From 90417621d73b4916db7749b79d267b19e3916023 Mon Sep 17 00:00:00 2001 From: "Joshua M. Boniface" Date: Fri, 27 Oct 2023 02:07:49 -0400 Subject: [PATCH] Add autobackup support to pvc-ansible --- group_vars/default/pvc.yml | 88 +++++++++++++++++++ roles/pvc/tasks/autobackup/disable.yml | 27 ++++++ roles/pvc/tasks/autobackup/enable.yml | 47 ++++++++++ roles/pvc/tasks/autobackup/main.yml | 7 ++ roles/pvc/tasks/main.yml | 5 ++ .../templates/autobackup/autobackup.yaml.j2 | 24 +++++ .../autobackup/pvc-autobackup-full.service.j2 | 8 ++ .../autobackup/pvc-autobackup-full.timer.j2 | 9 ++ .../pvc-autobackup-normal.service.j2 | 8 ++ .../autobackup/pvc-autobackup-normal.timer.j2 | 9 ++ 10 files changed, 232 insertions(+) create mode 100644 roles/pvc/tasks/autobackup/disable.yml create mode 100644 roles/pvc/tasks/autobackup/enable.yml create mode 100644 roles/pvc/tasks/autobackup/main.yml create mode 100644 roles/pvc/templates/autobackup/autobackup.yaml.j2 create mode 100644 roles/pvc/templates/autobackup/pvc-autobackup-full.service.j2 create mode 100644 roles/pvc/templates/autobackup/pvc-autobackup-full.timer.j2 create mode 100644 roles/pvc/templates/autobackup/pvc-autobackup-normal.service.j2 create mode 100644 roles/pvc/templates/autobackup/pvc-autobackup-normal.timer.j2 diff --git a/group_vars/default/pvc.yml b/group_vars/default/pvc.yml index 4c0d15b..adaa177 100644 --- a/group_vars/default/pvc.yml +++ b/group_vars/default/pvc.yml @@ -188,6 +188,94 @@ cpu_tuning: system_cpus: 2 # Set based on your actual system configuration (min 2, increase on coordinators if many nodes) osd_cpus: 2 # Set based on your actual number of OSDs (for optimal performance, 2 per OSD) +# PVC VM autobackups +# > PVC supports autobackups, which can perform automatic snapshot-level VM backups of selected +# virtual machines based on tags. The backups are fully managed on a consistent schedule, and +# include both full and incremental varieties. +# > To solve the shared storage issue and ensure backups are taken off-cluster, automaticmounting +# of remote filesystems is supported by autobackup. +pvc_autobackup: + # Enable or disable autobackup + # > If disabled, no timers or "/etc/pvc/autobackup.yaml" configuration will be installed, and any + # existing timers or configuration will be REMOVED on each run (even if manually created). + # > Since autobackup is an integrated PVC CLI feature, the command will always be available regardless + # of this setting, but without this option enabled, the lack of a "/etc/pvc/autobackup.yaml" will + # prevent its use. + enabled: no + # Set the backup root path and (optional) suffix + # > This directory will be used for autobackups, optionally suffixed with the suffix if it is present + # > If remote mounting is enabled, the remote filesystem will be mounted at the root path; if it is + # not enabled, there must be a valid large(!) filesystem mounted on all coordinator nodes at this + # path. + # > The suffix can be used to allow a single backup root path to back up multiple clusters without + # conflicts should those clusters share VM names. It is optional unless this matches your situation. + # > The path "/tmp/backups" is usually recommended for remote mounting + # > NOTE: If you specify it, the suffix must begin with a '/', but is relative to the root path! + backup_root_path: "/tmp/backups" + backup_root_suffix: "/cluster1" + # Set the VM tag(s) which will be selected for autobackup + # > Autobackup selects VMs based on their tags. If a VM has a tag present in this list, it will be + # selected for autobackup at runtime; if not it will be ignored. + # > Usually, the tag "autobackup" here is sufficient; the administrator should then add this tag + # to any VM(s) they want to use autobackups. However, any tag may be specified to keep the tag list + # cleaner and more focused, should the administrator choose to. + backup_tags: + - autobackup + # Autobackup scheduling + schedule: + # Backups are performed at regular intervals via a systemd timer + # > Optionally, forced-full backups can also be specified, which ensures consistent rotation + # between VMs regardless of when they are added; if forced_full_time is empty or missing, this + # feature is disabled + # > This default schedule performs a (forced) full backup every Monday at midnight, then normal backups + # every other day at midnight (these may be full or incremental depending on the options below + # > These options use a systemd timer date string; see "man systemd.time" for details + normal_time: "Tue..Sun *-*-* 0:0:00" + forced_full_time: "Mon *-*-* 0:0:00" + # The interval between full backups determines which backups are full and which are incrementals + # > When a backup is run, if there are this many (inclusive) backups since the last full backup, + # then a new full backup is taken and rotation occurs; otherwise, an incremental backup is taken + # > For example, a value of 1 means every backup is a full backup; a value of 2 means every other + # bakcup is a full backup; a value of 7 means every 7th backup is a full backup (i.e. once per week + # with a daily backup time). + full_interval: 7 + # The retention count specifies how many full backups should be kept + # > Retention cleanup is run after each full backup, and thus, that backup is counted in this number + # > For example, a value of 2 means that there will always be at least 2 full backups. When a new + # full backup is taken, the oldest (i.e. 3rd) full backup is removed. + # > When a full backup is removed, all incremental backups with that full backup as their parent are + # also removed. + # > Thus, this schedule combined with a full_interval of 7 ensures there is always 2 full weekly backups, + # plus at least 1 full week's worth of incremental backups. + full_retention: 2 + # Configure automatic mounting support + # > PVC autobackup features the ability to automatically and dynamically mount and unmount remote + # filesystems, or, indeed, perform any arbitrary pre- or post-run tasks, using a set of arbitrary + # commands + # > Automatic mountoing is optional if you choose to use a static mount on all PVC coordinators + # > While the examples here show absolute paths, that is not required; they will run with the $PATH of the + # executing environment (either the "pvc" command on a CLI or a cron/systemd timer) + # > A "{backup_root_path}" f-string/str.format type variable MAY be present in any cmds string to represent + # the above configured root backup path, and is which is interpolated at runtime + # > If multiple commands are given, they will be executed in the order given; if no commands are given, + # nothing is executed, but the keys MUST be present + auto_mount: + # Enable or disable automatic mounting + enabled: no + # These Debian packages will be automatically installed if automatic mounting is enabled + packages: + # This example installs nfs-common, required for NFS mounts + #- nfs-common + # These commands are executed at the start of the backup run and should mount a filesystem or otherwise + # prepare the system for the backups + mount_cmds: + # This example shows an NFS mount leveraging the backup_root_path variable + #- "/usr/sbin/mount.nfs -o nfsvers=3 10.0.0.10:/backups {backup_root_path}" + # These commands are executed at the end of the backup run and should unmount a filesystem + unmount_cmds: + # This example shows a generic umount leveraging the backup_root_path variable + #- "/usr/bin/umount {backup_root_path}" + # Configuration file networks # > Taken from base.yml's configuration; DO NOT MODIFY THIS SECTION. pvc_upstream_device: "{{ networks['upstream']['device'] }}" diff --git a/roles/pvc/tasks/autobackup/disable.yml b/roles/pvc/tasks/autobackup/disable.yml new file mode 100644 index 0000000..0fae45c --- /dev/null +++ b/roles/pvc/tasks/autobackup/disable.yml @@ -0,0 +1,27 @@ +--- + +- name: disable timer units + systemd: + name: "{{ item }}" + state: stopped + enabled: false + loop: + - pvc-autobackup-normal.timer + - pvc-autobackup-full.timer + +- name: remove autobackup configurations + file: + dest: "{{ item }}" + state: absent + loop: + - /etc/pvc/autobackup.yaml + - /etc/systemd/system/pvc-autobackup-normal.timer + - /etc/systemd/system/pvc-autobackup-normal.service + - /etc/systemd/system/pvc-autobackup-full.timer + - /etc/systemd/system/pvc-autobackup-full.service + register: systemd + ignore_errors: yes + +- name: reload systemd to apply changes + command: systemctl daemon-reload + when: systemd.changed diff --git a/roles/pvc/tasks/autobackup/enable.yml b/roles/pvc/tasks/autobackup/enable.yml new file mode 100644 index 0000000..4780f34 --- /dev/null +++ b/roles/pvc/tasks/autobackup/enable.yml @@ -0,0 +1,47 @@ +--- + +- name: install required automount packages + apt: + name: "{{ pvc_autobackup.auto_mount.packages }}" + state: present + when: + - pvc_autobackup.auto_mount.enabled is defined and pvc_autobackup.auto_mount.enabled + - pvc_autobackup.auto_mount.packages is defined and pvc_autobackup.auto_mount.packages + +- name: install autobackup YAML configuration + template: + src: "autobackup/autobackup.yaml.j2" + dest: "/etc/pvc/autobackup.yaml" + +- name: install autobackup normal systemd units + template: + src: "autobackup/pvc-autobackup-normal.{{ item }}.j2" + dest: "/etc/systemd/system/pvc-autobackup-normal.{{ item }}" + loop: + - timer + - service + register: systemd_normal + +- name: install autobackup forced-full systemd units + template: + src: "autobackup/pvc-autobackup-full.{{ item }}.j2" + dest: "/etc/systemd/system/pvc-autobackup-full.{{ item }}" + loop: + - timer + - service + when: pvc_autobackup.schedule.forced_full_time is defined and pvc_autobackup.schedule.forced_full_time + register: systemd_full + +- name: reload systemd to apply changes + command: systemctl daemon-reload + when: systemd_normal.changed or systemd_full.changed + +- name: enable timer units + systemd: + name: "{{ item }}" + state: started + enabled: true + loop: + - pvc-autobackup-normal.timer + - pvc-autobackup-full.timer + diff --git a/roles/pvc/tasks/autobackup/main.yml b/roles/pvc/tasks/autobackup/main.yml new file mode 100644 index 0000000..8be6902 --- /dev/null +++ b/roles/pvc/tasks/autobackup/main.yml @@ -0,0 +1,7 @@ +--- + +- include: enable.yml + when: pvc_autobackup.enabled + +- include: disable.yml + when: not pvc_autobackup.enabled diff --git a/roles/pvc/tasks/main.yml b/roles/pvc/tasks/main.yml index bc21509..2c4417d 100644 --- a/roles/pvc/tasks/main.yml +++ b/roles/pvc/tasks/main.yml @@ -56,6 +56,11 @@ - include: pvc/main.yml tags: pvc-daemon +# Install PVC autobackup +- include: autobackup/main.yml + tags: pvc-autobackup + when: pvc_autobackup is defined + # Install CPU tuning - include: cputuning/main.yml tags: pvc-cputuning diff --git a/roles/pvc/templates/autobackup/autobackup.yaml.j2 b/roles/pvc/templates/autobackup/autobackup.yaml.j2 new file mode 100644 index 0000000..943a9ca --- /dev/null +++ b/roles/pvc/templates/autobackup/autobackup.yaml.j2 @@ -0,0 +1,24 @@ +--- +# PVC Autobackup configuration +# {{ ansible_managed }} + +autobackup: + backup_root_path: {{ pvc_autobackup.backup_root_path }} + backup_root_suffix: {{ pvc_autobackup.backup_root_suffix }} + backup_tags: +{% for tag in pvc_autobackup.backup_tags %} + - {{ tag }} +{% endfor %} + backup_schedule: + full_interval: {{ pvc_autobackup.schedule.full_interval }} + full_retention: {{ pvc_autobackup.schedule.full_retention }} + auto_mount: + enabled: {{ pvc_autobackup.auto_mount.enabled }} + mount_cmds: +{% for cmd in pvc_autobackup.auto_mount.mount_cmds %} + - "{{ cmd }}" +{% endfor %} + unmount_cmds: +{% for cmd in pvc_autobackup.auto_mount.unmount_cmds %} + - "{{ cmd }}" +{% endfor %} diff --git a/roles/pvc/templates/autobackup/pvc-autobackup-full.service.j2 b/roles/pvc/templates/autobackup/pvc-autobackup-full.service.j2 new file mode 100644 index 0000000..ed4f994 --- /dev/null +++ b/roles/pvc/templates/autobackup/pvc-autobackup-full.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=[Cron] PVC VM autobackup (forced-full) + +[Service] +Type=oneshot +IgnoreSIGPIPE=false +KillMode=process +ExecStart=/usr/bin/pvc --quiet vm autobackup --cron --force-full diff --git a/roles/pvc/templates/autobackup/pvc-autobackup-full.timer.j2 b/roles/pvc/templates/autobackup/pvc-autobackup-full.timer.j2 new file mode 100644 index 0000000..84ea5ca --- /dev/null +++ b/roles/pvc/templates/autobackup/pvc-autobackup-full.timer.j2 @@ -0,0 +1,9 @@ +[Unit] +Description=[Timer] PVC VM autobackup (forced-full) + +[Timer] +Unit=pvc-autobackup-full.service +OnCalendar={{ pvc_autobackup.schedule.forced_full_time }} + +[Install] +WantedBy=pvc.target diff --git a/roles/pvc/templates/autobackup/pvc-autobackup-normal.service.j2 b/roles/pvc/templates/autobackup/pvc-autobackup-normal.service.j2 new file mode 100644 index 0000000..0f80a88 --- /dev/null +++ b/roles/pvc/templates/autobackup/pvc-autobackup-normal.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=[Cron] PVC VM autobackup (normal) + +[Service] +Type=oneshot +IgnoreSIGPIPE=false +KillMode=process +ExecStart=/usr/bin/pvc --quiet vm autobackup --cron diff --git a/roles/pvc/templates/autobackup/pvc-autobackup-normal.timer.j2 b/roles/pvc/templates/autobackup/pvc-autobackup-normal.timer.j2 new file mode 100644 index 0000000..e0edf15 --- /dev/null +++ b/roles/pvc/templates/autobackup/pvc-autobackup-normal.timer.j2 @@ -0,0 +1,9 @@ +[Unit] +Description=[Timer] PVC VM autobackup (normal) + +[Timer] +Unit=pvc-autobackup-normal.service +OnCalendar={{ pvc_autobackup.schedule.normal_time }} + +[Install] +WantedBy=pvc.target