디렉토리 구조 및 각 서비스 추가

2024-01-03 17:29:11 +09:00
parent 98de2a7627
commit d601d0f259
1632 changed files with 207616 additions and 1 deletions
--- a/helm/argo-workflows/Lab/db-backup/bastion-ssh-key.yaml
+++ b/helm/argo-workflows/Lab/db-backup/bastion-ssh-key.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: bastion-ssh-key
+type: Opaque
+data:
+  ssh-key: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUJsd0FBQUFkemMyZ3RjbgpOaEFBQUFBd0VBQVFBQUFZRUE0OXhHTFE5OGEweUFSWkNGdFA2ZFFWWDNlbTlvMEVqeVdCZDVGSTVwN0N6VXJJM0wyRDJ5CkR1ancyU1l0TTRFSU1hYWhPU0FUblBJNDFrTm9CWU85Y3UrZ0FWYzF4cVA4SjkrZm9BUE1WRmZPK0oyZ2pDRUJGYlNwRUwKZmlPNDRQN2NpZWNTWFRGdmxqby9lQndwbEEwTzl3RkxzSnN2eHo0dG9odGlWQnEwSHNkbDZnTmJkTFQrU1VBcDFJbDV3TgpTemdvUTNoS3dJYnhjckFoWlI4S3d6MjNoU1dDTC94NlMyRVlpdmY3WTVxOG8razlBQmJvMHlVMHovZUxrMTlxekpPQ0hLCkFFSlRWQ1Q4TGhMSnc3L1hDYkF6RnNDQnNXWmNVbHVVRDJqL0dMVnVBdURLd3RpRGlJemxmUDRLME04SnYyemtLT0YvRG0KM3gwSTRVT3ZZS2pNaElseUpQb3BvQWErakRVaSt3TDVJT1RiV3Y1VXpCNSswTU1EZVVaVGYyRmo4MTkyTmdTSGx1NnV3RwpKcW5BUUVQMCtpTkpYSFN2NHFZbENMMTNCd1hCbzV6TjBncmNQdGpwdVJOMk5JcHMxSkMrZHh4MUsrQzc3eVdmbVF1anZCCnF0YlI5bFZvQmtMK0xMVlpQRVZQWlgxZlZwRTE1eElFRGJNc2MrWHRBQUFGaVBVQThvYjFBUEtHQUFBQUIzTnphQzF5YzIKRUFBQUdCQU9QY1JpMFBmR3RNZ0VXUWhiVCtuVUZWOTNwdmFOQkk4bGdYZVJTT2Fld3MxS3lOeTlnOXNnN284TmttTFRPQgpDREdtb1RrZ0U1enlPTlpEYUFXRHZYTHZvQUZYTmNhai9DZmZuNkFEekZSWHp2aWRvSXdoQVJXMHFSQzM0anVPRCszSW5uCkVsMHhiNVk2UDNnY0taUU5EdmNCUzdDYkw4YytMYUliWWxRYXRCN0haZW9EVzNTMC9rbEFLZFNKZWNEVXM0S0VONFNzQ0cKOFhLd0lXVWZDc005dDRVbGdpLzhla3RoR0lyMysyT2F2S1BwUFFBVzZOTWxOTS8zaTVOZmFzeVRnaHlnQkNVMVFrL0M0Uwp5Y08vMXdtd014YkFnYkZtWEZKYmxBOW8veGkxYmdMZ3lzTFlnNGlNNVh6K0N0RFBDYjlzNUNqaGZ3NXQ4ZENPRkRyMkNvCnpJU0pjaVQ2S2FBR3ZvdzFJdnNDK1NEazIxcitWTXdlZnREREEzbEdVMzloWS9OZmRqWUVoNWJ1cnNCaWFwd0VCRDlQb2oKU1Z4MHIrS21KUWk5ZHdjRndhT2N6ZElLM0Q3WTZia1RkalNLYk5TUXZuY2NkU3ZndSs4bG41a0xvN3dhclcwZlpWYUFaQwovaXkxV1R4RlQyVjlYMWFSTmVjU0JBMnpMSFBsN1FBQUFBTUJBQUVBQUFHQUoveW5BQTlncVQvU251S2U1RVZ1ZVdISnZWCjNCeWhPVEcreDZuaVhqNXNOelN4alROZzZWcWRJdE9oNWQvbFRkaUVFU3VBQ3VFSFBkajVSaXM5MExxUmp1UG0zOGpQQ0kKTnNNaXN5VVhmWkd2UzZmMTNjR0kvRE1wSERyNDQ3U3BqUFFSQWhBK1BDRGw0SWQxNlIyVjUxU3RtYVc5TFFEcW9WdmdZSwpPbkk1TzlHSVRBbnN5YzFkZHFOZzgrQndVbXZCV04wMUZQNVB1SmNiUUJHRXJiUzZvUUE3aXlZUk53cnJ2S1g5RG05L0xXCnVma2JjR0dVMkVFR1JKelBqTHhJbi9xQmdCdzgzT3VJVDVrSXVxRHhaMEltOHVqS1RxR2UxbG5hakJHMG5yQkNHZEVSczUKUDlGRENWOEY0QkdPZlV5MGNqKyszZjg5U3RoREx2WGFLMzNrY3hpeTI2ZzhaTGQvWWZmVjF1SDBnVlFpNUlRUTVsc0hyWAozMkN4NU9YUEJmeldyNVJXcEw3T0VwUXVMcVJxZzdxU3g4N0t1eU4wUG15bnkzZkwrVUZtbjdjYVhneXhrZWliNExiaGVwClVzekRGYWdBbjE4UU1yNzJob1dyczh2ZklTMTg2eW1XYzFreTE0TzNZMWlDQ0s1VE5BQVB3S3VPSURWNllJbnIvdEFBQUEKd0hWMUhiUHZ0S0w3aHgwM2JYL29tMENSSzh3dXI2dGRJMTJRbVNzRkYrQ0JNQ1FmYUlMTDZaYVhQdDkvVWVDYm5QWnlBZQpkL0tqYVM0cWw3OVdlVHhRY2huK1Frd2V6SGJ1RDZ4WjRqUjV2WEIzc2pmMWlGcEVqVm9mdGtMK2VyT0duZjh0YzB6RTBiCllBTmlvUkpBQUVMUjJZMzlrQXJkOGREQWFmbzVYai82Y0dJUWI5ekpEdzZDb2g5SE03WW5maHdqQkpoQVBic01TUjBNUEsKNHpvTUYrenl5QXM3OVQrME1SUFUwVGV4b1RMY25GTGpPM0VHNHdBMEZ5dTBMOGt3QUFBTUVBODFJRmdMeFVZdTRJblVLbApSN0FmOHh2bnZqM1NNcEhNRURXemNCeDhqL3dNZWNoWjBrMVZwMmZCZzdwdjF1Tll1OXNGbzBvekJXdG0xZy9rcjJDYjVSCkZ6Tnh3eHpBUDg5L3RxZVA3NDVIcjBKamQ4L08yb3pCMThYTThYcVh4ZHpSSkg2dUFGUFI2N0Exby95Szk3dDAyVklqYkgKUnVwY2Z4TlpGeFZmbTF5Y1NBd1Z1N1NLK2FlUlBCbndBQk5mL3Y3Wm4rWWl0T0ozRGlHR3hSNWp4bHZtczIvR3pPNjlEZApsbFQwRGFPNkhPbWIyYTkwY0pucithc01xSGk4THZBQUFBd1FEdnZBTHpQVUhSaWY4K0RvY3VjMnUrdjlta2NyMDNhUkkrCkNoNGdXOFpSSTlmbDBKYkJ0akhwWHRVR3VleExOV0NJUlVtd3FSSnlzRFVSN0MrREVFQWlZRU1PdDZBU2JXTkw0UXgxQ3AKZkRvbTNFdGFPbTUzUTR6QURTdC81NVJtbEUrZWpad09aZEw3bWdKb1l3QmVPRUQvaHJxSXYvOEtmOU0yWW9yQTl1TWp5ZwpQNEpsb1R5V2I0WlhCOEgrUDNrbS9aWWt5ZHpBTUhaTTN4RXZVZXFkNzlIWHlHVW5BRmdSeVdQMUJIZVBmcSt6Z1lFWnVzClBqeU1IZk9manF0T01BQUFBTmNtOXZkRUIwYlhBdGRHVnpkQUVDQXdRRkJnPT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg==
+
--- a/helm/argo-workflows/Lab/db-backup/db-backup-cron.yaml
+++ b/helm/argo-workflows/Lab/db-backup/db-backup-cron.yaml
@@ -0,0 +1,71 @@
+apiVersion: argoproj.io/v1alpha1
+kind: CronWorkflow
+metadata:
+  name: db-backup-cron
+spec:
+  schedule: "0 5 * * *"
+  timezone: "Asia/Seoul"
+  workflowSpec:
+    entrypoint: db-backup
+    templates:
+    - name: db-backup
+      container:
+        image: nexus2.exem-oss.org/dsk-middleware-backup:v2.0
+        env:
+        - name: sh_debug
+          value: ''
+        - name: MASTER_HOST
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: master_host
+        - name: MONGO_MANIFEST_PORT
+          value: '30111'
+        - name: MONGO_DSK_PORT
+          value: '30112'
+        - name: MONGO_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: mongo_username
+        - name: MONGO_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: mongo_password
+        - name: POSTGRES_PORT
+          value: '32098'
+        - name: POSTGRES_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: postgres_username
+        - name: POSTGRES_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: postgres_password
+        - name: S3_BUCKET
+          value: 'dsk-middleware-backup'
+        - name: sse
+          value: 'aws:kms'
+        - name: AWS_DEFAULT_REGION
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_REGION
+        - name: AWS_ACCESS_KEY_ID
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_ACCESS_KEY_ID
+        - name: AWS_SECRET_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_SECRET_ACCESS_KEY
+        - name: kms_arn
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: KMS_ARN
--- a/helm/argo-workflows/Lab/db-backup/db-creds.yaml
+++ b/helm/argo-workflows/Lab/db-backup/db-creds.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-creds
+type: Opaque
+data:
+  master_host: MTcyLjI0LjEyLjExMQ==
+  mongo_username: cm9vdA==
+  mongo_password: bW9uZ28jcGFzcw==
+  postgres_username: cG9zdGdyZXM=
+  postgres_password: cm9vdA==
--- a/helm/argo-workflows/Lab/db-backup/test-workflow.yaml
+++ b/helm/argo-workflows/Lab/db-backup/test-workflow.yaml
@@ -0,0 +1,92 @@
+apiVersion: argoproj.io/v1alpha1
+kind: CronWorkflow
+metadata:
+  name: db-backup-cron
+spec:
+  schedule: "0 5 * * *"
+  timezone: "Asia/Seoul"
+  workflowSpec:
+    entrypoint: db-backup
+    templates:
+    - name: db-backup
+      container:
+        image: nexus2.exem-oss.org/dsk-middleware-backup:v3.0
+        command: ["sh", "-c"]
+        args:
+        - |
+          # SSH 키를 파일로 저장
+          echo -n "$SSH_KEY" > /tmp/id_rsa
+          chmod 600 /tmp/id_rsa
+          cat /tmp/id_rsa 
+          # SSH 터널링 설정
+ 
+          ssh -i /tmp/id_rsa -fN -L $MONGO_MANIFEST_PORT:$MASTER_HOST:$MONGO_MANIFEST_PORT dev2@bastion.kr.datasaker.io -o StrictHostKeyChecking=no &
+          ssh -i /tmp/id_rsa -fN -L $MONGO_DSK_PORT:$MASTER_HOST:$MONGO_DSK_PORT dev2@bastion.kr.datasaker.io -o StrictHostKeyChecking=no &
+          ssh -i /tmp/id_rsa -fN -L $POSTGRES_PORT:$MASTER_HOST:$POSTGRES_PORT dev2@bastion.kr.datasaker.io -o StrictHostKeyChecking=no &
+          chmod +x /backup.sh
+          /backup.sh
+        env:
+        - name: SSH_KEY
+          valueFrom:
+            secretKeyRef:
+              name: bastion-ssh-key
+              key: ssh-key
+        - name: sh_debug
+          value: ''
+        - name: MASTER_HOST
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: master_host
+        - name: MONGO_MANIFEST_PORT
+          value: '30111'
+        - name: MONGO_DSK_PORT
+          value: '30112'
+        - name: MONGO_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: mongo_username
+        - name: MONGO_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: mongo_password
+        - name: POSTGRES_PORT
+          value: '32098'
+        - name: POSTGRES_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: postgres_username
+        - name: POSTGRES_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: db-creds
+              key: postgres_password
+        - name: S3_BUCKET
+          value: 'dsk-middleware-backup'
+        - name: sse
+          value: 'aws:kms'
+        - name: AWS_DEFAULT_REGION
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_REGION
+        - name: AWS_ACCESS_KEY_ID
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_ACCESS_KEY_ID
+        - name: AWS_SECRET_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: AWS_SECRET_ACCESS_KEY
+        - name: kms_arn
+          valueFrom:
+            secretKeyRef:
+              name: aws-creds
+              key: KMS_ARN
+    restartPolicy: OnFailure
+