A Jenkins job to backup running bitnami Keycloak container in a K8s cluster.
Then it uploads the backup file to an S3 compatible storage (tested with Huawei OBS).
- finds which pod to
exec
into kubectl cp
copies thekeycloak-auto-export-script.sh
script into keycloak containerkubectl exec
into the running keycloak container and runs our scriptkubectl cp
copies the backup file from the keycloak container to the jenkins workspaceaws s3 cp
copies the backup file to an S3 compatible bucket (in this pipeline it's Huawei OBS)- Upload path is:
s3://${S3_BUCKET_NAME}/${CLUSTER_NAME}/${KC_NAMESPACE}/keycloak-backup--${KC_STATEFULSET_NAME}-$(date +%Y-%m-%d--%H-%M).tar
- Upload path is:
- Follow Create kubeconfig for Keycloak Backups to:
- Create ClusterRole, ServiceAccount, ClusterRoleBinding, Secret for sa token
- Create kubeconfig file for the Service Account we just created
- Create a Jenkins credential of type
Secret file
with the kubeconfig file we just created
- Copy the keycloak-auto-export-script.sh and Jenkinsfile to your CICD repo
- Fill in the
environment
in the Jenkinsfile with your valuesKC_EXPORT_SCRIPT_REPO_FILEPATH
: Relative filepath forkeycloak-auto-export-script.sh
script in your repoKC_SERVICE_ACCOUNT_KUBECONFIG_CREDENTIALS_ID
: The Jenkins credential ID of the kubeconfig file we createdCLUSTER_NAME
: Your cluster name (will be used as the backup file name)KC_NAMESPACE
: Keycloak instance namespaceKC_STATEFULSET_NAME
: Keycloak statefulset nameAWS_ACCESS_KEY_ID
: (you should use Jenkins credentials for this)AWS_SECRET_ACCESS_KEY
: (you should use Jenkins credentials for this)S3_BUCKET_NAME
: S3 bucket name