Bareos - zalohovanie VM

Po dlhych skusaniach, uvahach a hladani na nete som nasiel spolahlivy a hlavne funkcny backupovaci nastroj pre virtualne prostredie, pre mna hlavne v Proxmoxe. Kedze proxmox nema (ma ale cez ofajc) inkrementalne zalohy cez VZDump tak potrebujem hlavne nie cely "obraz disku" ale pristup k jednotlivym suborom a setrim miesto inkrementalnymi a diferencialnymi zalohami.

Rozhodol som sa ze ako zaklad pouzijem CentOS 7, hlavne kvoli svojej stabilite, dlhej podpore a ma priamo repozitar na najnovsi bareos. V dobe instalacie bola posledna verzia 18.2 a v dobe pisania clanku 19.2 avsak upgrade som este nerobil.

Instalaciu VM nebudem popisovat to ratam ze kazdy zvlada kto chce riesit nieco podobne. Ma to aj svoju internu DB, bezi mi to na MariaDB s jednym malym rozdielom ze nieje na locale ale mimo v Galera Clustri. Tu budem popisovat instalaciu s DB na localhoste pod MariaDB. Taktiez storage nebude na locale ale na NFS na inej masine v sieti.

Mala predpriprava

Zmena hostname:

Dolozita vec je mat DNS zaznamy na sieti v poriadku a teda aj hostname na samotnom bareos VM - budeme volat "server"

hostnamectl set-hostname bareos

Vypnutie SELinux:

Niekto ho vypina, niekto nie. Ja si pristup k masinam postrazit viem a ak mozem tak ho vypinam. Ked by sme ho nevypli treba este pamatat na povolenie

setenforce 0
reboot

Pridanie bareos repo:

wget -O /etc/yum.repos.d/bareos.repo http://download.bareos.org/bareos/release/latest/CentOS_7/bareos.repo

Instalacia

Instalacia MariaDB

yum install mariadb-server -y

Zapnutie sluzby:

systemctl start mariadb.service
systemctl enable mariadb.service

Instalacia bareos:

Trebalo zinstalovat samotny bareos, bareos mysql connector a webatko

yum install bareos bareos-database-mysql bareos-webui -y

MariaDB konfiguracia:

Upravime konfigurak:

vi /var/lib/bareos/.my.cnf

[client]
host=localhost
user=root
password=PASSWORD

Dalej nepotrebujeme konfigurovat, mame na to scripts:

/usr/lib/bareos/scripts/create_bareos_database
/usr/lib/bareos/scripts/make_bareos_tables
/usr/lib/bareos/scripts/grant_bareos_privileges

Instalacia apache a php:

yum install httpd php php-cli php-common -y

Start sluzieb:

systemctl start bareos-dir
systemctl start bareos-sd
systemctl start bareos-fd
systemctl start httpd

a nasledne start po starte:

systemctl enable bareos-dir
systemctl enable bareos-sd
systemctl enable bareos-fd
systemctl enable httpd

Bareos ma 3och daemonov. Prvy je director, druhy storage daemon a posledny je file daemon.

Vytvorenie konfigu pre web pristup:

vi /etc/bareos/bareos-dir.d/console/admin.conf

a bachneme tam toto:

Console {
Name = admin
Password = PASSWORD
Profile = webui-admin
TLS Enable = No
}

Pristup do admin konzoly:

bconsole

a ked sme uz tam a robili sme zasahy do konfiguracie tak treba to reloadnut:

reload

a nasledne vystupime z nej:

q

a restart directora:

systemctl restart bareos-dir

Webatko:

Na webatko sa dostanem cez:

http://IP/bareos-webui

Dalsie konfigy:

Vytvorenie konfigu na zalohovanie.

vi /etc/bareos/bareos-dir.d/fileset/LinuxAll.conf

FileSet {
  Name = "LinuxAll"
  Description = "Backup all regular filesystems, determined by filesystem type."
  Include {
    Options {
      Signature = MD5 # calculate md5 checksum per file
      One FS = No     # change into other filessytems
      FS Type = btrfs
      FS Type = ext2  # filesystems of given types will be backed up
      FS Type = ext3  # others will be ignored
      FS Type = ext4
      FS Type = reiserfs
      FS Type = jfs
      FS Type = xfs
      FS Type = zfs
      Compression = GZIP
      noatime = yes
    }
    File = /
  }
  # Things that usually have to be excluded
  # You have to exclude /var/lib/bareos/storage
  # on your bareos server
  Exclude {
    File = /opt/db
    File = /var/db
    File = /opt/var
    File = /opt/mysql
    File = /var/lib/bareos
    File = /var/lib/bareos/storage
    File = /var/cache
    File = /mnt/backup
    File = /proc
    File = /tmp
    File = /var/tmp
    File = /.journal
    File = /.fsck
  }
}

Vytvorenie definicie jobu:

vi /etc/bareos/bareos-dir.d/jobdefs/BackupLinuxConfig.conf

JobDefs {
    Name = "BackupLinuxConfig"
    Type = Backup
    Level = Incremental
    Client = bareos-fd
    FileSet = "LinuxAll"
    Schedule = "WeeklyCycle"
    Storage = NFS
    Messages = Standard
    Pool = Incremental
    Priority = 1
    Write Bootstrap = "/var/lib/bareos/%c.bsr"
    Full Backup Pool = Full
    Differential Backup Pool = Differential
    Incremental Backup Pool = Incremental
}

Zmena konfigov POOLs:

vi /etc/bareos/bareos-dir.d/pool/Full.conf

Pool {
  Name = Full
  Pool Type = Backup
  Recycle = no                       # Bareos can automatically recycle Volumes
  AutoPrune = yes                     # Prune expired volumes
  Action On Purge = Truncate
  Volume Retention = 100 days         # How long should the Full Backups be kept? (#06)
  Label Format = "${Client}-${Level}-${Year}-${Month}-${Day}-${Hour}-${NumVols}"              # Volumes will be labeled "Full-<volume-id>"
  Maximum Volume Jobs = 1
  Storage = NFS
}

vi /etc/bareos/bareos-dir.d/pool/Differential.conf

Pool {
  Name = Differential
  Pool Type = Backup
  Recycle = no                       # Bareos can automatically recycle Volumes
  AutoPrune = yes                     # Prune expired volumes
  Action On Purge = Truncate
  Volume Retention = 65 days          # How long should the Differential Backups be kept? (#09)
  Label Format = "${Client}-${Level}-${Year}-${Month}-${Day}-${Hour}-${NumVols}"      # Volumes will be labeled "Differential-<volume-id>"
  Maximum Volume Jobs = 1
  Storage = NFS
}

vi /etc/bareos/bareos-dir.d/pool/Incremental.conf

Pool {
  Name = Incremental
  Pool Type = Backup
  Recycle = no                       # Bareos can automatically recycle Volumes
  AutoPrune = yes                     # Prune expired volumes
  Action On Purge = Truncate
  Volume Retention = 32 days          # How long should the Incremental Backups be kept?  (#12)
  Label Format = "${Client}-${Level}-${Year}-${Month}-${Day}-${Hour}-${NumVols}"       # Volumes will be labeled "Incremental-<volume-id>"
  Maximum Volume Jobs = 1
  Storage = NFS
}

Budeme zalohovat tak ako je na tomto grafe:

Skontrolujeme zakladny scheduling ktory je v defaulte viac nez dobry:

less /etc/bareos/bareos-dir.d/schedule/WeeklyCycle.conf

Schedule {
  Name = "WeeklyCycle"
  Run = Full 1st sat at 21:00                   # (#04)
  Run = Differential 2nd-5th sat at 21:00       # (#07)
  Run = Incremental mon-fri at 21:00            # (#10)
}

Zmena storage-u z local na nase namountovane NFS:

vi /etc/bareos/bareos-sd.d/device/FileStorage.conf

Device {
  Name = FileStorage
  Media Type = File
  Archive Device = /mnt/backup/bareos
  LabelMedia = yes;                   # lets Bareos label unlabeled media
  Random Access = yes;
  AutomaticMount = yes;               # when device opened, read it
  RemovableMedia = no;
  AlwaysOpen = no;
  Description = "Backup na NFS"
  Maximum Concurrent Jobs = 1
}

Este to treba zmenit tu:

vi /etc/bareos/bareos-dir.d/storage/File.conf

Storage {
  Name = NFS
  Address = bareos.nasa.domena               # N.B. Use a fully qualified name here (do not use "localhost" here).
  Password = "tu by malo byt vygenerovane automaticky"
  Device = FileStorage
  Media Type = File
}

Zmena v hosts:

Pre lepsie fungovanie je zo skusenosti dobre dat rucne klientov do hosts konfigu ale iba v pripade ze nemate dobre nastavene DNSko.

vi /etc/hosts

127.0.0.1   bareos localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.1.1       bareos
IP serveru     bareos bareos.nasa.domena
IP klienta    klient klient.nasa.domena

Restart sluzieb:

systemctl restart bareos-dir
systemctl restart bareos-fd
systemctl restart bareos-sd

Pridanie klienta - a k a  to co sa ma zalohovat, spustenie

Server bezi, mozeme skontrolovat ci nam vsetky sluzby bezia

Instalacia na Debiane:

Klienta si dame na Debiane, debian ma bareos-fd (client) priamo v repo avsak starsiu verziu ale to nevadi lebo na servery mame vyssiu.

apt install bareos-client -y

Pri CentOSe by sme museli zasa pridat repo a nasledne:

yum install bareos-fd

Spustenie sluzby po starte:

systemctl enable bareos-fd

Pridanie klienta na Bareos server:

bconsole
configure add client name=HOSTNAME address=IP_ADDRESS password=SUPER_silne_Heslo
q

Nakopirovanie konfigu na klienta, ja mam zmeneny ssh port na 322

scp -P 322 /etc/bareos/bareos-dir-export/client/HOSTNAME/bareos-fd.d/director/bareos-dir.conf root@IP:/etc/bareos/bareos-fd.d/director/bareos-dir.conf

Nasledna zmena prav suboru na klientovi:

chown bareos:bareos /etc/bareos/bareos-fd.d/director/bareos-dir.conf

Start sluzby na klientovi:

systemctl start bareos-fd
systemctl restart bareos-fd

Vytvorenie JOB konfigu na servery:

vi /etc/bareos/bareos-dir.d/job/hostname.conf

vlozime tam totok:

Job {
    Name = "HOSTNAME"
    JobDefs = "BackupLinuxConfig"
    Client = "HOSTNAME"
    Write Bootstrap = "|/usr/bin/bsmtp -h root@localhost -f \"\(Bareos\) \" -s \"Bootstrap for Job %j\" NAS@MAIL.SK"
}

Zmenime prava:

chown bareos:bareos /etc/bareos/bareos-dir.d/job/HOSTNAME.conf

Reload a spustenie jobu:

bconsole
reload
run job=hostname

Potvrdime:

yes
q

Par schopnych prikazov z bconsole:

list storages
list pools
show jobdefs
show filesets
status dir
status client=HOSTNAME

Teraz vieme pozriet na webe ako sa nam to krasne zalohuje. Bareos ma este jednu taku peknu speci vec, standartne zalohuje iba jeden job a ked ho spravy tak ide na dalsi. Treba si predstavit ze to kam zapisuje su normalne pasky a teda iba jedna paska vie bezat naraz. Ale ked nastavime kompresiu GZIP tak mam odskusanych 30 VM vie zbehnut za par hodin.

P.S.: dokazeme zalohovat aj Windejsi docela pekne a rychlo.