- Description
- Setup requirements
- Reference
- Bareos common
- Client/Filedaemon
- Console (bconsole)
- Director
- Monitor (Tray)
- Storage
- Web UI
- Hiera
- Limitations - OS compatibility, etc.
Bareos is a 100% open source fork of the backup project from bacula.org.
This puppet module configures and manage all aspects of an complex bareos installation. Unfortunately backups cannot be handled on an standard way, so this module tends to be flexible as possible. It is recommend to make familiar with the documentation of the configuration.
The bareos project is seperated into different parts which is reflected in this puppet module:
- Director - Heart of Bareos. The director manages all aspects of where, when and how to backup your systems.
- Client aka FileDaemon - Daemon which runs on the client to make backup of.
- Storage - An storage daemon which stores the backups.
- Console - Bconsole is an cli tool to work with the bareos director.
- Monitor - Tray Monitor
- WebUi - An Web Interface to work with the bareos director.
The module depends on the following puppet modules:
- Puppetlabs/stdlib - We use the following functions
delete_undef_values
anddowncase
. - Puppetlabs/concat - Only used for the
webui
configuration. - Puppetlabs/apt - Repository management for Debian based systems.
- Darin/zypprepo - Repository management for OpenSuSE/SLES
A good starting point is too look into the profile classes bareos::profile::director
,bareos::profile::storage
and bareos::profile::client
.
Please note, this is only the minimal subset of an bareos configuration. You may use only some of the default configurations such like the schedules, messages, filesets or profiles.
Note that Bareos >= 21 only supports postgresql
as a DB backend.
# Install and configure an Director Server
$storage_password = 'Password of the storage instance',
class { 'bareos::profile::director':
password => 'Password of the director instance itself',
catalog_conf => {
'db_name' => 'bareos_catalog',
'db_address' => '127.0.0.1',
'db_port' => 5432,
'db_user' => 'user',
'db_password' => 'password'
},
storage_address => 'localhost',
storage_password => $storage_password,
}
# add storage server to the same machine
class { 'bareos::profile::storage':
password => $storage_password,
archive_device => '/var/lib/bareos/storage',
}
# add the client to the config
::bareos::director::client { 'bareos-client':
description => 'Your fancy client to backup',
password => 'MyClientPasswordPleaseChange',
address => 'fqdn',
}
# Create an backup job by referencing to the jobDef template.
::bareos::director::job { 'backup-bareos-client':
job_defs => 'LinuxAll',
client => 'bareos-client', # which client to assign this job
}
# Install and configure an Client to backup
class { 'bareos::profile::client':
name_client => 'bareos-client',
password => 'MyClientPasswordPleaseChange',
}
All bareos configuration directives are reflected to an puppet define ressource. It has almost the following schema: bareos::component::directive.
There are only three exceptions were a class is used instead of an define: bareos::client::client
, bareos::director::director
and bareos::storage::storage
. They are only allowed to exist once a time in the bareos configuration.
While bareos has a lot of configuration settings, most of the documentation and available parameter are inside the puppet manifests. Please consult also the bareos documentation.
This puppet module tries to cover all aspects of (bareos) type validation on puppet catalog compilation through the puppet parser function bareos_settings
.
This class manages the bareos common package, user/group, repo and the base configuration directory.
This class will be automatically included when a resource is defined.
Here you can define various behaviours for your setup.
class { 'bareos':
repo_release => '16.2', # Highly recommend to fix your bareos release. Defaults to 'latest'
manage_repo => true, # use the internally shipped repo management
manage_user => true, # manage the bareos user and group (usually also created by the package)
manage_package => true, # setup the bareos-common packge
package_name => 'bareos-common', # change the common package name (can be an array as well),
package_ensure => present, # ensure all packages are present (affects all package components)
service_ensure => running, # ensure all services are running (affects all service components)
}
Class bareos::client
This class manages the bareos client (file-daemon) service, packages and configuration directory.
Parameters should be configured in the upper class ::bareos
.
This class will be automatically included when a resource is defined. It is not intended to be used directly by external resources like node definitions or other modules.
The Client Resource (or FileDaemon) resource defines the name of the Client (as used by the Director) as well as the port on which the Client listens for Director connections.
The Director resource defines the name and password of the Directors that are permitted to contact this Client.
The Messages resource defines how messages are to be handled and destinations to which they should be sent.
Class bareos::console
This class manages the bareos console (bconsole cli tool) package and configuration directory.
Parameters should be configured in the upper class ::bareos
.
This class will be automatically included when a resource is defined. It is not intended to be used directly by external resources like node definitions or other modules.
Usually not required to define. The bareos documentation is almost the same like in the director, but its unclear what it affects regarding the bconsole.
If someone has more information, feel free to add this info ;-).
The Director resource defines the attributes of the Director running on the network. You may have multiple Director resource specifications in a single Console configuration file. If you have more than one, you will be prompted to choose one when you start the Console program.
::bareos::console::director { 'bareos-dir':
description => 'Bareos console credentials for director connection',
address => 'fqdn/ip to director',
password => 'password',
}
Class bareos::director
This class manages the bareos director service, packages and configuration directory.
Parameters should be configured in the upper class ::bareos
.
This class will be automatically included when a resource is defined. It is not intended to be used directly by external resources like node definitions or other modules.
To define the Director's name and its access password used for authenticating the Console program. Only a single Director resource definition may appear in the Director's configuration file.
To define in what database to keep the list of files and the Volume names where they are backed up. Most people only use a single catalog. It is possible, however not adviced and not supported to use multiple catalogs.
To define what Client is to be backed up. You will generally have multiple Client definitions. Each Job will reference only a single client.
Configure an Named Console aka Restricted Console. Both the names and the passwords in these two entries must match much as is the case for Client programs.
The Counter Resource defines a counter variable that can be accessed by variable expansion used for creating Volume labels with the Label Format Dir Pool directive.
To define the set of files to be backed up for each Client. You may have any number of FileSets but each Job will reference only one.
FileSets do use Include Exclude Items
, which are represented by hash. Hash values are only allowed to have other hashes, string values or array of string values.
::bareos::director::fileset {'name':
include => {
'Options' => {
'Signature' => 'MD5',
'WildFile' => '/data/db*'
},
'File' => [
'/etc/',
'/var/lib'
]
}
}
To define the backup/restore Jobs and to tie together the Client, FileSet and Schedule resources to be used for each Job. Normally, you will Jobs of different names corresponding to each client (i.e. one Job per client, but a different one with a different name for each client).
Jobs does have Run Script
, which is represented by hash. Hash values are only allowed to have other hashes, string values or array of string values (like the Include Exclude Items in Fileset).
::bareos::director::job { 'MyJob':
client => 'client resource name to backup'
file_set => 'fileset resource name',
schedule_res => 'Schedule resource name'
storage => 'storage resource name' or ['first storage', 'second storage'],
pool => 'Incremental',
messages => 'Standard',
priority => 10,
write_bootstrap => '/var/lib/bareos/%c.bsr',
full_backup_pool => 'Full',
differential_backup_pool => 'Differential',
incremental_backup_pool => 'Incremental',
run_script => {
'console' => '"update jobid=%i jobtype=A"'
'Runs When' => 'After',
'Runs On Client' => 'No',
'Runs on Failure' => 'No',
}
}
JobDefs are optional resources for providing defaults for Job resources.
Almost the same like Job
.
To define where error and information messages are to be sent or logged. You may define multiple different message resources and hence direct particular classes of messages to different users or locations (files, ...).
To define the pool of Volumes that can be used for a particular Job. Most people use a single default Pool. However, if you have a large number of clients or volumes, you may want to have multiple Pools. Pools allow you to restrict a Job (or a Client) to use only a particular set of Volumes.
The Profile Resource defines a set of ACLs. Console Resources can be tight to one or more profiles, making it easier to use a common set of ACLs.
The Schedule resource provides a means of automatically scheduling a Job as well as the ability to override the default Level, Pool, Storage and Messages resources. If a Schedule resource is not referenced in a Job, the Job can only be run manually. In general, you specify an action to be taken and when.
To define on what physical device the Volumes should be mounted. You may have one or more Storage definitions.
Class bareos::monitor
This class manages the bareos (tray-) monitor package and configuration directory.
Parameters should be configured in the upper class ::bareos
.
This class will be automatically included when a resource is defined. It is not intended to be used directly by external resources like node definitions or other modules.
The Client resource defines the attributes of the Clients that are monitored by this Monitor.
The Director resource defines the attributes of the Directors that are monitored by this Monitor.
The Monitor resource defines the attributes of the Monitor running on the network. The parameters you define here must be configured as a Director resource in Clients and Storages configuration files, and as a Console resource in Directors configuration files.
The Storage resource defines the attributes of the Storages that are monitored by this Monitor.
Class bareos::storage
This class manages the bareos storage service, packages and configuration directory.
Parameters should be configured in the upper class ::bareos
.
This class will be automatically included when a resource is defined. It is not intended to be used directly by external resources like node definitions or other modules.
In general, the properties specified under the Storage resource define global properties of the Storage daemon.
The Autochanger resource supports single or multiple drive autochangers by grouping one or more Device resources into one unit called an autochanger in Bareos (often referred to as a "tape library" by autochanger manufacturers).
The Device Resource specifies the details of each device (normally a tape drive) that can be used by the Storage daemon. There may be multiple Device resources for a single Storage daemon. In general, the properties specified within the Device resource are specific to the Device.
The Director resource specifies the Name of the Director which is permitted to use the services of the Storage daemon. There may be multiple Director resources. The Director Name and Password must match the corresponding values in the Director's configuration file.
The Messages resource defines how messages are to be handled and destinations to which they should be sent.
The NDMP Resource specifies the authentication details of each NDMP client. There may be multiple NDMP resources for a single Storage daemon. In general, the properties specified within the NDMP resource are specific to one client.
Class bareos::webui
This class manages the bareos webui service, package and configuration.
This class will be automatically included when a resource is defined.
Configures an director to use with the webui.
Additional configuration is required on the Director server.
# Allow access from the webui to the director
# Add user admin
::bareos::director::console { 'admin':
password => 'admin',
profile => 'webui-admin',
}
::bareos::director::profile {'webui-admin':
description => 'bareos-webui webui-admin profile resource.',
command_acl => [
'!.bvfs_clear_cache, !.exit, !.sql',
'!configure, !create, !delete, !purge, !sqlquery, !umount, !unmount',
'*all*',
],
catalog_acl => '*all*',
client_acl => '*all*',
file_set_acl => '*all*',
job_acl => '*all*',
plugin_options_acl => '*all*',
pool_acl => '*all*',
schedule_acl => '*all*',
storage_acl => '*all*',
where_acl => '*all*',
}
Since define ressource are used in the module they can not be used directly via hiera. Execptions are ofcourse the three classes mentioned in Reference.
But there exist hashes for the configuration directives in the bareos::director
and the bareos::webui
classes which can be used via hiera.
classes:
- bareos::director
bareos::director::director::name_director: 'example'
bareos::director::director::password: 'foobar'
bareos::director::catalogs:
'testing':
db_name: 'test'
bareos::director::clients:
'alice':
address: foo.bar
password: foobar
bareos::director::jobs:
'backup-alice':
messages: testing
pool: testing
type: backup
client: alice
file_set: testing
This module is built upon and tested against the versions of Puppet listed in the metadata.json file (i.e. the listed compatible versions on the Puppet Forge).
OS Limitations hardly depends on the availability of the bareos packages in the bareos repository and the available release. Currently it has been tested on Ubuntu 14.04 and 16.04 and RHEL/CentOS/Rocky/AlmaLinux 8.
This puppet module was originally hosted at https://github.com/Project0/puppet-bareos and has been migrated to Vox Pupuli.