Thursday, October 31, 2013

How I backup my server configs with lsyncd

In the event that something happens to my server, or one of the services running on my machine, I like to have a backup of my config for that particular service. Ain't nothing worse than taking hours or even days to properly configure a service to have a hard drive crash, operating system got corrupted, an update replaced your config file with the default or maybe you accidentally deleted the config or made some mistakes modifying it. This post shows how i use lsyncd and logrotate to automatically sync my /etc directory on my server with a remote machine and use logrotate to create and rotate 2 backup copies of the /etc directory.

The machines involved are main_server and backup_server.

On the main_server:

# apt-get install lsyncd

Lsyncd will use ssh as its network transport and we will need to create ssh keys for unattended remote login access. Lsyncd service runs as the root user so will need to login into the root account to create your ssh keys.

# ssh-keygen -t rsa

Copy your public key to the backup_server to allow password less login with ssh keys.

# ssh-copy-id backup_server

Try and logging to the backup server to see that you can authenticate to the backup_server without your password. If you run into issues, check the /etc/ssh/sshd_config file and ensure that public key authentication is enabled.

# ssh backup_server

Now we can create and configure lsyncd on the main_server. A config file is not created by default (on ubuntu and debian) so we need to create one.

# touch /etc/lsyncd/lsyncd.conf.lua

Now a simple config like this will suffice.

settings = {       

        logfile = "/var/log/lsyncd.log",
        statusFile = "/var/log/lsyncd.stat",
        statusIntervall = 1,}

Now we can start our service

service lsynd start

Hopefully everything went well and no errors occurred. Note that the location /root/backups/main_server/etc will need to be created(or atleast exist) prior to starting the lsyncd service .Now you can login to the backup_server and confirm that files and directories are being syncd.

At this point, you can create a logrotate config in /etc/logrotate.d/. Since logrotate runs via a daily cron job, our config will get executed daily. What our config will do is create a gzip'd tar archive of the /root/backups/main_server/etc/ and keep 2 copies while being rotated daily. The config will look like this.

# touch /etc/logrotate.d/main_server
# nano /etc/logrotate.d/main_server

rotate 2
create 644 root root
rm /var/backups/main_server.tar.gz
tar -P -zcf /var/backups/main_server.tar.gz /root/backups/main_server

You will want to create a dummy main_server.tar.gz file to satisfy the first run of the prerotate script.

# touch /var/backups/main_server.tar.gz

We're all done. To recap, lsyncd will sync the /etc folder in near real time (few seconds of delay) from the main_server with the backup_server. And on the backup_server, a copy of the sync'd folder is backed up daily with logrotate, maintaining 2 rotated copies.

Resources / Good Readering:


Friday, October 25, 2013

Reviewing boot logs on Debian

Recently, I installed a debian system as a server from the netinst CD. From the debian website:

A network install or netinst CD is a single CD which enables you to install the entire operating system. This single CD contains just the minimal amount of software to start the installation and fetch the remaining packages over the Internet.

The install was straight forward and i only opted to install standard utilities and nothing else. Everything installed successfully and the system booted without a single problem.

It is good practice to familiarize yourself with what you see on the console when your system boots up. Therefore in the event that something goes wrong and services aren't being started at boot, you would already be familiar with what your system usually does when it boots up. Typically, messages will indicate that your services were started "OK", something has "Failed", "Warning" notifiers, example: Starting periodic scheduler: Cron or some other service has failed. The issue that you will encouter is that these messages that you see on the console scrolls by very quickly and you usually only have about a second to recognize something useful.

By default, my new debian system did not log these boot messages anywhere. It turned out that bootlogd, the daemon that is responsible for logging these messages to "/var/log/boot" was not installed by default. Runnign # aptitude install bootlogd, was all that was needed. Once you reboot your system, boot messages will be logged to the file, "/var/log/boot".

You can simply cat the contents of the log file to view its contents but there is an issue where the colored strings are not escaped and you end up with bash color codes. These colored strings are what you see at boot with strings like "failed", "ok","warn", etc. To fix this you can view the logs with the following command

# sed 's/\^\[/\o33/g;s/\[1G\[/\[27G\[/' /var/log/boot | more

You can set up an alias for this in your .bashrc file to make life easier.