Affa
Affa - Automated Remote Disk Archiver
UNDER CONSTRUCTION
Maintainer
Michael Weinberger
Affa was contributed on Thu Apr 05, 2007
Description
The main purpose of this affa package is to turn a SME 7 Server into a dedicated backup box in a few minutes. Affa backups as many as you like SME servers or any other servers which have sshd running and rsync installed. Once it was configured, Affa runs reliable and unattended and send warning message in case of an error.
All backup archive are full backups. As Affa make use of the hardlink technique. Therefore a new full backup only needs disk space for the differences plus the filesystem overhead for the hardlinks and directories (which is typically 2-3%).
Affa is based on the rsync program and supports the rsync --compress option. This allows you to run backups over the internet or VPN. A typical setup is one or more Affa backup servers placed in different locations, which backup the production server(s) over the VPN.
A special feature is the rise option, which allows you to rise the backup server to your production server from a backup archive in case of a dead loss of your production server. The rise is executed within a extremly short time, even with huge ammount of data. The rise feature uses hardlinks and therefore does not use up additional disk space.
Affa features at a glance
- Makes full backups with every scheduled run
- Keeps configurable number of scheduled, daily, weekly, monthly and yearly full backup archives
- Using rsync with optional compression for low traffic allows backups over the internet/VPN
- Uses hardlink technique, i.e. physical disk space only needed for the differences between two full backups
- Backup jobs are started by crond
- Backups the default e-smith directories/files with property SMEServer set to yes
- Additional directories/files can be included
- Directories/files can be excluded from the backup
- Non-SME server linuxes can be backuped by setting SMEServer property to no and using a include list
- Configurable nice level for rsync processes on backup and source server
- Optional run of custom programs before and after a job run (e.g. running tape backup)
- Checks the disk space left after a job run with warning levels strict, normal or risky
- Extensive checking of failure conditions
- Sends failure messages to a configurable list of email addresses
- Sends warning message, if the backup server run out of disk space
- Installs an optional watchdog on the source server for the case the backupserver fails
- Watchdog sends warning, if an expected backup did not run
- Watchdog sends a daily reminder message, if the error continues unchecked
- Option to display current status of all jobs showing times of last and next run
- Status can be mailed on a daily, weekly or monthly schedule
- Option to display reports of all stored backups shown size, tranferred volume, disk usage and more
- Report can be sent to the configured email addresses
- Option to send the public DSA key to the source server
- Option to rise the backup server to a production server from a backup. For SME only
- The rise option does not physically move data and therefore is extremly fast and needs no disk space
- Rise option can be run remotely as the ethernet drivers of the backup server are preserved
- Compares installed RPMs on source with backup server. Sends warning message, if not in sync
- Undo rise option to restore the backup server
- Configurable via a e-smith style db, with one record for each job and a default record for all jobs
- Logs in /var/log/affa with optional debug switch for high verbosity
- Log files are rotated weekly, with 5 logs kept
Installation
Download the smeserver-affa package from
ibiblio
or
PlanetMirror.
Download the perl-Filesys-DiskSpace package from DAG or from one of the mirrors above.
Install the RPMs.
Quick start example
You have a SME 7 production server with hostname 'prodbox‘ and IP 10.200.48.1.
Set up a second SME 7 box as your backupserver with hostname 'affabox‘ and IP 10.200.48.2.
- log into the 'affabox' and install the packages as described above.
- generate the DSA keys and send the public key to the 'prodbox'
# affa --send-keys 10.200.48.1
- copy the config helper script sample
# cp /usr/lib/affa/jobconfig-sample.pl /root/prodbox-job.pl
- edit /root/prodbox-job.pl and set
my $jobname='prodbox';
and'remoteHostName‘=>'10.200.48.1',
- write the configuration
# /root/prodbox-job.pl
- run the job manually
# affa --backup prodbox
Configuration
The configuration is stored in an e-smith style database. Use the db command to configure Affa.
The jobname is the record key with the type 'job'.
To setup a new job enter:
# db affa set myprodsrv job
then set the properties
# db affa setprop myprodsrv remoteHostName 192.168.1.1
# db affa setprop myprodsrv TimeSchedule '0030,0730,1130,1330,1730,2030'
# db affa setprop myprodsrv Description 'My Production Server'
# db affa setprop myprodsrv status enable
and so on...
Alternatively you can you use a script as described above in the 'Quick start' chapter.
To verify your work, type:
# db affa show myprodsrv
Affa configuration properties
Property | Value | Description |
remoteHostName | FQHN or IP | of the source host |
TimeSchedule | HHMM,HHMM,... | doesn't need to be ordered. At least one time is mandatory |
Description | text string | |
scheduledKeep dailyKeep weeklyKeep monthlyKeep yearlyKeep |
integer >= 1 | how many of the scheduled, daily, weekly, monthly or yearly backups should be kept |
SMEServer | yes or no | when set to yes the default e-smith directories are automatically included and the properties RPMCheck and Watchdog can be used |
Include[0] Include[1] ... |
full path | additional files or directories to include |
Exclude[0] Exclude[1] ... |
full path | additional files or directories exclude from backup |
RPMCheck | yes or no | compares the packages installation of the source host with this affa backup host. Sends a message with diff list if not in sync. This check is usefull, if you want have the option to rise the backup server to a production server from a backup. |
DiskSpaceWarn | strict or normal or risky or none | run a disk space check after a job has been completed. With level 'strict' a warning message will be sent, if the available space is less then the size of the just completed backup. With level 'normal'/'risky' the message is sent, if less than 50%/10% of the backup size is still available. |
localNice | -19...+19 | run rsync local process niced. |
remoteNice | -19...+19 | run rsync process on source niced. |
Watchdog | yes or no | when a job is started, affa installs a watchdog script on the source in /etc/cron.d/, which sends a warning message, if the next scheduled job (taken from the TimeSchedule property + 10 minutes) did not run. This guarantees, that you will be notfied even in case of a affa server outage. The watchdog script send a daily reminder message, if the error continues. The next run job replaces the watchdog script with a new trigger time. |
ConnectionCheckTimeout | seconds | before the rsync is started on the remote source host, affa check the ssh conncetion and exits with an error after the configured time, if the host does not response. |
rsyncTimeout | seconds | Rsync exits, if no data is transferred for the configured time. This avoids infinitely hanging in case of a network error. |
rsyncCompress | yes or no | compress the tranferred data. May be useful with slow internet connections. Increases CPU load on source and backup host. |
EmailAddresses | name@domain.com,name@domain.com,... | comma separated list of mail addresses where the messages should be sent to |
preJobCommand postJobCommand |
full path | programs (local on the affa server) to be executed before/after a job run. The jobname and type (scheduled, daily etc.) are passed as arguments to the program. The exit code is additionally passed to the post job command program. See /usr/lib/affa/ for sample perl scripts. |
RootDir | full path | where to store the backup archives, Do not use /home/e-smith or /root as these are included in the backup and therefore the rise otpion will not work! Recommended: /var/affa |
Debug | yes or no | set to yes to increase log verbosity |
status | enabled or disabled | with set to disabled, no cron entries will made. You can still run a job manually. |
rsync--inplace | yes or no | set to no, if the rsync versionon the source does not support this option (like rsync on SME6) |
Example setups
Standard
Dedicated Affa server to backup all production servers
...
Local Affa server plus a Affa server in remote location
- Standard setup
... - Chained setup
...
Two production servers backup each other
...
Moving a SME 7 server installation to a new hardware using Affa with rise feature
...
Use Affa to backup to a NFS-mounted NAS or a local attached USB drive
You want to backup your SME 7 production server with hostname 'prodbox‘ and IP 10.200.48.1 on a mounted filesystem instead of setting up a dedicated Affa box.
Setup NAS
You have a FreeNAS box with IP 10.200.48.2 up and running with NFS service enabled for your network 10.200.48.0/22. The RAID array is mounted to /mnt/affashare.
- log into the 'prodbox' and install the NFS packages
yum --enablerepo=base install nfs-utils
You don't need to signal post-upgrade or reboot event. - mount the NFS share
mkdir -p /mnt/affadevice
mount 10.200.48.2:/mnt/affashare /mnt/affadevice
Setup a USB drive
...
Setup Affa
- log into the 'prodbox' and install the Affa packages as described above.
- copy the config helper script sample
# cp /usr/lib/affa/jobconfig-sample.pl /root/prodbox-job.pl
- edit /root/prodbox-job.pl and set
my $jobname='prodbox';
and'remoteHostName‘=>'localhost',
'RootDir=>'/mnt/affadevice',
Review the other properties and change them to your needs. - write the configuration
# /root/prodbox-job.pl
- run the job manually
# affa --backup prodbox
Limitations
Whith this kind of setup you cannot use the affa rise feature, as it requires the backup archive to be located on the same fileystem as the server installation. The rise option uses hardlinks, which are not working across filesystems.
Restore
Restore a single files or directory
...
Full restore
To run a full restore of user and configuration data run on the Affa server# affa --full-restore <JOB> [<ARCHIVE>]
Example:
You have backuped your production server 'prodsrv' as job 'myprodsrv'. To restore from the latest backup run# affa --full-restore myprodsrv
To restore from the older archive daily.2 run# affa --full-restore myprodsrv daily.2
Important note: A full restore reconstruct the server as it was at the time of the backup. That means, files created or server configuration changes after the backup run will be lost.
Files
/sbin/e-smith/affa
/etc/cron.d/affa-status
/etc/cron.d/affa
/etc/logrotate.d/affa
/usr/lib/affa/jobconfig-sample.pl
/usr/lib/affa/postJobCommand-sample.pl
/usr/lib/affa/preJobCommand-sample.pl
Additional information
Performance
It is hardly to predict how much time a backup job needs to complete. It depends on the number of files, the total file size, the file changes since last run, the network speed and not least on the CPU power, disk speed and RAM of the source and backup server. The following table of measured values will give you an idea of what you can expect.
Backup server | Source server | Data on source server | Transferred Data | Connection | Compression | Affa run time |
2x3.2GHz Xeon 2 GB RAM, 1.5 TB RAID6 |
2x3.2GHz Dual Core Xeon 4 GB RAM, RAID5, SME 7.1 Intranet Web Server + MySQL |
1.4 GB, 12,000 files | 300 MB, 16 files | Internet 2 Mbit | yes | 2 minutes |
2x3.2GHz Xeon 2 GB RAM, 1.5 TB RAID6 |
2x3.2GHz Dual Core Xeon 4 GB RAM, RAID5 SME 7.1 Mailserver |
43 GB, 410,000 files | 140 MB, 2,700 files | Internet 2 Mbit | yes | 10 minutes |
2x2GHz Dual Core Xeon 5130 6 GB RAM, 1 TB RAID 5 |
2x2GHz Dual Core Xeon 5130 6 GB RAM, 1 TB RAID 5 SME 7.1 File- and Mailserver |
125 GB, 98,000 files | 3,2 GB, 3,000 files | Gbit LAN | no | 25 minutes |
2x2GHz Dual Core Xeon 5130 6 GB RAM, 874 GB RAID 5 |
2x2GHz Dual Core Xeon 5130 6 GB RAM, 1 TB RAID 5 SME 7.1 File- and Mailserver |
125 GB, 98,000 files | 3.5 GB, 2000 files | Internet 2 Mbit | yes | 17 minutes |
2x800MHz Pentium 3 1 GB RAM, 300 GB RAID1 |
2x2.8GHz Xeon, 1GB RAM, 140 GB RAID5 SME 7.1 File- and Mailserver |
39 GB, 370,000 files | 12 GB, 4,000 files | 100Mbit LAN | no | 52 minutes |
Changelog
* Sun Apr 15 2007 Michael Weinberger - Version 0.0.6 added --full-restore missing check for HOSTNAME argument in --send-keys added * Thu Apr 12 2007 Michael Weinberger - Version 0.0.5 fixed calculation of lastrun-now * Thu Apr 12 2007 Michael Weinberger - Version 0.0.4 - added --send-status plus templates - fixed format error of times in affa --status - show 'failed', if lastrun is older 1 day in affa --status - fixed typo. default status=disabled (was disable) * Fri Apr 06 2007 Michael Weinberger - Version 0.0.3 - watchdog reminder was not deleted on soure - wrong version mismatch list in rpm compare * Thu Apr 05 2007 Michael Weinberger - added 'rsync--inplace' property * Mon Apr 02 2007 Michael Weinberger - initial release
Acronym
Affa stands for Automatische Festplatten Fernarchivierung