05/16/2013  

Bacula: Restoring from Copy Jobs

On my previous Bacula post, I demonstrated how create off-site backup using Copy Jobs. But what to do when you need (knock-on-wood) use the Copy Job to restore data? It’s quite simple, actually.

You have two possibles ways to use you Copy Jobs:

  1. The “extreme way”: purge your original backup Jobs. According to the official documentation, “if bacula finds a Copy when a Job record is purged (deleted) from the catalog, it will promote the Copy as real backup and will make it available for automatic restore”. I’ve never have to use this method, since the next way is much simpler (and safer).

  2. The “easy way”: use an additional parameter to the “restore” command in bconsole. I’ve tried this method myself and it’s the way I recommend using. Basically, run restore like this:

    3. restore client=YourClientName copies

    And continue to the restore as usual. The difference is when Bacula prints out the JobIDs that it will use for this restore. You’ll see the Copy JobIDs instead of the original ones.

And that’s it.

06/27/2012  

SELinux and PHP Database Connection

Since I’m using Bacula for my Backups, I wanted to install a nice Web interface to view my Jobs, Volumes, generate reports and such. I thought I’d give a try at Bacula-Web, since the installation is really simple.

Bacula-Web configuration is really simple, all you have to do is edit the “config.php” file to point the database connection to the same database that Bacula uses and your good to go. Once I’d done that, I opened the Bacula-Web page, and the following error appeared:

Database error

Message: SQLSTATE[08006] [7] could not connect to server: Permission denied Is the server running on host "ptipgsql.pti" and accepting TCP/IP connections on port 5432?

Well, I was SURE that the server/database/username/password was correct, because connection from the command line (using psql) worked just fine. After a LOT of Googling, I found out that there was a Boolean in SELinux specific to allow the Web Server to connect to remote hosts.

So, all I had to do is run as root:

# setsebool -P httpd_can_network_connect on

And Bacula-Web worked just fine. Lesson learned: always check the /var/log/audit/audit.log file on access denied errors!!!!!

03/12/2012  

Off-Site Backups with Bacula

 

Bacula, the Open Source Network Backup Solution

Bacula is a great Backup Solution for any infrastructure out there, if you don’t know this tool, I really recommend reading about it. I’ve been using it for over 2 years now and when I thought I had learned everything there was to learn about it, I was asked to do one more thing with our backups: store them on a off-site location for security. After all, what’s the point in having data backups stored in your company if a flood or a fire will destroy everything, including your backups?

“What’s the problem?”, you may ask… “Just take your daily backups tapes to an off-site location!”, you might say… If only life was that simple…

I needed those daily backups tapes on-site, since our helpdesk team was constantly asking us to restore some files from the Samba Share server, because the user “swears the file just disappeared from the server”… Yeah, right…

So, how could I possibly have a secure off-site backup of my data and, at the same time, have them available to me to make daily restores in my company?

Read More…

01/16/2011  

Bridge over VLAN Tagging over over Bonding: the perfect network setup

Introduction

In this article, I’ll explain how to put together three different methods to simplify deployment and configuration of you virtual machines: VLAN Tagging, Bridge and Bonding. But if never heard of any of them, we’ll setup them up separately, so it becomes very ease to put the three together.

Every examples in this article is for servers witch CentOS 5.5 and Switch Cisco, but they could use for other systems as well.

VLAN Tagging
The Why

Before virtualization, you had several physical servers separated in several different VLAN’s in your company. But when you had to migrate all your servers to virtual machines in a single physical machine, how could you concentrate different VLAN’s in a single network interface? VLAN Tagging is the answer.

Before you can configure VLAN Tagging in your server, you have to make sure that the switch your physical machine is connected to supports VLAN Trunk. I’m no expert in switches, but I’m pretty sure that if your switch support VLAN, it will support VLAN Trunk.

When you set the switch port which you physical server is connect to VLAN Trunk mode, the switch will look in the packet header for the VLAN Tag, to find out which VLAN that packet is destined to. That basicly means that is up to the server on the other end
to select which VLAN the packets must go to.

That’s the perfect solution for our problem. With this technique, you can have a single physical virtualization server, with several virtual machines in different VLAN’s.

Read More…