1 Cumulus: Efficient Filesystem Backup to the Cloud
7 - libuuid (sometimes part of e2fsprogs)
9 - boto, the python interface to Amazon's Web Services (for S3 storage)
10 http://code.google.com/p/boto
11 - paramiko, SSH2 protocol for python (for sftp storage)
12 http://www.lag.net/paramiko/
14 Building should be a simple matter of running "make". This will produce
15 an executable called "cumulus".
21 Two directories are needed for backups: one for storing the backup
22 snapshots themselves, and one for storing bookkeeping information to go
23 with the backups. In this example, the first will be "/cumulus", and
24 the second "/cumulus.db", but any directories will do. Only the first
25 directory, /cumulus, needs to be stored somewhere safe. The second is
26 only used when creating new snapshots, and is not needed when restoring.
28 1. Create the snapshot directory and the local database directory:
29 $ mkdir /cumulus /cumulus.db
31 2. Initialize the local database using the provided script schema.sql
33 $ sqlite3 /cumulus.db/localdb.sqlite
34 sqlite> .read schema.sql
37 3. If encrypting or signing backups with gpg, generate appropriate
38 keypairs. The keys can be kept in a user keyring or in a separate
39 keyring just for backups; this example does the latter.
40 $ mkdir /cumulus.db/gpg; chmod 700 /cumulus.db/gpg
41 $ gpg --homedir /cumulus.db/gpg --gen-key
42 (generate a keypair for encryption; enter a passphrase for
44 $ gpg --homedir /cumulus.db/gpg --gen-key
45 (generate a second keypair for signing; for automatic
46 signing do not use a passphrase to protect the secret key)
47 Be sure to store the secret key needed for decryption somewhere
48 safe, perhaps with the backup itself (the key protected with an
49 appropriate passphrase). The secret signing key need not be stored
50 with the backups (since in the event of data loss, it probably
51 isn't necessary to create future backups that are signed with the
54 To achieve better compression, the encryption key can be edited to
55 alter the preferred compression algorithms to list bzip2 before
57 $ gpg --homedir /cumulus.db/gpg --edit-key <encryption key>
59 (prints a terse listing of preferences associated with the
62 (allows preferences to be changed; copy the same preferences
63 list printed out by the previous command, but change the
64 order of the compression algorithms, which start with "Z",
65 to be "Z3 Z2 Z1" which stands for "BZIP2, ZLIB, ZIP")
68 Copy the provided encryption filter program, cumulus-filter-gpg,
69 somewhere it may be run from.
71 4. Create a script for launching the Cumulus backup process. A simple
75 export LBS_GPG_HOME=/cumulus.db/gpg
76 export LBS_GPG_ENC_KEY=<encryption key>
77 export LBS_GPG_SIGN_KEY=<signing key>
78 cumulus --dest=/cumulus --localdb=/cumulus.db --scheme=test \
79 --filter="cumulus-filter-gpg --encrypt" --filter-extension=.gpg \
80 --signature-filter="cumulus-filter-gpg --clearsign" \
81 /etc /home /other/paths/to/store
83 Make appropriate substitutions for the key IDs and any relevant
84 paths. Here "--scheme=test" gives a descriptive name ("test") to
85 this collection of snapshots. It is possible to store multiple sets
86 of backups in the same directory, using different scheme names to
87 distinguish them. The --scheme option can also be left out
94 Segment cleaning must periodically be done to identify backup segments
95 that are mostly unused, but are storing a small amount of useful data.
96 Data in these segments will be rewritten into new segments in future
97 backups to eliminate the dependence on the almost-empty old segments.
99 The provided cumulus-util tool can perform the necessary cleaning. Run
101 $ cumulus-util --localdb=/cumulus.db clean
102 Cleaning is still under development, and so may be improved in the
103 future, but this version is intended to be functional.
105 Old backup snapshots can be pruned from the snapshot directory
106 (/cumulus) to recover space. A snapshot which is still referenced by
107 the local database should not be deleted, however. Deleting an old
108 backup snapshot is a simple matter of deleting the appropriate snapshot
109 descriptor file (snapshot-*.lbs) and any associated checksums
110 (snapshot-*.sha1sums). Segments used by that snapshot, but not any
111 other snapshots, can be identified by running the clean-segments.pl
112 script from the /cumulus directory--this will perform a scan of the
113 current directory to identify unreferenced segments, and will print a
114 list to stdout. Assuming the list looks reasonable, the segments can be
116 $ rm `./clean-segments.pl`
117 A tool to make this easier will be implemented later.
119 The clean-segments.pl script will also print out a warning message if
120 any snapshots appear to depend upon segments which are not present; this
121 is a serious error which indicates that some of the data needed to
122 recover a snapshot appears to be lost.
125 Listing and Restoring Snapshots
126 -------------------------------
128 A listing of all currently-stored snapshots (and their sizes) can be
130 $ cumulus-util --store=/cumulus list-snapshot-sizes
132 If data from a snapshot needs to be restored, this can be done with
133 $ cumulus-util --store=/cumulus restore-snapshot \
134 test-20080101T121500 /dest/dir <files...>
135 Here, "test-20080101T121500" is the name of the snapshot (consisting of
136 the scheme name and a timestamp; this can be found from the output of
137 list-snapshot-sizes) and "/dest/dir" is the path under which files
138 should be restored (this directory should initially be empty).
139 "<files...>" is a list of files or directories to restore. If none are
140 specified, the entire snapshot is restored.
146 The cumulus-util command can operate directly on remote backups. The
147 --store parameter accepts, in addition to a raw disk path, a URL.
148 Supported URL forms are
149 file:///path Equivalent to /path
150 s3://bucket/path Storage in Amazon S3
151 (Expects the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
152 environment variables to be set appropriately)
153 sftp://server/path Storage on sftp server
155 To copy backup snapshots from one storage area to another, the
156 cumulus-sync command can be used, as in
157 $ cumulus-sync file:///cumulus s3://my-bucket/cumulus
159 Support for directly writing backups to a remote location (without using
160 a local staging directory and cumulus-sync) is slightly more
161 experimental, but can be achieved by replacing
164 --upload-script="cumulus-store s3://my-bucket/cumulus"
167 Alternate Restore Tool
168 ----------------------
170 The contrib/restore.pl script is a simple program for restoring the
171 contents of a Cumulus snapshot. It is not as full-featured as the
172 restore functionality in cumulus-util, but it is far more compact. It
173 could be stored with the backup files so a tool for restores is
174 available even if all other data is lost.
176 The restore.pl script does not know how to decompress segments, so this
177 step must be performed manually. Create a temporary directory for
178 holding all decompressed objects. Copy the snapshot descriptor file
179 (*.lbs) for the snapshot to be restored to this temporary directory.
180 The snapshot descriptor includes a list of all segments which are needed
181 for the snapshot. For each of these snapshots, decompress the segment
182 file (with gpg or the appropriate program based on whatever filter was
183 used), then pipe the resulting data through "tar -xf -" to extract. Do
184 this from the temporary directory; the temporary directory should be
185 filled with one directory for each segment decompressed.
187 Run restore.pl giving two arguments: the snapshot descriptor file
188 (*.lbs) in the temporary directory, and a directory where the restored
189 files should be written.
projects / cumulus.git / blob