From 7560156b7b60801003f88c57b811ed9046126848 Mon Sep 17 00:00:00 2001 From: Greg Miller Date: Fri, 13 Jun 2025 12:07:19 +0200 Subject: [PATCH 1/4] dbeaver/dbeaver-devops#1959 Returned COMPOSE_PROJECT_NAME --- compose/cbte/docker-compose.yml | 1 + compose/cbte/podman-compose.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/compose/cbte/docker-compose.yml b/compose/cbte/docker-compose.yml index be8bea0..fecdd49 100644 --- a/compose/cbte/docker-compose.yml +++ b/compose/cbte/docker-compose.yml @@ -19,6 +19,7 @@ services: - 443:8443 environment: - PRODUCT_TYPE=te + - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-dbeaver} - CLOUDBEAVER_WEB_SERVER_PORT=${CLOUDBEAVER_WEB_SERVER_PORT:-8978} networks: - cloudbeaver-te-private-net diff --git a/compose/cbte/podman-compose.yml b/compose/cbte/podman-compose.yml index d4524b3..26b0c6c 100644 --- a/compose/cbte/podman-compose.yml +++ b/compose/cbte/podman-compose.yml @@ -24,6 +24,7 @@ services: - 443:8443 environment: - PRODUCT_TYPE=te + - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-dbeaver} - CLOUDBEAVER_WEB_SERVER_PORT=${CLOUDBEAVER_WEB_SERVER_PORT:-8978} networks: - cloudbeaver-te-private-net From ea2191c82ff0b34749f3637d24821ad65a7e3c8e Mon Sep 17 00:00:00 2001 From: Greg Miller Date: Mon, 16 Jun 2025 18:23:49 +0200 Subject: [PATCH 2/4] dbeaver/dbeaver-devops#1839 Added check for SSL certs has pem format --- k8s/cbte/templates/_tls-checks.tpl | 5 +++++ k8s/cbte/templates/secrets/ingress-cert.yaml | 4 ++++ 2 files changed, 9 insertions(+) create mode 100644 k8s/cbte/templates/_tls-checks.tpl diff --git a/k8s/cbte/templates/_tls-checks.tpl b/k8s/cbte/templates/_tls-checks.tpl new file mode 100644 index 0000000..0c59ad3 --- /dev/null +++ b/k8s/cbte/templates/_tls-checks.tpl @@ -0,0 +1,5 @@ +{{- define "check.pem" -}} +{{- if not (regexMatch .pattern (.content | trim)) }} + {{- fail (printf "TLS file %s is not a valid PEM, check format" .path) }} +{{- end }} +{{- end }} diff --git a/k8s/cbte/templates/secrets/ingress-cert.yaml b/k8s/cbte/templates/secrets/ingress-cert.yaml index e383b9f..802d2c9 100644 --- a/k8s/cbte/templates/secrets/ingress-cert.yaml +++ b/k8s/cbte/templates/secrets/ingress-cert.yaml @@ -12,6 +12,10 @@ {{- fail (printf "Error: TLS is enabled (httpScheme=https), but one or both TLS files (%s, %s) are missing or empty." $chainCertPath $keyCertPath) }} {{- end }} +{{- include "check.pem" (dict "path" $chainCertPath "content" (.Files.Get $chainCertPath) + "pattern" "^-----BEGIN CERTIFICATE-----[\\s\\S]+-----END CERTIFICATE-----$") }} +{{- include "check.pem" (dict "path" $keyCertPath "content" (.Files.Get $keyCertPath) + "pattern" "^-----BEGIN (?:EC |RSA |)?PRIVATE KEY-----[\\s\\S]+-----END (?:EC |RSA |)?PRIVATE KEY-----$") }} --- apiVersion: v1 kind: Secret From 16163ddcb462c6f2d17b99989e7b86dc2cd8878d Mon Sep 17 00:00:00 2001 From: Mikhailov Grigorii <49814763+ggxed@users.noreply.github.com> Date: Mon, 18 Aug 2025 10:17:33 +0100 Subject: [PATCH 3/4] dbeaver/dbeaver-devops#2098 Fixed link for clone repo in AWS EKS doc (#165) --- AWS/ecs-fargate/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/AWS/ecs-fargate/README.md b/AWS/ecs-fargate/README.md index 454c3ef..1a2bf23 100644 --- a/AWS/ecs-fargate/README.md +++ b/AWS/ecs-fargate/README.md @@ -17,7 +17,7 @@ 4. Clone the Git repository to your local machine by running the following command in your terminal: ``` -git clone https://github.com/dbeaver/cloudbeaver-deploy.git +git clone https://github.com/dbeaver/team-edition-deploy.git ``` 5. Choose configuration for your cluster database: - If you plan to use the PostgreSQL internal container: From e31a5d4604e168a72a7bebc3cadcf9a68e051805 Mon Sep 17 00:00:00 2001 From: Nikita Akilov <26031301+n5a5@users.noreply.github.com> Date: Tue, 19 Aug 2025 23:00:29 +0200 Subject: [PATCH 4/4] dbeaver/dbeaver-devops#2080 add backup and restore procedures to k8s docs --- k8s/README.md | 95 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) diff --git a/k8s/README.md b/k8s/README.md index 7c767a4..7cede62 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -12,6 +12,7 @@ - [AWS](../AWS/aws-eks/README.md#aws-volumes-configuration-for-kubernetes-deployment) - [Google Cloud](../GCP/gke/README.md) - [Azure](../Azure/aks/README.md) +- [Backup and Restore](#backup-and-restore) ### Minimum requirements @@ -93,3 +94,97 @@ If you want to use AWS Application Load Balancer as ingress controller, [follow - [AWS](../AWS/aws-eks/README.md#aws-volumes-configuration-for-kubernetes-deployment) - [Google Cloud](../GCP/gke/README.md) - [Azure](../Azure/aks/README.md) + +### Backup and Restore + +To back up your DBeaver Team Edition deployment, you need to preserve both the database and persistent volume data. +The following steps outline how to perform a backup and restore procedure. + +#### Backup Procedure + +1. **Database Backup**: + - **For in-cluster PostgreSQL**: + ```bash + NAMESPACE="default" # Change this to your namespace if different + BACKUP_DB_TARGETS=$(kubectl get pods -n $NAMESPACE --no-headers | awk '{print $1}' | grep 'postgre') + BACKUP_DIR=$(pwd) # Change this to your desired backup directory + kubectl exec -n $NAMESPACE $BACKUP_DB_TARGETS -- pg_dump -U postgres --format=plain -C cloudbeaver > $BACKUP_DIR/dump.sql + ``` + + - **For external or other database types**: Use the appropriate backup command for your database type and ensure proper connectivity + to the database. + +2. **Persistent Volume Backup**: + + Back up workspace data from each service's persistent volume. + + ```bash + BACKUP_CB_TARGETS=$(kubectl get pods -n $NAMESPACE --no-headers | awk '{print $1}' | grep -vE 'zoo|kafka|postgre|clean-up') + for svc in $BACKUP_CB_TARGETS + do + BACKUP_DEST_DIR=$(echo "$svc" | cut -d'-' -f2) + mkdir -p $BACKUP_DIR/$BACKUP_DEST_DIR + kubectl cp -n "$NAMESPACE" "$svc:workspace" "$BACKUP_DIR/$BACKUP_DEST_DIR" && break + done + ``` + +3. **Archive packing**: + + ```bash + tar czf $BACKUP_DIR.tar.gz $BACKUP_DIR/ + ``` + +#### Restore Procedure + +1. **Unpack the backup**: + + Unpack the backup archive to a directory of your choice: + + ```bash + ARCHIVE="" # Path to the backup archive + BACKUP_DIR="backups" # Change this to your backup directory + tar xzf "$ARCHIVE" -C "$BACKUP_DIR" + ``` + +2. **Restore Persistent Volume Data**: + + Restore workspace data to each service's persistent volume. + + ```bash + NAMESPACE="default" # Change this to your namespace if different + BACKUP_CB_TARGETS=$(kubectl -n "$NAMESPACE" get pods --no-headers | awk '{print $1}' | grep -vE 'zoo|kafka|postgre|clean-up') + for svc in $BACKUP_CB_TARGETS; do + DIR=$(echo "$svc" | cut -d '-' -f2) + if ! kubectl cp "$BACKUP_DIR/$DIR/." "$NAMESPACE/$svc:workspace"; then + echo "ERROR: kubectl cp failed for pod $svc" + continue + fi + done + ``` + +3. **Restore Database**: + + - **For in-cluster PostgreSQL**: + ```bash + BACKUP_DB_TARGET=$(kubectl -n "$NAMESPACE" get pods --no-headers | awk '{print $1}' | grep postgre | head -n1) + kubectl exec -n "$NAMESPACE" "$BACKUP_DB_TARGET" -- bash -c 'rm -rf /var/lib/postgresql/data/*' + kubectl delete pod -n "$NAMESPACE" "$BACKUP_DB_TARGET" + kubectl wait --for=condition=Ready -n "$NAMESPACE" pod -l app=db --timeout=180s + NEW_DB_POD=$(kubectl -n "$NAMESPACE" get pods --no-headers | awk '{print $1}' | grep postgre | head -n1) + sleep 10 + DB_USER=$(kubectl get pod "$NEW_DB_POD" -n "$NAMESPACE" -o jsonpath='{.spec.containers[0].env[?(@.name=="POSTGRES_USER")].value}') + DB=$(kubectl get pod "$NEW_DB_POD" -n "$NAMESPACE" -o jsonpath='{.spec.containers[0].env[?(@.name=="POSTGRES_DB")].value}') + kubectl exec -n "$NAMESPACE" -i "$NEW_DB_POD" -- psql -U $DB_USER $DB < "$BACKUP_DIR/dump.sql" + ``` + + - **For external or other database types**: Use the appropriate restore command for your database type while ensuring proper + connectivity to the database. + +4. **Restart Services**: + + Restart the services to ensure they pick up the restored data. + + ```bash + DEPLOYMENTS=$(printf '%s\n' $BACKUP_CB_TARGETS $NEW_DB_POD | awk -F'-' 'BEGIN{OFS="-"}{NF-=2;print}' | sort -u) + kubectl -n "$NAMESPACE" rollout restart deployment $DEPLOYMENTS + ```