generated from coulomb/repo-seed
tegwick
8929bf65bc
CloudNativePG Cluster CR (net-kingdom-pg, PostgreSQL 16) with two application databases: keycloak_db (owner: keycloak) and privacyidea_db (owner: privacyidea). Passwords managed continuously via managed.roles. WAL archiving section stubbed and commented; activate when object storage is available. ScheduledBackup CR included (daily 02:00 UTC, 7d retention). Also: sync workplan status for T01 (Phase 0a done), T02 (manifests done), T03 (manifests done, restore drill pending); close NK-WP-0002. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
27 lines
1.0 KiB
YAML
27 lines
1.0 KiB
YAML
# CloudNativePG ScheduledBackup — net-kingdom-pg
|
|
#
|
|
# PREREQUISITE: WAL archiving must be enabled in cluster.yaml (backup.barmanObjectStore
|
|
# section) before this ScheduledBackup will succeed. Uncomment cluster.yaml backup
|
|
# block first, apply it, confirm WAL archiving is healthy, then apply this file.
|
|
#
|
|
# Schedule: daily at 02:00 UTC, keeping 7 daily backups.
|
|
# Adjust schedule and retentionPolicy to match your RPO/RTO requirements.
|
|
#
|
|
# See T03 restore drill procedure in README.md before marking T03 done.
|
|
apiVersion: postgresql.cnpg.io/v1
|
|
kind: ScheduledBackup
|
|
metadata:
|
|
name: net-kingdom-pg-daily
|
|
namespace: databases
|
|
labels:
|
|
app.kubernetes.io/part-of: net-kingdom-sso-mfa
|
|
net-kingdom/component: databases
|
|
spec:
|
|
# Daily at 02:00 UTC
|
|
schedule: "0 0 2 * * *" # CloudNativePG uses Go cron format: seconds minutes hours dom month dow
|
|
backupOwnerReference: self
|
|
cluster:
|
|
name: net-kingdom-pg
|
|
# Immediate: if the schedule is missed (e.g. pod restart), take a backup immediately
|
|
immediate: true
|