Line 1: |
Line 1: |
| == Locations == | | == Locations == |
| | | |
− | * /backup on [[Machine/treehouse]]: daily filesystem backups for [[Machine/jita]] | + | * /backup on [[Machine/papert]]: daily filesystem backups for [[Machine/bender]] and [[Machine/sunjammer]] |
− | * /backup on [[Machine/housetree]]: daily filesystem backups for [[Machine/sunjammer]] | + | * /backup on [[Machine/bender]]: daily filesystem backups for all VMs hosted on [[Machine/papert]] |
− | * /backup on sunjammer.sugarlabs.org: daily database dumps (ldap, mysql and pgsql) for [[Machine/sunjammer]]
| |
− | * backup.sugarlabs.org: daily backups of all other systems (see below)
| |
| | | |
| == Administrative contact == | | == Administrative contact == |
− |
| |
− | bernie AT sugarlabs DOT org
| |
− |
| |
− | == Sysadmins ==
| |
− |
| |
− | For non-emergency calls, preferably send email to the administrative contact.
| |
− |
| |
| * [[User:Bernie|Bernie Innocenti]] | | * [[User:Bernie|Bernie Innocenti]] |
− | * Ed McNierney @ OLPC (local access)
| |
− |
| |
− | == backup.sugarlabs.org ==
| |
− |
| |
− | This is the main backup server for all [[Machine|Sugarlabs Machines]].
| |
− |
| |
− | Backup account:
| |
− |
| |
− | sugarbackup@backup.sugarlabs.org:/home/sugarbackup/
| |
− |
| |
− | (backup.sugarlabs.org is an alias for owl.laptop.org)
| |
− |
| |
− | We use the script system-full-backup to perform the daily backups with duplicity. Each machine backup is encrypted with a different password. If you need a password, ask [[User:Bernie]].
| |
− |
| |
− | == Sunjammer ==
| |
− |
| |
− | [[Machine/sunjammer]]'s filesystem is being backed up on [[Machine/treehouse]] using rsync + 7 days of history with hard links.
| |
− |
| |
− | The MySQL, PostgreSQL and LDAP databases are being backed up daily on backup.sugarlabs.org, encrypted with gpg. TODO: at the moment, we don't have a script to cleanup old backups.
| |
− |
| |
− | == Restoring files from duplicity backups ==
| |
− |
| |
− | To restore a backup try something like:
| |
− |
| |
− | duplicity restore -t 7D --restore-time <yyyy/mm/dd --file-to-restore <source/path/to/restore/from> scp://sugarbackup@backup.sugarlabs.org/backup/<machine.sugarlabs.org> </destination/path/to/restore/to>
| |
− |
| |
− | * Replace <> with your values
| |
− |
| |
| | | |
− | Example:
| + | == wizbackup == |
| | | |
− | duplicity restore -t 7D --restore-time 2000/01/01 --file-to-restore var/lib/mysql/wordpress scp://sugarbackup@backup.sugarlabs.org/backup/sunjammer.sugarlabs.org /home/bernie/restore/wordpress
| + | * [https://codewiz.org/gitweb/wizbackup.git Source code] |
| + | * [https://codewiz.org/gitweb/wizbackup.git/blob/HEAD:/README.md README] |
| | | |
| + | This is the main backup script for all [[Machine|Sugar Labs Machines]]. It's a minimalist script based on rsync and keeps a history of N days using hard-links. While it's very very simple, wizbackup gets the job done and has the added benefit of not requiring any tools to read or restore a backup. The advantage over similar backup solution is that backups are just plain filesystem snapshots of the source machines; the main disadvantage is poor performance with large files which change often, such as logs or databases (my solution is to exclude these and backup the data using ad-hoc methods, such as SQL dumps). |
| | | |
− | the --restore-time is a workaround for a bug in duplicity when restoring backups in the past | + | The `wizbackup-driver` script runs daily on the backup servers from `/etc/cron.daily/wizbackup`. |
| + | It reads a list of hostnames to backup from `/backup/HOSTS/<machine-group-name>` and an optional list of files exclusions from `/backup/EXCLUDES`, in the same format taken by the `--exclude` flag of rsync. |
| | | |
| + | For each machine in the list, `wizbackup-driver` invokes `wizbackup` with this command-line: |
| | | |
− | == See Also ==
| + | wizbackup <hostname>:/ <local-backup-dir> --exclude-file /backup/EXCLUDE/ALWAYS --exclude-file /backup/EXCLUDE/<hostname> |
| | | |
− | * There are instructions on how to set up a backup here: [[Infrastructure_Team/Template_virtual_machine_lucid]]
| + | Wizbackup uses rsync and ssh to connect to the remote machine. Hence, the backup server must be authorized to connect as root to all backup hosts (e.g.: by storing the identity in `/root/.ssh/authorized_keys`). Wizbackup reads the ssh private key from `/etc/wizbackup/ssh_id`). |
| | | |
| [[Category:Service|zzz]] | | [[Category:Service|zzz]] |