Re: [CentOS] KVM vs. incremental remote backups

2021-04-01 Thread Peter Eckel via CentOS 
Hi Niki,

I'm using a similar approach like Stephen's, but with a kink.

* Kickstart all machines from a couple of ISOs, depending on the requirements 
(the Kickstart process is controlled by Ansible)
* Machines that have persistent data (which make up about 50% in average) have 
at least two virtual disk devices: The one for the OS (which gets overwritten 
by Kickstart when a machine is re-created), and another one for persistent data 
(which Kickstart doesn't touch)
* Ansible sets up everything on the base server Kickstart provides, starting 
from basic OS hardening, authentication and ending with monitoring and backup 
of the data volume
* Backup is done via Bareos to a redundant storage server

That way I can reinitialise a VM at any time without having to care for the 
persistent data in most cases. If persistent data need to be restored as well, 
Bareos can handle that as soon as the machine has been set up via Ansible. OS 
files are never backed up at all.

An improvement I'm planning to look into is moving from Kickstart to Terraform 
for the provisioning of the base machines. Currently it takes me about 10 
minutes to recreate a broken VM provided the persistent data is left intact. 

Cheers, 

  Peter.

> On 31. Mar 2021, at 14:41, Nicolas Kovacs  wrote:
> 
> Hi,
> 
> Up until recently I've hosted all my stuff (web & mail) on a handful of bare
> metal servers. Web applications (WordPress, OwnCloud, Dolibarr, GEPI,
> Roundcube) as well as mail and a few other things were hosted mostly on one 
> big
> machine.
> 
> Backups for this setup were done using Rsnapshot, a nifty utility that 
> combines
> Rsync over SSH and hard links to make incremental backups.
> 
> This approach has become problematic, for several reasons. First, web
> applications have increasingly specific and sometimes mutually exclusive
> requirements. And second, last month I had a server crash, and even though I
> had backups for everything, this meant quite some offline time.
> 
> So I've opted to go for KVM-based solutions, with everything split up over a
> series of KVM guests. I wrapped my head around KVM, played around with it (a
> lot) and now I'm more or less ready to go.
> 
> One detail is nagging me though: backups.
> 
> Let's say I have one VM that handles only DNS (base installation + BIND) and
> one other VM that handles mail (base installation + Postfix + Dovecot).
> 
> Under the hood that's two QCOW2 images stored in /var/lib/libvirt/images.
> 
> With the old "bare metal" approach I could perform remote backups using Rsync,
> so only the difference between two backups would get transferred over the
> network. Now with KVM images it looks like every day I have to transfer the
> whole image again. As soon as some images have lots of data on them (say, 100
> GB for a small OwnCloud server), this quickly becomes unmanageable.
> 
> I googled around quite some time for "KVM backup best practices" and was a bit
> puzzled to find many folks asking the same question and no real answer, at
> least not without having to jump through burning loops.
> 
> Any suggestions ?
> 
> Niki
> 
> -- 
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KVM vs. incremental remote backups

2021-04-01 Thread Peter Eckel via CentOS 
Hi Simon, 

> Whenever I read such things I'm wondering, what about things like log
> files? Do you call them OS files or persistent data? How do you back'em up
> then?

I don't. 

All relevant logging is centralised to a server cluster running Graylog.

Regards, 

  Peter.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KVM vs. incremental remote backups

2021-04-01 Thread Peter Eckel via CentOS 
> All relevant logging is centralised to a server cluster running Graylog.

... and, because I forgot to mention it: Yes, that server cluster has a 
"persistent data" device.

Regards, 

  Peter.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] almalinux?

2021-04-05 Thread Peter Eckel via CentOS 
Hi Mark, 

> Anyone looked into almalinux? I was sort of waiting for rocky, but I see from 
> over the weekend on slashdot that almalinux stable is released.

yup. 

So far I upgraded a couple of test machines using the conversion tool they 
provided on GitHub (works fine, although it seems each and every package will 
be re-downloaded during the migration process which makes it a bit tedious), 
and I used my own KVM/virt-install/Kickstart/Ansible-Workflow to bring up one 
new server from scractch with no further change than swapping the ISO image for 
CentOS against the one for Alma 8.3.

Both procedures worked absolutely flawless, and so far I still have to find the 
first issue with any of the machines converted to or initially set up with 
AlmaLinux.

Caveat:

1. All of the machines I tried are VMs, no bare metal servers or VM hosts.
2. All of the machines are headless with no GUI installed at all.
3. No UEFI or Secure Boot (the latter is an open issue with Alma AFAIK).

On the other hand I did not need to change a single bit of Ansible code or 
Kickstart template in order to make it work, so the compatibility to CentOS 
seems to be very good.

Regards, 

  Peter.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] almalinux?

2021-04-05 Thread Peter Eckel via CentOS 
Hi Simon,

+1

I expect that to happen sooner or later. Currently Alma has a head start with 
Rocky postponed until the end of April, but to me the race is still open.

As is the case with many other colleagues, I'm currently stuck with RHEL clones 
because RHEL/CentOS is what my customers are using and they are not going to 
switch to Debian/FreeBSD/Ubuntu/whatever any time soon for a plethora of 
reasons. So it would be nice to have a one-stop-solution instead of having to 
decide which of the clones will be the more future-proof option.

Regards,

  Peter.

> On 5. Apr 2021, at 20:31, Simon Matter  wrote:
> 
> 
>> 
>> Anyone looked into almalinux? I was sort of waiting for rocky, but I see
>> from over the weekend on slashdot that almalinux stable is released.
>> 
>>mark
> 
> I hoped they would join forces and produce only one RHEL clone but put
> some effort into bringing EPEL to a usable state for EL8 instead. IMHO
> that would help *MUCH* more than to have two almost identical rebuilds of
> RHEL.
> 
> Simon
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] almalinux?

2021-04-06 Thread Peter Eckel via CentOS 
> Looking.  Rocky was supposed to release something at the beginning of the
> month, but I haven't seen anything.

The release was postponed by one month.

"Unfortunately we’ve had to revise our previous update for a release candidate 
from March 31 to April 30, due to complications in the build efforts. We 
continue to make steady progress, and are optimistic about our revised 
timeline."





signature.asc
Description: Message signed with OpenPGP
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos