Backing up FreeBSD jails using Amanda
Some notes about how I set up Amanda server and clients to back up jails on a FreeBSD host.
While looking for open-source backup solutions for jails on a FreeBSD box, I came across Amanda and Bacula. At first glance Amanda seemed easier to configure, so I tried to install it from ports. There were some hiccups, especially with regards to permissions and missing directories, so I documented the steps I needed to get it running below.
Amanda uses a server/client architecture, although not in the traditional sense where an application is running all the time. The “Amanda server” is the box that runs and keeps the backups, a process that can be scheduled using cron. Amanda “clients” are the machines that have data that needs to be backed up. It is entirely possible to run the server and client on the same device (VM, jail, etc.). In the configuration described here I am running Amanda server in one jail and an Amanda client in another jail.
On the Amanda server
If this is the first time using pkg on the server, install it:
Press “Y” to confirm.
Here I am building amanda-server from ports because I plan on using S3 functionality in amanda-server, which is not enabled in the binary packages. If you don’t need S3 (or don’t know what it is), feel free to save some time by skipping to “To install binaries” below.
Install portmaster:
Install amanda-server:
Follow the prompts, most settings should be self-explanatory.
Install amcrypt:
Install pinentry-curses:
To install binaries, use this command instead of those containing portmaster above:
Enable sendmail, so Amanda can mail backup reports:
Start sendmail:
On the Amanda clients
If this is the first time using pkg on the server, install it:
Press “Y” to confirm.
Install amanda-client, amcrypt and pinentry-curses:
On the Amanda server
Amanda has been around for a long time, so it calls disk backups for “virtual tapes”. Create a directory for these files:
Create configuration directory:
Create var directory:
Assign a shell to user amanda:
Change to the amanda user:
Create public/private key pair to access clients:
Press Enter at all prompts to create it without a passphrase.
Create a vtape configuration:
Add hosts configuration file:
On the Amanda clients
Assign a shell to user amanda:
Append or copy ~/.ssh/id_rsa.pub from server to ~/.ssh/authorized_keys on clients
Create directories/files and assign permissions:
Create /etc/fstab file:
Amanda server
Change to the amanda user:
Add a client (backup job):
In this example, I am backing up the directory /var/www from the client - replace as necessary.Edit the file /usr/local/etc/amanda/DailySet1/amanda.conf:
Find this section (line):
define dumptype global {
In the section, change:
auth "bsdtcp"
to:
auth "ssh"
Test configuration:
Fix any problems before continuing.
Initiate the first full backup:
Check that a backup summary is received by e-mail.
Automate this backup using cron:
Add this line to the file to run backups daily Monday through Friday at 1 AM:
0 1 * * 1-5 /usr/local/sbin/amdump DailySet1
That’s it, you should now receive a daily mail shortly after 1AM, informing you of a successful backup of /var/www from the client to the server. The first report (hopefully received during the test run above) should be about a full backup and the next couple of reports will only do an incremental backup, with a new full backup every week (as specified in the vtape configuration command).
Some other opensource backup solutions that should work on FreeBSD: