Setting up a Bacula backup plan and disaster recovery setup for a data center with two servers and a storage backup server running Ubuntu Linux involves several steps. In this example, we’ll assume the following:
- Server 1: Web server (hostname: webserver1)
- Server 2: Database server (hostname: dbserver1)
- Storage Backup Server (hostname: backupserver1)
- All systems are running Ubuntu Linux.
Please note that this is a simplified guide. You should adapt it to your specific environment and requirements.
Install Bacula
Install Bacula on all three servers (web server, database server, and backup server) using the package manager (apt-get):
sudo apt-get update
sudo apt-get install bacula-director-mysql bacula-console-qt bacula-fd
During installation, you’ll be prompted to configure Bacula. Use the following settings:
- Director hostname: backupserver1
- Director password: Choose a strong password
- Database configuration: Set up MySQL as the database backend.
Configure Bacula Director
On the backup server (backupserver1), configure the Bacula Director by editing
‘/etc/bacula/bacula-dir.conf
:’
sudo nano /etc/bacula/bacula-dir.conf
Here is a simplified configuration:
Director {
Name = backupserver-dir
DIRport = 9101
QueryFile = "/etc/bacula/query.sql"
WorkingDirectory = "/var/lib/bacula"
Pid Directory = "/var/run/bacula"
Maximum Concurrent Jobs = 1
}
JobDefs {
Name = "DefaultJob"
Type = Restore
FileSet="Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
Write Bootstrap = "/var/lib/bacula/%c.bsr"
}
Job {
Name = "RestoreFiles"
Type = Restore
FileSet="Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
File Retention = 30 days
Job Retention = 6 months
AutoPrune = yes
}
# Include the FileSet and Job definitions for your servers here
# Example FileSet for web server
FileSet {
Name = "webserver-fileset"
Include {
Options {
signature = MD5
}
File = /var/www/html
}
Exclude {
File = /var/www/html/tmp
}
}
Configure Bacula File Daemons
On each server (web server and database server), edit the Bacula File Daemon configuration ‘(/etc/bacula/bacula-fd.conf
):‘
sudo nano /etc/bacula/bacula-fd.conf
Configure the File Daemon for each server:
FileDaemon {
Name = webserver-fd
FDport = 9102
WorkingDirectory = /var/lib/bacula
Pid Directory = /var/run/bacula
Maximum Concurrent Jobs = 20
}
FileDaemon {
Name = dbserver-fd
FDport = 9102
WorkingDirectory = /var/lib/bacula
Pid Directory = /var/run/bacula
Maximum Concurrent Jobs = 10
}
Define Bacula Backup Jobs
In the Bacula Director configuration (bacula-dir.conf
) on the backup server, define backup jobs for each server (web server and database server). Customize these job definitions based on your requirements.
Job {
Name = "webserver-backup"
Type = Backup
Client=webserver-fd
FileSet="webserver-fileset"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
}
Job {
Name = "dbserver-backup"
Type = Backup
Client=dbserver-fd
FileSet="dbserver-fileset" # Define a FileSet for your database server
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
}
Start Bacula Services
On all servers, start the Bacula services:
sudo systemctl start bacula-director
sudo systemctl start bacula-fd
Backup Schedule
Create a backup schedule in /etc/bacula/schedule.conf
:
Storage {
Name = File
Address = backupserver1-fd
SDPort = 9103
Password = "your_password"
Device = FileStorage
Media Type = File
}
Set Up Disaster Recovery
- Regularly back up Bacula’s configuration files (
bacula-dir.conf
,bacula-fd.conf
, etc.) to a secure location. - Document disaster recovery procedures, including how to rebuild Bacula in case of failure.
Testing and Monitoring
- Test backups and restores regularly.
- Monitor Bacula jobs and set up email notifications for failures.
Email Notifications
Configure email notifications to be informed of backup job results. In Bacula Director’s configuration (bacula-dir.conf
), you can specify email notification settings:
Messages {
Name = Standard
director = bacula-dir = all, !skipped, !restored
}
Additionally, ensure your system has a functional email server configured to send notifications.
Implement Data Encryption (Optional)
To enhance data security, you can implement encryption for Bacula backups. To do this, you’ll need to enable encryption in the Bacula Director and File Daemon configuration files (bacula-dir.conf
and bacula-fd.conf
). Here’s a simplified example:
In bacula-dir.conf
:
Director {
Name = backupserver-dir
Password = "your_password"
Messages = Standard
TLS Enable = yes
TLS Require = yes
TLS CA Certificate File = /etc/bacula/ssl/ca.crt
TLS Certificate = /etc/bacula/ssl/bacula-dir.crt
TLS Key = /etc/bacula/ssl/bacula-dir.key
}
In bacula-fd.conf
on client servers (web server and database server):
FileDaemon {
Name = webserver-fd
Password = "your_password"
TLS Enable = yes
TLS Require = yes
TLS CA Certificate File = /etc/bacula/ssl/ca.crt
TLS Certificate = /etc/bacula/ssl/webserver-fd.crt
TLS Key = /etc/bacula/ssl/webserver-fd.key
}
You’ll need to generate the SSL certificates and configure them accordingly.
Periodic Backup Testing
Regularly test your backups to ensure they can be successfully restored. Plan and document these tests to verify that your disaster recovery procedures work as expected.
Documentation
Thoroughly document your Bacula setup and disaster recovery plan. Include:
- Configuration files (
bacula-dir.conf
,bacula-fd.conf
, etc.). - Backup schedules and retention policies.
- Disaster recovery procedures.
- Contacts for support and emergency situations.
- Any custom scripts or tools used in your setup.
Regular Maintenance
Perform regular maintenance tasks:
- Update Bacula and its components to the latest versions.
- Test backups after major changes or upgrades.
- Review and update your disaster recovery plan as your infrastructure evolves.
Monitoring and Alerts
Implement monitoring tools or scripts to keep an eye on Bacula’s status. Set up alerts for backup failures or issues. Popular monitoring solutions include Nagios, Zabbix, or simple shell scripts.
Offsite Backup Copies
For added data protection, consider storing backup copies offsite in a secure location. This guards against on-site disasters like fires or floods.
Disaster Recovery Drills
Conduct periodic disaster recovery drills to ensure your team is prepared to handle real disasters. These drills should test your ability to recover data and systems using your documented procedures.
Remember that a backup and disaster recovery plan is not a one-time setup; it requires ongoing maintenance, testing, and documentation updates to remain effective in protecting your data and ensuring business continuity.