
|
AWS S3 region. The Region may be detected using s3:GetBucketLocation, but to avoid giving permissions to this API call or forbid it from the applicable IAM policy, this property must be explicitely specified.
|
|
storageClass:
|
|
type: string
|
|
description: |
|
|
[Amazon S3 Storage Class](https://aws.amazon.com/s3/storage-classes/) used for the backup object storage. By default, the `STANDARD` storage class is used. Other supported values include `STANDARD_IA` for Infrequent Access and `REDUCED_REDUNDANCY`.
|
|
awsCredentials:
|
|
type: object
|
|
description: |
|
|
Credentials to access AWS S3 for writing and reading.
|
|
properties:
|
|
secretKeySelectors:
|
|
type: object
|
|
description: |
|
|
Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core)s to reference the Secrets that contain the information about the `awsCredentials`.
|
|
properties:
|
|
accessKeyId:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the AWS Access Key ID secret.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
secretAccessKey:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the AWS Secret Access Key secret.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
required: [accessKeyId, secretAccessKey]
|
|
required: [secretKeySelectors]
|
|
required: [bucket, awsCredentials]
|
|
s3Compatible:
|
|
type: object
|
|
description: AWS S3-Compatible API configuration
|
|
properties:
|
|
bucket:
|
|
type: string
|
|
pattern: ^[^/]+(/[^/]*)*$
|
|
description: |
|
|
Bucket name.
|
|
path:
|
|
type: string
|
|
pattern: ^(/[^/]*)*$
|
|
description: |
|
|
Optional path within the S3 bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the `SGCluster.metadata.name`.
|
|
enablePathStyleAddressing:
|
|
type: boolean
|
|
description: |
|
|
Enable path-style addressing (i.e. `http://s3.amazonaws.com/BUCKET/KEY`) when connecting to an S3-compatible service that lacks support for sub-domain style bucket URLs (i.e. `http://BUCKET.s3.amazonaws.com/KEY`). Defaults to false.
|
|
endpoint:
|
|
type: string
|
|
description: |
|
|
Overrides the default url to connect to an S3-compatible service.
|
|
For example: `http://s3-like-service:9000`.
|
|
region:
|
|
type: string
|
|
description: |
|
|
AWS S3 region. The Region may be detected using s3:GetBucketLocation, but to avoid giving permissions to this API call or forbid it from the applicable IAM policy, this property must be explicitely specified.
|
|
storageClass:
|
|
type: string
|
|
description: |
|
|
[Amazon S3 Storage Class](https://aws.amazon.com/s3/storage-classes/) used for the backup object storage. By default, the `STANDARD` storage class is used. Other supported values include `STANDARD_IA` for Infrequent Access and `REDUCED_REDUNDANCY`.
|
|
awsCredentials:
|
|
type: object
|
|
description: |
|
|
Credentials to access AWS S3 for writing and reading.
|
|
properties:
|
|
secretKeySelectors:
|
|
type: object
|
|
description: |
|
|
A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) to reference the Secrets that contain the information about the `awsCredentials`.
|
|
properties:
|
|
accessKeyId:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the AWS Access Key ID secret.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
secretAccessKey:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the AWS Secret Access Key secret.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
required: [accessKeyId, secretAccessKey]
|
|
required: [secretKeySelectors]
|
|
required: [bucket, awsCredentials]
|
|
gcs:
|
|
type: object
|
|
description: |
|
|
Google Cloud Storage configuration.
|
|
properties:
|
|
bucket:
|
|
type: string
|
|
pattern: ^[^/]+(/[^/]*)*$
|
|
description: |
|
|
GCS bucket name.
|
|
path:
|
|
type: string
|
|
pattern: ^(/[^/]*)*$
|
|
description: |
|
|
Optional path within the GCS bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the `SGCluster.metadata.name`.
|
|
gcpCredentials:
|
|
type: object
|
|
description: |
|
|
Credentials to access GCS for writing and reading.
|
|
properties:
|
|
fetchCredentialsFromMetadataService:
|
|
type: boolean
|
|
description: |
|
|
If true, the credentials will be fetched from the GCE/GKE metadata service and the credentials from `secretKeySelectors` field will not be used.
|
|
|
|
This is useful when running StackGres inside a GKE cluster using [Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity).
|
|
secretKeySelectors:
|
|
type: object
|
|
description: |
|
|
A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) to reference the Secrets that contain the information about the Service Account to access GCS.
|
|
properties:
|
|
serviceAccountJSON:
|
|
type: object
|
|
description: |
|
|
A service account key from GCP. In JSON format, as downloaded from the GCP Console.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
required: [serviceAccountJSON]
|
|
required: [bucket, gcpCredentials]
|
|
azureBlob:
|
|
type: object
|
|
description: |
|
|
Azure Blob Storage configuration.
|
|
properties:
|
|
bucket:
|
|
type: string
|
|
pattern: ^[^/]+(/[^/]*)*$
|
|
description: |
|
|
Azure Blob Storage bucket name.
|
|
path:
|
|
type: string
|
|
pattern: ^(/[^/]*)*$
|
|
description: |
|
|
Optional path within the Azure Blobk bucket. Note that StackGres generates in any case a folder per StackGres cluster, using the `SGCluster.metadata.name`.
|
|
azureCredentials:
|
|
type: object
|
|
description: |
|
|
Credentials to access Azure Blob Storage for writing and reading.
|
|
properties:
|
|
secretKeySelectors:
|
|
type: object
|
|
description: |
|
|
Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core)s to reference the Secrets that contain the information about the `azureCredentials`.
|
|
properties:
|
|
storageAccount:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the name of the storage account.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
accessKey:
|
|
type: object
|
|
description: |
|
|
[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core) containing the primary or secondary access key for the storage account.
|
|
properties:
|
|
key:
|
|
type: string
|
|
description: |
|
|
The key of the secret to select from. Must be a valid secret key.
|
|
name:
|
|
type: string
|
|
description: |
|
|
Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
|
|
required: [key, name]
|
|
required: [storageAccount, accessKey]
|
|
required: [bucket, azureCredentials]
|
|
required: [type]
|
|
required: [storage]
|
|
volumeSnapshot:
|
|
type: object
|
|
description: The volume snapshot configuration used to restore this backup.
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: |
|
|
The volume snapshot used to store this backup.
|
|
backupLabel:
|
|
type: string
|
|
description: |
|
|
The content of `backup_label` column returned by `pg_backup_stop` encoded in Base64
|
|
tablespaceMap:
|
|
type: string
|
|
description: |
|
|
The content of `tablespace_map` column returned by `pg_backup_stop` encoded in Base64
|