Embed Size (px)
DESCRIPTION
Backups are all about making sure you don’t lose any data. But configuring backups for each machine can be a time-consuming and tedious process.This talk provides a brief overview of what puppet is and what puppet does. It will be explained how he created a puppet module to manage bacula, and some of the choices he made. It will show people some examples of how to use the module to deploy a bacula director, storage daemon and file daemon. Furthermore he will show how an entire infrastructure can easily be instructed to have backups of specific or generic filesets and how to do so with minimal adjustments for each machine.
Citation preview
Backup provisioning Backup provisioning with bacula and puppetwith bacula and puppet
Dave Simons
OSBConf 2014-09
Dave SimonsDave Simons
● Linux and Open Source Consultant @ inuits.euLinux and Open Source Consultant @ inuits.eu
● @miouhpi@miouhpi
● github.com/simonsdgithub.com/simonsd
Inuits.euInuits.eu
● Open source consultancy companyOpen source consultancy company
● System administrationSystem administration
● Web developmentWeb development
● Some embedded developmentSome embedded development
● Offices in Belgium, Netherlands, Ukraine and Offices in Belgium, Netherlands, Ukraine and CzechCzech
BaculaBacula
● Networked backup systemNetworked backup system
● Written in C++Written in C++
● Runs on UNIX, Mac and WindowsRuns on UNIX, Mac and Windows
● Open sourceOpen source
componentscomponents
● DirectorDirector
● Storage daemonStorage daemon
● File daemonFile daemon
● Catalog (database)Catalog (database)
● Storage backendStorage backend
● FirewallFirewall
● InterfaceInterface
overviewoverview
Classic setupClassic setup
● Install/configure directorInstall/configure director
● Install/configure catalogInstall/configure catalog
● Install/configure storage daemonInstall/configure storage daemon
● Install/configure storage backendInstall/configure storage backend
● Install/configure file daemon 1Install/configure file daemon 1
● Install/configure file daemon 2Install/configure file daemon 2
● Install/configure file daemon NInstall/configure file daemon N
What's wrong with that?What's wrong with that?
Lots of things!Lots of things!
● Time consumingTime consuming
● Error proneError prone
● Repetitive (pronounced /bohr-ing/)Repetitive (pronounced /bohr-ing/)
PuppetPuppet
● Configuration management toolConfiguration management tool
● Written in RubyWritten in Ruby
● Server-client modelServer-client model
● StandaloneStandalone
● Open sourceOpen source
● Runs on UNIX, Mac and WindowsRuns on UNIX, Mac and Windows
componentscomponents
● Puppet masterPuppet master
● Puppet agentPuppet agent
● Puppet applyPuppet apply
● HieraHiera
● PuppetdbPuppetdb
● McollectiveMcollective
● dashboard/foremandashboard/foreman
overviewoverview
Puppet applyPuppet apply
● SubcommandSubcommand
● Compiles catalogCompiles catalog
● Executes catalogExecutes catalog
hierahiera
● DatastoreDatastore
● Abstract code/dataAbstract code/data
● YAMLYAML
● Adjustable hierarchyAdjustable hierarchy
---:backends: - yaml
:logger: console
:hierarchy: - clients/%{environment}/%{hostname} - roles/%{environment}/%{role} - roles/common/%{role} - hypervisors/%{hypervisor} - locations/%{datacenter} - environments/%{environment} - common
:yaml: :datadir: /etc/puppet/hieradata
hieradatahieradata[simonsd@shinku][inuits]$ tree -L 2 hierahiera/├── common.yaml├── clients│ └── production│ └── client1.yaml│ └── client2.yaml│ └── client3.yaml├── environments│ └── production.yaml├── hypervisors│ ├── hv1.example.com.yaml│ ├── hv2.example.com.yaml│ └── hv3.example.com.yaml├── locations│ ├── dc1.yaml│ ├── dc2.yaml│ └── dc3.yaml
Puppet languagePuppet language● Ruby DSLRuby DSL
● ResourcesResources
• RegularRegular
• VirtualVirtual
• exportedexported
● ClassesClasses
● ManifestsManifests
● ModulesModules
resource typesresource types● CronCron
● ExecExec
● FileFile
● GroupGroup
● UserUser
● MountMount
● PackagePackage
● ServiceService
file{'/usr/local/bin/mysql-backup': content => template('mysql-backup'), owner => 'root', group => 'root', mode => '0755',}
cron{'mysql-backup': command => '/usr/local/bin/mysql-backup', user => 'root', hour => '00', minute => '15', require => File['/usr/local/bin/mysql-backup',}
user{'bacula': ensure => 'present', uid => '712', gid => 'bacula', password => 'secret', home => '/home/bacula', shell => '/bin/sh',}
Puppet treePuppet tree[simonsd@shinku][inuits]$ tree -L 2 puppet/puppet/├── manifests│ ├── classes│ ├── defaults│ ├── hosts│ └── site.pp├── modules│ ├── activemq│ ├── apache│ ├── apc│ ├── apt│ ├── augeas│ ├── bacula│ ├── bash│ ├── bind│ ├── collectd│ ├── concat│ ├── crond│ ├── customers│ ├── dell│ ├── drupal│ ├── ejabberd│ ├── elasticsearch│ ├── fail2ban│ ├── ffmpeg│ ├── filemapper│ ├── firewall│ ├── foreman│ ├── ganbatte│ ├── gdash│ ├── gitolite│ ├── gitorious│ ├── graphite│ ├── grok│ ├── icinga│ ├── inifile│ ├── inuits│ ├── ...
loadingloading● Manual importsManual imports
● Autoloading magicAutoloading magic
[simonsd@shinku][puppet]$ cat manifests/site.ppimport 'defaults/*.pp'import 'classes/*.pp'import 'hosts/*.pp'
[simonsd@shinku][puppet]$ puppet apply --modulepath=/etc/puppet/environments/production/modules site.pp
[simonsd@shinku][puppet]$ cat puppet.conf<snip>[master]
manifest = $confdir/environments/$environment/manifests/site.pp modulepath = $confdir/environments/$environment/modules<snip>
modulesmodules
[simonsd@shinku][puppet]$ tree example-module/example-module/├── manifests│ ├── init.pp├── templates├── files├── lib├── facts.d├── tests├── spec
basic manifestbasic manifest[simonsd@shinku][puppet]$ cat modules/bacula/manifests/bconsole.ppclass bacula::bconsole ( $config_root = $::bacula::params::config_root, $bconsole_pkgname = $::bacula::params::bconsole_pkgname, $director_server = $::bacula::params::director_server, $director_port = $::bacula::params::director_port, $director_password = $::bacula::params::director_password,) inherits ::bacula::params {
package{“$bconsole_pkgname”: ensure => 'present', }
file{"${config_root}/bconsole.conf": ensure => 'file', owner => 'root', group => 'root', mode => '0640', content => template('bacula/bconsole.conf.erb'), require => Package[$bconsole_pkgname], }
}
basic templatebasic template
[simonsd@shinku][puppet]$ cat modules/bacula/templates/bconsole.conf.erb### File managed with puppet ###### Served by: '<%= scope.lookupvar('::servername') %>'### Module: '<%= scope.to_hash['module_name'] %>'### Template source: '<%= template_source %>'
## List Directors we connect to#
Director { name = "<%= director_server %>" dirport = "<%= director_port %>" address = "<%= director_server %>" password = "<%= director_password %>"}
Virtual resourcesVirtual resources
@file{'/tmp/foo': content => 'bar', tag => 'someproject',}
realize File['/tmp/foo']
File <| tag='someproject' |>
exported resourcesexported resources
@@nagios_service{'check_bacula_fd-bacula-fd.prod.example.com': check_command => 'check_nrpe_command!check_bacula_fd', service_description => 'bacula-fd.prod.example.com', host_name => 'bacula-fd.prod.example.com', target => "${::icinga::targetdir}/services/bacula-fd.prod.example.com.cfg", notify => Service[$::icinga::service_server], tag => 'bacula',}
Nagios_service <<| name='check_bacula_fd-bacula-fd.prod.example.com' |>>
Nagios_service <<| tag='bacula' |>>
puppet-bacula module puppet-bacula module treetree[simonsd@shinku][puppet]$ tree modules/bacula/
modules/bacula/├── manifests│ ├── bconsole.pp│ ├── catalog.pp│ ├── client.pp│ ├── common.pp│ ├── default│ │ ├── filesets.pp│ │ ├── jobdefs.pp│ │ ├── pools.pp│ │ └── schedules.pp│ ├── device.pp│ ├── director│ │ ├── config.pp│ │ ├── install.pp│ │ └── service.pp│ ├── director.pp│ ├── fd│ │ ├── config.pp│ │ ├── install.pp│ │ └── service.pp│ ├── fd.pp│ ├── fileset.pp│ ├── firewall│ │ ├── dir.pp│ │ ├── fd.pp│ │ └── sd.pp│ ├── firewall.pp│ ├── init.pp│ ├── jobdefs.pp│ ├── job.pp│ ├── messages.pp│ ├── params.pp│ ├── pool.pp│ ├── schedule.pp│ ├── sd│ │ ├── config.pp│ │ ├── install.pp│ │ └── service.pp│ ├── sd.pp│ └── storage.pp└── templates ├── bacula-dir.conf.erb ├── bacula-fd.conf.erb ├── bacula-sd.conf.erb ├── bconsole.conf.erb ├── catalog.conf.erb ├── client.conf.erb ├── device.conf.erb ├── fileset.conf.erb ├── job.conf.erb ├── jobdefs.conf.erb ├── logrotate.erb ├── messages.conf.erb ├── pool.conf.erb ├── schedule.conf.erb └── storage.conf.erb
configure directorconfigure director[simonsd@shinku][puppet]$ cat manifests/classes/bacula-dir.ppclass 'bacula-dir' {
class{'::bacula::director': log_email => '[email protected]', from_email => '[email protected]', }
bacula::catalog{“bacula-${::domain}”: dbname => hiera('bacula-dbname'), dbuser => hiera('bacula-dbuser'), dbpassword => hiera('bacula-dbpass'), dbhost => hiera('bacula-dbhost'), }
@@percona::database{“bacula-${::domain}”: ensure => 'present', }
@@percona::rights{“bacula-${::domain}”: ensure => 'present', database => hiera('bacula-prod-dbname'), user => hiera('bacula-prod-dbuser'), password => hiera('bacula-prod-dbpass'), host => hiera('bacula-prod-dbhost'), priv => 'all', }
@@nagios_service{“check_bacula_dir-${::fqdn}”: check_command => 'check_nrpe_command!check_bacula_dir', service_description => "Bacula-dir: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }
}
configure storage configure storage daemondaemon
[simonsd@shinku][puppet]$ cat manifests/classes/bacula-sd.ppclass 'bacula-sd' {
class{'::bacula::sd': storage_dir => hiera('bacula-storage-dir', '/srv/backup/bacula'), }
@@nagios_service{'check_bacula_sd-${::fqdn}': check_command => 'check_nrpe_command!check_bacula_sd', service_description => "Bacula-sd: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }
}
configure file daemonconfigure file daemon[simonsd@shinku][puppet]$ cat manifests/classes/bacula-fd.ppclass 'bacula-fd' {
class{'::bacula::fd': storage_server => hiera('bacula_default_storage_server', “bacula-sd.${::domain}”), director_server => hiera('bacula_director_server', 'bacula'), storage_dir => hiera('bacula_storage_dir', '/srv/backup/bacula'), catalog => hiera('bacula_catalog', “bacula-${::domain}”), }
@@bacula::job{$::fqdn: client => hiera('bacula_hostname', $::fqdn), jobdefs => hiera('bacula_jobdef', 'DefaultJob'), fileset => hiera('bacula_fileset', false), messages => hiera('bacula_messages', 'bacula-fd'), storage => hiera('bacula_storage', "${::fqdn}-storage"), full_pool => hiera('bacula_fullpool', "${::fqdn}-Full"), incremental_pool => hiera('bacula_incpool', "${::fqdn}-Incremental"), bschedule => hiera('bacula_schedule', 'default'), client_run_before_job => hiera('bacula_client_run_before_job', false), client_run_after_job => hiera('bacula_client_run_after_job', false), }
@@bacula::pool{"${::fqdn}-Full":} @@bacula::pool{"${::fqdn}-Incremental": maximum_volumes => '7', }
@@nagios_service{'check_bacula_fd-${::fqdn}': check_command => 'check_nrpe_command!check_bacula_fd', service_description => "Bacula-fd: ${::fqdn}", host_name => $::fqdn, target => "${::icinga::targetdir}/services/${::fqdn}.cfg", notify => Service[$::icinga::service_server], }
}
Other optionsOther options● ChefChef
● AnsibleAnsible
● SaltSalt
● CfengineCfengine
● Bcfg2Bcfg2
● BareosBareos
● RsyncRsync
● RsnapshotRsnapshot
● RdiffRdiff
● Backup ninjaBackup ninja
Questions?Questions?
![Index [link.springer.com]978-1-4302-1913-2/1.pdf · backup and recovery backup process, 623–624 Bacula acquiring, 638–641 backing up databases with, 658–661 Bat console, 661–666](https://img.pdfslide.us/doc/110x75/5e4f5bb7f87e7323910851fb/index-link-978-1-4302-1913-21pdf-backup-and-recovery-backup-process-623a624.jpg)
