Backing Up Open Source Chef Server

Stewart_Curtis · May 20, 2014, 3:10pm

Is it sufficient enough to use the knife-backup plugin (https://github.com/mdxp/knife-backup) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (http://docs.opscode.com/server_backup_restore.html), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com mailto:cstewart@momentumsi.com
www.momentumsi.com http://www.momentumsi.com/

[cid:71466434-A311-4F82-BC03-F7D6BA0FA526]http://www.momentumsi.com/http://www.momentumsi.com/

Cloud Migration - Architecture - DevOps - Big Data - App Dev

DV1 · May 20, 2014, 6:34pm

I don't know about knife-backup, but we have nightly backup jobs running
for PostreSQL, Solr, and Bookshelf data dir. In addition to that, we back
up private keys in /etc/chef-server/ dir (admin, webui, and chef-validator,
I believe).

On Tue, May 20, 2014 at 8:10 AM, Stewart, Curtis cstewart@momentumsi.comwrote:

Is it sufficient enough to use the knife-backup plugin (
GitHub - mdxp/knife-backup: knife plugin to help backup and restore a chef server.) for backing up an Open Source Chef
server?

The Chef docs have a page on backing up Enterprise Chef data (
Backup and Restore a Standalone or Frontend install), but I’m not sure
that’s required for Open Source Chef server (as Enterprise contains Groups,
ACLs, etc.).
 *Curtis Stewart*
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com
www.momentumsi.com

http://www.momentumsi.com/ http://www.momentumsi.com/ Cloud
Migration - Architecture - DevOps - Big Data - App Dev *

--
Best regards, Dmitriy V.

Kadel_Garcia_Nico · May 23, 2014, 10:31am

It’s like any modest open source backup tool: it requires thought. For example, your data bags, internal cookbooks, roles, and environments may have passwords or details of machine configurations that should not be left lying around in a tarball that anyone in your company can download and read. Moreover, because much of the data is stored in JSON format, it may not match the format of your original configuration files. That makes comparing your backup to your source code particularly awkward.

I’m afraid to say that it is also underdocumented, and there were some odd behavioral changes between running it on older versions of chef and the current chef-11.12.4. It apparently changed how it makes assumptions about ‘chef-repo-path’ based on your current working directory, which caused me issues. That kind of change is what a more mature or enterprise grade backup tool would have tested and documented.

As an open source tool, I find it adequate with thoughtful usage and security practices.

–
Nico Kadel-Garcia
Senior Systems Consultant
Email: nkadelgarcia-consultant@scholastic.com
Cell Phone: +1.339.368.2428

From: Stewart, Curtis [mailto:cstewart@momentumsi.com]
Sent: Tuesday, May 20, 2014 11:10 AM
To: chef@lists.opscode.com
Subject: [chef] Backing Up Open Source Chef Server

Is it sufficient enough to use the knife-backup plugin (https://github.com/mdxp/knife-backup) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (http://docs.opscode.com/server_backup_restore.html), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com mailto:cstewart@momentumsi.com
www.momentumsi.com http://www.momentumsi.com/

[cid:image001.png@01CF764B.61A1EB60]http://www.momentumsi.com/http://www.momentumsi.com/

http://www.momentumsi.com/

Cloud Migration - Architecture - DevOps - Big Data - App Dev

Tim_Smith1 · May 23, 2014, 3:57pm

This is a pretty handy simple backup script that I’ve been using with success. Obviously you need to either add to it or add a 2nd script to handle pushing to backups to a secure location.

github.com

ArtemChekunov/Chef-Easy-Restore/blob/master/server-side/chef-backup.sh

#!/usr/bin/env bash
# Author: Arem Chekunov
# Author email: scorp.dev.null@gmail.com, artem.v.chekunov@gmail.com
# repo: https://github.com/sc0rp1us/Chef-Easy-Restore
# env and func's
_BACKUP_NAME="chef-backup_$(date +%Y-%m-%d)"
_BACKUP_USER="backup"
_BACKUP_GROUP="backup"
_BACKUP_DIR="/var/backups"
_SYS_TMP="/tmp"
_ORGS=""
_PUSHTOS3="false"
_S3_SUCCESS_STAMP="${_BACKUP_DIR}/chef-backup/s3_push_timestamp"

cd "$(dirname $0)"

if [ -f ../etc/chef-backup.conf ]; then
    source ../etc/chef-backup.conf
fi

This file has been truncated. show original

Tim Smith - Systems Engineer
+1 707 738 8132
www.limelight.com

On May 23, 2014, at 3:31 AM, Kadel-Garcia, Nico NKadelGarcia-consultant@Scholastic.com wrote:

It’s like any modest open source backup tool: it requires thought. For example, your data bags, internal cookbooks, roles, and environments may have passwords or details of machine configurations that should not be left lying around in a tarball that anyone in your company can download and read. Moreover, because much of the data is stored in JSON format, it may not match the format of your original configuration files. That makes comparing your backup to your source code particularly awkward.

I’m afraid to say that it is also underdocumented, and there were some odd behavioral changes between running it on older versions of chef and the current chef-11.12.4. It apparently changed how it makes assumptions about ‘chef-repo-path’ based on your current working directory, which caused me issues. That kind of change is what a more mature or enterprise grade backup tool would have tested and documented.

As an open source tool, I find it adequate with thoughtful usage and security practices.

--
Nico Kadel-Garcia
Senior Systems Consultant
Email: nkadelgarcia-consultant@scholastic.com
Cell Phone: +1.339.368.2428

From: Stewart, Curtis [mailto:cstewart@momentumsi.com]
Sent: Tuesday, May 20, 2014 11:10 AM
To: chef@lists.opscode.com
Subject: [chef] Backing Up Open Source Chef Server

Is it sufficient enough to use the knife-backup plugin (GitHub - mdxp/knife-backup: knife plugin to help backup and restore a chef server.) for backing up an Open Source Chef server?

The Chef docs have a page on backing up Enterprise Chef data (Backup and Restore a Standalone or Frontend install), but I’m not sure that’s required for Open Source Chef server (as Enterprise contains Groups, ACLs, etc.).

Curtis Stewart
Consultant
m 217.390.5067
Skype cstewart8710
cstewart@momentumsi.com
www.momentumsi.com

<image001.png>

Cloud Migration - Architecture - DevOps - Big Data - App Dev

--
The information in this message may be confidential. It is intended solely
for
the addressee(s). If you are not the intended recipient, any disclosure,
copying or distribution of the message, or any action or omission taken by
you
in reliance on it, is prohibited and may be unlawful. Please immediately
contact the sender if you have received this message in error.

Topic		Replies	Views
What does chef-server-ctl backup actually backup? Chef Infra (archive)	1	511	September 24, 2018
How to backup & recovery Chef Server Chef Infra (archive)	2	294	November 12, 2013
Chef-server backup best option Chef Infra (archive)	3	1394	April 17, 2019
Tiered deployment backups Chef Infra (archive)	0	516	June 13, 2016
Chef Server 11 Backup / Restore Chef Infra (archive)	5	830	May 6, 2013

Backing Up Open Source Chef Server

Related topics