Open Source Backup Conference 2014: Automating backup provisioning with bacula and puppet, by dave...

Post on 10-Jun-2015

107 views 2 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

Backups are all about making sure you don’t lose any data. But configuring backups for each machine can be a time-consuming and tedious process.This talk provides a brief overview of what puppet is and what puppet does. It will be explained how he created a puppet module to manage bacula, and some of the choices he made. It will show people some examples of how to use the module to deploy a bacula director, storage daemon and file daemon. Furthermore he will show how an entire infrastructure can easily be instructed to have backups of specific or generic filesets and how to do so with minimal adjustments for each machine.

transcript

Backup provisioning Backup provisioning with bacula and puppetwith bacula and puppet

Dave Simons

OSBConf 2014-09

 

Dave SimonsDave Simons

● Linux and Open Source Consultant @ inuits.euLinux and Open Source Consultant @ inuits.eu

● @miouhpi@miouhpi

● github.com/simonsdgithub.com/simonsd

Inuits.euInuits.eu

● Open source consultancy companyOpen source consultancy company

● System administrationSystem administration

● Web developmentWeb development

● Some embedded developmentSome embedded development

● Offices in Belgium, Netherlands, Ukraine and Offices in Belgium, Netherlands, Ukraine and CzechCzech

BaculaBacula

● Networked backup systemNetworked backup system

● Written in C++Written in C++

● Runs on UNIX, Mac and WindowsRuns on UNIX, Mac and Windows

● Open sourceOpen source

componentscomponents

● DirectorDirector

● Storage daemonStorage daemon

● File daemonFile daemon

● Catalog (database)Catalog (database)

● Storage backendStorage backend

● FirewallFirewall

● InterfaceInterface

overviewoverview

Classic setupClassic setup

● Install/configure directorInstall/configure director

● Install/configure catalogInstall/configure catalog

● Install/configure storage daemonInstall/configure storage daemon

● Install/configure storage backendInstall/configure storage backend

● Install/configure file daemon 1Install/configure file daemon 1

● Install/configure file daemon 2Install/configure file daemon 2

● Install/configure file daemon NInstall/configure file daemon N

What's wrong with that?What's wrong with that?

Lots of things!Lots of things!

● Time consumingTime consuming

● Error proneError prone

● Repetitive (pronounced /bohr-ing/)Repetitive (pronounced /bohr-ing/)

PuppetPuppet

● Configuration management toolConfiguration management tool

● Written in RubyWritten in Ruby

● Server-client modelServer-client model

● StandaloneStandalone

● Open sourceOpen source

● Runs on UNIX, Mac and WindowsRuns on UNIX, Mac and Windows

componentscomponents

● Puppet masterPuppet master

● Puppet agentPuppet agent

● Puppet applyPuppet apply

● HieraHiera

● PuppetdbPuppetdb

● McollectiveMcollective

● dashboard/foremandashboard/foreman

overviewoverview

Puppet applyPuppet apply

● SubcommandSubcommand

● Compiles catalogCompiles catalog

● Executes catalogExecutes catalog

hierahiera

● DatastoreDatastore

● Abstract code/dataAbstract code/data

● YAMLYAML

● Adjustable hierarchyAdjustable hierarchy

---:backends: - yaml

:logger: console

:hierarchy: - clients/%{environment}/%{hostname} - roles/%{environment}/%{role} - roles/common/%{role} - hypervisors/%{hypervisor} - locations/%{datacenter} - environments/%{environment} - common

:yaml: :datadir: /etc/puppet/hieradata

hieradatahieradata[simonsd@shinku][inuits]$ tree -L 2 hierahiera/├── common.yaml├── clients│   └── production│    └── client1.yaml│    └── client2.yaml│    └── client3.yaml├── environments│   └── production.yaml├── hypervisors│   ├── hv1.example.com.yaml│   ├── hv2.example.com.yaml│   └── hv3.example.com.yaml├── locations│   ├── dc1.yaml│   ├── dc2.yaml│   └── dc3.yaml

Puppet languagePuppet language● Ruby DSLRuby DSL

● ResourcesResources

• RegularRegular

• VirtualVirtual

• exportedexported

● ClassesClasses

● ManifestsManifests

● ModulesModules

resource typesresource types● CronCron

● ExecExec

● FileFile

● GroupGroup

● UserUser

● MountMount

● PackagePackage

● ServiceService

file{'/usr/local/bin/mysql-backup': content => template('mysql-backup'), owner => 'root', group => 'root', mode => '0755',}

cron{'mysql-backup': command => '/usr/local/bin/mysql-backup', user => 'root', hour => '00', minute => '15', require => File['/usr/local/bin/mysql-backup',}

user{'bacula': ensure => 'present', uid => '712', gid => 'bacula', password => 'secret', home => '/home/bacula', shell => '/bin/sh',}

Puppet treePuppet tree[simonsd@shinku][inuits]$ tree -L 2 puppet/puppet/├── manifests│   ├── classes│   ├── defaults│   ├── hosts│   └── site.pp├── modules│   ├── activemq│   ├── apache│   ├── apc│   ├── apt│   ├── augeas│   ├── bacula│   ├── bash│   ├── bind│   ├── collectd│   ├── concat│   ├── crond│   ├── customers│   ├── dell│   ├── drupal│   ├── ejabberd│   ├── elasticsearch│   ├── fail2ban│   ├── ffmpeg│   ├── filemapper│   ├── firewall│   ├── foreman│   ├── ganbatte│   ├── gdash│   ├── gitolite│   ├── gitorious│   ├── graphite│   ├── grok│   ├── icinga│   ├── inifile│   ├── inuits│   ├── ...

loadingloading● Manual importsManual imports

● Autoloading magicAutoloading magic

[simonsd@shinku][puppet]$ cat manifests/site.ppimport 'defaults/*.pp'import 'classes/*.pp'import 'hosts/*.pp'

[simonsd@shinku][puppet]$ puppet apply --modulepath=/etc/puppet/environments/production/modules site.pp

[simonsd@shinku][puppet]$ cat puppet.conf<snip>[master]

manifest = $confdir/environments/$environment/manifests/site.pp modulepath = $confdir/environments/$environment/modules<snip>

modulesmodules

[simonsd@shinku][puppet]$ tree example-module/example-module/├── manifests│   ├── init.pp├── templates├── files├── lib├── facts.d├── tests├── spec

basic manifestbasic manifest[simonsd@shinku][puppet]$ cat modules/bacula/manifests/bconsole.ppclass bacula::bconsole ( $config_root = $::bacula::params::config_root, $bconsole_pkgname = $::bacula::params::bconsole_pkgname, $director_server = $::bacula::params::director_server, $director_port = $::bacula::params::director_port, $director_password = $::bacula::params::director_password,) inherits ::bacula::params {

package{“$bconsole_pkgname”: ensure => 'present', }

file{"${config_root}/bconsole.conf": ensure => 'file', owner => 'root', group => 'root', mode => '0640', content => template('bacula/bconsole.conf.erb'), require => Package[$bconsole_pkgname], }

}

basic templatebasic template

[simonsd@shinku][puppet]$ cat modules/bacula/templates/bconsole.conf.erb### File managed with puppet ###### Served by: '<%= scope.lookupvar('::servername') %>'### Module: '<%= scope.to_hash['module_name'] %>'### Template source: '<%= template_source %>'

## List Directors we connect to#

Director { name = "<%= director_server %>" dirport = "<%= director_port %>" address = "<%= director_server %>" password = "<%= director_password %>"}

Virtual resourcesVirtual resources

@file{'/tmp/foo': content => 'bar', tag => 'someproject',}

realize File['/tmp/foo']

File <| tag='someproject' |>

exported resourcesexported resources

@@nagios_service{'check_bacula_fd-bacula-fd.prod.example.com': check_command => 'check_nrpe_command!check_bacula_fd', service_description => 'bacula-fd.prod.example.com', host_name => 'bacula-fd.prod.example.com', target => "${::icinga::targetdir}/services/bacula-fd.prod.example.com.cfg", notify => Service[$::icinga::service_server], tag => 'bacula',}

Nagios_service <<| name='check_bacula_fd-bacula-fd.prod.example.com' |>>

Nagios_service <<| tag='bacula' |>>

puppet-bacula module puppet-bacula module treetree[simonsd@shinku][puppet]$ tree modules/bacula/

modules/bacula/├── manifests│   ├── bconsole.pp│   ├── catalog.pp│   ├── client.pp│   ├── common.pp│   ├── default│   │   ├── filesets.pp│   │   ├── jobdefs.pp│   │   ├── pools.pp│   │   └── schedules.pp│   ├── device.pp│   ├── director│   │   ├── config.pp│   │   ├── install.pp│   │   └── service.pp│   ├── director.pp│   ├── fd│   │   ├── config.pp│   │   ├── install.pp│   │   └── service.pp│   ├── fd.pp│   ├── fileset.pp│   ├── firewall│   │   ├── dir.pp│   │   ├── fd.pp│   │   └── sd.pp│   ├── firewall.pp│   ├── init.pp│   ├── jobdefs.pp│   ├── job.pp│   ├── messages.pp│   ├── params.pp│   ├── pool.pp│   ├── schedule.pp│   ├── sd│   │   ├── config.pp│   │   ├── install.pp│   │   └── service.pp│   ├── sd.pp│   └── storage.pp└── templates ├── bacula-dir.conf.erb ├── bacula-fd.conf.erb ├── bacula-sd.conf.erb ├── bconsole.conf.erb ├── catalog.conf.erb ├── client.conf.erb ├── device.conf.erb ├── fileset.conf.erb ├── job.conf.erb ├── jobdefs.conf.erb ├── logrotate.erb ├── messages.conf.erb ├── pool.conf.erb ├── schedule.conf.erb └── storage.conf.erb

configure directorconfigure director[simonsd@shinku][puppet]$ cat manifests/classes/bacula-dir.ppclass 'bacula-dir' {

class{'::bacula::director': log_email => 'logs@example.com', from_email => 'bacula@example.com', }

bacula::catalog{“bacula-${::domain}”: dbname => hiera('bacula-dbname'), dbuser => hiera('bacula-dbuser'), dbpassword => hiera('bacula-dbpass'), dbhost => hiera('bacula-dbhost'), }

@@percona::database{“bacula-${::domain}”: ensure => 'present', }

@@percona::rights{“bacula-${::domain}”: ensure => 'present', database => hiera('bacula-prod-dbname'), user => hiera('bacula-prod-dbuser'), password => hiera('bacula-prod-dbpass'), host => hiera('bacula-prod-dbhost'), priv => 'all', }

@@nagios_service{“check_bacula_dir-${::fqdn}”: check_command => 'check_nrpe_command!check_bacula_dir', service_description => "Bacula-dir: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }

}

configure storage configure storage daemondaemon

[simonsd@shinku][puppet]$ cat manifests/classes/bacula-sd.ppclass 'bacula-sd' {

class{'::bacula::sd': storage_dir => hiera('bacula-storage-dir', '/srv/backup/bacula'), }

@@nagios_service{'check_bacula_sd-${::fqdn}': check_command => 'check_nrpe_command!check_bacula_sd', service_description => "Bacula-sd: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }

}

configure file daemonconfigure file daemon[simonsd@shinku][puppet]$ cat manifests/classes/bacula-fd.ppclass 'bacula-fd' {

class{'::bacula::fd': storage_server => hiera('bacula_default_storage_server', “bacula-sd.${::domain}”), director_server => hiera('bacula_director_server', 'bacula'), storage_dir => hiera('bacula_storage_dir', '/srv/backup/bacula'), catalog => hiera('bacula_catalog', “bacula-${::domain}”), }

@@bacula::job{$::fqdn: client => hiera('bacula_hostname', $::fqdn), jobdefs => hiera('bacula_jobdef', 'DefaultJob'), fileset => hiera('bacula_fileset', false), messages => hiera('bacula_messages', 'bacula-fd'), storage => hiera('bacula_storage', "${::fqdn}-storage"), full_pool => hiera('bacula_fullpool', "${::fqdn}-Full"), incremental_pool => hiera('bacula_incpool', "${::fqdn}-Incremental"), bschedule => hiera('bacula_schedule', 'default'), client_run_before_job => hiera('bacula_client_run_before_job', false), client_run_after_job => hiera('bacula_client_run_after_job', false), }

@@bacula::pool{"${::fqdn}-Full":} @@bacula::pool{"${::fqdn}-Incremental": maximum_volumes => '7', }

@@nagios_service{'check_bacula_fd-${::fqdn}': check_command => 'check_nrpe_command!check_bacula_fd', service_description => "Bacula-fd: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }

}

Other optionsOther options● ChefChef

● AnsibleAnsible

● SaltSalt

● CfengineCfengine

● Bcfg2Bcfg2

● BareosBareos

● RsyncRsync

● RsnapshotRsnapshot

● RdiffRdiff

● Backup ninjaBackup ninja

Questions?Questions?

Top related

Bacula Main Manual
Documents
Bacula Console
Documents
Guide Bacula
Documents
Bacula Performance & Tuningbacula.us/wp-content/uploads/2015/10/EricBollengier.pdf · ©Bacula Systems S.A. - 2014 12 Journey to the Center of your Backup - Special case with Data
Documents
Bacula · What is Bacula? 1.1 Who Needs Bacula? 1.2 Bacula Components or Services 1
Documents
bacula - referência
Documents
Bacula Enterprise Trial
Documents
 · What is Bacula? 1.1 Who Needs Bacula? 1.2 Bacula Components or Services 1
Documents
Index [link.springer.com]978-1-4302-1913-2/1.pdf · backup and recovery backup process, 623–624 Bacula acquiring, 638–641 backing up databases with, 658–661 Bat console, 661–666
Documents
Bacula Cloud Backup · 2.1.5 Copyandsyncfiles YoucanlistyourAmazonS3bucketswith: [root@localsd1 ~]# aws s3 ls 2016-04-11 21:13:02 bsyssdsync [root@localsd1 ~]# ↓ ↓
Documents
Problems Bacula
Documents
Test Run - Bacula Backup Brasil · Professional backup solutions compared Test Run FE ATURES Backup Solutions I Seven leading and popular backup solutions line up to face the Linux
Documents
Bacula BackUp Server - plusserver.com · The bacula-director has to be able to reach the bacula-fd at tcp port 9102. On windows machines this will be blocked by default, if the windows
Documents
Bacula for Developers
Documents
Bacula and ZFS - pgcon.org · What is Bacula? Set of programs. client-server model. Backup, recovery, and verification of data. Network of computers of different kinds. Backup to
Documents
Internal Bacula Database
Documents
Bacula Install
Documents
Rel Bacula
Documents
Bacula Open Source Project Bacula Systems (professional ... · Bacula Systems SA Page 3 Introduction – Project History • «Bacula» = Backup Dracula It comes by night and sucks
Documents
Best Practices For Disk Based Backup - Bacula
Documents

Copyright © 2018 DOCUMENTS