K8SPSMDB-1519: add alibaba OSS storage support#2409
Open
pooknull wants to merge 10 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds Alibaba Cloud OSS backup storage support to the Percona Server for MongoDB Operator by extending the CRD/API, wiring OSS into PBM storage configuration and backup/restore controllers, and adding E2E scenarios for both OSS-native and OSS S3-compatible endpoints.
Changes:
- Add a new
ossbackup storage type (API structs + deepcopy + CRD schema) and route it through PBM storage configuration (including S3→OSS compatibility detection for Aliyun endpoints). - Extend backup/restore controllers to accept/use OSS storage, including restore
backupSource.osshandling and OSS-aware backup status destination formatting (oss://). - Add E2E coverage for incremental/physical backups against OSS (native + S3-compatible) and update test harness helpers accordingly.
Reviewed changes
Copilot reviewed 101 out of 101 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/psmdb/statefulset.go | Adds AWS SDK checksum env vars helper and injects env vars for PBM sidecar. |
| pkg/psmdb/backup/pbm.go | Adds OSS storage config builders and OSS handling in GetPBMStorageConfig. |
| pkg/psmdb/backup/pbm_test.go | Adds unit tests for OSS + OSS S3-compat behavior and PBM min-version gating. |
| pkg/naming/gcs.go | Adds OSSCloudEndpointURL constant used for endpoint detection. |
| pkg/controller/perconaservermongodbrestore/psmdb_restore_controller.go | Adds OSS support to restore storage resolution and backup source propagation. |
| pkg/controller/perconaservermongodbrestore/physical.go | Adds PBM version-based flags and injects checksum env vars during physical restore workflow. |
| pkg/controller/perconaservermongodbrestore/physical_test.go | Extends tests to assert checksum env vars are injected. |
| pkg/controller/perconaservermongodbbackup/psmdb_backup_controller.go | Adds OSS storage instantiation for backup finalizer deletion path. |
| pkg/controller/perconaservermongodbbackup/backup.go | Adds OSS destination formatting (oss://bucket/prefix/...) to backup status. |
| pkg/controller/perconaservermongodbbackup/backup_test.go | Adds unit test validating OSS destination formatting. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-nv.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-mongod.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-logrotate.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-hidden.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-nv.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-mongod.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-hidden.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-arbiter.yaml | Updates expected reconciled env vars to include AWS checksum settings. |
| pkg/controller/perconaservermongodb/pbm.go | Adds OSS secret handling for legacy PiTR storage reconciliation and minor formatting changes. |
| pkg/apis/psmdb/v1/zz_generated.deepcopy.go | Adds deepcopy support for newly introduced OSS types. |
| pkg/apis/psmdb/v1/psmdb_types.go | Introduces OSS storage structs/types and adds BackupStorageOSS to enums/spec. |
| pkg/apis/psmdb/v1/perconaservermongodbrestore_types.go | Adds restore validation for backupSource.oss and updates required-fields error message. |
| pkg/apis/psmdb/v1/perconaservermongodbrestore_types_test.go | Adds unit tests for restore backupSource.oss destination scheme validation. |
| pkg/apis/psmdb/v1/perconaservermongodbbackup_types.go | Adds status.oss to backup status schema. |
| e2e-tests/version-service/conf/crd.yaml | Extends embedded CRD schema used by version-service tests to include OSS. |
| e2e-tests/run-release.csv | Adds OSS E2E suites to release test matrix. |
| e2e-tests/run-pr.csv | Adds OSS E2E suites to PR test matrix. |
| e2e-tests/run-distro.csv | Adds OSS E2E suites to distro test matrix. |
| e2e-tests/run-backups.csv | Adds OSS E2E suites to backups test matrix. |
| e2e-tests/functions | Adds OSS helpers (credentials setup, storage field getters) and OSS checks in storage verification. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/run | Adds sharded physical backup/restore E2E for OSS via S3-compatible endpoint. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/conf/some-name-sharded.yml | Adds sharded cluster config for OSS S3-compatible physical backup E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/conf/secrets.yml | Adds test secrets for OSS S3-compatible sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/conf/restore.yml | Adds restore template for OSS S3-compatible sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/conf/backup-oss-s3.yml | Adds backup manifest template for OSS S3-compatible sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/compare/statefulset_some-name-rs0_restore_sharded.yml | Adds expected-statefulset comparison output for sharded restore (k8s). |
| e2e-tests/demand-backup-physical-sharded-oss-s3/compare/statefulset_some-name-rs0_restore_sharded-oc.yml | Adds expected-statefulset comparison output for sharded restore (OpenShift). |
| e2e-tests/demand-backup-physical-sharded-oss-s3/compare/find.json | Adds expected find output for non-sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-sharded-oss-s3/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-sharded-oss-native/run | Adds sharded physical backup/restore E2E for OSS native driver. |
| e2e-tests/demand-backup-physical-sharded-oss-native/conf/some-name-sharded.yml | Adds sharded cluster config for OSS native physical backup E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-native/conf/secrets.yml | Adds test secrets for OSS native sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-native/conf/restore.yml | Adds restore template for OSS native sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-native/conf/backup-oss-native.yml | Adds backup manifest template for OSS native sharded physical E2E. |
| e2e-tests/demand-backup-physical-sharded-oss-native/compare/statefulset_some-name-rs0_restore_sharded.yml | Adds expected-statefulset comparison output for sharded restore (k8s). |
| e2e-tests/demand-backup-physical-sharded-oss-native/compare/statefulset_some-name-rs0_restore_sharded-oc.yml | Adds expected-statefulset comparison output for sharded restore (OpenShift). |
| e2e-tests/demand-backup-physical-sharded-oss-native/compare/find.json | Adds expected find output for non-sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-sharded-oss-native/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-oss-s3/run | Adds non-sharded physical backup/restore E2E for OSS via S3-compatible endpoint. |
| e2e-tests/demand-backup-physical-oss-s3/conf/some-name.yml | Adds non-sharded cluster config for OSS S3-compatible physical E2E. |
| e2e-tests/demand-backup-physical-oss-s3/conf/secrets.yml | Adds test secrets for OSS S3-compatible non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-s3/conf/restore.yml | Adds restore template for OSS S3-compatible non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-s3/conf/backup-oss-s3.yml | Adds backup manifest template for OSS S3-compatible non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-s3/compare/statefulset_some-name-rs0_restore.yml | Adds expected-statefulset comparison output for restore (k8s). |
| e2e-tests/demand-backup-physical-oss-s3/compare/statefulset_some-name-rs0_restore-oc.yml | Adds expected-statefulset comparison output for restore (OpenShift). |
| e2e-tests/demand-backup-physical-oss-s3/compare/find.json | Adds expected find output for non-sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-oss-s3/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-oss-native/run | Adds non-sharded physical backup/restore E2E for OSS native driver. |
| e2e-tests/demand-backup-physical-oss-native/conf/some-name.yml | Adds non-sharded cluster config for OSS native physical E2E. |
| e2e-tests/demand-backup-physical-oss-native/conf/secrets.yml | Adds test secrets for OSS native non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-native/conf/restore.yml | Adds restore template for OSS native non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-native/conf/backup-oss-native.yml | Adds backup manifest template for OSS native non-sharded physical E2E. |
| e2e-tests/demand-backup-physical-oss-native/compare/statefulset_some-name-rs0_restore.yml | Adds expected-statefulset comparison output for restore (k8s). |
| e2e-tests/demand-backup-physical-oss-native/compare/statefulset_some-name-rs0_restore-oc.yml | Adds expected-statefulset comparison output for restore (OpenShift). |
| e2e-tests/demand-backup-physical-oss-native/compare/find.json | Adds expected find output for non-sharded comparisons in this suite. |
| e2e-tests/demand-backup-physical-oss-native/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/run | Adds sharded incremental-base backup/restore E2E for OSS via S3-compatible endpoint. |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/conf/some-name-sharded.yml | Adds sharded cluster config for OSS S3-compatible incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/conf/restore.yml | Adds restore template for OSS S3-compatible sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/conf/backup-oss-s3.yml | Adds backup manifest template for OSS S3-compatible sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/compare/statefulset_some-name-rs0_restore_sharded-oc.yml | Adds expected-statefulset comparison output for sharded restore (OpenShift). |
| e2e-tests/demand-backup-incremental-sharded-oss-s3/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-incremental-sharded-oss-native/run | Adds sharded incremental-base backup/restore E2E for OSS native driver. |
| e2e-tests/demand-backup-incremental-sharded-oss-native/conf/some-name-sharded.yml | Adds sharded cluster config for OSS native incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-native/conf/restore.yml | Adds restore template for OSS native sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-native/conf/backup-oss-native.yml | Adds backup manifest template for OSS native sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-sharded-oss-native/compare/statefulset_some-name-rs0_restore_sharded.yml | Adds expected-statefulset comparison output for sharded restore (k8s). |
| e2e-tests/demand-backup-incremental-sharded-oss-native/compare/statefulset_some-name-rs0_restore_sharded-oc.yml | Adds expected-statefulset comparison output for sharded restore (OpenShift). |
| e2e-tests/demand-backup-incremental-sharded-oss-native/compare/find-sharded.json | Adds expected find output for sharded comparisons in this suite. |
| e2e-tests/demand-backup-incremental-oss-s3/run | Adds non-sharded incremental-base backup/restore E2E for OSS via S3-compatible endpoint. |
| e2e-tests/demand-backup-incremental-oss-s3/conf/some-name.yml | Adds non-sharded cluster config for OSS S3-compatible incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-s3/conf/secrets.yml | Adds test secrets for OSS S3-compatible non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-s3/conf/restore.yml | Adds restore template for OSS S3-compatible non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-s3/conf/backup-oss-s3.yml | Adds backup manifest template for OSS S3-compatible non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-s3/compare/statefulset_some-name-rs0_restore.yml | Adds expected-statefulset comparison output for restore (k8s). |
| e2e-tests/demand-backup-incremental-oss-s3/compare/find.json | Adds expected find output for this suite. |
| e2e-tests/demand-backup-incremental-oss-native/run | Adds non-sharded incremental-base backup/restore E2E for OSS native driver. |
| e2e-tests/demand-backup-incremental-oss-native/conf/some-name.yml | Adds non-sharded cluster config for OSS native incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-native/conf/secrets.yml | Adds test secrets for OSS native non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-native/conf/restore.yml | Adds restore template for OSS native non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-native/conf/backup-oss-native.yml | Adds backup manifest template for OSS native non-sharded incremental E2E. |
| e2e-tests/demand-backup-incremental-oss-native/compare/statefulset_some-name-rs0_restore.yml | Adds expected-statefulset comparison output for restore (k8s). |
| e2e-tests/demand-backup-incremental-oss-native/compare/find.json | Adds expected find output for this suite. |
| deploy/cw-bundle.yaml | Extends CRD bundle schema with OSS storage properties. |
| deploy/crd.yaml | Extends deploy CRD schema with OSS storage properties. |
| deploy/cr.yaml | Adds commented OSS storage example to default CR manifest. |
| deploy/bundle.yaml | Extends bundle CRD schema with OSS storage properties. |
| config/crd/bases/psmdb.percona.com_perconaservermongodbs.yaml | Adds OSS storage schema to main CRD base. |
| config/crd/bases/psmdb.percona.com_perconaservermongodbrestores.yaml | Adds OSS storage schema to restore CRD base. |
| config/crd/bases/psmdb.percona.com_perconaservermongodbbackups.yaml | Adds OSS storage schema to backup CRD base. |
Comments suppressed due to low confidence (4)
pkg/psmdb/statefulset.go:576
- The comment above this block mentions gating on PBM version ("PBM version 2.11.0 and lower"), but the actual condition checks the operator CR version (cr.Spec.CRVersion) via CompareVersion("1.23.0"). This is misleading for future maintenance/troubleshooting.
Consider rewording the comment to match what the code really does (CRVersion gate + aws-sdk checksum workaround).
pkg/controller/perconaservermongodbrestore/physical.go:498
- This comment states the workaround is conditional on PBM version <= 2.11.0, but the code is actually gated by the operator CR version (CompareVersion("1.23.0")). That mismatch makes it hard to understand when/why these env vars are set.
Please update the comment to reflect the real condition (and/or explain why CRVersion is the right proxy here).
deploy/cr.yaml:828
- The commented example for OSS retry settings uses field names from other storages (e.g. numMaxRetries). The actual OSS CRD fields are maxAttempts/maxBackoff/baseDelay (see OSSRetryer json tags). The current example will be confusing and won't validate if uncommented.
# containerSecurityContext:
# privileged: false
# livenessProbe:
# exec:
deploy/cr.yaml:830
- The OSS server-side encryption example uses
sseAlgorithm, but the OSS fields areencryptionMethod,encryptionAlgorithm, andencryptionKeyId. As written, this example won't match the CRD/schema if uncommented.
# command:
# - /bin/true
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| BackupStorageGCS BackupStorageType = "gcs" | ||
| BackupStorageAzure BackupStorageType = "azure" | ||
| BackupStorageMinio BackupStorageType = "minio" | ||
| BackupStorageOSS BackupStorageType = "oss" |
Member
There was a problem hiding this comment.
Maybe its just me, but the name oss doesn't immediately strike as 'Alibaba Object Storage Service' (probably lack of popularity compared to s3/gcs). Can we consider renaming it to something else like alibabaOSS ?
Contributor
There was a problem hiding this comment.
pooknull
requested review from
egegunes,
eleo007,
hors,
jvpasinatto and
valmiranogueira
as code owners
pooknull
requested review from
gkech,
nmarukovich and
oksana-grishchenko
as code owners
Comment on lines
+538
to
+550
| ossConf := &oss.Config{ | ||
| Region: cr.Status.OSS.Region, | ||
| EndpointURL: cr.Status.OSS.EndpointURL, | ||
| Bucket: cr.Status.OSS.Bucket, | ||
| Prefix: cr.Status.OSS.Prefix, | ||
| UploadPartSize: cr.Status.OSS.UploadPartSize, | ||
| MaxUploadParts: cr.Status.OSS.MaxUploadParts, | ||
| ConnectTimeout: cr.Status.OSS.ConnectTimeout.Duration, | ||
| Credentials: oss.Credentials{ | ||
| AccessKeyID: storage.MaskedString(string(ossSecret.Data[backup.OSSAccessKeySecretKey])), | ||
| AccessKeySecret: storage.MaskedString(string(ossSecret.Data[backup.OSSSecretAccessKeySecretKey])), | ||
| }, | ||
| } |
Comment on lines
+590
to
+593
| // Required for backups/restores for OSS if s3 backup type is used on PBM version 2.11.0 and lower | ||
| if cr.CompareVersion("1.23.0") >= 0 { | ||
| c.Env = append(c.Env, AWSSDKChecksumEnvVars()...) | ||
| } |
Comment on lines
+443
to
+446
| // Required for backups/restores for OSS if s3 backup type is used on PBM version 2.11.0 and lower | ||
| if cluster.CompareVersion("1.23.0") >= 0 { | ||
| sts.Spec.Template.Spec.Containers[0].Env = append(sts.Spec.Template.Spec.Containers[0].Env, psmdb.AWSSDKChecksumEnvVars()...) | ||
| } |
Comment on lines
+1352
to
+1357
| type BackupStorageOSSSpec struct { | ||
| Bucket string `json:"bucket,omitempty"` | ||
| Prefix string `json:"prefix,omitempty"` | ||
| CredentialsSecret string `json:"credentialsSecret"` | ||
| EndpointURL string `json:"endpointUrl,omitempty"` | ||
| Region string `json:"region,omitempty"` |
Collaborator
commit: 631b79c |
egegunes
reviewed
Jun 23, 2026
Contributor
There was a problem hiding this comment.
maybe this file should be renamed?
| sts.Spec.Template.Spec.Containers[0].Env = append(sts.Spec.Template.Spec.Containers[0].Env, pbmEnvVars...) | ||
|
|
||
| // Required for backups/restores for OSS if s3 backup type is used on PBM version 2.11.0 and lower | ||
| if cluster.CompareVersion("1.23.0") >= 0 { |
Contributor
There was a problem hiding this comment.
shouldn't we check storage's endpoint url and/or pbm version before adding these?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
https://perconadev.atlassian.net/browse/K8SPSMDB-1519
DESCRIPTION
This PR adds Alibaba OSS backup storage support by introducing an
ossbackup storage type and a newosssection under.spec.backup.storages.<name>:This PR also adds support for using Alibaba OSS through the existing s3 backup storage type.
To support OSS backups through
s3storage with PBM2.11.xand earlier, the following AWS SDK env vars are added to thebackup-agentsidecar container and physical restore sts container:CHECKLIST
Jira
Needs Doc) and QA (Needs QA)?Tests
compare/*-oc.yml)?Config/Logging/Testability