Backup Setup » History » Version 3
Jon Goldberg, 06/30/2017 05:21 PM
| 1 | 1 | Jon Goldberg | # Backup Setup |
|---|---|---|---|
| 2 | |||
| 3 | ## Overview |
||
| 4 | |||
| 5 | For a server to be backed up to Megaphone Tech's standards, all of the following must be true: |
||
| 6 | |||
| 7 | - The backup must happen at least daily. |
||
| 8 | - The backup must be tested (and testable) to ensure its validity. |
||
| 9 | - The backup must be encrypted in transit and at rest. |
||
| 10 | - If the backup resides on a server outside of our control, the data must be encrypted such that those controlling the server can not read the data. |
||
| 11 | - At least one copy of the backup must be in a separate geographical location from the original data. |
||
| 12 | - Databases must be backed up using a database dump tool and stored in a backed-up area of the filesystem. |
||
| 13 | - The backup should be monitored for both successes and failure. Alerts should be generated for failed backups, and for backups that don't run. |
||
| 14 | |||
| 15 | To accomplish this, we use a modified copy of [backupninja](https://0xacab.org/riseuplabs/backupninja) to manage the backups. It reports into our centralized [[Icinga2]] monitoring. |
||
| 16 | The preferred back-end for backups is [borgbackup](https://borgbackup.readthedocs.io/en/stable/), which provides for validity testing and client-side encryption. |
||
| 17 | |||
| 18 | Currently, setup is manual and complicated. When [ansible](https://www.ansible.com/) is deployed, we can automate these steps. |
||
| 19 | |||
| 20 | ## Step-by-step guide |
||
| 21 | |||
| 22 | **Note:** This entire guide assumes you're running as *root* on all |
||
| 23 | servers during setup. |
||
| 24 | |||
| 25 | ### Icinga Server setup |
||
| 26 | |||
| 27 | - Get the API User password for the "backupninja" user from `/etc/icinga2/conf.d/api-users.conf`. This is `ICINGA2_API_PASSWORD`, below. |
||
| 28 | - Edit the appropriate host conf file (in `/etc/icinga2/conf.d/hosts` to include the line: |
||
| 29 | |||
| 30 | ``` |
||
| 31 | has_backupninja: true |
||
| 32 | ``` |
||
| 33 | |||
| 34 | - Also note the exact name of the `Host` object on line 1 of the file. This is `ICINGA2_HOSTNAME` below. |
||
| 35 | - Run `service icinga2 checkconfig && service icinga2 reload` for your change to take effect. |
||
| 36 | |||
| 37 | ### Monitored Server setup |
||
| 38 | |||
| 39 | - Install backupninja and borg. |
||
| 40 | |||
| 41 | ```bash |
||
| 42 | #Ubuntu 16.04+ |
||
| 43 | apt install backupninja borgbackup |
||
| 44 | #Debian Jessie |
||
| 45 | apt install backupninja |
||
| 46 | apt install -t jessie-backports borgbackup |
||
| 47 | #CentOS 7.3 |
||
| 48 | #ensure epel repo is enabled |
||
| 49 | yum install backupninja borgbackup |
||
| 50 | ``` |
||
| 51 | |||
| 52 | - If you're using MySQL 5.7+, you can't export the `information_schema` table. There's a proposed patch for backupninja to exclude it, which you should apply: |
||
| 53 | |||
| 54 | ```bash |
||
| 55 | cd /usr/share/backupninja/ |
||
| 56 | wget -O mysql.patch https://gist.githubusercontent.com/PalanteJon/94543829a2dfd6b3ed216b646afb0e8f/raw/abe58456b57eb123a1cf0023adb92ad2fa890cb1/backupninja%2520MySQL%25205.7%2520support |
||
| 57 | #Ignore "patch unexpectedly ends in middle of line" warning |
||
| 58 | patch -p0 < mysql.patch |
||
| 59 | rm mysql.patch mysql.orig |
||
| 60 | ``` |
||
| 61 | |||
| 62 | - Append this to the end of `/usr/sbin/backupninja`: |
||
| 63 | <https://gist.github.com/PalanteJon/322a4fea5707013433d9763972e4d414> |
||
| 64 | - Set up a local borg repo. |
||
| 65 | |||
| 66 | ```bash |
||
| 67 | # Generate a password locally with a password generator like pwgen. |
||
| 68 | borg init /opt/borg |
||
| 69 | ``` |
||
| 70 | |||
| 71 | - Set up a remote borg repo on rsync.net. |
||
| 72 | |||
| 73 | ```bash |
||
| 74 | # Copy the root user's public key to rsync.net's authorized_keys |
||
| 75 | # If no key exists, create one with no passphrase |
||
| 76 | # Source: http://www.rsync.net/resources/howto/ssh_keys.html |
||
| 77 | 2 | Jon Goldberg | cat ~/.ssh/id_rsa.pub | ssh 8139@usw-s008.rsync.net 'dd of=.ssh/authorized_keys oflag=append conv=notrunc' |
| 78 | 1 | Jon Goldberg | |
| 79 | # Generate a password locally with a password generator like pwgen. |
||
| 80 | # Replace "lava" with the name of the borg repo you'd like to create. |
||
| 81 | 2 | Jon Goldberg | borg init 8139@usw-s008.rsync.net:lava --remote-path=/usr/local/bin/borg1/borg1 |
| 82 | 1 | Jon Goldberg | ``` |
| 83 | |||
| 84 | - Put a set of standard configuration files in `/etc/backup.d`. |
||
| 85 | |||
| 86 | ```bash |
||
| 87 | cd /etc/backup.d |
||
| 88 | wget https://raw.githubusercontent.com/PalanteJon/backupninja_configs/master/10-info.sys |
||
| 89 | wget https://raw.githubusercontent.com/PalanteJon/backupninja_configs/master/30-databases.mysql |
||
| 90 | wget https://raw.githubusercontent.com/PalanteJon/backupninja_configs/master/50-borg-local.sh |
||
| 91 | wget https://raw.githubusercontent.com/PalanteJon/backupninja_configs/master/60-borg-remote.sh |
||
| 92 | chmod 600 * |
||
| 93 | ``` |
||
| 94 | |||
| 95 | - Edit the backupninja config(s) for borg to set the repository name and passphrase. |
||
| 96 | 3 | Jon Goldberg | - e.g. local repository is `/opt/borg` and remote repository is `8139@usw-s008.rsync.net:orange` |
| 97 | 1 | Jon Goldberg | - Add to /etc/backupninja.conf: |
| 98 | |||
| 99 | ```bash |
||
| 100 | ICINGA2_API_USER=backupninja |
||
| 101 | ICINGA2_SERVER_ADDRESS=orange.megaphonetech.com |
||
| 102 | ICINGA2_API_PORT=5665 |
||
| 103 | ICINGA2_API_PASSWORD=<see above> |
||
| 104 | ICINGA2_HOSTNAME=<see above> |
||
| 105 | ``` |
||
| 106 | |||
| 107 | ### Document |
||
| 108 | |||
| 109 | - Update the [internal CRM server list](https://crm.megaphonetech.com/server-list) to reflect the correct backup method. |
||
| 110 | - Record the borg passphrase(s) in the password manager. This is very important; otherwise the backup is unrecoverable. |