From bc81921bd7e0b7ad3b0d477bde350692f91baedd Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Tue, 19 Jan 2021 17:58:08 +0100 Subject: [PATCH 1/6] Cockroach backups. Still defunct. Restore to come (or be manual). --- docker-compose.yml | 24 ++++++++++++++-- docker/cockroach-backup/scripts/serve.py | 35 ++++++++++++++++++++++++ scripts/crdb_backup.sh | 10 +++++++ 3 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 docker/cockroach-backup/scripts/serve.py create mode 100644 scripts/crdb_backup.sh diff --git a/docker-compose.yml b/docker-compose.yml index 04b14e17..2f9985e1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -294,7 +294,7 @@ services: ipv4_address: 10.10.10.83 cockroach: - image: cockroachdb/cockroach:v20.1.10 + image: cockroachdb/cockroach:v20.2.3 container_name: cockroach env_file: - .env @@ -303,8 +303,28 @@ services: - ./docker/data/cockroach/sqlite:/cockroach/cockroach-data - ./docker/cockroach/certs:/certs ports: - - "4080:8080" + - "4080:8080" # TODO Remove this once the setup is finalized. - "26257:26257" networks: shared: ipv4_address: 10.10.10.84 + + # This container starts a simple unsecured file server, so cockroach can write + # its backups to it. By default, python's http-server doesn't support PUT, + # see https://gist.github.com/mildred/67d22d7289ae8f16cae7 for the script + # used here. + cockroach-backup: + image: python:3.9-buster + container_name: cockroach-backup + command: python /scripts/serve.py --bind=0.0.0.0:3000 + volumes: + - ./docker/cockroach-backup/scripts:/scripts + - ./docker/data/cockroach/sqlite:/cockroach + expose: + - 3000 + networks: + shared: + ipv4_address: 10.10.10.85 + + +# TODO https://www.cockroachlabs.com/docs/v20.2/create-schedule-for-backup diff --git a/docker/cockroach-backup/scripts/serve.py b/docker/cockroach-backup/scripts/serve.py new file mode 100644 index 00000000..ed8adda2 --- /dev/null +++ b/docker/cockroach-backup/scripts/serve.py @@ -0,0 +1,35 @@ +#!/usr/bin/env python + +import argparse +import http.server +import os + +class HTTPRequestHandler(http.server.SimpleHTTPRequestHandler): + def do_PUT(self): + path = self.translate_path(self.path) + if path.endswith('/'): + self.send_response(405, "Method Not Allowed") + self.wfile.write("PUT not allowed on a directory\n".encode()) + return + else: + try: + os.makedirs(os.path.dirname(path)) + except FileExistsError: pass + length = int(self.headers['Content-Length']) + with open(path, 'wb') as f: + f.write(self.rfile.read(length)) + self.send_response(201, "Created") + self.end_headers() + +if __name__ == '__main__': + parser = argparse.ArgumentParser() + parser.add_argument('--bind', '-b', default='0.0.0.0', metavar='ADDRESS', + help='Specify alternate bind address ' + '[default: all interfaces]') + parser.add_argument('port', action='store', + default=3000, type=int, + nargs='?', + help='Specify alternate port [default: 3000]') + args = parser.parse_args() + + http.server.test(HandlerClass=HTTPRequestHandler, port=args.port, bind=args.bind) diff --git a/scripts/crdb_backup.sh b/scripts/crdb_backup.sh new file mode 100644 index 00000000..8679aa34 --- /dev/null +++ b/scripts/crdb_backup.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Take the current datetime: +DT=`date +%Y-%m-%d` +# Create the backup: +docker exec cockroach \ + cockroach sql \ + --host cockroach:26257 \ + --certs-dir=/certs \ + --execute="BACKUP TO 'http://cockroach-backup:3000/cockroach/backups/$DT';" From a05555f93e2252bfbf34889a46bbb0259b68adeb Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 20 Jan 2021 13:17:24 +0100 Subject: [PATCH 2/6] Backup to S3. --- scripts/crdb_backup.sh | 2 +- scripts/crdb_restore.sh | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 scripts/crdb_restore.sh diff --git a/scripts/crdb_backup.sh b/scripts/crdb_backup.sh index 8679aa34..9e928160 100644 --- a/scripts/crdb_backup.sh +++ b/scripts/crdb_backup.sh @@ -7,4 +7,4 @@ docker exec cockroach \ cockroach sql \ --host cockroach:26257 \ --certs-dir=/certs \ - --execute="BACKUP TO 'http://cockroach-backup:3000/cockroach/backups/$DT';" + --execute="BACKUP TO 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_KET';" diff --git a/scripts/crdb_restore.sh b/scripts/crdb_restore.sh new file mode 100644 index 00000000..b78b0061 --- /dev/null +++ b/scripts/crdb_restore.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +BACKUP=$1 +if [[ $BACKUP == "" ]]; then + echo "No backup name given. It should look like '2020-01-29'." + exit 1 +fi + +docker exec cockroach \ + cockroach sql \ + --host cockroach:26257 \ + --certs-dir=/certs \ + --execute="RESTORE DATABASE defaultdb FROM 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_KET';" From feab19266e10359d01f23b4906ae033cde82d83a Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 20 Jan 2021 14:06:15 +0100 Subject: [PATCH 3/6] Remove the obsolete python fileserver container. --- docker-compose.yml | 20 -------------- docker/cockroach-backup/scripts/serve.py | 35 ------------------------ 2 files changed, 55 deletions(-) delete mode 100644 docker/cockroach-backup/scripts/serve.py diff --git a/docker-compose.yml b/docker-compose.yml index 2f9985e1..0bcc7603 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -308,23 +308,3 @@ services: networks: shared: ipv4_address: 10.10.10.84 - - # This container starts a simple unsecured file server, so cockroach can write - # its backups to it. By default, python's http-server doesn't support PUT, - # see https://gist.github.com/mildred/67d22d7289ae8f16cae7 for the script - # used here. - cockroach-backup: - image: python:3.9-buster - container_name: cockroach-backup - command: python /scripts/serve.py --bind=0.0.0.0:3000 - volumes: - - ./docker/cockroach-backup/scripts:/scripts - - ./docker/data/cockroach/sqlite:/cockroach - expose: - - 3000 - networks: - shared: - ipv4_address: 10.10.10.85 - - -# TODO https://www.cockroachlabs.com/docs/v20.2/create-schedule-for-backup diff --git a/docker/cockroach-backup/scripts/serve.py b/docker/cockroach-backup/scripts/serve.py deleted file mode 100644 index ed8adda2..00000000 --- a/docker/cockroach-backup/scripts/serve.py +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/env python - -import argparse -import http.server -import os - -class HTTPRequestHandler(http.server.SimpleHTTPRequestHandler): - def do_PUT(self): - path = self.translate_path(self.path) - if path.endswith('/'): - self.send_response(405, "Method Not Allowed") - self.wfile.write("PUT not allowed on a directory\n".encode()) - return - else: - try: - os.makedirs(os.path.dirname(path)) - except FileExistsError: pass - length = int(self.headers['Content-Length']) - with open(path, 'wb') as f: - f.write(self.rfile.read(length)) - self.send_response(201, "Created") - self.end_headers() - -if __name__ == '__main__': - parser = argparse.ArgumentParser() - parser.add_argument('--bind', '-b', default='0.0.0.0', metavar='ADDRESS', - help='Specify alternate bind address ' - '[default: all interfaces]') - parser.add_argument('port', action='store', - default=3000, type=int, - nargs='?', - help='Specify alternate port [default: 3000]') - args = parser.parse_args() - - http.server.test(HandlerClass=HTTPRequestHandler, port=args.port, bind=args.bind) From 4b8dfd5d26742908c65d1268ac151a663bc6ba63 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 20 Jan 2021 14:46:48 +0100 Subject: [PATCH 4/6] Grab the credentials from the .env file. --- scripts/crdb_backup.sh | 8 +++++++- scripts/crdb_restore.sh | 7 ++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/scripts/crdb_backup.sh b/scripts/crdb_backup.sh index 9e928160..eb87dcdb 100644 --- a/scripts/crdb_backup.sh +++ b/scripts/crdb_backup.sh @@ -1,5 +1,11 @@ #!/bin/bash +# Take the current datetime: +DT=`date +%Y-%m-%d` +# Set the environment: +set -o allexport +source ../.env +set +o allexport # Take the current datetime: DT=`date +%Y-%m-%d` # Create the backup: @@ -7,4 +13,4 @@ docker exec cockroach \ cockroach sql \ --host cockroach:26257 \ --certs-dir=/certs \ - --execute="BACKUP TO 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_KET';" + --execute="BACKUP TO 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY';" diff --git a/scripts/crdb_restore.sh b/scripts/crdb_restore.sh index b78b0061..4892201e 100644 --- a/scripts/crdb_restore.sh +++ b/scripts/crdb_restore.sh @@ -6,8 +6,13 @@ if [[ $BACKUP == "" ]]; then exit 1 fi +# Set the environment: +set -o allexport +source ../.env +set +o allexport +# Restore the backup: docker exec cockroach \ cockroach sql \ --host cockroach:26257 \ --certs-dir=/certs \ - --execute="RESTORE DATABASE defaultdb FROM 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_KET';" + --execute="RESTORE DATABASE defaultdb FROM 's3://skynet-crdb-backups/backups/$DT?AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID&AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY';" From 6dbb07abcb703bbea83cca4faa9a5e909ec6dbdf Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 20 Jan 2021 14:58:44 +0100 Subject: [PATCH 5/6] Clean up. --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 0bcc7603..0c417c64 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -303,7 +303,7 @@ services: - ./docker/data/cockroach/sqlite:/cockroach/cockroach-data - ./docker/cockroach/certs:/certs ports: - - "4080:8080" # TODO Remove this once the setup is finalized. + - "4080:8080" - "26257:26257" networks: shared: From 6a59245264e87a1ec694c27d6463d95c1429bb63 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 20 Jan 2021 15:27:12 +0100 Subject: [PATCH 6/6] Address PR comments. --- scripts/crdb_backup.sh | 11 ++++++++--- scripts/crdb_restore.sh | 9 ++++++++- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/scripts/crdb_backup.sh b/scripts/crdb_backup.sh index eb87dcdb..9ec34498 100644 --- a/scripts/crdb_backup.sh +++ b/scripts/crdb_backup.sh @@ -1,11 +1,16 @@ #!/bin/bash -# Take the current datetime: -DT=`date +%Y-%m-%d` +# Get current working directory (pwd doesn't cut it) +cwd=$(cd -P -- "$(dirname -- "$0")" && pwd -P) # Set the environment: set -o allexport -source ../.env +source $cwd/../.env set +o allexport +# Check for AWS credentials: +if [[ $AWS_ACCESS_KEY_ID == "" || $AWS_SECRET_ACCESS_KEY == "" ]]; then + echo "Missing AWS credentials!" + exit 1 +fi # Take the current datetime: DT=`date +%Y-%m-%d` # Create the backup: diff --git a/scripts/crdb_restore.sh b/scripts/crdb_restore.sh index 4892201e..f76114d1 100644 --- a/scripts/crdb_restore.sh +++ b/scripts/crdb_restore.sh @@ -6,10 +6,17 @@ if [[ $BACKUP == "" ]]; then exit 1 fi +# Get current working directory (pwd doesn't cut it) +cwd=$(cd -P -- "$(dirname -- "$0")" && pwd -P) # Set the environment: set -o allexport -source ../.env +source $cwd/../.env set +o allexport +# Check for AWS credentials: +if [[ $AWS_ACCESS_KEY_ID == "" || $AWS_SECRET_ACCESS_KEY == "" ]]; then + echo "Missing AWS credentials!" + exit 1 +fi # Restore the backup: docker exec cockroach \ cockroach sql \