stoney backup: prov-backup-rsnapshot

From stoney cloud
Revision as of 16:41, 19 August 2013 by Pat (Talk | contribs)


Jump to: navigation, search

Overview

This pages contains all necessary information one needs to know about the prov-backup-rsnapshot daemon.

ToDos

The daemon calls a script which is configurable (see [[]]) to create the chroot environment. Currently this script only creates the home directory for the user. In future this script should create the whole chroot environment. The script must be executable: <script>/path/to/script.sh<script> must execute the script. The deamon reacts according to the exit code of the script:

  • 0: everything is OK, daemon continues
  • > 0: there was an error, daemon does not continue

So the script must have something like:

if error then;
  exit 1
fi;
 
exit 0

Configuration

# Copyright (C) 2013 stepping stone GmbH
#                    Switzerland
#                    http://www.stepping-stone.ch
#                    support@stepping-stone.ch
#
# Authors:
#  Pat Kläy <pat.klaey@stepping-stone.ch>
#  
# Licensed under the EUPL, Version 1.1.
#
# You may not use this work except in compliance with the
# Licence.
# You may obtain a copy of the Licence at:
#
# http://www.osor.eu/eupl
#
# Unless required by applicable law or agreed to in
# writing, software distributed under the Licence is
# distributed on an "AS IS" basis,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
# express or implied.
# See the Licence for the specific language governing
# permissions and limitations under the Licence.
#


[Global]
# If true the script logs every information to the log-file.
LOG_DEBUG = 1

# If true the script logs additional information to the log-file.
LOG_INFO = 1

#If true the script logs warnings to the log-file.
LOG_WARNING = 1

#If true the script logs errors to the log-file.
LOG_ERR = 1

ENVIRONMENT = pat-GT60
 
[Database]
BACKEND = LDAP
SERVER = ldaps://ldapm.tombstone.ch
PORT = 636
ADMIN_USER = cn=Manager,dc=foss-cloud,dc=org
ADMIN_PASSWORD = <PASSWORD>
SERVICE_SUBTREE = ou=accounts,ou=backup,ou=services,dc=foss-cloud,dc=org
COOKIE_FILE = /home/pat/repos/stepping-stone/prov-backup-rsnapshot/prov-backup-rsnapshot/etc/Provisioning/Backup/rsnapshot.cookie
DEFAULT_COOKIE = rid=001,csn=
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))

[Service]
MODUS = selfcare
TRANSPORTAPI = LocalCLI
SERVICE = Backup
TYPE = Rsnapshot

SYSLOG = Backup-Rsnapshot

[Gateway]
HOST = localhost
USER = provisioning
DSA_FILE = none

[Backup]
RSNAPSHOT_CONFIG_FILE = /etc/rsnapshot/rsnapshot.conf.%uid%
SET_QUOTA_CMD = /usr/sbin/setquota
CREATE_CHROOT_CMD = /root/createDummyBackupDirectory.sh
MOUNTPOINT = /

Communication with LDAP

The daemon "communicates" with the LDAP to let other processes know its current state. The important attributes therefore are sstProvisioningMode and sstProvisioningState in the given Backup-Account entry. The sequence is defined for adding, modifying or deleting an entry. The preconditions for all three modi are:

  • sstProvisioningMode is set to add, modify or delete
  • sstProvisioningState is set to 0
  • sstProvisioningDate is set to 0 or the current date (format: YYYYMMDD)

Add

Precondition

...
sstProvisioningMode: add
sstProvisioningState: 0
sstProvisioningDate: 0
...

Step 1

...
sstProvisioningMode: adding
sstProvisioningState: 0
sstProvisioningDate: 0
...

Now the prov-backup-rsnapshot daemon works on the given entry.

Step 2

As soon as the prov-backup-rsnapshot daemon finished working on the given entry:

...
sstProvisioningMode: added
sstProvisioningState: YYYYMMDDThhmmssZ
sstProvisioningDate: 0
...

Modify

Precondition

...
sstProvisioningMode: modify
sstProvisioningState: 0
sstProvisioningDate: 0
...

Step 1

...
sstProvisioningMode: modifying
sstProvisioningState: 0
sstProvisioningDate: 0
...

Now the prov-backup-rsnapshot daemon works on the given entry.

Step 2

As soon as the prov-backup-rsnapshot daemon has finished working on the given entry:

...
sstProvisioningMode: modified
sstProvisioningState: YYYYMMDDThhmmssZ
sstProvisioningDate: 0
...

Delete

Precondition

...
sstIsActive: FALSE
sstProvisioningMode: delete
sstProvisioningState: 0
sstProvisioningDate: 0
...

Step 1

...
sstProvisioningMode: deleting
sstProvisioningState: 0
sstProvisioningDate: 0
...

Now the prov-backup-rsnapshot daemon works on the given entry.

Step 2

As soon as the prov-backup-rsnapshot daemon finished working on the given entry:

...
sstProvisioningMode: deleted
sstProvisioningState: YYYYMMDDThhmmssZ
sstProvisioningDate: 0
...

Source Code

Exit Codes

The following list defines the return codes and their meaning for the ...:

use constant
{
    SUCCESS                                 => 0,
    UNDEFINED_ERROR                         => 1,
    USER_NOT_PRESENT_IN_BACKEND             => 2,
    PERL_VERSION_NOT_STATISFIED             => 3,
    CANNOT_CHECK_HOME_DIR_PRESENCE          => 4,
    CANNOT_CREATE_HOME_DIR                  => 5,
    CANNOT_SET_QUOTA                        => 6,
    CANNOT_CREATE_RSNAPSHOT_CONFIGURATION   => 7,
};

Testing

Requirements

  • A sandbox of the prov-backup-rsnapshot deamon:
cd /var/work
git clone --recursive https://github.com/stepping-stone/prov-backup-rsnapshot.git
cd /var/work/prov-backup-rsnapshot/Provisioning/etc/Provisioning/
ln -s ../../../etc/Provisioning/Backup/ Backup
cd /var/work/prov-backup-rsnapshot/Provisioning/lib/Provisioning/
ln -s ../../../lib/Provisioning/Backup/ Backup
  • A test configuration
cd /var/work/prov-backup-rsnapshot/Provisioning/etc/Provisioning/Backup/
cp -p Rsnapshot.conf.template Rsnapshot_test.conf
vi Rsnapshot_test.conf

Update the Database section accordingly

Test the daemon

  • The daemon is running on the Backup-Server VM (kvm-0036)
    • Open a terminal and login to the Backup-Server VM
    • tail -f /var/log/syslog/provisioning.log
  • Open a second terminal and login to the Backup-Server VM
    • Make sure the directory /root/data exists, if not create it
    • Create an online backup account by executing the test script:
    • /var/work/prov-backup-rsnapshot/bin/createBackupAccountLDIF.pl --uid 3724300
    • The test script currently supports the following options:
      • --uid <UID>: Mandatory option, the backup accounts uid
      • --reseller <UID>: Optional, sets sstBelongsToResellerUID (default 4000000)
      • --customer <UID>: Optional, sets sstBelongsToCustomerUID (default 4000001)
      • --people <UID>: Optional, sets sstBelongsToPersonUID (default 4000002)
      • --givenname <Name>: Optional, sets the givenname attribute (default "Givenname")
      • --surname <Name>: Optional, sets the sn attribute (defualt "Surname")
    • Load the generated LDIF (you find them under /root/data) step by step into the LDAP and observe what the deamon is doing in the first terminal:
      • /root/loadOpenLDAPsingleLDIF.sh /root/data/01_add_3724300.ldif
      • /root/loadOpenLDAPsingleLDIF.sh /root/data/02_modify_3724300.ldif
      • /root/loadOpenLDAPsingleLDIF.sh /root/data/03_delete_3724300.ldif
      • /root/loadOpenLDAPsingleLDIF.sh /root/data/04_remove_3724300.ldif