Managing SSH chroots to backup a lot of machines
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Victor Laborie ee34be5fec btrfs is now in /bin il y a 1 semaine
docs Add doc for Debian packaging il y a 6 mois
test Add bats test for generate jails with different times il y a 6 mois
tpl Use touch instead of lastlog in sshrc il y a 1 an
.gitignore Add a Vagrantfile for test with Vagrant il y a 9 mois
LICENSE fix file name il y a 1 an Convert bkctld man page in a markdown file il y a 6 mois
Vagrantfile Check if disk is mounted in bkctld check il y a 1 semaine
bash_completion Add stats subcommands il y a 6 mois
bkctld btrfs is now in /bin il y a 1 semaine
bkctld.conf Add stats subcommands il y a 6 mois
bkctld.sysvinit Extract debian dir from ustream repo il y a 1 an
zzz_evobackup Add clusterized elasticsearch snapshots il y a 3 semaines

Bkctld (aka evobackup)

Bkctld is a shell script to create and manage a backup server which will handle the backup of many servers (clients). Licence is AGPLv3.

The main principle uses SSH chroot (called “jails” in the FreeBSD world) for each client to backup. Each client will upload his data every day using rsync in his chroot (using root account). Incrementals are stored outside of the chroot using hard links or btrfs snapshots. (So incrementals are not available for clients). Using this method we can keep tens of backup of each client securely and not using too much space.

                                    Backup server
Server 1 ------ SSH/rsync ------->  * tcp/2222 *
                                    *          *
Server 2 ------ SSH/rsync ------->  * tcp/2223 *

This method uses standard tools (ssh, rsync, cp -al, btrfs subvolume). EvoBackup is used for many years by Evolix for back up each day hundreds of servers which uses many terabytes of data.

bkctld was test on Debian Jessie. It can be compatible with other Debian version or derivated distribution like Ubuntu or Debian Wheezy.

A big size volume must be mount on /backup, we recommend usage of btrfs for subvolume and snapshot fonctionnality. This volume can be encrypted by luks for security reason.


A Debian package is available in Evolix repository

echo " jessie/" >> /etc/apt/sources.list
apt update
apt install bkctld

Chroot dependency

Chroot jail use part of this package

apt install bash coreutils sed dash mount rsync openssh-server openssh-sftp-server libc6-i386 libc6

Install cron for incremental backup

Edit root crontab

crontab -e

Add this ligne

30 10 * * * /usr/sbin/bkctld inc && /usr/sbin/bkctld rm

Notes : If you want mutiples backups in a day (1 by hour maximum) you can run bkctld inc multiples times If you want keep incremental backup for ever, you just need don’t run bkctld rm


You can deploy tests environmments with Vagrant :

vagrant up


Launch rsync-auto in a terminal for automatic synchronisation of your local code with Vagrant VM :

vagrant rsync-auto


You can run bats test with test provisionner :

vagrant provision --provision-with test


See docs/

Man page, in roff language, can be generated with pandoc :

pandoc -f markdown -t man --template -V title=bkctld -V section=8 -V date="$(date '+%d %b %Y')" -V footer="$(git describe --tags)" -V header="bkctld man page"

Client configuration

You can save various systems on evobackup jail : Linux, BSD, Windows, MacOSX. Only prequisites is rsync command.

rsync -av -e "ssh -p SSH_PORT" /home/ root@SERVER_NAME:/var/backup/home/

An example script is present in zzz_evobackup, clone evobackup repo and read CLIENT CONFIGURATION section of the manual.

git clone
cd evobackup
man ./docs/bkctld.8