Coding

Using Bacula for a Distributed Backup System (Debian Etch)

I once had a server crash wipe out all my data on a vserver. My own ftp backup script had for some reason refused to do the backup, the server company had a backup a month old. Bad.

Now I have 4 different vservers running, which has not exactly reduced my Angst of data loss. When I read about the open source backup system Bacula, their solution sounded pretty good. However, since the software needs quite a bit of setup, I have for a long time shied away from installing it. Now I have finally found some time to do it and like to documents my experience since it wasn’t the easiest install.

Keep in mind that this setup is fine-tuned to my particular needs. Bacula is extremely versatile and can be configured to suit the most diverse requirements – please consult the documentation if your needs are different from mine.

Installation

Installing is straightforward on Debian:

  • On the machine that will supervise all backups, which should be a server that is continually running, install the matching bacula director for a database backend (I used mysql):
    apt-get install bacula-director-mysql

    You will need to supply your mysql root password in the process of installing.

  • On a machine that has a graphic display, install the GUI console–I am using Debian with Gnome:
    apt-get install bacula-console-gnome
  • On each machine that will need to be backed up, install a bacula file daemon:
    apt-get install bacula-fd
  • If the machine to be backed up has Gnome or KDE running, install the traymonitor
    apt-get install bacula-traymonitor
  • On the machine(s) that will receive the backups and save them in some form (I chose a simple file backup), install the bacula storage daemon:
    apt-get install bacula-sd

Configuration

Now for the more complicated part, the setup of the configuration files. Note that I have reorganized the distributed Debian Etch configuration files and changed some default entries. I am also only using one master password for all cases. Following assumptions:

  • m1 is the machine that runs the director daemon and a file daemon
  • m2 is a machine that runs a file daemon
  • m3 is the machine that runs the storage daemon
  • all configuration files are located in /etc/bacula

bacula-dir.conf

#######################################################################
#
#  Director
#
#######################################################################

Director {                            # define myself
  Name = m1-dir
  DIRport = 9101                # where we listen for UA connections
  QueryFile = "/etc/bacula/scripts/query.sql"
  WorkingDirectory = "/var/lib/bacula"
  PidDirectory = "/var/run/bacula"
  Maximum Concurrent Jobs = 1
  Password = "{director-password}"         # Console password
  Messages = Daemon
  DirAddress = 127.0.0.1
}

#######################################################################
#
#  File Daemons
#
#######################################################################

# File Daemon on this machine
Client {
  Name = m1-fd
  Address = 127.0.0.1                 # use IP Address here
  FDPort = 9102
  Catalog = MyCatalog
  Password = "{director-password}"    # password for FileDaemon
  File Retention = 30 days            # 30 days
  Job Retention = 6 months            # six months
  AutoPrune = yes                     # Prune expired Jobs/Files
}

# File Daemon on panya.de
Client {
  Name = m2-fd
  Address = XXX.XXX.XXX.XXX           # Use IP address of file daemon here
  FDPort = 9102
  Catalog = MyCatalog
  Password = "{director-password}"    # password for FileDaemon
  File Retention = 30 days            # 30 days
  Job Retention = 6 months            # six months
  AutoPrune = yes                     # Prune expired Jobs/Files
}

#######################################################################
#
#  Storage Daemons
#
#######################################################################

# Definition of file storage device
Storage {
  Name = m3-sd
  Address = YYY.YYY.YYY.YYY           # Use IP address of storage daemon here
  SDPort = 9103
  Password = "{director-password}"
  Device = FileStorage
  Media Type = File
}

#######################################################################
#
#  Default Jobs
#
#######################################################################

#
# backup m1
#
Job {
  Name = "Backup-m1"
  Client = m1-fd
  JobDefs = "DefaultJob"
  Write Bootstrap = "/var/lib/bacula/m1.bsr"
}

#
# backup m2
#
Job {
  Name = "Backup-m2"
  Client = m2-fd
  JobDefs = "DefaultJob"
  Write Bootstrap = "/var/lib/bacula/m2.bsr"
}
 # ... more jobs ...
#######################################################################
#
#  Catalog Backup Job
#
#######################################################################

# Backup the catalog database (after the nightly save)
Job {
  Name = "BackupCatalog"
  JobDefs = "DefaultJob"
  Client=m1-fd
  Level = Full
  FileSet="Catalog"
  Schedule = "WeeklyCycleAfterBackup"
  # This creates an ASCII copy of the catalog, this line is incorrect in the default etch distribution
  RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup bacula bacula bacula"
  # This deletes the copy of the catalog
  RunAfterJob  = "/etc/bacula/scripts/delete_catalog_backup"
  Write Bootstrap = "/var/lib/bacula/BackupCatalog.bsr"
  Priority = 11                   # run after main backup
}

# This is the backup of the catalog
FileSet {
  Name = "Catalog"
  Include {
    Options {
      signature = MD5
    }
    File = /var/lib/bacula/bacula.sql
  }
}

#######################################################################
#
#  Standard Restore template, to be changed by Console program
#  Only one such job is needed for all Jobs/Clients/Storage ...
#
#######################################################################

Job {
  Name = "RestoreFiles"
  Type = Restore
  Client =m1-fd
  FileSet="Full Set"
  Storage = m1s06-sd
  Pool = Default
  Messages = Standard
  Where = /tmp/bacula-restores
}

#######################################################################
#
#  Defaults for JobsDefs, Catalog, File Sets, Schedules, Pool
#
#######################################################################

#
# Generic catalog service. Make sure the database created by the
# installation script is accesible by a user bacula with password
# bacula (or choose a different user/password combination)
Catalog {
  Name = MyCatalog
  dbname = bacula
  user = bacula
  password = "bacula"
}

# Generic Job Definition, overwrite individual directives
JobDefs {
  Name = "DefaultJob"
  Type = Backup
  Level = Incremental
  FileSet = "Full Set"
  Schedule = "WeeklyCycle"
  Storage = m3-sd
  Messages = Standard
  Pool = Default
  Priority = 10
}

# List of files to be backed up
FileSet {
  Name = "Full Set"

  Include {
    Options {
      signature = MD5
    }
    File = /home
    File = /etc
    File = /var
  }

  Exclude {
    File = /var/lib/bacula/storage # or whereever the files are stored on the target device
                                   # if you backup the target machine as well
  }
}

#
# When to do the backups, full backup on first sunday of the month,
#  differential (i.e. incremental since full) every other sunday,
#  and incremental backups other days
Schedule {
  Name = "WeeklyCycle"
  Run = Full 1st sun at 23:05
  Run = Differential 2nd-5th sun at 23:05
  Run = Incremental mon-sat at 23:05
}

# This schedule does the catalog. It starts after the WeeklyCycle
Schedule {
  Name = "WeeklyCycleAfterBackup"
  Run = Full sun-sat at 23:10
}

# Default pool definition
Pool {
  Name = Default
  Pool Type = Backup
  Recycle = yes                       # Bacula can automatically recycle Volumes
  AutoPrune = yes                     # Prune expired volumes
  Volume Retention = 365 days         # one year
  Accept Any Volume = yes             # write on any volume in the pool
}

#######################################################################
#
#  Defaults for Console and Messaging
#
#######################################################################

#
# Restricted console used by tray-monitor to get the status of the director
#
Console {
  Name = m41s09-mon
  Password = "{some-other-password}"
  CommandACL = status, .status
}

# Reasonable message delivery -- send most everything to email address
#  and to the console
Messages {
  Name = Standard
  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f "(Bacula) %r" -s "Bacula: %t %e of %c %l" %r"
  operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f "(Bacula) %r" -s "Bacula: Intervention needed for %j" %r"
  mail = bacula@localhost = all, !skipped
  operator = info@bibliograph.org = mount
  console = all, !skipped, !saved
  append = "/var/log/bacula.log" = all, !skipped # this will become a big file until logrotated
}

#
# Message delivery for daemon messages (no job).
Messages {
  Name = Daemon
  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f "(Bacula) %r" -s "Bacula daemon message" %r"
  mail = bacula@localhost = all, !skipped
  console = all, !skipped, !saved
  append = "/var/lib/bacula/log" = all, !skipped
}

bacula-sd.confThis configuration file is on the machine that receives data from the file daemons and keeps the backup files. The location of the backup data can be freely chosen, we place them into /var/lib/bacula/storage.

#######################################################################
#
#  Bacula Storage Daemon Configuration File on panya.de
#
#######################################################################

# definition of myself
Storage {
  Name = m3-sd
  SDPort = 9103
  WorkingDirectory = "/var/lib/bacula"
  Pid Directory = "/var/run/bacula"
  Maximum Concurrent Jobs = 20
  SDAddress = 127.0.0.1
}

#
# List Directors who are permitted to contact Storage daemon
#
Director {
  Name = m1-dir
  Password = "{director-password}"
}

#
# Devices supported by this Storage daemon
# To connect, the Director's bacula-dir.conf must have the
#  same Name and MediaType.
#

Device {
  Name = FileStorage
  Media Type = File
  Archive Device = /var/lib/bacula/storage # or wherever you want to put the files
  LabelMedia = yes;                        # lets Bacula label unlabeled media
  Random Access = Yes;
  AutomaticMount = yes;                    # when device opened, read it
  RemovableMedia = no;
  AlwaysOpen = no;
}
#
# Send all messages to the Director,
# mount messages also are sent to the email address
#
Messages {
  Name = Standard
  director = m1-dir = all
}

Sample bacula-fd.conf

#######################################################################
#
#  Bacula File Daemon Configuration File on m2
#
#######################################################################

#
# "Global" File daemon configuration specifications
#
FileDaemon {
  Name = m2-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/lib/bacula
  Pid Directory = /var/run/bacula
  Maximum Concurrent Jobs = 20
  FDAddress = 127.0.0.1
}

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = m1-dir
  Password = "{director-password}"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon, if you have a tray monitor
#
Director {
  Name = m2-mon
  Password = "{some-other-password}"
  Monitor = yes
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = m1-dir = all, !skipped, !restored
}

gnome-console.conf

Finally if you administer your director with one of the shipped GUI tools, you need to configure them, too:

#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = m1-dir
  DIRport = 9101
  address = 127.0.0.1 # use IP and not hostname here
  Password = "{director-password}"
}

ConsoleFont {
  Name = Default
  Font = "Monospace 9"
}

    Running the backups

    • Start a root console
    • cd /etc/bacula
    • bacula-console-gnome
    • The console should now connect to the director. It will alert problems.
    • On first use, you need to “label” the file that will be used for storing the backup data on the storage daemon. Click the “Label” button and choose a name – for example “bacula-storage”.
    • You can then “Run” a backup to try if everything works as expected.
    Advertisements

    7 thoughts on “Using Bacula for a Distributed Backup System (Debian Etch)

    1. a great article for getting bacula up and running.

      i too am finally getting to grips with it, love its versatility and i found that ‘playing’ with it for a while then wiping and starting again has given me the best understanding. the documentation for bacuala is good but vast and easy to get information overload.

      1. Hi Panyasan
        you could write a simple script to set up an ssh connection to your web server – which runs on a machine inside your home (?) network with the dyndns address. Then do a tunnel from say remote post 9102 to locahost port xxxx, and have your director talk to localhost port xxxx.
        Any reason why you did not follow such an approach?
        jacques

    2. Another update: I switched to using rdiff-backup with a cronjob. That’s as simple as it gets, but seems to be the most efficient method for my needs…

    3. Thank you for this guide, made my life a bit simpler, was quite difficult to understand all the pieces of the director-client-storage puzzle. panyasan: OpenVPN is IMHO the best open source solution for creating tunnels behind NAT, if you haven’t considered implementing that already.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s