diff --git a/backup/neo4j5-backup-job.yaml b/backup/neo4j5-backup-job.yaml new file mode 100644 index 0000000..222a77b --- /dev/null +++ b/backup/neo4j5-backup-job.yaml @@ -0,0 +1,35 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: neo4j-backup + namespace: neo4j-backup + labels: + app.kubernetes.io/name: neo4j-backup + app.kubernetes.io/instance: neo4j-backup +spec: + # toggle for suspending backup of the database + # suspend: true + # run backup - daily at 2AM + schedule: '0 2 * * *' + failedJobsHistoryLimit: 1 + successfulJobsHistoryLimit: 0 + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: neo4j-backup + image: bitnami/bitnami-shell:11-debian-11 + imagePullPolicy: Always + # use Neo4j http API to send a backup query that writes a backup to filesystem + # curl -d '{"statements": [ { "statement" : "WITH \"backup.graphml\" AS filename CALL apoc.export.graphml.all(filename, {useTypes:TRUE, storeNodeIds:FALSE}) YIELD file RETURN file;" } ]}' -H "Authorization: Basic bmVvNGo6MTIzNDU2Nzg=" -H "Content-Type: application/json" -X POST http://192.168.49.2:30047/db/neo4j/tx/commit + command: [ '/bin/bash' ,'-c', ' curl -d ''{"statements": [ { "statement" : "WITH \"backup.graphml\" AS filename CALL apoc.export.graphml.all(filename, {useTypes:TRUE, storeNodeIds:FALSE}) YIELD file RETURN file;" } ]}'' -H "Authorization: Basic bmVvNGo6MTIzNDU2Nzg=" -H "Content-Type: application/json" -X POST "http://192.168.49.2:30047/db/neo4j/tx/commit" ' ] + resources: + limits: + cpu: 500m # 1/2 cpu + memory: 500Mi + requests: + cpu: 50m # 1/20 cpu + memory: 500Mi diff --git a/backup/neo4j5-deployment-backup.yaml b/backup/neo4j5-deployment-backup.yaml new file mode 100644 index 0000000..b3efc47 --- /dev/null +++ b/backup/neo4j5-deployment-backup.yaml @@ -0,0 +1,89 @@ +--- +apiVersion: v1 +kind: Service +metadata: + namespace: neo4j-backup + name: neo4j-service +spec: + type: NodePort + ports: + - port: 7474 + name: neo4j-backup + nodePort: 30047 + - port: 7687 + name: bolt-backup + nodePort: 30078 + selector: + app.kubernetes.io/name: neo4j-database +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + namespace: neo4j-backup + name: neo4j-database + labels: &LABELS + app.kubernetes.io/name: neo4j-database + app.kubernetes.io/component: database +spec: + selector: + matchLabels: + app.kubernetes.io/name: neo4j-database + serviceName: neo4j-service + replicas: 1 + template: + metadata: + labels: *LABELS + spec: + initContainers: + # use init container to copy APOC to plugins directory + - name: neo4j-apoc-init + image: neo4j:5.12.0 + command: [ '/bin/sh', '-c', 'cp -v /var/lib/neo4j/labs/apoc-5.12.0-core.jar /var/lib/neo4j/plugins/apoc-5.12.0-core.jar' ] + volumeMounts: + - name: neo4j-plugins + mountPath: /var/lib/neo4j/plugins + containers: + - name: neo4j + image: neo4j:5.12.0 + ports: + - containerPort: 7474 + name: neo4j-backup + - containerPort: 7687 + name: bolt-backup + envFrom: + - secretRef: + name: neo4j-secret + env: + - name: NEO4J_dbms_security_procedures_allowlist + value: 'apoc.export.graphml.*,apoc.import.graphml' + - name: NEO4J_apoc_export_file_enabled + value: 'true' + - name: NEO4J_apoc_import_file_enabled + value: 'true' + - name: NEO4J_server_config_strict__validation_enabled + value: 'false' + volumeMounts: + - name: neo4j-data + mountPath: /data + - name: neo4j-backup + mountPath: /var/lib/neo4j/backup + - name: neo4j-plugins + mountPath: /var/lib/neo4j/plugins + resources: + limits: + cpu: 1000m # 2 cpu + memory: 2Gi + requests: + cpu: 50m # 1/20 cpu + memory: 1Gi + volumes: + - name: neo4j-plugins + persistentVolumeClaim: + claimName: neo4j5-backup-neo4j-plugins + - name: neo4j-data + persistentVolumeClaim: + claimName: neo4j5-backup-neo4j-data + - name: neo4j-backup + persistentVolumeClaim: + claimName: neo4j5-backup-neo4j-backup + diff --git a/backup/neo4j5-secret-backup.yaml b/backup/neo4j5-secret-backup.yaml new file mode 100644 index 0000000..5ca0c7c --- /dev/null +++ b/backup/neo4j5-secret-backup.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: neo4j-secret + namespace: neo4j-backup +# NEO4J_AUTH being username/password -needed for DB-Startup +data: + NEO4J_AUTH: bmVvNGovMTIzNDU2Nzg= #neo4j/12345678 + NEO4J_SERVER_PASSWORD: MTIzNDU2Nzg= #12345678 + NEO4J_SERVER_USER: bmVvNGo= #neo4j +type: Opaque +