From 2b8bf5ce1c4b55ac526d170cb09268cd8c41d474 Mon Sep 17 00:00:00 2001 From: LecygneNoir Date: Sun, 31 Jan 2016 21:20:10 +0100 Subject: [PATCH] ovzdb: create playbook to configure openvz-diff-backup, update README and host_vars example accordingly --- README.md | 27 ++++ host_vars/localhost.example | 12 ++ ovzdb.yml | 8 ++ ...diff-backups-hook-OVZDB_WRITE_ERROR_REPORT | 70 ++++++++++ roles/ovzdb/tasks/main.yml | 122 ++++++++++++++++++ .../templates/openvz-diff-backups.conf.j2 | 13 ++ 6 files changed, 252 insertions(+) create mode 100644 ovzdb.yml create mode 100644 roles/ovzdb/files/openvz-diff-backups-hook-OVZDB_WRITE_ERROR_REPORT create mode 100644 roles/ovzdb/tasks/main.yml create mode 100644 roles/ovzdb/templates/openvz-diff-backups.conf.j2 diff --git a/README.md b/README.md index 6f59811..66529f2 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,16 @@ roles * Configure xymon client and add the client in xymon server configuration to allow fetch data * **Note** : Using xymon-client tag needs a working xymon-server (whenever the server was installed with the playbook or not) * Cloud be (theoretically, to be tested) used to update xymon server binaries to last stable release +* ovzdb + * http://projets.developpeur-neurasthenique.fr/projects/openvz-diff-backups + * Install openvz-diff-backup to an openvz host to backup container + * enable update of openvz-diff-backup thanks to 0.9.4 version + * enable backup AND upload feature via cron + * enable purge feature via cron + * enable customization of configuration file + * use standard installation method (conf in /etc, link binary to /usr/local/bin) + * provide bonus hook to create files when problems occurs (additionnally to send emails), allowing monitoring with standard tool (ie xymon and else) + example host file ===== @@ -117,6 +127,23 @@ monitoring_section: dns ## Name of the page to use in xymon server webpage tree monitoring_ip: xxx.xxx.xxx.xxx ## IP address of the client to add in server (mandatory) xymon_checks: "#" ## Checks to use for this client. Default '#' do a simple ping check +#ovzdb +## You can duplicate backup locally and remotely +## by using openvz host as backup_server and +## remote server as upload_server +## I advice to customize cron hour to have +## backup, then purge, then upload +backup_server: xxx.xxx.xxx.xxx +backup_dir: "/var/lib/vz/backups/OpenVZ/" +backup_minute: 10 +backup_hour: 02 +purge_minute: 10 +purge_hour: 03 +upload_server: yyy.yyy.yyy.yyy +upload_dir: "/var/lib/vz/backups/OpenVZ/" +upload_minute: 10 +upload_hour: 05 +admin_email: "your_email@example.com" # vim: set textwidth=0 ft=yaml: diff --git a/host_vars/localhost.example b/host_vars/localhost.example index 6d98f53..2ff6b17 100644 --- a/host_vars/localhost.example +++ b/host_vars/localhost.example @@ -45,5 +45,17 @@ wallabag_db_username: wallabag wallabag_db_password: (required) wallabag_db_database: wallabag +#ovzdb +backup_server: 192.168.1.2 +backup_dir: "/var/lib/vz/backups/OpenVZ/" +backup_minute: 10 +backup_hour: 02 +purge_minute: 10 +purge_hour: 03 +upload_server: 192.168.1.1 +upload_dir: "/var/lib/vz/backups/OpenVZ/" +upload_minute: 10 +upload_hour: 05 +admin_email: "configz@github.com" # vim: set textwidth=0 ft=yaml: diff --git a/ovzdb.yml b/ovzdb.yml new file mode 100644 index 0000000..8764974 --- /dev/null +++ b/ovzdb.yml @@ -0,0 +1,8 @@ +--- + +- name: Install and configure open-vz-diff-backup + hosts: all + user: root + gather_facts: yes + roles: + - ovzdb diff --git a/roles/ovzdb/files/openvz-diff-backups-hook-OVZDB_WRITE_ERROR_REPORT b/roles/ovzdb/files/openvz-diff-backups-hook-OVZDB_WRITE_ERROR_REPORT new file mode 100644 index 0000000..6fce6e5 --- /dev/null +++ b/roles/ovzdb/files/openvz-diff-backups-hook-OVZDB_WRITE_ERROR_REPORT @@ -0,0 +1,70 @@ +#!/bin/bash -fu + +# +# Hook to write file report instead of sending email +# + +CONFIG_HOST="$1" +CONFIG_PATH="$2" +CONFIG_TASK="$3" +CONFIG_DATE="$4" +CONFIG_FILE="$5" + +HOOK_NAME="$6" +HOOK_TYPE="$7" +HOOK_TASK="$8" +HOOK_CTID="$9" + +# --- + +source "$CONFIG_FILE" + +if [[ "$CONFIG_TASK" == "openvz-diff-backup" ]]; then + LOG_FILE="$CONFIG_PATH/var/log/ovzdb.log" +else + LOG_FILE="$CONFIG_PATH/var/log/ovzdb_${CONFIG_TASK}.log" +fi + +# --- + +if [[ -n "${!LOG_FILE[@]}" ]] && [[ -f "$LOG_FILE" ]]; then + # --- Set report file + + REPORT_FILE="$SERVER_TMP_DIR/${CALLER_TASK}_${HOOK_TASK}_${HOOK_CTID}_error-report.flag" + + # --- Splash + + echo " +###################################### +# Error report - openvz-diff-backups # +###################################### + +Oops, something went wrong. *Read this report or a kitten will die*. + +(please, do not panic and fill a bug report if necessary)" >> "$REPORT_FILE" + + # --- Create report + + echo -e "\n# --- $LOG_FILE\n" >> "$REPORT_FILE" + + if [[ -s "$LOG_FILE" ]]; then + tac "$LOG_FILE" | grep -B 8192 -P -m 1 "\s*Info\s*\-\s*openvz\-diff\-backups\s*\d\.\d\.\d" | tac >> "$REPORT_FILE" + fi + + echo -e "\n# --- /var/log/vzctl.log\n" >> "$REPORT_FILE" + + if [[ -s "/var/log/vzctl.log" ]]; then + tail -n 50 "/var/log/vzctl.log" >> "$REPORT_FILE" + fi + + echo -e "\n# --- /var/log/kern.log\n" >> "$REPORT_FILE" + + if [[ -s "/var/log/kern.log" ]]; then + tail -n 50 "/var/log/kern.log" >> "$REPORT_FILE" + fi + + + # --- Exit + + exit 0 +fi diff --git a/roles/ovzdb/tasks/main.yml b/roles/ovzdb/tasks/main.yml new file mode 100644 index 0000000..a052a73 --- /dev/null +++ b/roles/ovzdb/tasks/main.yml @@ -0,0 +1,122 @@ +--- +### Task dedicated to install ovzdb ### +### ref http://projets.developpeur-neurasthenique.fr/projects/openvz-diff-backups ### + +## Check openvz hypervisor +- name: check server is openvz hypervisor + fail: msg="You are trying to install on a non-openvz hypervisor, exiting..." + tags: + - backup + when: ansible_virtualization_type != 'openvz' and ansible_virtualization_role !='host' + +#### Download and extract openvz-diff-backup #### +- name: install openvz-diff-backups - prerequisite + apt: pkg={{item}} state=present update_cache=yes + tags: + - backup + with_items: + - dnsutils + - libpcre3 + - rsync + - bc + - uuid-runtime + - pbzip2 + +## TODO : possibility to reduce to one task with ansible 2.0 +## Ref : option src de http://docs.ansible.com/ansible/unarchive_module.html +- name: install openvz-diff-backups - download + get_url: + url=http://download.openvz-diff-backups.fr/releases/openvz-diff-backups_v0.9.4-beta.tar.gz + dest=/tmp/openvz-diff-backup.tar.gz + force=yes + tags: + - backup + +- name: install openvz-diff-backups - untar + unarchive: src=/tmp/openvz-diff-backup.tar.gz dest=/root/ copy=no + tags: + - backup + +#### Configure openvz-diff-backups #### +- name: install openvz-diff-backups - link to simple directory + file: + src=/root/openvz-diff-backups_v0.9.4-beta + path=/root/openvz-diff-backups + state=link + tags: + - backup + +- name: install openvz-diff-backups - upload conf file + template: src=openvz-diff-backups.conf.j2 dest=/etc/openvz-diff-backups.conf + tags: + - backup + +- name: install openvz-diff-backups - create symlink to usr/local/bin + file: + src=/root/openvz-diff-backups/openvz-diff-backups + path=/usr/local/bin/openvz-diff-backups + state=link + tags: + - backup + +- name: install openvz-diff-backups - update to latest release - CAN TAKE A WHILE + shell: /usr/local/bin/openvz-diff-backups update all install -c /etc/openvz-diff-backups.conf;/usr/local/bin/openvz-diff-backups update all check -c /etc/openvz-diff-backups.conf + register: result + until: result.stdout.find("your release is up to date") != -1 + retries: 10 + tags: + - backup + +- name: install openvz-diff-backups - cron for dump + cron: name="backup container with openvz-diff-backups" minute="{{ backup_minute }}" hour="{{ backup_hour }}" job='/usr/local/bin/openvz-diff-backups backup all auto -q -c /etc/openvz-diff-backups.conf> /dev/null' + tags: + - backup + +- name: install openvz-diff-backups - cron for purge + cron: name="purge ct backups with openvz-diff-backups" minute="{{ purge_minute }}" hour="{{ purge_hour }}" job='/usr/local/bin/openvz-diff-backups delete all 7- -q -c /etc/openvz-diff-backups.conf > /dev/null' + tags: + - backup + +- name: install openvz-diff-backups - cron for replicate + cron: name="upload ct backups with openvz-diff-backups" minute="{{ upload_minute }}" hour="{{ upload_hour }}" job='/usr/local/bin/openvz-diff-backups replicate all 0- -q -c /etc/openvz-diff-backups.conf > /dev/null' + tags: + - backup + +- name: install openvz-diff-backups - check and generate rsa key on server + user: name=root generate_ssh_key=yes ssh_key_bits=4096 + tags: + - backup + +- name: install openvz-diff-backups - get rsa key on the server + shell: /bin/cat /root/.ssh/id_rsa.pub + register: server_key + ignore_errors: false + tags: + - backup + +- name: install openvz-diff-backups - install ssh key to backup server + authorized_key: user=root key='{{ server_key.stdout }}' + tags: + - backup + delegate_to: "{{ backup_server }}" + +- name: install openvz-diff-backups - install ssh key to upload server + authorized_key: user=root key='{{ server_key.stdout }}' + tags: + - backup + delegate_to: "{{ upload_server }}" + +## Hook to create files to monitoring for openvz-diff-backups +- name: monitoring for openvz-diff-backups - upload hook script + copy: src=openvz-diff-backups-hook-OVZDB_WRITE_ERROR_REPORT dest=/root/openvz-diff-backups/etc/hooks/OVZDB_WRITE_ERROR_REPORT mode=0755 + tags: + - backup + +- name: monitoring for openvz-diff-backups - activate hook + file: + src=/root/openvz-diff-backups/etc/hooks/OVZDB_WRITE_ERROR_REPORT + path=/root/openvz-diff-backups/etc/hooks/hook-failure + state=link + tags: + - backup + diff --git a/roles/ovzdb/templates/openvz-diff-backups.conf.j2 b/roles/ovzdb/templates/openvz-diff-backups.conf.j2 new file mode 100644 index 0000000..92a43ce --- /dev/null +++ b/roles/ovzdb/templates/openvz-diff-backups.conf.j2 @@ -0,0 +1,13 @@ +EMAIL_ADDRESS="{{ admin_email }}" +MD5_SOURCE_HASH="snapshot" +MD5_BACKUP_HASH="yes" +MD5_UPLOAD_HASH="yes" +MD5_TARGET_HASH="yes" +KICK_VZCTL_PROCESS="yes" +SERVER_VZCONF_DIR="/etc/vz/conf" +SERVER_TMP_DIR="/tmp" +SERVER_TMPFS_SIZE="auto" +BACKUP_SSH_PATH="root@{{ backup_server }}:{{ backup_dir }}" +BACKUP_SKIP_STOPPED_CONTAINERS="all" +UPLOAD_SKIP_HOSTS=other +UPLOAD_SSH_PATH="root@{{ upload_server }}:{{ upload_dir }}"