-
Notifications
You must be signed in to change notification settings - Fork 0
/
kubernetes-cronjob.yaml
91 lines (90 loc) · 2.84 KB
/
kubernetes-cronjob.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
---
apiVersion: v1
kind: Secret
metadata:
name: azure-snapshots-copy-script-credentails
namespace: velero
type: Opaque
data:
AZURE_SUBSCRIPTION_ID: RFVNTVk=
AZURE_RESOURCE_GROUP: RFVNTVk=
AZURE_CLIENT_ID: RFVNTVk=
CLIENT_SECRET: RFVNTVk=
AZURE_TENANT_ID: RFVNTVk=
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: azure-snapshots-copy
namespace: velero
spec:
schedule: "* 6 * * *"
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 1
jobTemplate:
spec:
backoffLimit: 0
spec:
containers:
- name: app
image: your-docker-image:your-tag
env:
- name: RESOURCE_GROUP
value: my-nodepool
- name: DESTINATION_REGION
value: "Germany North"
- name: DESTINATION_RESOURCE_GROUP
valueFrom:
secretKeyRef:
key: AZURE_RESOURCE_GROUP
name: azure-snapshots-copy-script-credentails
- name: SUBSCRIPTION_ID
valueFrom:
secretKeyRef:
key: AZURE_SUBSCRIPTION_ID
name: azure-snapshots-copy-script-credentails
- name: CLIENT_ID
valueFrom:
secretKeyRef:
key: AZURE_CLIENT_ID
name: azure-snapshots-copy-script-credentails
- name: CLIENT_SECRET
valueFrom:
secretKeyRef:
key: AZURE_CLIENT_SECRET
name: azure-snapshots-copy-script-credentails
- name: TENANT_ID
valueFrom:
secretKeyRef:
key: AZURE_TENANT_ID
name: azure-snapshots-copy-script-credentails
command:
- /bin/sh
- -ce
- python3 /app/src/azure-snapshots-copy.py
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ALL]
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
resources:
requests:
memory: "100Mi"
cpu: "50m"
limits:
memory: "100Mi"
dnsPolicy: ClusterFirst
restartPolicy: Never
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001