#300: Configure Secure Automated Backups to Central Storage Server - Jenrite/OE2-project-group-B GitHub Wiki

Log into Storage Server

Change password, stored in my teams

Create directories for each machine we are backing up.

Generate SSH key pair on mgmt-b: ssh-keygen -t rsa -b 4096 -C "[email protected]"

Add public key to authorized keys file in backup server (storage server provided by Ola, not machine named backup) cat ~/.ssh/id_rsa.pub | ssh [email protected] "cat >> ~/.ssh/authorized_keys"

The try to ssh into the offsite server from mgmt. Should not be prompted for password.

Initial files to be backed up:

  1. on mgmt: puppetlabs/

  2. on app: /var/www/owncloud/ /etc/apache2/sites-available/owncloud.conf

  3. on db: some kind of sql dump?

  4. on backup: /var/lib/grafana/grafana.db

create puppet module for script distribution and cron job scheduling

backup/ ├── files/ │ ├── backup_mgmt.sh ├── manifests/ └── init.pp

MGMT node backups

init.pp contents:

image

backup_mgmt.sh contents:

image

we also need to include backup in site.pp file under mgmt node

We are now backing up puppetlabs directory every 2 hours to the mgmt directory on storage machine.

Changed init.pp hour value for cron jobs to 4

Apps node backups

Firstly we need to create passwordless ssh from apps to storage server

Follow steps above to do this

add include backup in site.pp file under apps node

backup_apps.sh script

image

Edit init.pp file and add logic to copy relevant script to apps

image

I have now edited the init.pp file so that the jobs per machine are scheduled in a staggered manner:

image

I have also repeated the above process for passwordless SSH for all machines so when backups need added from them it is possible

Restore Methodology

use rsync from backup machine, test first by copying to same machine again, be reserved in backup, only files/directories that are required. See above rsync commands for an idea of what to run, there is no script as restoring is ticket specific