Backup Setup¶

Overview¶

For a server to be backed up to Megaphone Tech's standards, all of the following must be true:

The backup must happen at least daily.
The backup must be tested (and testable) to ensure its validity.
The backup must be encrypted in transit and at rest.
If the backup resides on a server outside of our control, the data must be encrypted such that those controlling the server can not read the data.
At least one copy of the backup must be in a separate geographical location from the original data.
Databases must be backed up using a database dump tool and stored in a backed-up area of the filesystem.
The backup should be monitored for both successes and failure. Alerts should be generated for failed backups, and for backups that don't run.

To accomplish this, we use a modified copy of backupninja to manage the backups. It reports into our centralized Icinga2 monitoring.
The preferred back-end for backups is borgbackup, which provides for validity testing and client-side encryption.

Ansible¶

Assign the server to a group with the backupninja role.

Step-by-step (manual) guide¶

Show Hide

Note: This entire guide assumes you're running as root on all
servers during setup.

Icinga Server setup¶

Get the API User password for the "backupninja" user from /etc/icinga2/conf.d/api-users.conf. This is ICINGA2_API_PASSWORD, below.
Edit the appropriate host conf file (in /etc/icinga2/conf.d/hosts to include the line:

has_backupninja: true

Also note the exact name of the Host object on line 1 of the file. This is ICINGA2_HOSTNAME below.
Run service icinga2 checkconfig && service icinga2 reload for your change to take effect.

Monitored Server setup¶

Install backupninja and borg.

#Ubuntu 16.04+
apt install backupninja borgbackup
#Debian Jessie
apt install backupninja
apt install -t jessie-backports borgbackup
#CentOS 7.3
#ensure epel repo is enabled
yum install backupninja borgbackup

If you're using MySQL 5.7+, you can't export the information_schema table. There's a proposed patch for backupninja to exclude it, which you should apply:

cd /usr/share/backupninja/
wget -O mysql.patch https://gist.githubusercontent.com/MegaphoneJon/94543829a2dfd6b3ed216b646afb0e8f/raw/abe58456b57eb123a1cf0023adb92ad2fa890cb1/backupninja%2520MySQL%25205.7%2520support
#Ignore "patch unexpectedly ends in middle of line" warning
patch -p0 < mysql.patch
rm mysql.patch mysql.orig

Append this to the end of /usr/sbin/backupninja: https://gist.github.com/MegaphoneJon/322a4fea5707013433d9763972e4d414
Set up a local borg repo.

# Generate a password locally with a password generator like pwgen.
borg init /opt/borg

Set up a remote borg repo on rsync.net.

# Copy the root user's public key to rsync.net's authorized_keys
# If no key exists, create one with no passphrase
# Source: http://www.rsync.net/resources/howto/ssh_keys.html
cat ~/.ssh/id_rsa.pub | ssh 8139@usw-s008.rsync.net 'dd of=.ssh/authorized_keys oflag=append conv=notrunc'

# Generate a password locally with a password generator like pwgen.
# Replace "lava" with the name of the borg repo you'd like to create.
borg init 8139@usw-s008.rsync.net:lava --remote-path=/usr/local/bin/borg1/borg1

Put a set of standard configuration files in /etc/backup.d.

cd /etc/backup.d
wget https://raw.githubusercontent.com/MegaphoneJon/backupninja_configs/master/10-info.sys
wget https://raw.githubusercontent.com/MegaphoneJon/backupninja_configs/master/30-databases.mysql
wget https://raw.githubusercontent.com/MegaphoneJon/backupninja_configs/master/50-borg-local.sh
wget https://raw.githubusercontent.com/MegaphoneJon/backupninja_configs/master/60-borg-remote.sh
chmod 600 *

Edit the backupninja config(s) for borg to set the repository name and passphrase.
- e.g. local repository is /opt/borg and remote repository is 8139@usw-s008.rsync.net:orange
Add to /etc/backupninja.conf:

ICINGA2_API_USER=backupninja
ICINGA2_SERVER_ADDRESS=orange.megaphonetech.com
ICINGA2_API_PORT=5665
ICINGA2_API_PASSWORD=<see above>
ICINGA2_HOSTNAME=<see above>

Document¶

Update the internal CRM server list to reflect the correct backup method.
Record the borg passphrase(s) in the password manager. This is very important; otherwise the backup is unrecoverable.

Files (0)

Updated by Jon Goldberg over 3 years ago · 6 revisions

Project

General

Profile

Megaphone Commons