Difference between revisions of "stoney backup: prov-backup-rsnapshot"
From stoney cloud
| [unchecked revision] | [unchecked revision] |
(→Overview) |
(→ToDos) |
||
| Line 14: | Line 14: | ||
exit 0 | exit 0 | ||
</source> | </source> | ||
| + | |||
| + | = Configuration = | ||
| + | <pre> | ||
| + | # Copyright (C) 2013 stepping stone GmbH | ||
| + | # Switzerland | ||
| + | # http://www.stepping-stone.ch | ||
| + | # support@stepping-stone.ch | ||
| + | # | ||
| + | # Authors: | ||
| + | # Pat Kläy <pat.klaey@stepping-stone.ch> | ||
| + | # | ||
| + | # Licensed under the EUPL, Version 1.1. | ||
| + | # | ||
| + | # You may not use this work except in compliance with the | ||
| + | # Licence. | ||
| + | # You may obtain a copy of the Licence at: | ||
| + | # | ||
| + | # http://www.osor.eu/eupl | ||
| + | # | ||
| + | # Unless required by applicable law or agreed to in | ||
| + | # writing, software distributed under the Licence is | ||
| + | # distributed on an "AS IS" basis, | ||
| + | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
| + | # express or implied. | ||
| + | # See the Licence for the specific language governing | ||
| + | # permissions and limitations under the Licence. | ||
| + | # | ||
| + | |||
| + | |||
| + | [Global] | ||
| + | # If true the script logs every information to the log-file. | ||
| + | LOG_DEBUG = 1 | ||
| + | |||
| + | # If true the script logs additional information to the log-file. | ||
| + | LOG_INFO = 1 | ||
| + | |||
| + | #If true the script logs warnings to the log-file. | ||
| + | LOG_WARNING = 1 | ||
| + | |||
| + | #If true the script logs errors to the log-file. | ||
| + | LOG_ERR = 1 | ||
| + | |||
| + | ENVIRONMENT = pat-GT60 | ||
| + | |||
| + | [Database] | ||
| + | BACKEND = LDAP | ||
| + | SERVER = ldaps://ldapm.tombstone.ch | ||
| + | PORT = 636 | ||
| + | ADMIN_USER = cn=Manager,dc=foss-cloud,dc=org | ||
| + | ADMIN_PASSWORD = <PASSWORD> | ||
| + | SERVICE_SUBTREE = ou=accounts,ou=backup,ou=services,dc=foss-cloud,dc=org | ||
| + | COOKIE_FILE = /home/pat/repos/stepping-stone/prov-backup-rsnapshot/prov-backup-rsnapshot/etc/Provisioning/Backup/rsnapshot.cookie | ||
| + | DEFAULT_COOKIE = rid=001,csn= | ||
| + | SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*)) | ||
| + | |||
| + | [Service] | ||
| + | MODUS = selfcare | ||
| + | TRANSPORTAPI = LocalCLI | ||
| + | SERVICE = Backup | ||
| + | TYPE = Rsnapshot | ||
| + | |||
| + | SYSLOG = Backup-Rsnapshot | ||
| + | |||
| + | [Gateway] | ||
| + | HOST = localhost | ||
| + | USER = provisioning | ||
| + | DSA_FILE = none | ||
| + | |||
| + | [Backup] | ||
| + | RSNAPSHOT_CONFIG_FILE = /etc/rsnapshot/rsnapshot.conf.%uid% | ||
| + | SET_QUOTA_CMD = /usr/sbin/setquota | ||
| + | CREATE_CHROOT_CMD = /root/createDummyBackupDirectory.sh | ||
| + | MOUNTPOINT = / | ||
| + | </pre> | ||
= Communication with LDAP = | = Communication with LDAP = | ||
Revision as of 16:41, 19 August 2013
Overview
This pages contains all necessary information one needs to know about the prov-backup-rsnapshot daemon.
ToDos
The daemon calls a script which is configurable (see [[]]) to create the chroot environment. Currently this script only creates the home directory for the user. In future this script should create the whole chroot environment. The script must be executable: <script>/path/to/script.sh<script> must execute the script. The deamon reacts according to the exit code of the script:
- 0: everything is OK, daemon continues
- > 0: there was an error, daemon does not continue
So the script must have something like:
if error then; exit 1 fi; exit 0
Configuration
# Copyright (C) 2013 stepping stone GmbH # Switzerland # http://www.stepping-stone.ch # support@stepping-stone.ch # # Authors: # Pat Kläy <pat.klaey@stepping-stone.ch> # # Licensed under the EUPL, Version 1.1. # # You may not use this work except in compliance with the # Licence. # You may obtain a copy of the Licence at: # # http://www.osor.eu/eupl # # Unless required by applicable law or agreed to in # writing, software distributed under the Licence is # distributed on an "AS IS" basis, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either # express or implied. # See the Licence for the specific language governing # permissions and limitations under the Licence. # [Global] # If true the script logs every information to the log-file. LOG_DEBUG = 1 # If true the script logs additional information to the log-file. LOG_INFO = 1 #If true the script logs warnings to the log-file. LOG_WARNING = 1 #If true the script logs errors to the log-file. LOG_ERR = 1 ENVIRONMENT = pat-GT60 [Database] BACKEND = LDAP SERVER = ldaps://ldapm.tombstone.ch PORT = 636 ADMIN_USER = cn=Manager,dc=foss-cloud,dc=org ADMIN_PASSWORD = <PASSWORD> SERVICE_SUBTREE = ou=accounts,ou=backup,ou=services,dc=foss-cloud,dc=org COOKIE_FILE = /home/pat/repos/stepping-stone/prov-backup-rsnapshot/prov-backup-rsnapshot/etc/Provisioning/Backup/rsnapshot.cookie DEFAULT_COOKIE = rid=001,csn= SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*)) [Service] MODUS = selfcare TRANSPORTAPI = LocalCLI SERVICE = Backup TYPE = Rsnapshot SYSLOG = Backup-Rsnapshot [Gateway] HOST = localhost USER = provisioning DSA_FILE = none [Backup] RSNAPSHOT_CONFIG_FILE = /etc/rsnapshot/rsnapshot.conf.%uid% SET_QUOTA_CMD = /usr/sbin/setquota CREATE_CHROOT_CMD = /root/createDummyBackupDirectory.sh MOUNTPOINT = /
Communication with LDAP
The daemon "communicates" with the LDAP to let other processes know its current state. The important attributes therefore are sstProvisioningMode and sstProvisioningState in the given Backup-Account entry. The sequence is defined for adding, modifying or deleting an entry. The preconditions for all three modi are:
- sstProvisioningMode is set to add, modify or delete
- sstProvisioningState is set to 0
- sstProvisioningDate is set to 0 or the current date (format: YYYYMMDD)
Add
Precondition
... sstProvisioningMode: add sstProvisioningState: 0 sstProvisioningDate: 0 ...
Step 1
... sstProvisioningMode: adding sstProvisioningState: 0 sstProvisioningDate: 0 ...
Now the prov-backup-rsnapshot daemon works on the given entry.
Step 2
As soon as the prov-backup-rsnapshot daemon finished working on the given entry:
... sstProvisioningMode: added sstProvisioningState: YYYYMMDDThhmmssZ sstProvisioningDate: 0 ...
Modify
Precondition
... sstProvisioningMode: modify sstProvisioningState: 0 sstProvisioningDate: 0 ...
Step 1
... sstProvisioningMode: modifying sstProvisioningState: 0 sstProvisioningDate: 0 ...
Now the prov-backup-rsnapshot daemon works on the given entry.
Step 2
As soon as the prov-backup-rsnapshot daemon has finished working on the given entry:
... sstProvisioningMode: modified sstProvisioningState: YYYYMMDDThhmmssZ sstProvisioningDate: 0 ...
Delete
Precondition
... sstIsActive: FALSE sstProvisioningMode: delete sstProvisioningState: 0 sstProvisioningDate: 0 ...
Step 1
... sstProvisioningMode: deleting sstProvisioningState: 0 sstProvisioningDate: 0 ...
Now the prov-backup-rsnapshot daemon works on the given entry.
Step 2
As soon as the prov-backup-rsnapshot daemon finished working on the given entry:
... sstProvisioningMode: deleted sstProvisioningState: YYYYMMDDThhmmssZ sstProvisioningDate: 0 ...
Source Code
Exit Codes
The following list defines the return codes and their meaning for the ...:
use constant
{
SUCCESS => 0,
UNDEFINED_ERROR => 1,
USER_NOT_PRESENT_IN_BACKEND => 2,
PERL_VERSION_NOT_STATISFIED => 3,
CANNOT_CHECK_HOME_DIR_PRESENCE => 4,
CANNOT_CREATE_HOME_DIR => 5,
CANNOT_SET_QUOTA => 6,
CANNOT_CREATE_RSNAPSHOT_CONFIGURATION => 7,
};
Testing
Requirements
- A sandbox of the prov-backup-rsnapshot deamon:
cd /var/work git clone --recursive https://github.com/stepping-stone/prov-backup-rsnapshot.git cd /var/work/prov-backup-rsnapshot/Provisioning/etc/Provisioning/ ln -s ../../../etc/Provisioning/Backup/ Backup cd /var/work/prov-backup-rsnapshot/Provisioning/lib/Provisioning/ ln -s ../../../lib/Provisioning/Backup/ Backup
- A test configuration
cd /var/work/prov-backup-rsnapshot/Provisioning/etc/Provisioning/Backup/ cp -p Rsnapshot.conf.template Rsnapshot_test.conf vi Rsnapshot_test.conf
Update the Database section accordingly
Test the daemon
- The daemon is running on the Backup-Server VM (kvm-0036)
- Open a terminal and login to the Backup-Server VM
-
tail -f /var/log/syslog/provisioning.log
- Open a second terminal and login to the Backup-Server VM
- Make sure the directory /root/data exists, if not create it
- Create an online backup account by executing the test script:
-
/var/work/prov-backup-rsnapshot/bin/createBackupAccountLDIF.pl --uid 3724300
- The test script currently supports the following options:
- --uid <UID>: Mandatory option, the backup accounts uid
- --reseller <UID>: Optional, sets sstBelongsToResellerUID (default 4000000)
- --customer <UID>: Optional, sets sstBelongsToCustomerUID (default 4000001)
- --people <UID>: Optional, sets sstBelongsToPersonUID (default 4000002)
- --givenname <Name>: Optional, sets the givenname attribute (default "Givenname")
- --surname <Name>: Optional, sets the sn attribute (defualt "Surname")
- Load the generated LDIF (you find them under /root/data) step by step into the LDAP and observe what the deamon is doing in the first terminal:
-
/root/loadOpenLDAPsingleLDIF.sh /root/data/01_add_3724300.ldif
-
/root/loadOpenLDAPsingleLDIF.sh /root/data/02_modify_3724300.ldif
-
/root/loadOpenLDAPsingleLDIF.sh /root/data/03_delete_3724300.ldif
-
/root/loadOpenLDAPsingleLDIF.sh /root/data/04_remove_3724300.ldif
-
