Backing Up Open Source Chef Server


#1

Is it sufficient enough to use the knife-backup plugin (https://github.com/mdxp/knife-backup) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (http://docs.opscode.com/server_backup_restore.html), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.commailto:cstewart@momentumsi.com
www.momentumsi.comhttp://www.momentumsi.com/

[cid:71466434-A311-4F82-BC03-F7D6BA0FA526]http://www.momentumsi.com/http://www.momentumsi.com/

Cloud Migration - Architecture - DevOps - Big Data - App Dev


#2

I don’t know about knife-backup, but we have nightly backup jobs running
for PostreSQL, Solr, and Bookshelf data dir. In addition to that, we back
up private keys in /etc/chef-server/ dir (admin, webui, and chef-validator,
I believe).

On Tue, May 20, 2014 at 8:10 AM, Stewart, Curtis cstewart@momentumsi.comwrote:

Is it sufficient enough to use the knife-backup plugin (
https://github.com/mdxp/knife-backup) for backing up an Open Source Chef
server?

The Chef docs have a page on backing up Enterprise Chef data (
http://docs.opscode.com/server_backup_restore.html), but I’m not sure
that’s required for Open Source Chef server (as Enterprise contains Groups,
ACLs, etc.).

 *Curtis Stewart*

Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com
www.momentumsi.com


Best regards, Dmitriy V.


#3

It’s like any modest open source backup tool: it requires thought. For example, your data bags, internal cookbooks, roles, and environments may have passwords or details of machine configurations that should not be left lying around in a tarball that anyone in your company can download and read. Moreover, because much of the data is stored in JSON format, it may not match the format of your original configuration files. That makes comparing your backup to your source code particularly awkward.

I’m afraid to say that it is also underdocumented, and there were some odd behavioral changes between running it on older versions of chef and the current chef-11.12.4. It apparently changed how it makes assumptions about ‘chef-repo-path’ based on your current working directory, which caused me issues. That kind of change is what a more mature or enterprise grade backup tool would have tested and documented.

As an open source tool, I find it adequate with thoughtful usage and security practices.


Nico Kadel-Garcia
Senior Systems Consultant
Email: nkadelgarcia-consultant@scholastic.com
Cell Phone: +1.339.368.2428

From: Stewart, Curtis [mailto:cstewart@momentumsi.com]
Sent: Tuesday, May 20, 2014 11:10 AM
To: chef@lists.opscode.com
Subject: [chef] Backing Up Open Source Chef Server

Is it sufficient enough to use the knife-backup plugin (https://github.com/mdxp/knife-backup) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (http://docs.opscode.com/server_backup_restore.html), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.commailto:cstewart@momentumsi.com
www.momentumsi.comhttp://www.momentumsi.com/

[cid:image001.png@01CF764B.61A1EB60]http://www.momentumsi.com/http://www.momentumsi.com/

http://www.momentumsi.com/

Cloud Migration - Architecture - DevOps - Big Data - App Dev


#4

This is a pretty handy simple backup script that I’ve been using with success. Obviously you need to either add to it or add a 2nd script to handle pushing to backups to a secure location.

Tim Smith - Systems Engineer
+1 707 738 8132

On May 23, 2014, at 3:31 AM, Kadel-Garcia, Nico NKadelGarcia-consultant@Scholastic.com wrote:

It’s like any modest open source backup tool: it requires thought. For example, your data bags, internal cookbooks, roles, and environments may have passwords or details of machine configurations that should not be left lying around in a tarball that anyone in your company can download and read. Moreover, because much of the data is stored in JSON format, it may not match the format of your original configuration files. That makes comparing your backup to your source code particularly awkward.

I’m afraid to say that it is also underdocumented, and there were some odd behavioral changes between running it on older versions of chef and the current chef-11.12.4. It apparently changed how it makes assumptions about ‘chef-repo-path’ based on your current working directory, which caused me issues. That kind of change is what a more mature or enterprise grade backup tool would have tested and documented.

As an open source tool, I find it adequate with thoughtful usage and security practices.


Nico Kadel-Garcia
Senior Systems Consultant
Email: nkadelgarcia-consultant@scholastic.com
Cell Phone: +1.339.368.2428

From: Stewart, Curtis [mailto:cstewart@momentumsi.com]
Sent: Tuesday, May 20, 2014 11:10 AM
To: chef@lists.opscode.com
Subject: [chef] Backing Up Open Source Chef Server

Is it sufficient enough to use the knife-backup plugin (https://github.com/mdxp/knife-backup) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (http://docs.opscode.com/server_backup_restore.html), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com
www.momentumsi.com

<image001.png>

Cloud Migration - Architecture - DevOps - Big Data - App Dev


The information in this message may be confidential. It is intended solely
for
the addressee(s). If you are not the intended recipient, any disclosure,
copying or distribution of the message, or any action or omission taken by
you
in reliance on it, is prohibited and may be unlawful. Please immediately
contact the sender if you have received this message in error.