= Overview =
This pages contains all necessary information one needs to know about the prov-backup-rsnapshot provisioning daemon. This daemon provisions the stoney backup account according to what was requested in the self-service web interface. Changes performed on the web interface (for example creating a new stoney backup account) will be written to the LDAP directory. The changes in the LDAP directory are spotted by the prov-backup-rsnapshot daemon, which then executes the appropriate action (for example creating directories and setting quota values for the new stoney backup account) and change the LDAP again. This change in the LDAP can be made visible in the web interface. This way the user can see, that the new stoney backup account is ready for use.
= ToDos Source Code =The daemon calls a script which is configurable (see [[prov-backup-rsnapshot#Configuration]]) to create the chroot environment. Currently this script only creates the home directory for the user. In future this script should create the whole chroot environment. The script must be executable: <script>/path/to/script.sh<script> must execute the script. The deamon reacts according to the exit source code of the script: * 0: everything is OK, daemon continues* > 0located in our GitHub Repository: there was an error, daemon does not continueSo the script must have something like:<source lang="bash">if error then; exit 1fi;
exit https://github.com/stepping-stone/prov-backup-rsnapshot == Exit Codes ==The following list defines the return codes and their meaning for the ...:<pre>use constant{ SUCCESS => 0, UNDEFINED_ERROR => 1, USER_NOT_PRESENT_IN_BACKEND => 2, PERL_VERSION_NOT_STATISFIED => 3, CANNOT_CHECK_HOME_DIR_PRESENCE => 4, CANNOT_CREATE_HOME_DIR => 5, CANNOT_SET_QUOTA => 6, CANNOT_CREATE_RSNAPSHOT_CONFIGURATION => 7,};</sourcepre>
= Configuration =
(Note: Comments starting with /* are not in the configuration file, they are only in the wiki to add some additional information)
<pre>
# Copyright (C) 2013 stepping stone GmbH
#
/* If you want, you can override the log information from the global configuration file this might be useful for debugging */
[Global]
# If true the script logs every information to the log-file.
LOG_ERR = 1
/* Specify the hosts fully qualified domain name. This name will be used to perform some checks and also appear in the information and error mails */ENVIRONMENT = pat-GT60<FQDN>
[Database]
BACKEND = LDAP
SERVER = ldaps://ldapm.tombstone.chorg
PORT = 636
ADMIN_USER = cn=Manager,dc=fossstoney-cloud,dc=org
ADMIN_PASSWORD = <PASSWORD>
SERVICE_SUBTREE = ou=accounts,ou=backup,ou=services,dc=fossstoney-cloud,dc=orgCOOKIE_FILE = /home/pat/repos/stepping-stone/prov-backup-rsnapshot/prov-backup-rsnapshot/etc/Provisioning/Backup/rsnapshot.cookie
DEFAULT_COOKIE = rid=001,csn=
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClasssstProvisioningState=*0))
/* Specifies the service itself. As it is the prov-backup-rsnapshot module, the SERVICE is "Backup" and the TYPE is "Rsnapshot".
* The MODUS is as usual selfcare and the TRANSPORTAPI is LocalCLI. This is because the daemon is running on the same host as the
* backup accounts are provisioned and the commands can be executed on this host using the cli.
* For more information about MODUS and TRANSPORTAPI see https://int.stepping-stone.ch/wiki/provisioning.pl#Service_Konfiguration
*/
[Service]
MODUS = selfcare
TYPE = Rsnapshot
SYSLOG = Backupprov-Rsnapshotbackup-rsnapshot
/* For the TRANSPORTAPI LocalCLI there is no gateway required because there is no connection to establish. So set HOST, USER and
* DSA_FILE to whatever you want. Don't leave it blank, otherwise the provisioning daemon would log some error messages saying
* these attributes are empty
*/
[Gateway]
HOST = localhost
DSA_FILE = none
/* Information about the backup itself (how to setup everything). Note that the %uid% int the RSNAPSHOT_CONFIG_FILE parameter will
* be replaced by the accounts UID. The script CREATE_CHROOT_CMD was installed with the prov-backup-rsnapshot module, so do not
* change this parameter. The quota parameters (SET_QUOTA_CMD, MOUNTPOINT, QUOTA_FILE, PROJECTS_FILE and PROJID_FILE) represent
* the quota setup as described on http://wiki.stoney-cloud.org/index.php/stoney_backup:_Server_set-up#Quota. If you followed this
* manual, you can copy-paste them into your configuration file, otherwise adapt them according to your quota setup.
*/
[Backup]
RSNAPSHOT_CONFIG_FILE = /etc/rsnapshot/rsnapshot.conf.%uid%
SET_QUOTA_CMD = /usr/sbin/setquotaxfs_quotaCREATE_CHROOT_CMD = /rootusr/createDummyBackupDirectorylibexec/createBackupDirectory.shMOUNTPOINT = /var
QUOTA_FILE = /etc/backupSize
PROJECTS_FILE = /etc/projects
...
</source>
= Source Code =
The source code is located in our GitHub Repository:
https://github.com/stepping-stone/prov-backup-rsnapshot
== Exit Codes ==
The following list defines the return codes and their meaning for the ...:
<pre>
use constant
{
SUCCESS => 0,
UNDEFINED_ERROR => 1,
USER_NOT_PRESENT_IN_BACKEND => 2,
PERL_VERSION_NOT_STATISFIED => 3,
CANNOT_CHECK_HOME_DIR_PRESENCE => 4,
CANNOT_CREATE_HOME_DIR => 5,
CANNOT_SET_QUOTA => 6,
CANNOT_CREATE_RSNAPSHOT_CONFIGURATION => 7,
};
</pre>
= Testing =
== Requirements ==
* A sandbox of working test server set up following the prov-backup-rsnapshot deamon[[stoney_backup: <pre>cd /var/workgit clone _Server_set--recursive https://github.com/stepping-stone/up#prov-backup-rsnapshot.gitcd /var/work/prov-| stoney backup: Server set-rsnapshot/Provisioning/etc/Provisioning/ln -s up]] guide../../../etc/Provisioning/Backup/ Backupcd /var/work/prov-backup-rsnapshot/Provisioning/lib/Provisioning/ln -s ../../../lib/Provisioning/Backup/ Backup</pre>* A test configuration<pre>cd /var/work/prov-backup-rsnapshot/Provisioning/etc/Provisioning/Backup/cp -p Rsnapshot.conf.template Rsnapshot_test.confvi Rsnapshot_test.conf</pre>Update the Database section accordingly
== Test the daemon ==
* The daemon is running on the Backup-Server VM (kvm-0036)
** Open a terminal and login to the Backup-Server VM
** <pre>tail -f /var/log/syslog/provisioning.log</pre>
** Make sure the directory /root/data exists, if not create it
** Create an online backup account by executing the test script:
** <pre>/varusr/worklibexec/prov-backup-rsnapshot/bin/createBackupAccountLDIFcreateBackupDirectory.pl sh --uid 3724300</pre>
** The test script currently supports the following options:
*** --uid <UID>: Mandatory option, the backup accounts uid
** Load the generated LDIF (you find them under /root/data) step by step into the LDAP and observe what the deamon is doing in the first terminal:
*** <pre>/root/loadOpenLDAPsingleLDIF.sh /root/data/01_add_3724300.ldif</pre>
**** After this step, the account with the given uid should be created and you should be able to login via ssh using the uid and the password "gugus":
***** <pre>ssh <UID>@<Server></pre>
*** <pre>/root/loadOpenLDAPsingleLDIF.sh /root/data/02_modify_3724300.ldif</pre>
**** After this step, the quota should be reduced by 50% (from 1GB to 500MB)
***** To verify use the report_xfs quota command as mentioned in [[stoney_backup:_Server_set-up#Modifying_a_Project_.28Directory.29_Quota | server setup]]
*** <pre>/root/loadOpenLDAPsingleLDIF.sh /root/data/03_delete_3724300.ldif</pre>
**** After this step, the account should be removed, the login via ssh should no longer be possible. The LDAP entry however is still present.
***** <pre>ssh <UID>@<Server></pre>
*** <pre>/root/loadOpenLDAPsingleLDIF.sh /root/data/04_remove_3724300.ldif</pre>
**** After this step, the LDAP entry should be removed
= Links =
[[Category:stoney backup]][[Category:Provisioning Modules]]