feat: added volume snapshots, scheduled snapshots

Author: bsgrigorov

charts/platform-extensions/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: platform-extensions
 description: Cluster-scoped Kubernetes resources for platform teams (requires cluster-admin)
 type: application
-version: 1.3.0
+version: 1.4.0
 appVersion: "1.0.0"
 kubeVersion: ">=1.22.0-0"
 home: https://github.com/synkube/
@@ -21,6 +21,9 @@ keywords:
   - certificates
   - networking
   - rbac
+  - volume-snapshots
+  - scheduled-snapshots
+  - backup
   - universal
 maintainers:
   - name: bsgrigorov

charts/platform-extensions/README.md

@@ -10,6 +10,8 @@ Manage cluster-wide infrastructure without writing YAML:
 - **ClusterRoles & ClusterRoleBindings** - Cluster RBAC
 - **StorageClasses** - Storage provisioner configs
 - **VolumeSnapshotClasses** - Backup configurations
+- **VolumeSnapshots** - One-off point-in-time backups
+- **ScheduledVolumeSnapshots** - Automated backup schedules
 - **PriorityClasses** - Workload scheduling priorities
 - **ResourceQuotas** - Namespace resource limits
 - **LimitRanges** - Default resource constraints
@@ -70,12 +72,51 @@ clusterIssuers:
               class: nginx
 ```
 
+## Volume Snapshots
+
+### One-off Snapshots
+
+Create manual point-in-time backups:
+
+```yaml
+volumeSnapshots:
+  my-db-backup-jan-2025:
+    namespace: data
+    pvcName: postgres-data
+    volumeSnapshotClassName: standard
+    labels:
+      backup-type: manual
+```
+
+### Scheduled Snapshots
+
+Automated backup schedules (requires `scheduled-volume-snapshotter` operator):
+
+```bash
+# Install the operator first
+helm repo add scheduled-volume-snapshotter https://ryaneorth.github.io/k8s-scheduled-volume-snapshotter
+helm install scheduled-volume-snapshotter scheduled-volume-snapshotter/scheduled-volume-snapshotter -n platform
+```
+
+```yaml
+scheduledVolumeSnapshots:
+  postgres-daily:
+    namespace: data
+    pvcName: postgres-data
+    snapshotClassName: standard
+    snapshotFrequency: 24h   # 30m, 5h, 4d, 1w
+    snapshotRetention: 7d    # how long to keep
+    snapshotLabels:
+      database: postgres
+```
+
 ## Requirements
 
 | Dependency | Required For |
 |------------|--------------|
 | external-secrets-operator | ClusterSecretStores |
 | cert-manager | ClusterIssuers, Certificates |
 | Gateway API CRDs | GatewayClasses, Gateways |
-| snapshot-controller | VolumeSnapshotClasses |
+| snapshot-controller | VolumeSnapshotClasses, VolumeSnapshots |
+| scheduled-volume-snapshotter | ScheduledVolumeSnapshots |
 

charts/platform-extensions/templates/storage/scheduled-volume-snapshots.yaml

@@ -0,0 +1,39 @@
+{{- /*
+ScheduledVolumeSnapshot CRD requires the scheduled-volume-snapshotter operator to be installed.
+Operator: https://github.com/ryaneorth/k8s-scheduled-volume-snapshotter
+Helm Chart: https://artifacthub.io/packages/helm/scheduled-volume-snapshotter/scheduled-volume-snapshotter
+*/ -}}
+{{- if .Values.scheduledVolumeSnapshots }}
+{{- range $name, $svs := .Values.scheduledVolumeSnapshots }}
+---
+apiVersion: k8s.ryanorth.io/v1beta1
+kind: ScheduledVolumeSnapshot
+metadata:
+  name: {{ $name }}
+  namespace: {{ $svs.namespace | default "default" }}
+  labels:
+    {{- include "platform-extensions.labels" $ | nindent 4 }}
+    {{- with $svs.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with $svs.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  persistentVolumeClaimName: {{ $svs.pvcName }}
+  {{- if $svs.snapshotClassName }}
+  snapshotClassName: {{ $svs.snapshotClassName }}
+  {{- end }}
+  {{- /* Frequency: how often to create snapshots (e.g., 30m, 5h, 4d, 1w) */}}
+  snapshotFrequency: {{ $svs.snapshotFrequency | default "24h" }}
+  {{- /* Retention: how long to keep snapshots before deletion (e.g., 30m, 5h, 4d, 1w) */}}
+  snapshotRetention: {{ $svs.snapshotRetention | default "7d" }}
+  {{- if $svs.snapshotLabels }}
+  snapshotLabels:
+    {{- range $key, $value := $svs.snapshotLabels }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
+{{- end }}
+{{- end }}

charts/platform-extensions/templates/storage/volume-snapshots.yaml

@@ -0,0 +1,29 @@
+{{- if .Values.volumeSnapshots }}
+{{- range $name, $vs := .Values.volumeSnapshots }}
+---
+apiVersion: snapshot.storage.k8s.io/v1
+kind: VolumeSnapshot
+metadata:
+  name: {{ $name }}
+  namespace: {{ $vs.namespace | default "default" }}
+  labels:
+    {{- include "platform-extensions.labels" $ | nindent 4 }}
+    {{- with $vs.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with $vs.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if $vs.volumeSnapshotClassName }}
+  volumeSnapshotClassName: {{ $vs.volumeSnapshotClassName }}
+  {{- end }}
+  source:
+    {{- if $vs.pvcName }}
+    persistentVolumeClaimName: {{ $vs.pvcName }}
+    {{- else if $vs.volumeSnapshotContentName }}
+    volumeSnapshotContentName: {{ $vs.volumeSnapshotContentName }}
+    {{- end }}
+{{- end }}
+{{- end }}

charts/platform-extensions/test-values/01-cluster-storage.yaml

@@ -1,5 +1,5 @@
 # Test 1: Cluster Storage Configuration
-# Demonstrates: StorageClasses, VolumeSnapshotClasses, PriorityClasses
+# Demonstrates: StorageClasses, VolumeSnapshotClasses, VolumeSnapshots, ScheduledVolumeSnapshots, PriorityClasses
 
 # Storage Classes for different performance tiers
 storageClasses:
@@ -60,6 +60,60 @@ volumeSnapshotClasses:
     annotations:
       snapshot.storage.kubernetes.io/description: "Long-term retention snapshots"
 
+# One-off Volume Snapshots (manual backups)
+volumeSnapshots:
+  postgres-pre-migration-jan-2025:
+    namespace: data
+    pvcName: postgres-data-pvc
+    volumeSnapshotClassName: standard
+    labels:
+      backup-type: manual
+      database: postgres
+    annotations:
+      description: "Pre-migration snapshot before schema changes"
+
+  redis-backup-jan-31:
+    namespace: cache
+    pvcName: redis-data
+    volumeSnapshotClassName: standard
+    labels:
+      backup-type: manual
+      cache: redis
+
+# Scheduled Volume Snapshots (automated backups)
+# REQUIRES: scheduled-volume-snapshotter operator installed
+# Install: helm install scheduled-volume-snapshotter scheduled-volume-snapshotter/scheduled-volume-snapshotter -n platform
+scheduledVolumeSnapshots:
+  postgres-daily:
+    namespace: data
+    pvcName: postgres-data-pvc
+    snapshotClassName: standard
+    snapshotFrequency: 24h     # Daily snapshots
+    snapshotRetention: 7d      # Keep for 7 days
+    labels:
+      database: postgres
+    snapshotLabels:
+      backup-schedule: daily
+      managed-by: scheduled-volume-snapshotter
+
+  postgres-hourly:
+    namespace: data
+    pvcName: postgres-data-pvc
+    snapshotClassName: standard
+    snapshotFrequency: 1h      # Hourly snapshots
+    snapshotRetention: 24h     # Keep for 24 hours
+    snapshotLabels:
+      backup-schedule: hourly
+      managed-by: scheduled-volume-snapshotter
+
+  redis-every-6h:
+    namespace: cache
+    pvcName: redis-data
+    snapshotFrequency: 6h      # Every 6 hours
+    snapshotRetention: 2d      # Keep for 2 days
+    snapshotLabels:
+      backup-schedule: 6hourly
+
 # Priority Classes for workload scheduling
 priorityClasses:
   platform-critical:

charts/platform-extensions/values.yaml

@@ -140,7 +140,8 @@ storageClasses: {}
 # Volume Snapshot Classes - Backup/restore configuration
 volumeSnapshotClasses: {}
   # standard:
-  #   driver: pd.csi.storage.gke.io
+  #   driver: pd.csi.storage.gke.io       # GKE
+  #   # driver: dobs.csi.digitalocean.com  # DigitalOcean
   #   deletionPolicy: Delete
   #   parameters:
   #     storage-locations: us-central1
@@ -150,6 +151,46 @@ volumeSnapshotClasses: {}
   #   parameters:
   #     storage-locations: us-central1,us-east1
 
+# Volume Snapshots - One-off point-in-time snapshots
+# Creates standard Kubernetes VolumeSnapshot resources
+volumeSnapshots: {}
+  # my-db-snapshot-jan-2025:
+  #   namespace: data
+  #   pvcName: postgres-data
+  #   volumeSnapshotClassName: standard  # optional, uses default if not set
+  #   labels:
+  #     backup-type: manual
+  #     database: postgres
+  #   annotations:
+  #     description: "Pre-migration snapshot"
+  # restore-from-content:
+  #   namespace: data
+  #   volumeSnapshotContentName: imported-snapshot-content  # alternative to pvcName
+
+# Scheduled Volume Snapshots - Automated backup schedules
+# REQUIRES: scheduled-volume-snapshotter operator
+# Install: helm repo add scheduled-volume-snapshotter https://ryaneorth.github.io/k8s-scheduled-volume-snapshotter
+#          helm install scheduled-volume-snapshotter scheduled-volume-snapshotter/scheduled-volume-snapshotter -n platform
+# GitHub: https://github.com/ryaneorth/k8s-scheduled-volume-snapshotter
+scheduledVolumeSnapshots: {}
+  # postgres-daily:
+  #   namespace: data
+  #   pvcName: postgres-data
+  #   snapshotClassName: standard        # optional, uses default VolumeSnapshotClass
+  #   snapshotFrequency: 24h             # how often (30m, 5h, 4d, 1w)
+  #   snapshotRetention: 7d              # how long to keep (30m, 5h, 4d, 1w)
+  #   snapshotLabels:
+  #     database: postgres
+  #     backup-schedule: daily
+  # redis-hourly:
+  #   namespace: cache
+  #   pvcName: redis-data
+  #   snapshotFrequency: 1h
+  #   snapshotRetention: 24h
+  #   snapshotLabels:
+  #     cache: redis
+  #     backup-schedule: hourly
+
 # Priority Classes - Workload scheduling priorities
 priorityClasses: {}
   # system-critical: