feature: cluster configuration backup

Signed-off-by: Maxim Vasilenko <[email protected]>

Author: mvasl

internal/backup/blacklist/blacklist.go

@@ -0,0 +1,39 @@
+package blacklist
+
+import (
+	_ "embed"
+
+	"github.com/samber/lo"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"sigs.k8s.io/yaml"
+)
+
+type Item struct {
+	metav1.TypeMeta
+	metav1.ObjectMeta // Only Name and Namespace are taken into account
+}
+
+//go:embed blacklist.yml
+var rawBlacklist []byte
+var list []Item
+
+func init() {
+	if err := yaml.Unmarshal(rawBlacklist, &list); err != nil {
+		panic(err)
+	}
+}
+
+func List() []Item {
+	return list
+}
+
+func Matches(obj unstructured.Unstructured) bool {
+	_, foundInBlacklist := lo.Find(list, func(item Item) bool {
+		return obj.GetName() == item.Name &&
+			obj.GetKind() == item.Kind &&
+			obj.GetAPIVersion() == item.APIVersion &&
+			obj.GetNamespace() == item.Namespace
+	})
+	return foundInBlacklist
+}

internal/backup/blacklist/blacklist.yml

@@ -0,0 +1,28 @@
+---
+- apiVersion: deckhouse.io/v1
+  kind: NodeGroup
+  name: master
+  namespace: namespaceName
+- apiVersion: deckhouse.io/v1
+  kind: StaticInstance
+  name: master-0
+  namespace: test
+- apiVersion: deckhouse.io/v1
+  kind: StaticInstance
+  name: master-1
+  namespace: namespaceName
+- apiVersion: deckhouse.io/v1
+  kind: StaticInstance
+  name: master-2
+  namespace: namespaceName
+
+---
+namespaceName:
+  deckhouse.io/v1:
+    StaticInstance:
+    - master-0
+    - master-1
+    - master-2
+    NodeGroup:
+    - master
+

internal/backup/cmd/backup.go

@@ -20,6 +20,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/kubectl/pkg/util/templates"
 
+	"github.com/deckhouse/deckhouse-cli/internal/backup/cmd/cluster-config"
 	"github.com/deckhouse/deckhouse-cli/internal/backup/cmd/etcd"
 )
 
@@ -35,8 +36,11 @@ func NewCommand() *cobra.Command {
 		Long:  backupLong,
 	}
 
+	addPersistentFlags(backupCmd.PersistentFlags())
+
 	backupCmd.AddCommand(
 		etcd.NewCommand(),
+		cluster_config.NewCommand(),
 	)
 
 	return backupCmd

internal/backup/cmd/cluster-config/cluster_config.go

@@ -0,0 +1,189 @@
+package cluster_config
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+	"reflect"
+	"runtime"
+	"strings"
+
+	"github.com/samber/lo"
+	"github.com/samber/lo/parallel"
+	"github.com/spf13/cobra"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/dynamic"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/kubectl/pkg/util/templates"
+
+	"github.com/deckhouse/deckhouse-cli/internal/backup/k8s"
+	"github.com/deckhouse/deckhouse-cli/internal/backup/tarball"
+)
+
+// TODO texts
+var clusterConfigLong = templates.LongDesc(`
+Take a snapshot of cluster configuration.
+		
+This command creates a snapshot various resources .
+
+© Flant JSC 2024`)
+
+func NewCommand() *cobra.Command {
+	etcdCmd := &cobra.Command{
+		Use:           "cluster-config <backup-tarball-path>",
+		Short:         "Take a snapshot of cluster configuration",
+		Long:          clusterConfigLong,
+		ValidArgs:     []string{"backup-tarball-path"},
+		SilenceErrors: true,
+		SilenceUsage:  true,
+		// PreRunE: func(cmd *cobra.Command, args []string) error {
+		// 	return validateFlags()
+		// },
+		RunE: backupConfig,
+	}
+
+	addFlags(etcdCmd.Flags())
+	return etcdCmd
+}
+
+type BackupFunc func(
+	kubeCl kubernetes.Interface,
+	dynamicCl dynamic.Interface,
+	namespaces []string,
+) ([]unstructured.Unstructured, error)
+
+func backupConfig(cmd *cobra.Command, args []string) error {
+	if len(args) != 1 {
+		return fmt.Errorf("This command requires exactly 1 argument")
+	}
+
+	// TODO move this to real file when done
+	tarFile, err := os.CreateTemp(".", ".*.d8bkp")
+	if err != nil {
+		return fmt.Errorf("failed to create temp file: %v", err)
+	}
+	defer func(fileName string) {
+		_ = os.Remove(fileName)
+	}(tarFile.Name())
+
+	backup := tarball.NewBackup(tarFile)
+	kubeCl, dynamicCl, err := setupK8sClients(cmd)
+	if err != nil {
+		return fmt.Errorf("setup k8s clients: %w", err)
+	}
+
+	namespaceList, err := kubeCl.CoreV1().Namespaces().List(context.TODO(), metav1.ListOptions{})
+	if err != nil {
+		return fmt.Errorf("Failed to list namespaces: %w", err)
+	}
+	namespaces := lo.Map(namespaceList.Items, func(ns corev1.Namespace, _ int) string {
+		return ns.Name
+	})
+
+	// TODO move this to separate packages
+	backups := []BackupFunc{
+		backupSecrets,
+		backupConfigMaps,
+	}
+
+	parallel.ForEach(backups, func(bf BackupFunc, _ int) {
+		thisFuncName := runtime.FuncForPC(reflect.ValueOf(bf).Pointer()).Name()
+		resources, err := bf(kubeCl, dynamicCl, namespaces)
+		if err != nil {
+			log.Fatalf("%s failed: %v", thisFuncName, err)
+		}
+
+		if err = backup.PutResources(resources); err != nil {
+			log.Fatalf("%s failed: %v", thisFuncName, err)
+		}
+	})
+
+	if err = backup.Close(); err != nil {
+		return fmt.Errorf("close tarball failed: %w", err)
+	}
+	if err = tarFile.Sync(); err != nil {
+		return fmt.Errorf("tarball flush failed: %w", err)
+	}
+	if err = tarFile.Close(); err != nil {
+		return fmt.Errorf("tarball close failed: %w", err)
+	}
+
+	if err = os.Rename(tarFile.Name(), args[0]); err != nil {
+		return fmt.Errorf("write tarball failed: %w", err)
+	}
+
+	return nil
+}
+
+func setupK8sClients(cmd *cobra.Command) (*kubernetes.Clientset, *dynamic.DynamicClient, error) {
+	kubeconfigPath, err := cmd.Flags().GetString("kubeconfig")
+	if err != nil {
+		return nil, nil, fmt.Errorf("Failed to setup Kubernetes client: %w", err)
+	}
+
+	_, kubeCl, err := k8s.SetupK8sClientSet(kubeconfigPath)
+	if err != nil {
+		return nil, nil, fmt.Errorf("Failed to setup Kubernetes client: %w", err)
+	}
+
+	dynamicCl := k8s.SetupDynamicClientFromK8sClientset(kubeCl.RESTClient())
+	return kubeCl, dynamicCl, nil
+}
+
+func backupSecrets(
+	_ kubernetes.Interface,
+	dynamicCl dynamic.Interface,
+	namespaces []string,
+) ([]unstructured.Unstructured, error) {
+	namespaces = lo.Filter(namespaces, func(item string, _ int) bool {
+		return strings.HasPrefix(item, "d8-") || strings.HasPrefix(item, "kube-")
+	})
+
+	secrets := parallel.Map(namespaces, func(namespace string, index int) []unstructured.Unstructured {
+		gvr := schema.GroupVersionResource{
+			Group:    corev1.SchemeGroupVersion.Group,
+			Version:  corev1.SchemeGroupVersion.Version,
+			Resource: "secrets",
+		}
+
+		list, err := dynamicCl.Resource(gvr).Namespace(namespace).List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			log.Fatalf("Failed to list secrets from : %v", err)
+		}
+
+		return list.Items
+	})
+
+	return lo.Flatten(secrets), nil
+}
+
+func backupConfigMaps(
+	_ kubernetes.Interface,
+	dynamicCl dynamic.Interface,
+	namespaces []string,
+) ([]unstructured.Unstructured, error) {
+	namespaces = lo.Filter(namespaces, func(item string, _ int) bool {
+		return strings.HasPrefix(item, "d8-") || strings.HasPrefix(item, "kube-")
+	})
+
+	configmaps := parallel.Map(namespaces, func(namespace string, _ int) []unstructured.Unstructured {
+		gvr := schema.GroupVersionResource{
+			Group:    corev1.SchemeGroupVersion.Group,
+			Version:  corev1.SchemeGroupVersion.Version,
+			Resource: "configmaps",
+		}
+
+		list, err := dynamicCl.Resource(gvr).Namespace(namespace).List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			log.Fatalf("Failed to list configmaps from : %v", err)
+		}
+
+		return list.Items
+	})
+
+	return lo.Flatten(configmaps), nil
+}

internal/backup/cmd/cluster-config/flags.go

@@ -0,0 +1,7 @@
+package cluster_config
+
+import "github.com/spf13/pflag"
+
+func addFlags(flagSet *pflag.FlagSet) {
+
+}

internal/backup/cmd/etcd/etcd.go

@@ -34,9 +34,10 @@ import (
 	"k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 	"k8s.io/client-go/rest"
-	"k8s.io/client-go/tools/clientcmd"
 	"k8s.io/client-go/tools/remotecommand"
 	"k8s.io/kubectl/pkg/util/templates"
+
+	"github.com/deckhouse/deckhouse-cli/internal/backup/k8s"
 )
 
 var etcdLong = templates.LongDesc(`
@@ -55,7 +56,7 @@ func NewCommand() *cobra.Command {
 		SilenceErrors: true,
 		SilenceUsage:  true,
 		PreRunE: func(cmd *cobra.Command, args []string) error {
-			return validateFlags()
+			return validateFlags(cmd)
 		},
 		RunE: etcd,
 	}
@@ -72,19 +73,23 @@ const (
 )
 
 var (
-	kubeconfigPath       string
 	requestedEtcdPodName string
 
 	verboseLog bool
 )
 
-func etcd(_ *cobra.Command, args []string) error {
+func etcd(cmd *cobra.Command, args []string) error {
 	log.SetFlags(log.LstdFlags)
 	if len(args) != 1 {
 		return fmt.Errorf("This command requires exactly 1 argument")
 	}
 
-	config, kubeCl, err := setupK8sClientset(kubeconfigPath)
+	kubeconfigPath, err := cmd.Flags().GetString("kubeconfig")
+	if err != nil {
+		return fmt.Errorf("Failed to setup Kubernetes client: %w", err)
+	}
+
+	config, kubeCl, err := k8s.SetupK8sClientSet(kubeconfigPath)
 	if err != nil {
 		return fmt.Errorf("Failed to setup Kubernetes client: %w", err)
 	}
@@ -234,21 +239,6 @@ func streamCommand(
 	return nil
 }
 
-func setupK8sClientset(kubeconfigPath string) (*rest.Config, *kubernetes.Clientset, error) {
-	config, err := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
-		&clientcmd.ClientConfigLoadingRules{ExplicitPath: kubeconfigPath}, nil).ClientConfig()
-	if err != nil {
-		return nil, nil, fmt.Errorf("Reading kubeconfig file: %w", err)
-	}
-
-	kubeCl, err := kubernetes.NewForConfig(config)
-	if err != nil {
-		return nil, nil, fmt.Errorf("Constructing Kubernetes clientset: %w", err)
-	}
-
-	return config, kubeCl, nil
-}
-
 func findETCDPods(kubeCl kubernetes.Interface) ([]string, error) {
 	if requestedEtcdPodName != "" {
 		if err := checkEtcdPodExistsAndReady(kubeCl, requestedEtcdPodName); err != nil {

internal/backup/cmd/etcd/flags.go

@@ -20,21 +20,11 @@ import (
 	"fmt"
 	"os"
 
+	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
 
 func addFlags(flagSet *pflag.FlagSet) {
-	defaultKubeconfigPath := os.ExpandEnv("$HOME/.kube/config")
-	if p := os.Getenv("KUBECONFIG"); p != "" {
-		defaultKubeconfigPath = p
-	}
-
-	flagSet.StringVarP(
-		&kubeconfigPath,
-		"kubeconfig", "k",
-		defaultKubeconfigPath,
-		"KubeConfig of the cluster. (default is $KUBECONFIG when it is set, $HOME/.kube/config otherwise)",
-	)
 	flagSet.StringVarP(
 		&requestedEtcdPodName,
 		"etcd-pod", "p",
@@ -49,7 +39,12 @@ func addFlags(flagSet *pflag.FlagSet) {
 	)
 }
 
-func validateFlags() error {
+func validateFlags(cmd *cobra.Command) error {
+	kubeconfigPath, err := cmd.Flags().GetString("kubeconfig")
+	if err != nil {
+		return fmt.Errorf("Failed to setup Kubernetes client: %w", err)
+	}
+
 	stats, err := os.Stat(kubeconfigPath)
 	if err != nil {
 		return fmt.Errorf("Invalid --kubeconfig: %w", err)