Configuring rsnapshot for snapshot backups.

GENERAL INFO

From the man page:

       rsnapshot is a filesystem snapshot utility. It can take incremental
       snapshots of local and remote filesystems for any number of machines.

       rsnapshot saves much more disk space than you might imagine. The amount
       of space required is roughly the size of one full backup, plus a copy
       of each additional file that is changed. rsnapshot makes extensive use
       of hard links, so if the file doesn't change, the next snapshot is
       simply a hard link to the exact same file.

We run rsnapshot on the snapshot server to back up all the local linux
machines.  The snapshot server is mandelbrot.  It currently has 4.5 TB
of internal hard drive storage for snapshots.  (The Drobo network
storage unit is only used for cross-campus backups, not local
snapshots.)

SETUP ON SNAPSHOT SERVER

1. Define storage area for snapshots.  At present, this is on a
logical volume group spanning five physical disks.  The logical volume
group is /dev/vg_mandelbrot/LogVol04.  (This may change on future
snapshot servers depending on the exact physical storage layout.)  The
remainder of this document assumes that the physical storage volume is
mounted on /scratch.

2. As root@mandelbrot:
# mkdir /scratch/backups
# chmod 700 /scratch/backups
# mkdir /scratch/backups/.snapshots
# chmod 755 /scratch/backups/.snapshots
  The following sym link is for convenience and allows scripts and
  config files to not be tied to the actual mount point.
# ln -s /scratch/backups/.snapshots /.snapshots

Add a line to /etc/exports:
/.snapshots *.dsm.fordham.edu(ro,no_root_squash)

3. Enable public-key authentication so that the root user on the
snapshot server can ssh to all snapshot clients without password.
This requires placing root@mandelbrot's public key (located in
mandelbrot:/root/.ssh/id_rsa.pub) into /root/.ssh/authorized_keys on
each client.

4. Set up rsnapshot.  As root@mandelbrot:
# yum install rsnapshot

Create /etc/rsnapshot.conf.  An example is appended at the end of this
document.  It contains sections for each of the local clients to be
backed up, as well as for the snapshot host itself.  Decide on a
snapshot schedule.  The schedule we currently use is:
  - hourly snapshots every 2 hours starting at 5 minutes before 10:00, 12:00,
    14:00, 16:00, 18:00, and 20:00, then one at 5 minutes before 03:00.
  - daily snapshots each day of the week (these are actually copies of
    the 3 am snapshot)
  - weekly snapshots each Sunday at 12:45 am (this is a copy of the
    Saturday daily snapshot)
  - monthly snapshots at 12:15 am on the first of the month (these are
    copies of the latest weekly snapshot).  The last 4 monthly
    snapshots are retained.

This schedule is reflected in two places: in rsnapshots.conf and in
the crontab.  In rsnapshots the relevant lines are those that define
the snapshot intervals and retention lengths:

interval	hourly	7
interval	daily	7
interval	weekly	4
interval	monthly	4

In crontab the intervals are defined by cron jobs.  The longer interval
snapshots ashould be done before the shorter ones, since they work
simply by copying the latest shorter interval.  The current crontab
definitions are:

# hourly: backup at 5 minutes before the hour.  Do one at 3 am, then
# every 2 hours from 10 am till 8 pm.  The 3 am will become the daily.
55 02,09,11,13,15,17,19 * * * /usr/bin/rsnapshot sync ; /usr/bin/rsnapshot hourly

# daily: run at 1:45 am each morning.
45 1 * * * /usr/bin/rsnapshot daily

# weekly: run at 12:45 am Sunday
45 0 * * 0 /usr/bin/rsnapshot weekly

# monthly: run at 12:15 am on 1st of the month
01 0 1 * * /usr/bin/rsnapshot monthly



SETUP ON SNAPSHOT CLIENT

The following steps allow users on the backed-up client to access
their files in the snapshots tree.  In the example, erdos is the
client.  It is assumed that autofs is installed and enabled.

1. On the local NIS master or, if NIS not used, on the client, add a
line to /etc/auto.local:
.snapshots -ro,nosuid,nodev 	mandelbrot:/.snapshots

2. As root@erdos:
# ln -s /local/.snapshots /snapshots

This makes the snapshots tree appear in /snapshots, automounted on
demand.  It is mounted read-only so users (even root on the client)
cannot modify anything.

Users search for their files with a path like this:

/snapshots/{interval}.{n}/$HOME/path/within/home

where {interval} is one of hourly, daily, weekly, or monthly, and {n} is
an integer between 0 and 6 for hourly and daily, 0 and 3 for weekly
and monthly.

To see the list of snapshot intervals and when they were made, use
$ ls -lt /snapshots/


SETUP FOR SYSTEMS WITH VIRTUALBOX GUESTS

Because of their large size, VirtualBox guest virtual drives (.vdk
files) tend to cause rsync to choke when using default parameters.
Therefore we exclude them from the normal snapshots.

They also do not need to be backed up as frequently, nor is client
user access necessary.  (A case could be made for backing these up as
tar files rather than snapshots.)

Therefore we use a separate scheme for backing these up, and they go
into their own separate snapshot tree.

1. As root@mandelbrot:

# mkdir /scratch/backups/.snaproot2
# chmod 700 /scratch/backups/.snaproot2

This filesystem is not exported nor readable by non-root users.

2. Create config file /etc/rsnapshot-vbox.conf.  Sample is appended below.
The main difference is to supply special rsync arguments:
	+rsync_long_args=--whole-file --compress

The intervals and retention numbers are:
interval	daily	2
interval	weekly	1
interval	monthly	2

3. Create cron jobs:

### rsnapshot of the /.vm tree on lab reference machine
### and faculty vbox virtual machines
# daily snapshot at 4 am Monday thru Friday
00 04 * * 1-5 /usr/bin/rsnapshot -c /etc/rsnapshot-vbox.conf daily

# weekly snapshot at 3:50 am Saturday
50 03 * * 6 /usr/bin/rsnapshot -c /etc/rsnapshot-vbox.conf weekly

# monthly snapshot at 3:39 am on 1st of the month
39 03 1 * * /usr/bin/rsnapshot -c /etc/rsnapshot-vbox.conf monthly



===================Sample rsnapshot.conf file:=========================
#################################################
# rsnapshot.conf - rsnapshot configuration file #
#################################################
#                                               #
# PLEASE BE AWARE OF THE FOLLOWING RULES:       #
#                                               #
# This file requires tabs between elements      #
#                                               #
# Directories require a trailing slash:         #
#   right: /home/                               #
#   wrong: /home                                #
#                                               #
#################################################

#######################
# CONFIG FILE VERSION #
#######################

config_version	1.2

###########################
# SNAPSHOT ROOT DIRECTORY #
###########################

# All snapshots will be stored under this root directory.
#
snapshot_root	/scratch/backups/.snapshots/

# If no_create_root is enabled, rsnapshot will not automatically create the
# snapshot_root directory. This is particularly useful if you are backing
# up to removable media, such as a FireWire or USB drive.
#
#no_create_root	1

#################################
# EXTERNAL PROGRAM DEPENDENCIES #
#################################

# LINUX USERS:   Be sure to uncomment "cmd_cp". This gives you extra features.
# EVERYONE ELSE: Leave "cmd_cp" commented out for compatibility.
#
# See the README file or the man page for more details.
#
cmd_cp		/bin/cp

# uncomment this to use the rm program instead of the built-in perl routine.
#
cmd_rm		/bin/rm

# rsync must be enabled for anything to work. This is the only command that
# must be enabled.
#
cmd_rsync	/usr/bin/rsync

# Uncomment this to enable remote ssh backups over rsync.
#
cmd_ssh	/usr/bin/ssh

# Comment this out to disable syslog support.
#
cmd_logger	/usr/bin/logger

# Uncomment this to specify the path to "du" for disk usage checks.
# If you have an older version of "du", you may also want to check the
# "du_args" parameter below.
#
cmd_du		/usr/bin/du

# Uncomment this to specify the path to rsnapshot-diff.
#
#cmd_rsnapshot_diff	/usr/local/bin/rsnapshot-diff

# Specify the path to a script (and any optional arguments) to run right
# before rsnapshot syncs files
#
#cmd_preexec	/path/to/preexec/script

# Specify the path to a script (and any optional arguments) to run right
# after rsnapshot syncs files
#
#cmd_postexec	/path/to/postexec/script

#########################################
#           BACKUP INTERVALS            #
# Must be unique and in ascending order #
# i.e. hourly, daily, weekly, etc.      #
#########################################

interval	hourly	7
interval	daily	7
interval	weekly	4
interval	monthly	4

############################################
#              GLOBAL OPTIONS              #
# All are optional, with sensible defaults #
############################################

# Verbose level, 1 through 5.
# 1     Quiet           Print fatal errors only
# 2     Default         Print errors and warnings only
# 3     Verbose         Show equivalent shell commands being executed
# 4     Extra Verbose   Show extra verbose information
# 5     Debug mode      Everything
#
verbose		2

# Same as "verbose" above, but controls the amount of data sent to the
# logfile, if one is being used. The default is 3.
#
loglevel	3

# If you enable this, data will be written to the file you specify. The
# amount of data written is controlled by the "loglevel" parameter.
#
logfile	/var/log/rsnapshot

# If enabled, rsnapshot will write a lockfile to prevent two instances
# from running simultaneously (and messing up the snapshot_root).
# If you enable this, make sure the lockfile directory is not world
# writable. Otherwise anyone can prevent the program from running.
#
lockfile	/var/run/rsnapshot.pid

# Default rsync args. All rsync commands have at least these options set.
#
#rsync_short_args	-a
rsync_short_args	-aA
#rsync_long_args	--delete --numeric-ids --relative --delete-excluded

# ssh has no args passed by default, but you can specify some here.
#
#ssh_args	-p 22
# Don't need ssh X11 forwarding.  Turn it off for better security.
ssh_args	-x

# Default arguments for the "du" program (for disk space reporting).
# The GNU version of "du" is preferred. See the man page for more details.
# If your version of "du" doesn't support the -h flag, try -k flag instead.
#
#du_args	-csh

# If this is enabled, rsync won't span filesystem partitions within a
# backup point. This essentially passes the -x option to rsync.
# The default is 0 (off).
#
#one_fs		0

# The include and exclude parameters, if enabled, simply get passed directly
# to rsync. If you have multiple include/exclude patterns, put each one on a
# separate line. Please look up the --include and --exclude options in the
# rsync man page for more details on how to specify file name patterns. 
# 
#include	???
#include	???
#exclude	???
#exclude	???

# The include_file and exclude_file parameters, if enabled, simply get
# passed directly to rsync. Please look up the --include-from and
# --exclude-from options in the rsync man page for more details.
#
#include_file	/path/to/include/file
#exclude_file	/path/to/exclude/file

# If your version of rsync supports --link-dest, consider enable this.
# This is the best way to support special files (FIFOs, etc) cross-platform.
# The default is 0 (off).
#
#link_dest	0

# When sync_first is enabled, it changes the default behaviour of rsnapshot.
# Normally, when rsnapshot is called with its lowest interval
# (i.e.: "rsnapshot hourly"), it will sync files AND rotate the lowest
# intervals. With sync_first enabled, "rsnapshot sync" handles the file sync,
# and all interval calls simply rotate files. See the man page for more
# details. The default is 0 (off).
#
sync_first	1

# If enabled, rsnapshot will move the oldest directory for each interval
# to [interval_name].delete, then it will remove the lockfile and delete
# that directory just before it exits. The default is 0 (off).
#
use_lazy_deletes	1

###############################
### BACKUP POINTS / SCRIPTS ###
###############################

# LOCALHOST
backup	/u/mandelbrot	./	exclude=.gvfs
backup	/etc/		s/mandelbrot/
backup	/root/		s/mandelbrot/
backup	/usr/local/	s/mandelbrot/
backup	/var/lib	s/mandelbrot/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	/var/log	s/mandelbrot/
backup	/var/spool	s/mandelbrot/	exclude=/var/spool/mail
backup	/var/www	s/mandelbrot/
backup	/var/yp		s/mandelbrot/

#backup	/etc/passwd	localhost/
#backup	/home/foo/My Documents/		localhost/
#backup	/foo/bar/	localhost/	one_fs=1, rsync_short_args=-urltvpog
#backup_script		/usr/local/bin/backup_pgsql.sh	localhost/postgres/

# DSM LOCAL NET
# SERVERS
#   ERDOS
backup	root@erdos:/u/erdos/	./	exclude=.gvfs
backup	root@erdos:/etc/	s/erdos/
backup	root@erdos:/root/	s/erdos/
backup	root@erdos:/usr/local/	s/erdos/
# to back up postgres db in consistent state, save a dump in /var/lib/pgsql/backups
# likewise for mysql, save dump in /var/backup
backup_script	/usr/bin/ssh root@erdos /usr/local/sbin/postgresql_dumpall	s/erdos/pg_unused/
backup_script	/usr/bin/ssh root@erdos /usr/local/sbin/mysqldumpall	s/erdos/my_unused/
backup	root@erdos:/var/lib/	s/erdos/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	root@erdos:/var/backup/	s/erdos/
backup	root@erdos:/var/log/	s/erdos/
backup	root@erdos:/var/spool/	s/erdos/	exclude=/var/spool/mail
backup	root@erdos:/var/www/	s/erdos/
backup	root@erdos:/var/yp/	s/erdos/

#   DSM
backup	root@dsm:/u/dsm/	./	exclude=.gvfs
#  the above backs up /home/users, the next one the rest of /home
backup	root@dsm:/home/	s/dsm/	exclude=/home/users
backup	root@dsm:/etc/	s/dsm/
backup	root@dsm:/root/		s/dsm/
backup	root@dsm:/usr/local/	s/dsm/
# to back up postgres db in consistent state, save a dump in /var/lib/pgsql/backups
# likewise for mysql, save dump in /var/backup
backup_script	/usr/bin/ssh root@dsm /usr/local/sbin/postgresql_dumpall	s/dsm/pg_unused/
backup_script	/usr/bin/ssh root@dsm /usr/local/sbin/mysqldumpall	s/dsm/my_unused/
backup	root@dsm:/var/lib/	s/dsm/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	root@dsm:/var/backup/	s/dsm/
backup	root@dsm:/var/log/	s/dsm/
backup	root@dsm:/var/spool/	s/dsm/
backup	root@dsm:/var/www/	s/dsm/
backup	root@dsm:/var/yp/	s/dsm/

# FACULTY DESKTOPS
# Exclude .gvfs since it does not need backup and causes "permission
# denied" error messages.  Exclude beagle indices & cache which are
# large and can be rebuilt if lost.
#
#  NOETHER
backup	root@noether:/u/noether/	./	exclude=.gvfs
backup	root@noether:/etc/		s/noether/
backup	root@noether:/root/		s/noether/
backup	root@noether:/usr/local/	s/noether/
backup	root@noether:/var/lib/	s/noether/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	root@noether:/var/log/	s/noether/
backup	root@noether:/var/spool/	s/noether/	exclude=/var/spool/mail
backup	root@noether:/var/www/	s/noether/
backup	root@noether:/var/yp/	s/noether/

#  PASCAL
backup	root@pascal:/u/pascal/	./	exclude=.gvfs,exclude=.beagle/Indexes,exclude=.beagle/TextCache
backup	root@pascal:/etc/	s/pascal/
backup	root@pascal:/root/	s/pascal/
backup	root@pascal:/usr/local/	s/pascal/
backup	root@pascal:/var/lib/	s/pascal/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	root@pascal:/var/log/	s/pascal/
backup	root@pascal:/var/spool/	s/pascal/	exclude=/var/spool/mail
backup	root@pascal:/var/www/	s/pascal/
backup	root@pascal:/var/yp/	s/pascal/
# Back up Vbox directory but not the Windows 7 virtual disk.  There is
# a backup hard drive for user backup files which is included in snapshot.
backup	root@pascal:/vm/	s/pascal/	exclude=.gvfs,exclude=Windows7.vdi

#  KOPERNIK
backup	root@kopernik:/u/kopernik/	./	exclude=.gvfs,exclude=.beagle/Indexes,exclude=.beagle/TextCache,exclude=Windows*.vdi
backup	root@kopernik:/etc/		s/kopernik/
backup	root@kopernik:/root/		s/kopernik/
backup	root@kopernik:/usr/local/	s/kopernik/
backup	root@kopernik:/var/lib/	s/kopernik/	exclude=/var/lib/yum,exclude=/var/lib/rpm
backup	root@kopernik:/var/log/	s/kopernik/
backup	root@kopernik:/var/spool/	s/kopernik/	exclude=/var/spool/mail
backup	root@kopernik:/var/www/	s/kopernik/
backup	root@kopernik:/var/yp/	s/kopernik/




# EXAMPLE.COM
#backup_script   /bin/date "+ backup of example.com started at %c"   unused1
#backup	root@example.com:/home/	example.com/	+rsync_long_args=--bwlimit=16,exclude=core
#backup	root@example.com:/etc/	example.com/	exclude=mtab,exclude=core
#backup_script	ssh root@example.com "mysqldump -A > /var/db/dump/mysql.sql"
#backup	root@example.com:/var/db/dump/	example.com/	
#backup_script   /bin/date "+ backup of example.com ended at %c"   unused2

# CVS.SOURCEFORGE.NET
#backup_script	/usr/local/bin/backup_rsnapshot_cvsroot.sh	rsnapshot.cvs.sourceforge.net/

# RSYNC.SAMBA.ORG
#backup	rsync://rsync.samba.org/rsyncftp/	rsync.samba.org/rsyncftp/


=================End sample rsnapshot.conf file:=======================


===================Sample rsnapshot-vbox.conf file=========================
# This is for snapshots of the VBox directory

#################################################
# rsnapshot.conf - rsnapshot configuration file #
#################################################
#                                               #
# PLEASE BE AWARE OF THE FOLLOWING RULES:       #
#                                               #
# This file requires tabs between elements      #
#                                               #
# Directories require a trailing slash:         #
#   right: /home/                               #
#   wrong: /home                                #
#                                               #
#################################################

#######################
# CONFIG FILE VERSION #
#######################

config_version	1.2

###########################
# SNAPSHOT ROOT DIRECTORY #
###########################

# All snapshots will be stored under this root directory.
#
snapshot_root	/scratch/backups/.snaproot2/

# If no_create_root is enabled, rsnapshot will not automatically create the
# snapshot_root directory. This is particularly useful if you are backing
# up to removable media, such as a FireWire or USB drive.
#
#no_create_root	1

#################################
# EXTERNAL PROGRAM DEPENDENCIES #
#################################

# LINUX USERS:   Be sure to uncomment "cmd_cp". This gives you extra features.
# EVERYONE ELSE: Leave "cmd_cp" commented out for compatibility.
#
# See the README file or the man page for more details.
#
cmd_cp		/bin/cp

# uncomment this to use the rm program instead of the built-in perl routine.
#
cmd_rm		/bin/rm

# rsync must be enabled for anything to work. This is the only command that
# must be enabled.
#
cmd_rsync	/usr/bin/rsync

# Uncomment this to enable remote ssh backups over rsync.
#
cmd_ssh	/usr/bin/ssh

# Comment this out to disable syslog support.
#
cmd_logger	/usr/bin/logger

# Uncomment this to specify the path to "du" for disk usage checks.
# If you have an older version of "du", you may also want to check the
# "du_args" parameter below.
#
cmd_du		/usr/bin/du

# Uncomment this to specify the path to rsnapshot-diff.
#
#cmd_rsnapshot_diff	/usr/local/bin/rsnapshot-diff

# Specify the path to a script (and any optional arguments) to run right
# before rsnapshot syncs files
#
#cmd_preexec	/path/to/preexec/script

# Specify the path to a script (and any optional arguments) to run right
# after rsnapshot syncs files
#
#cmd_postexec	/path/to/postexec/script

#########################################
#           BACKUP INTERVALS            #
# Must be unique and in ascending order #
# i.e. hourly, daily, weekly, etc.      #
#########################################

# This thing is *big*, so we don't want to save a lot of snapshots
interval	daily	2
interval	weekly	1
interval	monthly	2

############################################
#              GLOBAL OPTIONS              #
# All are optional, with sensible defaults #
############################################

# Verbose level, 1 through 5.
# 1     Quiet           Print fatal errors only
# 2     Default         Print errors and warnings only
# 3     Verbose         Show equivalent shell commands being executed
# 4     Extra Verbose   Show extra verbose information
# 5     Debug mode      Everything
#
verbose		2

# Same as "verbose" above, but controls the amount of data sent to the
# logfile, if one is being used. The default is 3.
#
loglevel	3

# If you enable this, data will be written to the file you specify. The
# amount of data written is controlled by the "loglevel" parameter.
#
logfile	/var/log/rsnapshot

# If enabled, rsnapshot will write a lockfile to prevent two instances
# from running simultaneously (and messing up the snapshot_root).
# If you enable this, make sure the lockfile directory is not world
# writable. Otherwise anyone can prevent the program from running.
#
lockfile	/var/run/rsnapshot.pid

# Default rsync args. All rsync commands have at least these options set.
#
#rsync_short_args	-a
#rsync_long_args	--delete --numeric-ids --relative --delete-excluded

# ssh has no args passed by default, but you can specify some here.
#
#ssh_args	-p 22
# Don't need ssh X11 forwarding.  Turn it off for better security.
ssh_args	-x

# Default arguments for the "du" program (for disk space reporting).
# The GNU version of "du" is preferred. See the man page for more details.
# If your version of "du" doesn't support the -h flag, try -k flag instead.
#
#du_args	-csh

# If this is enabled, rsync won't span filesystem partitions within a
# backup point. This essentially passes the -x option to rsync.
# The default is 0 (off).
#
#one_fs		0

# The include and exclude parameters, if enabled, simply get passed directly
# to rsync. If you have multiple include/exclude patterns, put each one on a
# separate line. Please look up the --include and --exclude options in the
# rsync man page for more details on how to specify file name patterns. 
# 
#include	???
#include	???
#exclude	???
#exclude	???

# The include_file and exclude_file parameters, if enabled, simply get
# passed directly to rsync. Please look up the --include-from and
# --exclude-from options in the rsync man page for more details.
#
#include_file	/path/to/include/file
#exclude_file	/path/to/exclude/file

# If your version of rsync supports --link-dest, consider enable this.
# This is the best way to support special files (FIFOs, etc) cross-platform.
# The default is 0 (off).
#
#link_dest	0

# When sync_first is enabled, it changes the default behaviour of rsnapshot.
# Normally, when rsnapshot is called with its lowest interval
# (i.e.: "rsnapshot hourly"), it will sync files AND rotate the lowest
# intervals. With sync_first enabled, "rsnapshot sync" handles the file sync,
# and all interval calls simply rotate files. See the man page for more
# details. The default is 0 (off).
#
#sync_first	0

# If enabled, rsnapshot will move the oldest directory for each interval
# to [interval_name].delete, then it will remove the lockfile and delete
# that directory just before it exits. The default is 0 (off).
#
#use_lazy_deletes	0

###############################
### BACKUP POINTS / SCRIPTS ###
###############################

# FACULTY MACHINES
backup	root@pascal:/vm/vboxhome/	pascal-vbox/	+rsync_long_args=--whole-file --compress
backup	root@kopernik:/home/users/ts/.vbox/	kopernik-vbox/	+rsync_long_args=--whole-file --compress

# EXAMPLE.COM
#backup_script   /bin/date "+ backup of example.com started at %c"   unused1
#backup	root@example.com:/home/	example.com/	+rsync_long_args=--bwlimit=16,exclude=core
#backup	root@example.com:/etc/	example.com/	exclude=mtab,exclude=core
#backup_script	ssh root@example.com "mysqldump -A > /var/db/dump/mysql.sql"
#backup	root@example.com:/var/db/dump/	example.com/	
#backup_script   /bin/date "+ backup of example.com ended at %c"   unused2

# CVS.SOURCEFORGE.NET
#backup_script	/usr/local/bin/backup_rsnapshot_cvsroot.sh	rsnapshot.cvs.sourceforge.net/

# RSYNC.SAMBA.ORG
#backup	rsync://rsync.samba.org/rsyncftp/	rsync.samba.org/rsyncftp/
=================End sample rsnapshot-vbox.conf file=======================