Managing SSH chroots to backup a lot of machines
Go to file
Victor LABORIE 958eeb8776 Use absolute PATH for btrfs command
* Because command -v fail in some cases
2018-07-04 14:48:36 +02:00
docs Add doc for Debian packaging 2018-05-30 15:22:17 +02:00
test Add bats test for generate jails with different times 2018-05-30 18:33:36 +02:00
tpl Use touch instead of lastlog in sshrc 2017-08-30 17:24:45 +02:00
.gitignore Add a Vagrantfile for test with Vagrant 2018-03-05 14:15:23 +01:00
LICENSE fix file name 2017-08-05 17:33:00 -04:00
README.md Convert bkctld man page in a markdown file 2018-05-30 15:21:54 +02:00
Vagrantfile Add stats subcommands 2018-06-13 15:22:21 +02:00
bash_completion Add stats subcommands 2018-06-13 15:22:21 +02:00
bkctld Use absolute PATH for btrfs command 2018-07-04 14:48:36 +02:00
bkctld.conf Add stats subcommands 2018-06-13 15:22:21 +02:00
bkctld.sysvinit Extract debian dir from ustream repo 2017-01-19 15:02:11 +01:00
zzz_evobackup Modification commentaire 2018-04-05 16:24:18 +02:00

README.md

Bkctld (aka evobackup)

Bkctld is a shell script to create and manage a backup server which will handle the backup of many servers (clients). Licence is AGPLv3.

The main principle uses SSH chroot (called "jails" in the FreeBSD world) for each client to backup. Each client will upload his data every day using rsync in his chroot (using root account). Incrementals are stored outside of the chroot using hard links or btrfs snapshots. (So incrementals are not available for clients). Using this method we can keep tens of backup of each client securely and not using too much space.

                                    Backup server
                                    ************
Server 1 ------ SSH/rsync ------->  * tcp/2222 *
                                    *          *
Server 2 ------ SSH/rsync ------->  * tcp/2223 *
                                    ************

This method uses standard tools (ssh, rsync, cp -al, btrfs subvolume). EvoBackup is used for many years by Evolix for back up each day hundreds of servers which uses many terabytes of data.

bkctld was test on Debian Jessie. It can be compatible with other Debian version or derivated distribution like Ubuntu or Debian Wheezy.

A big size volume must be mount on /backup, we recommend usage of btrfs for subvolume and snapshot fonctionnality. This volume can be encrypted by luks for security reason.

Install

A Debian package is available in Evolix repository

echo "http://pub.evolix.net/ jessie/" >> /etc/apt/sources.list
apt update
apt install bkctld

Chroot dependency

Chroot jail use part of this package

apt install bash coreutils sed dash mount rsync openssh-server openssh-sftp-server libc6-i386 libc6

Install cron for incremental backup

Edit root crontab

crontab -e

Add this ligne

30 10 * * * /usr/sbin/bkctld inc && /usr/sbin/bkctld rm

Notes : If you want mutiples backups in a day (1 by hour maximum) you can run bkctld inc multiples times If you want keep incremental backup for ever, you just need don't run bkctld rm

Test

You can deploy tests environmments with Vagrant :

vagrant up

Deployment

Launch rsync-auto in a terminal for automatic synchronisation of your local code with Vagrant VM :

vagrant rsync-auto

Bats

You can run bats test with test provisionner :

vagrant provision --provision-with test

Usage

See docs/usage.md.

Man page, in roff language, can be generated with pandoc :

pandoc -f markdown -t man usage.md --template default.man -V title=bkctld -V section=8 -V date="$(date '+%d %b %Y')" -V footer="$(git describe --tags)" -V header="bkctld man page"

Client configuration

You can save various systems on evobackup jail : Linux, BSD, Windows, MacOSX. Only prequisites is rsync command.

rsync -av -e "ssh -p SSH_PORT" /home/ root@SERVER_NAME:/var/backup/home/

An example script is present in zzz_evobackup, clone evobackup repo and read CLIENT CONFIGURATION section of the manual.

git clone https://forge.evolix.org/evobackup.git
cd evobackup
man ./docs/bkctld.8