Configuration settings for Aerospike Backup Service on Kubernetes
Overview
Aerospike Backup Service (ABS) configuration settings are in the ABS Custom Resource (CR) file. Aerospike Kubernetes Operator (AKO) monitors this CR to deploy and update the backup service.
The AerospikeBackupService Custom Resource Definition (CRD) specifies the CR structure that AKO uses to manage the backup service.
CR examples
CR examples are available in the main Aerospike Kubernetes Operator repository.
Example 1: CR with local storage
This example deploys a simple backup service using local storage.
Example 1
apiVersion: asdb.aerospike.com/v1beta1kind: AerospikeBackupServicemetadata: name: aerospikebackupservice namespace: aerospikespec: image: aerospike/aerospike-backup-service:3.0.0 config: service: http: port: 8081 backup-policies: test-policy: parallel: 3 test-policy1: parallel: 3 storage: local: local-storage: path: /localStorage service: type: ClusterIPExample 2: CR with S3 storage and static S3 credentials
This example deploys a simple backup service with S3 storage.
Example 2
apiVersion: asdb.aerospike.com/v1beta1kind: AerospikeBackupServicemetadata: name: aerospikebackupservice namespace: aerospikespec: image: aerospike/aerospike-backup-service:3.0.0 config: service: http: port: 8081 backup-policies: test-policy: parallel: 3 test-policy1: parallel: 3 storage: s3Storage: s3-storage: bucket: test-bucket s3-region: us-east-1 s3-profile: default secrets: - secretName: aws-secret volumeMount: name: aws-secret mountPath: /root/.aws/credentials subPath: credentials service: type: ClusterIPExample 3: CR with S3 storage and IAM roles for Service Accounts (IRSA)
This example deploys a simple backup service with S3 storage.
Example 3
apiVersion: asdb.aerospike.com/v1beta1kind: AerospikeBackupServicemetadata: name: aerospikebackupservice namespace: aerospikespec: image: aerospike/aerospike-backup-service:3.0.0 config: service: http: port: 8081 backup-policies: test-policy: parallel: 3 test-policy1: parallel: 3 storage: s3Storage: s3-storage: bucket: test-bucket s3-region: us-east-1 service: type: ClusterIPConfiguration
The initial part of the CR file selects the CRD and the namespace to use for the ABS.
apiVersion: asdb.aerospike.com/v1beta1kind: AerospikeBackupServicemetadata: name: aerospikebackupservice namespace: aerospikeThe rest of this page explains the parameters in the subsequent parts of the CR file. See ABS Configuration for a list of all configuration parameters for ABS.
Some parameters are tagged with Rolling restart, which means that they will trigger a rolling restart of backup service pods if changed.
Spec
The spec section defines the configuration parameters for backup service deployment.
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
image Rolling restart | Yes | String | Container image of Aerospike backup service to run. | |
| config | Yes | Structure | Aerospike backup service configuration in freeform YAML format. | |
podSpec Rolling restart | No | Structure | Specify additional configuration for the AerospikeBackupService pod | |
resources Deprecated Rolling restart | No | Structure ResourceRequirements | nil | Configures resource requirements and limits like CPU or memory for the Aerospike backup service container. |
secrets Rolling restart | No | Structure | nil | List of secret to be mounted in the backup service. |
| service | No | Structure | nil | Kubernetes service configuration for the backup service. |
Config
spec -> config
The YAML form of ABS configuration. The following fields can be defined in the ABS configuration:
servicebackup-policiesstoragesecret-agents
Example:
config: service: http: port: 8081 backup-policies: test-policy: parallel: 3 test-policy1: parallel: 3 storage: s3Storage: s3-storage: bucket: test-bucket s3-region: us-east-1 s3-profile: defaultSee ABS configuration file examples for more details.
Pod Spec
spec -> podSpec
Specify additional configuration for the AerospikeBackupService pod.
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
serviceContainer Rolling restart | No | Structure | Configures the backup service container. | |
metadata Rolling restart | No | Structure | Metadata to add to the pod. | |
affinity Rolling restart | No | Kubernetes Pod Affinity | Kubernetes Affinity rules for pod placement. These rules are merged with affinity rules that AKO generates. See the OLM documentation on affinity for examples. | |
tolerations Rolling restart | No | Kubernetes Pod Tolerations | Kubernetes Toleration for Aerospike pod placement. | |
nodeSelector Rolling restart | No | Map of string to string | Node selector constraints for the Aerospike pods. | |
serviceAccountName Rolling restart | No | String | aerospike-backup-service | The name of the ServiceAccount to use to run the backup service pod. |
imagePullSecrets Rolling restart | No | List of LocalObjectReference | List of references to secrets in the same namespace to use for pulling images used by the pod. |
Service Container
podSpec -> serviceContainer
Configures the backup service container.
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
securityContext Rolling restart | No | SecurityContext | Defines the security context for the backup service container. | |
resources Rolling restart | No | ResourceRequirements | Defines the requests and limits for the backup service container. Resources.Limits > Resources.Requests. |
Metadata
podSpec -> metadata
Metadata to add to the pod.
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
annotations Rolling restart | No | Map of string to string | Kubernetes Annotations | |
labels Rolling restart | No | Map of string to string | Kubernetes Labels |
Secrets
spec -> secrets
Configure the secrets and their mount paths to mount the secrets in the container.
| Field | Required | Type | Description |
|---|---|---|---|
secretName Rolling restart | Yes | String | The name of the secret. |
volumeMount Rolling restart | Yes | Structure corev1.VolumeMount | Secret volume mount options. |
Example:
secrets: - secretName: auth-secret volumeMount: name: auth-secret mountPath: /etc/aerospike/secretService
spec -> service
Configure the Kubernetes service for the backup service.
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
| type | Yes | String | ClusterIP | The type of the Kubernetes service. |