Containerized Benji

Images

benji

This image is based on CentOS 7 but uses the newer Python versions provided by IUS. It includes Benji and its dependencies. Ceph support is also present.

The Benji configuration should be put into /etc/benji/benji.yaml. Either by inheriting from this image and overwriting it or by mounting it directly into the container. By default a minimal test configuration is provided by the image.

The default Docker entry point is just /bin/bash.

One use case for this image is for testing Benji:

docker run --interactive --tty --rm elementalnet/benji

After that you can directly proceed with step 1 of the instructions in section Quick Start.

The second use case would be to get some real work done without directly installing Benji on the host. A series of scripts to facilitate the calling of Benji are provided under /scripts inside the container. They can also be found in the scripts directory of the source distribution. For an example of how to use these scripts please see images/benji-k8s/scripts/benji-backup-pvc.

benji-k8s

This image is directly derived from the benji image above. It includes a framework to do periodic backups of Kubernetes persistent volumes backed by Ceph RBD. To access Kubernetes kubectl is used.

When the image is started a regular crond is launched. All periodic actions can be configured via /benji/etc/crontab. By default this file is empty but here is one possible example:

PROM_PUSH_GATEWAY=:9091
BENJI_INSTANCE:-benji-k8s
00  * * * * root benji-backup-pvc --all-namespaces -l 'release in (prod)'
03  * * * * root benji-backup-pvc --namespace staging
00 04 * * * root benji-command enforce latest3,hours24,days30,months3 'labels["benji-backup.me/instance"] == "benji-k8s"'
00 05 * * * root benji-command cleanup
30 05 * * * root benji-versions-status
00 06 * * * root benji-command batch-deep-scrub --version-percentage 10 --block-percentage 33 'labels["benji-backup.me/instance"] == "benji-k8s"'

When the environment variables PROM_PUSH_GATEWAY and BENJI_INSTANCE are not set, they default to the above listed values.

The backup script benji-backup-pvc first searches for PersistemtVolumeClaims matching the selector supplied on the command line. Direct backups of PersistentVolumes are currently not supported by this script.

benji-command enforce should be called regularly to expire old backup versions. Also benji-command cleanup needs to be executed once in a while to actually remove blocks that are no longer used from the storages.

At the end of each command related Prometheus metrics are pushed to the configured pushgateway. If PROM_PUSH_GATEWAY is not set, this step is skipped.

The backup script uses Ceph’s and Benji’s differential backup features if possible. Normally only the initial backup is a full backup. RBD snapshots names are generated with a prefix of b-.

Helm Charts

Helm charts are the preferred way to deploy the benji-k8s image.

benji-k8s

Benji includes a Helm chart to use the Docker image of the same name. It consists of a Deployment and supporting resources and assumes that you have RBAC in place. The deployment is composed a two containers: One running the benji-k8s Docker image and another one running a Prometheus pushgateway. These can be scraped by a Prometheus server and the Pod generated by the Deployment has annotations so that it can be detected automatically:

annotations:
  prometheus.io/port: "{{ .Values.pushgateway.port }}"
  prometheus.io/scrape: "true"

Note

The deployed resources create a service account which has the right to get, list and watch all PersistentVolume, PersistentVolumeClaim, Storageclasses and Pod resources in all namespaces. Additionally it is able to create Events.