Archiv pro štítek: zálohování

Instalace a konfigurace Bacula klienta

Instalace

Na CentOS potřebujeme

yum install bacula-client

Konfigurace na straně klienta

Defaultní konfigurační soubor vypadá nějak takto:

#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.13 (19 February 2013) -- redhat (Core)
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir
  Password = "@@FD_PASSWORD@@"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "@@MON_FD_PASSWORD@@"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = bacula-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/spool/bacula
  Pid Directory = /var/run
  Maximum Concurrent Jobs = 20
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Zde musíme změnit v sekci FileDaemon Name na náš hostname, pro lepší orientaci a především v sekcích Director zadat heslo z konfigurace bacula mastera, čímž masteru povolíme se k tomuto file-daemonu připojovat.

Poté ještě povolíme službu Bacula file daemon

systemctl enable bacula-fd.service
systemctl start bacula-fd.service

Konfigurace na straně serveru

Na straně klienta záleží na tom, jak máme uspořádané konfigurační soubory. Je zde veliká variabilita, proto je konfugurace Bacula serveru popsána detailně v samostatném příspěvku.

Nás bude zajímat především soubor clients.conf, kam přidáme sekci popisující nového klienta

Client {
   Name = client-name
   Address = 10.0.0.2
   FDPort = 9102
   Catalog = MyCatalog
   Password = "wQsfjexXv4-XXXXXXXXXXXXXXXXXXXXXX"      password for FileDaemon
   File Retention = 30 days            # 30 days
   Job Retention = 6 months            # six months
   AutoPrune = yes                     # Prune expired Jobs/Files
 }

Kromě client.conf musíme nastavit ještě následující soubory: filesets.conf jobs.conf schedules.con. Popisujeme v nich, jaké soubory se mají zálohovat, kdy, a v jaké struktuře.

# /etc/bacula/filesets.conf
FileSet {
 =================================================================
 Name = "node-head"
==================================================================
 Include {
     Options {
       signature = MD5
       compression = LZO
     }
     File = /
   }
 Exclude {
     File = /root
     File = /var/lib/bacula
     File = /local
     File = /proc
     File = /tmp
     File = /.journal
     File = /.fsck
     File = /sys
     File = /run
     File = /var/lib/nfs/rpc_pipefs
     File = /dev
   }
 }
# /etc/bacula/jobs.conf
Job {
     Name = node-head
     Type = Backup
     Client = node-head
     FileSet = node-head
     Schedule = "WeeklyCycle"
     Storage = qnap-sd
     Messages = Standard
     Pool = Full-Pool  
     }

Po konfiguraci restart Bacula Director. Protože master běží na Debianu, je syntaxe trochu jiná

/etc/init.d/bacula-director restart

Pak můžeme otestovat konfiguraci ručním spuštěním zálohy. Buď z konsole, nebo z grafické aplikace bat. Pokud je vše nakonfigurováno správně, měli bychom dostat odpověď podobnou této.

 
run job="node-head" fileset="node-head" level="Full" client="node-head" pool="Full-Pool" storage="qnap-sd" priority="10" when="2020-01-07 12:19:20" yes 
 Job queued. JobId=11515

Filesystémy jinde

Bacula defaultně nepřekračuje hranice filesystémů. By design. Lze to vidět v logu jobu, pokud taková situace nastane. V některých případech je to správně, např. v níže uvedeném výpisu, opt je mountovaný přes nfs, takže by nebylo vhodné ho odsud zálohovat. Ale /var a /boot jsou pouze samostatné partitions na lokálním disku.

 2020-01-07 12:19:29
 node-head
      /boot is a different filesystem. Will not descend from / into it.
      /opt is a different filesystem. Will not descend from / into it.
      /var is a different filesystem. Will not descend from / into it.
      /home is a different filesystem. Will not descend from / into it.
      /nfs is a different filesystem. Will not descend from / into it.
      /lscratch is a different filesystem. Will not descend from / into 
      /misc is a different filesystem. Will not descend from / into it.
      /net is a different filesystem. Will not descend from / into it.
Because Bacula will not descent into mounted filesystems that it has not
 been specifically told to. This is a good thing; you do NOT want it to
 descend into /proc or /sys, for example, and on modern Linux systems
 where /dev is managed dynamically, you almost certainly don't want it to
 descend into /dev either. Neither do you want it to descend into, for
 example, NFS or other network-mounted filesystems that are already being
 backed up once from their server.

 The idea is that you explicitly list each filesystem you want Bacula to
 back up, then exclude the directories within those filesystems that you
 do not want backed up.

 You CAN change this behavior using the onefs directive; by default, this
 is set to onefs=yes, which tells Bacula to remain within a single
 mounted filesystem. You CAN explicitly set onefs=no, in which case
 Bacula will follow all mount points. BE VERY CAREFUL about doing this.
 There may be unexpected consequences. On most operating systems, if you
 do not have a very good specific reason to do this, it's best not to.
 It's certainly not something you should be doing when you're still new
 to Bacula.

Ve většině nahoře uvedených adresářů je opravdu zálohovat nechceme. Ty co opravdu chceme zálohovat, musíme explicitně vyjmenovat v include nastavení.

 Include {
     Options {
       signature = MD5
       compression = LZO
     }
     File = /
     File = /var
     File = /boot
   }

Dodatečná nastavení

Pokud je mezi servery nastaven firewall, musíme povolit port 9102, na kterém Bacula komunikuje.