bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
93e36156a0
commit
479b730be4
11 changed files with 96 additions and 18 deletions
|
@ -1,5 +1,22 @@
|
|||
from os.path import join
|
||||
|
||||
if node.has_bundle('zfs'):
|
||||
wanted_paths = node.metadata.get('backups/paths', set())
|
||||
snapshot_paths = node.metadata.get('zfs/filesystems_with_backup_snapshots', {})
|
||||
backup_paths = set()
|
||||
|
||||
for path in wanted_paths:
|
||||
path_found = False
|
||||
for zfs_paths in snapshot_paths.values():
|
||||
if path in zfs_paths:
|
||||
backup_paths.add(f'/mnt/backup-snapshot{path}')
|
||||
path_found = True
|
||||
|
||||
if not path_found:
|
||||
backup_paths.add(path)
|
||||
else:
|
||||
backup_paths = node.metadata.get('backups/paths', set())
|
||||
|
||||
if node.metadata.get('backups/exclude_from_backups', False):
|
||||
files['/etc/backup.priv'] = {
|
||||
'delete': True,
|
||||
|
@ -17,7 +34,7 @@ else:
|
|||
'username': node.metadata['backup-client']['user-name'],
|
||||
'server': server,
|
||||
'port': port,
|
||||
'paths': node.metadata.get('backups/paths', {}),
|
||||
'paths': backup_paths,
|
||||
},
|
||||
'mode': '0700',
|
||||
}
|
||||
|
|
|
@ -11,6 +11,17 @@ directories = {
|
|||
},
|
||||
}
|
||||
|
||||
files = {
|
||||
'/etc/zfs-snapshot-backup-pre.d/50-influxdb': {
|
||||
'content': '#!/bin/sh\nsystemctl stop influxdb',
|
||||
'mode': '0755',
|
||||
},
|
||||
'/etc/zfs-snapshot-backup-post.d/50-influxdb': {
|
||||
'content': '#!/bin/sh\nsystemctl start influxdb',
|
||||
'mode': '0755',
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
svc_systemd = {
|
||||
'influxdb': {
|
||||
|
|
|
@ -15,6 +15,11 @@ defaults = {
|
|||
},
|
||||
},
|
||||
},
|
||||
'backups': {
|
||||
'paths': {
|
||||
'/var/lib/influxdb',
|
||||
},
|
||||
},
|
||||
'icinga2_api': {
|
||||
'telegraf': {
|
||||
'services': {
|
||||
|
|
|
@ -60,9 +60,7 @@ files = {
|
|||
},
|
||||
}
|
||||
|
||||
# FIXME currently we do not have a mechanism to use snapshot-backups of
|
||||
# zfs datasets.
|
||||
if node.has_bundle('backup-client'): # and not node.has_bundle('zfs'):
|
||||
if node.has_bundle('backup-client') and not node.has_bundle('zfs'):
|
||||
files['/etc/backup-pre-hooks.d/90-postgresql-dump-all'] = {
|
||||
'source': 'backup-pre-hook',
|
||||
'content_type': 'mako',
|
||||
|
@ -72,6 +70,10 @@ if node.has_bundle('backup-client'): # and not node.has_bundle('zfs'):
|
|||
'mode': '0700',
|
||||
}
|
||||
directories['/var/tmp/postgresdumps'] = {}
|
||||
else:
|
||||
files['/var/tmp/postgresdumps'] = {
|
||||
'delete': True,
|
||||
}
|
||||
|
||||
postgres_roles = {
|
||||
'root': {
|
||||
|
|
|
@ -2,9 +2,6 @@ defaults = {
|
|||
'backups': {
|
||||
'paths': {
|
||||
'/var/lib/postgresql',
|
||||
|
||||
# FIXME
|
||||
'/var/tmp/postgresdumps',
|
||||
},
|
||||
},
|
||||
'bash_functions': {
|
||||
|
@ -66,9 +63,8 @@ if node.has_bundle('zfs'):
|
|||
},
|
||||
},
|
||||
}
|
||||
# FIXME
|
||||
#else:
|
||||
# defaults['backups']['paths'].add('/var/tmp/postgresdumps')
|
||||
else:
|
||||
defaults['backups']['paths'].add('/var/tmp/postgresdumps')
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
|
|
21
bundles/zfs/files/backup-pre-hook
Normal file
21
bundles/zfs/files/backup-pre-hook
Normal file
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
run-parts --exit-on-error -- /etc/zfs-snapshot-backup-pre.d
|
||||
|
||||
|
||||
% for dataset in sorted(node.metadata.get('zfs/filesystems_with_backup_snapshots')):
|
||||
if zfs get type ${dataset}@snapshot-backup >/dev/null 2>&1
|
||||
then
|
||||
zfs destroy -f ${dataset}@snapshot-backup
|
||||
fi
|
||||
|
||||
zfs snapshot ${dataset}@snapshot-backup
|
||||
|
||||
mkdir -p /mnt/backup-snapshot${node.metadata['zfs']['datasets'][dataset]['mountpoint']}
|
||||
mount -t zfs ${dataset}@snapshot-backup /mnt/backup-snapshot${node.metadata['zfs']['datasets'][dataset]['mountpoint']}
|
||||
|
||||
|
||||
% endfor
|
||||
run-parts --exit-on-error -- /etc/zfs-snapshot-backup-post.d
|
|
@ -95,7 +95,11 @@ directories = {
|
|||
"/etc/zfs-snapshot-backup-post.d": {
|
||||
'purge': True,
|
||||
},
|
||||
"/etc/zfs-snapshot-backup-final.d": {
|
||||
'purge': True,
|
||||
},
|
||||
}
|
||||
|
||||
if node.metadata.get('zfs/filesystems_with_backup_snapshots', {}) and node.has_bundle('backup-client'):
|
||||
files['/etc/backup-pre-hooks.d/99-zfs-snapshots'] = {
|
||||
'content_type': 'mako',
|
||||
'source': 'backup-pre-hook',
|
||||
'mode': '0755',
|
||||
}
|
||||
|
|
|
@ -104,7 +104,9 @@ def zfs_scrub_cronjob(metadata):
|
|||
}
|
||||
|
||||
|
||||
@metadata_reactor
|
||||
@metadata_reactor.provides(
|
||||
'icinga2_api/zfs/services',
|
||||
)
|
||||
def monitoring(metadata):
|
||||
if not node.has_bundle('sshmon'):
|
||||
raise DoNotRunAgain
|
||||
|
@ -129,3 +131,25 @@ def monitoring(metadata):
|
|||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'zfs/filesystems_with_backup_snapshots',
|
||||
)
|
||||
def backups_with_snapshot(metadata):
|
||||
backups = metadata.get('backups/paths', set())
|
||||
datasets = metadata.get('zfs/datasets', {})
|
||||
|
||||
backups_in_zfs_datasets = {}
|
||||
|
||||
for path in backups:
|
||||
for dname, dconfig in datasets.items():
|
||||
if 'mountpoint' in dconfig:
|
||||
if path[:len(dconfig['mountpoint'])] == dconfig['mountpoint']:
|
||||
backups_in_zfs_datasets.setdefault(dname, set()).add(path)
|
||||
|
||||
return {
|
||||
'zfs': {
|
||||
'filesystems_with_backup_snapshots': backups_in_zfs_datasets,
|
||||
},
|
||||
}
|
||||
|
|
1
data/backup/keys/htz-cloud.influxdb.key.vault
Normal file
1
data/backup/keys/htz-cloud.influxdb.key.vault
Normal file
|
@ -0,0 +1 @@
|
|||
encrypt$gAAAAABgoBM4n7eEwMxfav4200d5LoGyLsM67Ps9CCPBgjZjdsOpyQulbp2l4LIhWj1kljgrXZ_LnOaRUf3S8q7-drv3yEfG1d-cyK8vP7r8wkTcawaazM5XdhR8VkgxCyBCuOZmM1vvAmOwIMi1JiQcgiJ4G32ThS085onN3T9HvEu2a9sWYuOlk-yVUBpelqP97vbO6r2n3hn-62AC7Ww-Q_EQ_kcdDdJLOawNe1anJOsOeLb1XOlMIJWI74LZXfszsRi9LmxUpzaB4Gd_nzDLO1AZHD_GOf9UOeeab8PujwhQ4UhbEHCdB-uVH88LGCw25-6eiv0yA_kRulj7InA9sKRyBZ1okSF4Xhl-htez6XwBD6BuA_ly6ulSxWuoOV_qsCNiXhJYGTuKPJS0-wpLyeLb_PV1tlYOKZv3VK5a_EpCRa4fCdX7oj9pcA8ZQkQeFAx0P4b3oYkz8YkDiBINFdOLE177lC6Kuk33sLfsZBuoR7MSjHUtZHPOXUHu8pV0o0_YxxF5fBs6hyReXvCbZB18NikeH4Ki-RR5IE4ofTngf6dIQhCxp9u-cNs-mNP0GRKiYIBUInr9Udpr-ymXRq-7OvyTM92950ePm-qoqjbpVFA8HN057WfkW6N6DASRRa2HjqQJ
|
1
data/backup/keys/htz-cloud.influxdb.pub
Normal file
1
data/backup/keys/htz-cloud.influxdb.pub
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFpAUytQ0ncucltODEr3MgcKF5U/6TS4zZG1OYJDIEQp kunsi@kunsi-t470.kunbox.net
|
|
@ -31,10 +31,6 @@ nodes['htz-cloud.influxdb'] = {
|
|||
},
|
||||
},
|
||||
},
|
||||
'backups': {
|
||||
# TODO enable this once we have zfs-snapshot-backups
|
||||
'exclude_from_backups': True,
|
||||
},
|
||||
'grafana': {
|
||||
'domain': 'grafana.kunsmann.eu',
|
||||
'login_max_duration': '30d',
|
||||
|
|
Loading…
Reference in a new issue