(added Img20.png to passwords section) |
|||
Line 89: | Line 89: | ||
* Set /etc/bacula/bacula-dir passwords | * Set /etc/bacula/bacula-dir passwords | ||
[[File:Img20.png]] | |||
<pre></pre> | <pre></pre> | ||
Revision as of 09:19, 7 March 2010
Bacula basic configuration
Description
Bacula is an enterprise-grade backup utility. This HowTo explains how to set up bacula
on Fedora while respecting Fedora's configuration way.
Applicable to Fedora Versions
- Fedora 12
Requirements
Bacula supports a few database backends, so, you will need to choose one. On this document, I will choose the mysql backend. Clients do not need a database backend.
Also, you will need to decide which console(s) you want and configure them. I will choose the commandline console.
Storage, database and director could be distributed but, in this case, everything will be managed on the same server.
Server requirements
bacula-common
bacula-console
bacula-director-common
bacula-director-mysql
bacula-sysconfdir
bacula-storage-common
bacula-storage-mysql
mysql-server
Client's requirements
bacula-client
Concepts and definitions
Basic description of bacula
The basic system comprises three components: the director, the file daemon and the storage daemon. To take them in reverse order, the storage daemon takes data from the file daemon and stores it wherever directed. The file daemon gets the data (files) to be backed up and passes it to the storage daemon. The director then does the rest of the work; that is, defines the task to be performed and the schedule for them to be performed. The basic unit for a backup is the job. This describes what is to be backed-up, when it is to occur and where the data is to be stored.
Some definitions
Volume - basic unit of storage, e.g. a tape, a dvd, a file on a hard drive.
Pool - a collection of volumes, usually used for the same purpose.
FileSet - the files to be backed up.
Job - the overall definition of the work to be performed.
Catalogue - storage area for information about all jobs that have run.
Full Backup - every file in the FileSet is to be copied.
Incremental - a backup that contains all files that have changed since the last full, differential or incremental backup.
Differential - a backup that contains all files that have changed since the last full backup.
Configuration files
To configure each component there is a .conf file in /etc/bacula. Each file defines the interconnectivity with the others, so you need make sure all the passwords agree one with another (you'll see what I mean when you look at the details). bacula-sd.conf defines the storage devices that you want to use, and bacula-fd.conf merely defines itself. The main work is done in bacula-dir.conf, which sets up the everything else. The configuration files are used to define those components that are to be run automatically: ad-hoc jobs can be run through the console.
Workflow
The method of operation for bacula is that the requisite data is stored on Volumes, which are essentially container files stored on differing media. These volumes are organized into Pools in a many to one relationship. Filesets are the collections of files that you want to backup using the same volumes. The timing for preforming backups are defined using Schedules, and all these are tied together as jobs, which define the pool (and hence volumes) to be used to create backups of the files defined within a fileset at a particular schedule.
Doing the Work
Configuring the server
- Install mysql-server:
su -c 'yum install mysql-server'
- Install the relevant bacula packages
su -c 'yum install bacula-common \ bacula-console bacula-director-common \ bacula-director-mysql bacula-storage-common \ bacula-storage-mysql bacula-sysconfdir'
- Start the mysql server
su -c 'service mysql start'
- Grant privileges to the bacula user
su -c '/usr/libexec/bacula/grant_mysql_privileges'
- Create the database
su -c '/usr/libexec/bacula/create_mysql_database'
- Create the necessary tables
su -c '/usr/libexec/bacula/make_mysql_tables'
- Add a strong password to the bacula user
su -c 'mysql -u root' UPDATE mysql.user SET Password=PASSWORD('Somes7r0nGp4s5wrD') WHERE User='bacula'; FLUSH PRIVILEGES;
- Set /etc/bacula/bacula-dir passwords
- Configure bacula's mysql user on the /etc/bacula/bacula-dir.conf
Catalog { Name = MyCatalog dbname = "bacula"; dbuser = "bacula"; dbpassword = "" }
to:
Catalog { Name = MyCatalog dbname = "bacula"; dbuser = "bacula"; dbpassword = "Somes7r0nGp4s5wrD" }
- Set /etc/bacula/bacula-fd passwords
- Set /etc/bacula/bacula-sd passwords
+ Open up the relevant iptables port
su -c 'iptables -A INPUT -m state --state NEW -m tcp \ -p tcp --dport 9101 -j ACCEPT' su -c 'iptables -A INPUT -m state --state NEW -m tcp \ -p tcp --dport 9103 -j ACCEPT'
- Start the storage and dir services
su -c 'service start bacula-sd' su -c 'service start bacula-dir' su -c 'service start bacula-fd'
Configuring the clients
- Install the bacula client
su -c 'yum install bacula-client'
- Configure the client's and monitor's names, addresses and passwords. These ones need to be present in the server configuration so, keep track of the passwords and names.
# # Default Bacula File Daemon Configuration file # # For Bacula release 3.0.3 (18 October 2009) -- redhat # # There is not much to change here except perhaps the # File daemon Name to # # # List Directors who are permitted to contact this File daemon # Director { Name = bacula-dir Password = "fd_password" # change to a nice and strong password } # # Restricted Director, used by tray-monitor to get the # status of the file daemon # Director { Name = bacula-mon Password = "mon_fd_password" # change to a nice and strong password Monitor = yes } # # "Global" File daemon configuration specifications # FileDaemon { # this is me Name = bacula-fd FDport = 9102 # where we listen for the director WorkingDirectory = /var/spool/bacula Pid Directory = /var/run Maximum Concurrent Jobs = 20 } # Send all messages except skipped files back to Director Messages { Name = Standard director = bacula-dir = all, !skipped, !restored }
+ Open up the relevant firewall port; in this case, 9102
su -c 'iptables -A INPUT -m state --state NEW -m tcp \ -p tcp --dport 9102 -j ACCEPT'
Troubleshooting
How to test
Common problems and fixes
More Information
Disclaimer
I haven't had the opportunity to test this HowTo since I lack of a networked PC to do it, so you may run into problems, if you do, come to #fedora on irc.freenode.net or leave me messages so I know what's up. Feel free to propose changes and stuff.