kunsi
/
bundlewrap
1
0
Fork 0
Code Issues 2 Pull Requests 1 Releases Activity

bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
bundlewrap/pipeline/head This commit looks good Details

This commit is contained in:
Franzi 2021-05-15 20:32:23 +02:00
parent 93e36156a0
commit 479b730be4
Signed by: kunsi
GPG Key ID: 12E3D2136B818350
11 changed files with 96 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
bundles/backup-client/items.py
View File

@ -1,5 +1,22 @@
from os.path import join
if node.has_bundle('zfs'):
wanted_paths = node.metadata.get('backups/paths', set())
snapshot_paths = node.metadata.get('zfs/filesystems_with_backup_snapshots', {})
backup_paths = set()
for path in wanted_paths:
path_found = False
for zfs_paths in snapshot_paths.values():
if path in zfs_paths:
backup_paths.add(f'/mnt/backup-snapshot{path}')
path_found = True
if not path_found:
backup_paths.add(path)
else:
backup_paths = node.metadata.get('backups/paths', set())
if node.metadata.get('backups/exclude_from_backups', False):
files['/etc/backup.priv'] = {
'delete': True,
@ -17,7 +34,7 @@ else:
'username': node.metadata['backup-client']['user-name'],
'server': server,
'port': port,
'paths': node.metadata.get('backups/paths', {}),
'paths': backup_paths,
},
'mode': '0700',
}

11
bundles/influxdb2/items.py
View File

@ -11,6 +11,17 @@ directories = {
},
}
files = {
'/etc/zfs-snapshot-backup-pre.d/50-influxdb': {
'content': '#!/bin/sh\nsystemctl stop influxdb',
'mode': '0755',
},
'/etc/zfs-snapshot-backup-post.d/50-influxdb': {
'content': '#!/bin/sh\nsystemctl start influxdb',
'mode': '0755',
},
}
svc_systemd = {
'influxdb': {

5
bundles/influxdb2/metadata.py
View File

@ -15,6 +15,11 @@ defaults = {
},
},
},
'backups': {
'paths': {
'/var/lib/influxdb',
},
},
'icinga2_api': {
'telegraf': {
'services': {

8
bundles/postgresql/items.py
View File

@ -60,9 +60,7 @@ files = {
},
}
# FIXME currently we do not have a mechanism to use snapshot-backups of
# zfs datasets.
if node.has_bundle('backup-client'): # and not node.has_bundle('zfs'):
if node.has_bundle('backup-client') and not node.has_bundle('zfs'):
files['/etc/backup-pre-hooks.d/90-postgresql-dump-all'] = {
'source': 'backup-pre-hook',
'content_type': 'mako',
@ -72,6 +70,10 @@ if node.has_bundle('backup-client'): # and not node.has_bundle('zfs'):
'mode': '0700',
}
directories['/var/tmp/postgresdumps'] = {}
else:
files['/var/tmp/postgresdumps'] = {
'delete': True,
}
postgres_roles = {
'root': {

8
bundles/postgresql/metadata.py
View File

@ -2,9 +2,6 @@ defaults = {
'backups': {
'paths': {
'/var/lib/postgresql',
# FIXME
'/var/tmp/postgresdumps',
},
},
'bash_functions': {
@ -66,9 +63,8 @@ if node.has_bundle('zfs'):
},
},
}
# FIXME
#else:
# defaults['backups']['paths'].add('/var/tmp/postgresdumps')
else:
defaults['backups']['paths'].add('/var/tmp/postgresdumps')
@metadata_reactor.provides(

21
bundles/zfs/files/backup-pre-hook Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
set -euo pipefail
run-parts --exit-on-error -- /etc/zfs-snapshot-backup-pre.d
% for dataset in sorted(node.metadata.get('zfs/filesystems_with_backup_snapshots')):
if zfs get type ${dataset}@snapshot-backup >/dev/null 2>&1
then
zfs destroy -f ${dataset}@snapshot-backup
fi
zfs snapshot ${dataset}@snapshot-backup
mkdir -p /mnt/backup-snapshot${node.metadata['zfs']['datasets'][dataset]['mountpoint']}
mount -t zfs ${dataset}@snapshot-backup /mnt/backup-snapshot${node.metadata['zfs']['datasets'][dataset]['mountpoint']}
% endfor
run-parts --exit-on-error -- /etc/zfs-snapshot-backup-post.d

10
bundles/zfs/items.py
View File

@ -95,7 +95,11 @@ directories = {
"/etc/zfs-snapshot-backup-post.d": {
'purge': True,
},
"/etc/zfs-snapshot-backup-final.d": {
'purge': True,
},
}
if node.metadata.get('zfs/filesystems_with_backup_snapshots', {}) and node.has_bundle('backup-client'):
files['/etc/backup-pre-hooks.d/99-zfs-snapshots'] = {
'content_type': 'mako',
'source': 'backup-pre-hook',
'mode': '0755',
}

26
bundles/zfs/metadata.py
View File

@ -104,7 +104,9 @@ def zfs_scrub_cronjob(metadata):
}
@metadata_reactor
@metadata_reactor.provides(
'icinga2_api/zfs/services',
)
def monitoring(metadata):
if not node.has_bundle('sshmon'):
raise DoNotRunAgain
@ -129,3 +131,25 @@ def monitoring(metadata):
},
},
}
@metadata_reactor.provides(
'zfs/filesystems_with_backup_snapshots',
)
def backups_with_snapshot(metadata):
backups = metadata.get('backups/paths', set())
datasets = metadata.get('zfs/datasets', {})
backups_in_zfs_datasets = {}
for path in backups:
for dname, dconfig in datasets.items():
if 'mountpoint' in dconfig:
if path[:len(dconfig['mountpoint'])] == dconfig['mountpoint']:
backups_in_zfs_datasets.setdefault(dname, set()).add(path)
return {
'zfs': {
'filesystems_with_backup_snapshots': backups_in_zfs_datasets,
},
}

1
data/backup/keys/htz-cloud.influxdb.key.vault Normal file
View File

@ -0,0 +1 @@
encrypt$gAAAAABgoBM4n7eEwMxfav4200d5LoGyLsM67Ps9CCPBgjZjdsOpyQulbp2l4LIhWj1kljgrXZ_LnOaRUf3S8q7-drv3yEfG1d-cyK8vP7r8wkTcawaazM5XdhR8VkgxCyBCuOZmM1vvAmOwIMi1JiQcgiJ4G32ThS085onN3T9HvEu2a9sWYuOlk-yVUBpelqP97vbO6r2n3hn-62AC7Ww-Q_EQ_kcdDdJLOawNe1anJOsOeLb1XOlMIJWI74LZXfszsRi9LmxUpzaB4Gd_nzDLO1AZHD_GOf9UOeeab8PujwhQ4UhbEHCdB-uVH88LGCw25-6eiv0yA_kRulj7InA9sKRyBZ1okSF4Xhl-htez6XwBD6BuA_ly6ulSxWuoOV_qsCNiXhJYGTuKPJS0-wpLyeLb_PV1tlYOKZv3VK5a_EpCRa4fCdX7oj9pcA8ZQkQeFAx0P4b3oYkz8YkDiBINFdOLE177lC6Kuk33sLfsZBuoR7MSjHUtZHPOXUHu8pV0o0_YxxF5fBs6hyReXvCbZB18NikeH4Ki-RR5IE4ofTngf6dIQhCxp9u-cNs-mNP0GRKiYIBUInr9Udpr-ymXRq-7OvyTM92950ePm-qoqjbpVFA8HN057WfkW6N6DASRRa2HjqQJ

1
data/backup/keys/htz-cloud.influxdb.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFpAUytQ0ncucltODEr3MgcKF5U/6TS4zZG1OYJDIEQp kunsi@kunsi-t470.kunbox.net

4
nodes/htz-cloud/influxdb.py
View File

@ -31,10 +31,6 @@ nodes['htz-cloud.influxdb'] = {
},
},
},
'backups': {
# TODO enable this once we have zfs-snapshot-backups
'exclude_from_backups': True,
},
'grafana': {
'domain': 'grafana.kunsmann.eu',
'login_max_duration': '30d',