# Longhorn Storage Templates # Persistent volume configurations with backup labels apiVersion: v1 kind: PersistentVolumeClaim metadata: name: app-storage-pvc namespace: app-namespace labels: # S3 backup inclusion labels recurring-job.longhorn.io/backup: enabled recurring-job-group.longhorn.io/backup: enabled spec: accessModes: - ReadWriteMany # Default for applications that may scale horizontally # Use ReadWriteOnce for: # - Single-instance applications (databases, stateful apps) # - CloudNativePG (manages its own storage replication) # - Applications with file locking requirements storageClassName: longhorn-retain # Data preservation on deletion resources: requests: storage: 10Gi --- # Longhorn StorageClass with retain policy apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: longhorn-retain provisioner: driver.longhorn.io allowVolumeExpansion: true reclaimPolicy: Retain # Preserves data on PVC deletion volumeBindingMode: Immediate parameters: numberOfReplicas: "2" # 2-replica redundancy staleReplicaTimeout: "2880" # 48 hours fromBackup: "" fsType: "xfs" dataLocality: "disabled" # Allow cross-node placement --- # Longhorn Backup Target Configuration apiVersion: v1 kind: Secret metadata: name: longhorn-backup-target namespace: longhorn-system type: Opaque data: # Backblaze B2 credentials (base64 encoded, encrypted by SOPS) AWS_ACCESS_KEY_ID: base64-encoded-key-id AWS_SECRET_ACCESS_KEY: base64-encoded-secret-key AWS_ENDPOINTS: aHR0cHM6Ly9zMy5ldS1jZW50cmFsLTAwMy5iYWNrYmxhemViMi5jb20= # Base64: https://s3.eu-central-003.backblazeb2.com --- # Longhorn RecurringJob for S3 Backup apiVersion: longhorn.io/v1beta2 kind: RecurringJob metadata: name: backup-to-s3 namespace: longhorn-system spec: cron: "0 2 * * *" # Daily at 2 AM task: "backup" groups: - backup retain: 7 # Keep 7 daily backups concurrency: 2 # Concurrent backup jobs labels: recurring-job: backup-to-s3 --- # Volume labeling example for backup inclusion apiVersion: v1 kind: PersistentVolume metadata: name: example-pv labels: # These labels ensure volume is included in S3 backup jobs recurring-job.longhorn.io/backup: enabled recurring-job-group.longhorn.io/backup: enabled spec: capacity: storage: 10Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain storageClassName: longhorn-retain csi: driver: driver.longhorn.io volumeHandle: example-volume-id # Example: Database storage (ReadWriteOnce required) --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgres-storage-pvc namespace: postgresql-system labels: recurring-job.longhorn.io/backup: enabled recurring-job-group.longhorn.io/backup: enabled spec: accessModes: - ReadWriteOnce # Required for databases - single writer only storageClassName: longhorn-retain resources: requests: storage: 50Gi # Access Mode Guidelines: # - ReadWriteMany (RWX): Default for horizontally scalable applications # * Web applications that can run multiple pods # * Shared file storage for multiple containers # * Applications without file locking conflicts # # - ReadWriteOnce (RWO): Required for specific use cases # * Database storage (PostgreSQL, Redis) - single writer required # * Applications with file locking (SQLite, local file databases) # * StatefulSets that manage their own replication # * Single-instance applications by design # Backup Strategy Notes: # - Cost: $6/TB storage with $0 egress fees via Cloudflare partnership # - Selection: Label-based tagging system for selective volume backup # - Recovery: Automated backup scheduling and restore capabilities # - Target: @/longhorn backup location in Backblaze B2