Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BareOS server set #94 #383

Closed
wants to merge 7 commits into from

Conversation

phillxnet
Copy link
Member

@phillxnet phillxnet commented Aug 15, 2024

Multi Container BareOS server set Rock-on.

Containing:

  • Director Service (Overall controller).
  • Catalog Service (Postgres DB for Director).
  • Storage Service (Back-end Storage for Director and File (client) services).
  • Web-UI Service (Director interface).

Fixes #94

General information on project

This pull request proposes to add a new rock-on for the following project:

  • name: BareOS
  • website: https://www.bareos.org
  • description: A comprehensive network-based open-source backup and recovery solution for all major operating systems

Information on docker image/s

Checklist

  • Passes JSONlint validation
  • Entry added to root.json in alphabetical order (for new rock-on only)
  • "description" object lists and links to the docker image used
  • "description" object provides information on the images particulars
  • "website" object links to project's main website

Multi Container BareOS server set Rock-on containing:
- Director Service (overall controller).
- Catalog Service (Postgres DB for Director).
- Storage Service (Back-end Storage for Director and File (client) services).
- Web-UI Service (Director interface).
Uses custom docker images at https://hub.docker.com/u/barcus/ as no official
docker images are available.
@phillxnet phillxnet mentioned this pull request Aug 15, 2024
@phillxnet
Copy link
Member Author

phillxnet commented Aug 15, 2024

Development ongoing

Assumes latest testing branch and requires pending-review PR: rockstor/rockstor-core#2888

Getting there as we now have 2 of the 4 containers persisting:

rleap15-6:~ # docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED         STATUS                           PORTS                                       NAMES
e1d0ebffa77a   barcus/bareos-webui:latest      "/docker-entrypoint.…"   9 minutes ago   Restarting (1) 52 seconds ago                                                bareos-webui
dedf2aff9f4f   barcus/bareos-storage:latest    "/docker-entrypoint.…"   9 minutes ago   Up 9 minutes                     0.0.0.0:9103->9103/tcp, :::9103->9103/tcp   bareos-storage
760bd62aaf1c   barcus/bareos-director:latest   "/docker-entrypoint.…"   9 minutes ago   Restarting (42) 38 seconds ago                                               bareos-director
89cb865b531b   postgres:14                     "docker-entrypoint.s…"   9 minutes ago   Up 9 minutes                     5432/tcp                                    bareos-db

Director container has an outstanding config issue:

Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: Waiting for postgresql...
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: bareos-db:5432 - accepting connections
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: ...postgresql is alive
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: bareos-dir: CONFIG ERROR at lib/lex.cc:1028
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: Config error: expected a name, got BCT_EQUALS: =
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]:             : line 7, col 11 of file /etc/bareos/bareos-dir.d/messages/Standard.conf
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]:   mail =  = all, !skipped, !saved, !audit
Aug 15 20:23:43 rleap15-6 barcus/bareos-director:latest/bareos-director[27856]: 

Web-UI container also has a config issue:

Aug 15 20:25:30 rleap15-6 barcus/bareos-webui:latest/bareos-webui[27856]: nginx: [emerg] invalid port in upstream ":" in /etc/nginx/http.d/bareos-webui.conf:17

[EDIT linking to an imidiate upstream (barcus/bareos docker image repo) issue with the same error reported: https://github.com/barcus/bareos/issues/156]

@phillxnet
Copy link
Member Author

phillxnet commented Aug 16, 2024

Director config issue:

cat /mnt2/bareos-dir-config/bareos-dir.d/messages/Standard.conf
Messages {
  Name = Standard
  Description = "Reasonable message delivery -- send most everything to email address and to the console."
  operatorcommand = "/usr/bin/bsmtp -h  -f \"\(Bareos\) \<%r\>\" -s \"Bareos: Intervention needed for %j\" %r"
  mailcommand = "/usr/bin/bsmtp -h  -f \"\(Bareos\) \<%r\>\" -s \"Bareos: %t %e of %c %l\" %r"
  operator = root = mount
  mail =  = all, !skipped, !saved, !audit
  console = all, !skipped, !saved, !audit
  append = "/var/log/bareos/bareos.log" = all, !skipped, !saved, !audit
  catalog = all, !skipped, !saved, !audit
}

Likely we need to have some email info/config here as this is assumed by the docker-startup script:
https://github.com/barcus/bareos/blob/master/director-pgsql/22-alpine/docker-entrypoint.sh

https://github.com/barcus/bareos/blob/db8b993d129d8a2cf0e0a8a7069ec04ccd45c28b/director-pgsql/22-alpine/docker-entrypoint.sh#L38-L51

There is similarly email config for /etc/bareos/bareos-dir.d/messages/Daemon.conf:

https://github.com/barcus/bareos/blob/db8b993d129d8a2cf0e0a8a7069ec04ccd45c28b/director-pgsql/22-alpine/docker-entrypoint.sh#L32-L35

Development notes:

Wiping all config to re-test initial install of this in-development Rock-on (DO NOT USE IN PRODUCTION).

rm -rf ./bareos-catalog/* ./bareos-catalog-backup/* ./bareos-dir-config/* ./bareos-storage-config/* ./bareos-webui-config/*  ./bareos-webui-data/*

Director terminal (bconsole)

rleap15-6:~ # docker exec -it bareos-director bconsole
Connecting to Director localhost:9101
 Encryption: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
1000 OK: bareos-dir Version: 22.1.2 (21 November 2023)
Self-compiled binaries (UNSUPPORTED)
Get professional support from https://www.bareos.com
You are connected using the default console

Enter a period (.) to cancel a command.
*

- BAREOS_SD_PASSWORD director & storage containers.
- Place-holder ADMIN_MAIL (director).
- WEBHOOK_NOTIFICATION=true (director) to avoid/disable
smtp config for now.
- BAREOS_DIR_HOST to bareos-webui.
@phillxnet
Copy link
Member Author

phillxnet commented Aug 16, 2024

As from the last commit we have only the bareos-webui container restarting:

rleap15-6:~ # docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED       STATUS                                  PORTS                                       NAMES
6db50861e6ee   barcus/bareos-webui:latest      "/docker-entrypoint.…"   2 hours ago   Restarting (1) Less than a second ago                                               bareos-webui
de84cf87704a   barcus/bareos-storage:latest    "/docker-entrypoint.…"   2 hours ago   Up 2 hours                              0.0.0.0:9103->9103/tcp, :::9103->9103/tcp   bareos-storage
11505e3f8b42   barcus/bareos-director:latest   "/docker-entrypoint.…"   2 hours ago   Up 2 hours                              0.0.0.0:9101->9101/tcp, :::9101->9101/tcp   bareos-director
2434202b8556   postgres:14                     "docker-entrypoint.s…"   2 hours ago   Up 2 hours                              5432/tcp                                    bareos-db

With the previously referenced upstream issue indicating the need for an additional container to provide php-fpm (barcus/bareos#156 (comment)) presumably referencing the docker file here:
https://github.com/barcus/bareos/blob/master/webui/22-alpine/docker-entrypoint.sh

https://github.com/barcus/docker-php-fpm-alpine/blob/master/Dockerfile

The above barcus php-fpm container definition is derived from https://hub.docker.com/_/php (search "php:-fpm") via:

FROM php:7.2-fpm-alpine

https://hub.docker.com/layers/library/php/7.2-fpm-alpine/images/sha256-83fd5347c586492481ef74815840e0cacfda14b020eb3eceb485eddb912d9e1a?context=explore

PHP on GitHub: https://github.com/php/php-src

The following is older but has hints on how this php-fpm container fits in, and an additional volume for bareos-webui!

https://github.com/barcus/bareos/blob/master/docker-compose-alpine-pgsql.yml

Required by bareos-webui 22 onwards to provide php-fpm.
These two webui containers share volumes, via --volumes-from,
and an associated launch_order.

Additionally we specify a BareOS 'WebUI' data Share to host
the website data files that these two container use. These files
are installed by the bareos-webui container docker-entrypoint.sh.
@phillxnet
Copy link
Member Author

Current state of this branch

rleap15-6:~ # docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED          STATUS                         PORTS                                       NAMES
fdcd39f09a98   barcus/bareos-webui:latest      "/docker-entrypoint.…"   16 minutes ago   Restarting (1) 6 seconds ago                                               bareos-webui
8989fa0e2556   barcus/php-fpm-alpine:latest    "/docker-entrypoint.…"   16 minutes ago   Up 16 minutes                  9000/tcp                                    bareos-webui-php-fpm
981096f9998f   barcus/bareos-storage:latest    "/docker-entrypoint.…"   16 minutes ago   Up 16 minutes                  0.0.0.0:9103->9103/tcp, :::9103->9103/tcp   bareos-storage
ae2dfb5c6aea   barcus/bareos-director:latest   "/docker-entrypoint.…"   16 minutes ago   Up 16 minutes                  0.0.0.0:9101->9101/tcp, :::9101->9101/tcp   bareos-director
f482c71b422d   postgres:14                     "docker-entrypoint.s…"   16 minutes ago   Up 16 minutes                  5432/tcp                                    bareos-db

With a now slightly different bareos-webui error:

Aug 16 20:02:36 rleap15-6 barcus/bareos-webui:latest/bareos-webui[16256]: nginx: [emerg] host not found in upstream "bareos-webui-php-fpm" in /etc/nginx/http.d/bareos-webui.conf:17

@phillxnet
Copy link
Member Author

Currently requires at least rockstor 5.0.14-0 for testing/development as depends on two multi-container improvements added in this release.

Rockstor forces unique share allocation, however
- bareos-webui-php-fpm needs /var/www/html on web-data
but web-data is populated by bareos-webui: and
- bareos-webui populates web-data via /usr/share/bareos-webui
Plus, bareos-webui requires bareos-webui-php-fpm so the later
must start before the former.

Have bareos-webui-php-fpm establish bareos-webui volumes, and
add share duplicate mount it requires via opts -v. Working around
Rockstor repeate share use limitation. Then have bareos-webui
inherit via opts (--volumes-from bareos-webui-php-fpm) all 3 volumes.
Only two of which it is required to share with it's php-fpm counterpart.
We assume no side effects from: "/mnt2/bareos-webui-data:/var/www/html"
applied via inheritance within bareos-webui container.

Currently, requires dictating a share name !!
@phillxnet
Copy link
Member Author

phillxnet commented Aug 30, 2024

We have an unfortunate anomaly re incompatible mount points between the dedicated php-fpm container, and the bareos-webui container that depends upon it. Work-around in progress/testing to facilitate approaching the outstanding failure in docker name resolution observed in bareos-webui via: -e PHP_FPM_HOST=bareos-webui-php-fpm that ends up populating non mapped config within bareos-webui:

Aug 30 19:56:35 rleap15-6 barcus/bareos-webui:latest/bareos-webui[27534]: nginx: [emerg] host not found in upstream "bareos-webui-php-fpm" in /etc/nginx/http.d/bareos-webui.conf:17

via:

https://github.com/barcus/bareos/blob/db8b993d129d8a2cf0e0a8a7069ec04ccd45c28b/webui/22-alpine/docker-entrypoint.sh#L24C1-L24C123

# set php-fpm host andd port
sed -i "s/fastcgi_pass 127.0.0.1:9000;/fastcgi_pass ${PHP_FPM_HOST}:${PHP_FPM_PORT};/" /etc/nginx/http.d/bareos-webui.conf

@phillxnet
Copy link
Member Author

phillxnet commented Aug 31, 2024

Diagnosis of bareos-webui

We start with restart and nginx doesn't like a config and so we have a perpetual container restart, ergo we can examine via:

rleap15-6:~ # docker run -it --entrypoint /bin/sh barcus/bareos-webui
/ #
/ # cat /etc/nginx/http.d/bareos-webui.conf | grep fastcgi
                include fastcgi.conf;
                fastcgi_pass 127.0.0.1:9000;
                # fastcgi_param APPLICATION_ENV development;
                fastcgi_param APPLICATION_ENV production;

I.e. run, interactively (-it) a shell, as entry point: avoiding our default https://github.com/barcus/bareos/blob/master/webui/22-alpine/docker-entrypoint.sh which ends with trying to starting nginx via:

https://github.com/barcus/bareos/blob/master/webui/22-alpine/Dockerfile

CMD ["/usr/sbin/nginx", "-g", "daemon off;"]

interactive and override CMD (nginx) via sh:

docker run -it -e PHP_FPM_HOST="bareos-webui-php-fpm" -e "PHP_FPM_PORT=9000" barcus/bareos-webui /bin/sh

/ # env
HOSTNAME=bc7fc26ed24d
SHLVL=2
HOME=/root
TERM=xterm
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PHP_FPM_HOST=bareos-webui-php-fpm-it
PHP_FPM_PORT=9000
PWD=/

/ # cat /etc/nginx/http.d/bareos-webui.conf | grep fastcgi
                include fastcgi.conf;
                fastcgi_pass bareos-webui-php-fpm:9000;
                # fastcgi_param APPLICATION_ENV development;
                fastcgi_param APPLICATION_ENV production;

/ # /usr/sbin/nginx -g "daemon off;"
nginx: [emerg] host not found in upstream "bareos-webui-php-fpm" in /etc/nginx/http.d/bareos-webui.conf:17


@phillxnet
Copy link
Member Author

suspect insufficient docker network setup

docker exec -it bareos-director sh
/ # ping -c2 bareos-webui-php-fpm
PING bareos-webui-php-fpm (172.25.0.3): 56 data bytes
64 bytes from 172.25.0.3: seq=0 ttl=64 time=0.097 ms
64 bytes from 172.25.0.3: seq=1 ttl=64 time=0.196 ms

--- bareos-webui-php-fpm ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.097/0.146/0.196 ms

But bareos-webui container looks to be unable to resolve bareos-webui-php-fpm container.

Our Bareos-webui container uses bareos-webui-php-fpm as its
fastcgi server via `fastcgi_pass bareos-webui-php-fpm:9000;`.
Remove director to bareos-webui-php-fpm docker network and
add dedicated bareos-webui to bareos-webui-php-fpm to enable
private use of the php-fpm by bareos-webui. Resolving a prior
failure to resolve the php-fpm containers docker name.
@phillxnet
Copy link
Member Author

phillxnet commented Aug 31, 2024

Current state of this branch

rleap15-6:~ # docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED          STATUS          PORTS                                       NAMES
7f01201b825b   barcus/bareos-webui:latest      "/docker-entrypoint.…"   15 minutes ago   Up 15 minutes   0.0.0.0:9100->9100/tcp, :::9100->9100/tcp   bareos-webui
a05b4635c554   barcus/php-fpm-alpine:latest    "/docker-entrypoint.…"   15 minutes ago   Up 15 minutes   9000/tcp                                    bareos-webui-php-fpm
04a520e65170   barcus/bareos-storage:latest    "/docker-entrypoint.…"   15 minutes ago   Up 15 minutes   0.0.0.0:9103->9103/tcp, :::9103->9103/tcp   bareos-storage
284078b7b0ed   barcus/bareos-director:latest   "/docker-entrypoint.…"   15 minutes ago   Up 15 minutes   0.0.0.0:9101->9101/tcp, :::9101->9101/tcp   bareos-director
106bc7e2eaf9   postgres:14                     "docker-entrypoint.s…"   15 minutes ago   Up 15 minutes   5432/tcp                                    bareos-db

So we now have all containers starting, and non restarting.

We also now have the Bareos web-ui login screen showing up:

webui-login-via-bareos-server-set-rockon

But there remains an issue re php network name resolution for the director. Indicated via php error post WebUI login.

When trying to login using the 'admin' user hardwired and our configured BareOS WebUI password, the browser displays the following:

Warning: stream_socket_client(): php_network_getaddresses: getaddrinfo failed: Name does not resolve in /usr/share/bareos-webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php on line 479

Warning: stream_socket_client(): unable to connect to tcp://bareos-director:9101 (php_network_getaddresses: getaddrinfo failed: Name does not resolve) in /usr/share/bareos-webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php on line 479
Error: php_network_getaddresses: getaddrinfo failed: Name does not resolve, director seems to be down or blocking our request.

@phillxnet
Copy link
Member Author

phillxnet commented Sep 5, 2024

Follow-up on last comment content: it seems that the php-fpm container, a newer dependency of the bareos-webui container, also need to resolve 'bareos-director' via docker networks container name resolution:

rleap15-6:~ # docker exec -it bareos-webui-php-fpm sh

/var/www/html # ping -c 2 bareos-webui
PING bareos-webui (172.21.0.3): 56 data bytes
64 bytes from 172.21.0.3: seq=0 ttl=64 time=0.122 ms
64 bytes from 172.21.0.3: seq=1 ttl=64 time=0.196 ms

--- bareos-webui ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.122/0.159/0.196 ms

/var/www/html # ping -c 2 bareos-director
ping: bad address 'bareos-director'
/var/www/html #

Our bareos-webui container can already resolve the bareos-director via our existing "bareos-director" docker network (Rock-net):

rleap15-6:~ # docker exec -it bareos-webui sh

/ # ping -c 2 bareos-director
PING bareos-director (172.20.0.3): 56 data bytes
64 bytes from 172.20.0.3: seq=0 ttl=64 time=0.056 ms
64 bytes from 172.20.0.3: seq=1 ttl=64 time=0.116 ms

--- bareos-director ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.056/0.086/0.116 ms

@phillxnet
Copy link
Member Author

Clean-up prior to fresh install testing:

During development we can end-up with some kipple:

docker system prune -a --volumes

It appears that we need this network in order that the PHP
code this container carries can also resolve our director.
We have a current limitation regarding unique `source_container`
network config entries, which prevents us from simply having
`bareos-webui-php-fpm` as an additional source_container entry
in the "bareos-director" network. This was encountered when adding
the bareos-webui network.
@phillxnet
Copy link
Member Author

With the last commit in this branch we now have what looks to be our first apparently functional BareOS Web-UI with our in-development BareOS server set Rock-on:

Dashboard (landing page post login)

Web-UI-post-login-dashboard

Default Pools (Storage container) config:

Storage-Pools-default

@phillxnet
Copy link
Member Author

phillxnet commented Sep 8, 2024

We may want to include the previously intentionally omitted bareos-fd container as our existing default director has, pre-configured, a Catalog backup Job:

bareos-director-default-jobs

Which when run fails as it depends on a file service: which we were to consider separately via: "BareOS File" #378

failed-BackupCatalog-task

@phillxnet
Copy link
Member Author

The director default config, re bareos-fd (file deamon client) is established via sed edit of presumably apline or upstream config:

https://github.com/barcus/bareos/blob/master/director-pgsql/22-alpine/docker-entrypoint.sh

  • Sets hostname & password (via env vars) for preconfigured bareos-fd within upstream config.
  • Modifies upstream path for director to that of directory specific path used in container (or from alpine packages of bareos).
  # client/file daemon
  sed -i 's#Address = .*#Address = '\""${BAREOS_FD_HOST}"\"'#' \
    /etc/bareos/bareos-dir.d/client/bareos-fd.conf
  sed -i 's#Password = .*#Password = '\""${BAREOS_FD_PASSWORD}"\"'#' \
    /etc/bareos/bareos-dir.d/client/bareos-fd.conf
...
  # MyCatalog Backup
  sed -i "s#/var/lib/bareos/bareos.sql#/var/lib/bareos-director/bareos.sql#" \
    /etc/bareos/bareos-dir.d/fileset/Catalog.conf
  sed -i "s#make_catalog_backup MyCatalog#make_catalog_backup ${DB_NAME} ${DB_USER} '' ${DB_HOST}#" \
    /etc/bareos/bareos-dir.d/job/BackupCatalog.conf

The default config of our director container includes
an expectation of a local 'File' (Client) service:
used in a pre-configured Catalog backup task and what
looks like a buggy config backup setup.

Includes:
- prior omission to define BAREOS_SD_HOST in director container.
- incidental rationalising/reduction on user text.
@phillxnet
Copy link
Member Author

Current state of this branch:

We now have 6 non-restarting containers:

rleap15-6:/mnt2 # docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED          STATUS          PORTS                                       NAMES
d4ce52f0464d   barcus/bareos-webui:latest      "/docker-entrypoint.…"   25 minutes ago   Up 24 minutes   0.0.0.0:9100->9100/tcp, :::9100->9100/tcp   bareos-webui
895c55ac1f75   barcus/php-fpm-alpine:latest    "/docker-entrypoint.…"   25 minutes ago   Up 25 minutes   9000/tcp                                    bareos-webui-php-fpm
75df8f375c4c   barcus/bareos-client:latest     "/docker-entrypoint.…"   25 minutes ago   Up 25 minutes   9102/tcp                                    bareos-fd
7f8a208e0f1c   barcus/bareos-storage:latest    "/docker-entrypoint.…"   25 minutes ago   Up 25 minutes   0.0.0.0:9103->9103/tcp, :::9103->9103/tcp   bareos-storage
3bf486ff9db6   barcus/bareos-director:latest   "/docker-entrypoint.…"   25 minutes ago   Up 25 minutes   0.0.0.0:9101->9101/tcp, :::9101->9101/tcp   bareos-director
8444f8a9edcc   postgres:14                     "docker-entrypoint.s…"   25 minutes ago   Up 25 minutes   5432/tcp                                    bareos-db

And functional director-to-storage and director-to-file (local client) communications. But have a remaining, potentially problematic last network to establish between storage and file containers:

E.g. when initiating a build-in back-up task we get the following log (read from bottom to top):

14	2024-09-11 18:24:23	bareos-dir JobId 2: Error: Bareos bareos-dir 22.1.2 (21Nov23):
Build OS: 3.20.0_alpha20240329
JobId: 2
Job: backup-bareos-fd.2024-09-11_18.23.50_40
Backup Level: Full (upgraded from Incremental)
Client: "bareos-fd" 22.1.2 (21Nov23) 3.20.0_alpha20240329,alpine
FileSet: "SelfTest" 2024-09-11 18:23:50
Pool: "Full" (From Job FullPool override)
Catalog: "MyCatalog" (From Client resource)
Storage: "File" (From Job resource)
Scheduled time: 11-Sep-2024 18:23:50
Start time: 11-Sep-2024 18:23:52
End time: 11-Sep-2024 18:24:23
Elapsed time: 31 secs
Priority: 10
FD Files Written: 0
SD Files Written: 0
FD Bytes Written: 0 (0 B)
SD Bytes Written: 0 (0 B)
Rate: 0.0 KB/s
Software Compression: None
VSS: no
Encryption: no
Accurate: no
Volume name(s):
Volume Session Id: 1
Volume Session Time: 1726075020
Last Volume Bytes: 0 (0 B)
Non-fatal FD errors: 2
SD Errors: 0
FD termination status: Fatal Error
SD termination status:
Bareos binary info: Self-compiled: Get professional support from https://www.bareos.com
Job triggered by: User
Termination: *** Backup Error ***

13	2024-09-11 18:23:53	bareos-dir JobId 2: Fatal error: Bad response to Storage command: wanted 2000 OK storage
, got 2902 Bad storage

12	2024-09-11 18:23:52	bareos-fd JobId 2: Fatal error: Failed to connect to Storage daemon: bareos-storage:9103
11	2024-09-11 18:23:52	bareos-fd JobId 2: Error: lib/bsock_tcp.cc:184 BnetHost2IpAddrs() for host "bareos-storage" failed: ERR=Name has no usable address
10	2024-09-11 18:23:52	bareos-dir JobId 2: Using Device "FileStorage" to write.
9	2024-09-11 18:23:52	bareos-dir JobId 2: Created new Volume "Full-0001" in catalog.
8	2024-09-11 18:23:52	bareos-dir JobId 2: Encryption: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
7	2024-09-11 18:23:52	bareos-dir JobId 2: Handshake: Immediate TLS
6	2024-09-11 18:23:52	bareos-dir JobId 2: Connected Client: bareos-fd at bareos-fd:9102, encryption: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
5	2024-09-11 18:23:52	bareos-dir JobId 2: Encryption: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
4	2024-09-11 18:23:52	bareos-dir JobId 2: Connected Storage daemon at bareos-storage:9103, encryption: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
3	2024-09-11 18:23:52	bareos-dir JobId 2: Start Backup JobId 2, Job=backup-bareos-fd.2024-09-11_18.23.50_40
2	2024-09-11 18:23:50	bareos-dir JobId 2: No prior or suitable Full backup found in catalog. Doing FULL backup.
1	2024-09-11 18:23:50	bareos-dir JobId 2: No prior Full backup Job record found.

Indicating a need for the File service/container to be able to resolve the Storage service/container by name. But we may have a limitation re no duplicate "source_container" entries in our rock-net / "container_links" capability.

@phillxnet
Copy link
Member Author

phillxnet commented Sep 11, 2024

Notes on upstream (docker-container author) bugs:

  1. in-turn upstream of BareOS as changed the build-in catalog backup job so that:

https://github.com/barcus/bareos/blob/db8b993d129d8a2cf0e0a8a7069ec04ccd45c28b/director-pgsql/22-alpine/docker-entrypoint.sh#L73

now results in essentially a failed MyCatalog pre-DB-dump script thus:

3	2024-09-11 18:57:09	bareos-dir JobId 3: Error: Runscript: BeforeJob returned non-zero status=1. ERR=Child exited with code 1
2	2024-09-11 18:57:09	bareos-dir JobId 3: BeforeJob: Warning: Script signature has changed: usage /etc/bareos/scripts/make_catalog_backup CatalogName

Temp work-around until upstream PR can be presented: hand edit via:

nano /mnt2/bareos-dir-config/bareos-dir.d/job/BackupCatalog.conf

[EDIT]
Upon modifyting the sed edited by indicated docker-entrypoint.sh upstream script we have a successful execution thus:

2	2024-09-11 19:28:58	bareos-dir JobId 5: Start Backup JobId 5, Job=BackupCatalog.2024-09-11_19.28.56_10
1	2024-09-11 19:28:58	bareos-dir JobId 5: shell command: run BeforeJob "/etc/bareos/scripts/make_catalog_backup MyCatalog"

It may be this particular sed is not longer needed at all, given that it now defaults to using only the catalog name (Default "MyCatalog").

@Hooverdan96
Copy link
Member

The joys of a solution that requires 6 independent building blocks and a whole lot of glue to stick them together ...

@phillxnet
Copy link
Member Author

@Hooverdan96 Indeed, but I needed some exercise re rock-ons anyway :).

No worries re confusion: I'm just making notes on what might be needed in our docs if I don't get around to upstreaming some miss-configurations I've found in the latest containers I experimenting with here.

I may end-up rolling my own docker images for this in the end. But there are few options and no official ones I can find: plus these have 100K pulls and have been around for 7 years or so. As such I'm thinking of just upstreaming fixes I find when I get the time. But also learning as I go here re BareOS and upstream (x2) ways and means.

@phillxnet
Copy link
Member Author

Ultimate upstream does not account, it seems, for such separation (artificial in some cases I think) as is attempted in the container authors approach. But they (container author) are 7 years ahead of us on this one!

@phillxnet
Copy link
Member Author

@FroggyFlox When trying to add a further rocknet that allows name resolution between the File service (local client) container and the Storage service: I get the following prior suspected limitation regarding unique "source_container": entries within a Rock-on:

Houston, we've had a problem.
Errors occurred while processing updates for the following Rock-ons (BareOS-server-set: duplicate key value violates unique constraint "storageadmin_dcontainerlink_source_id_key" DETAIL: Key (source_id)=(189) already exists.).

What we need here is the following addition:

      "bareos-fd": [
        {
        "name": "bareos-fd-to-storage",
        "source_container": "bareos-storage"
        }
      ],

So that the communication initiated/directed by the Director service between the local File service and Storage service can name resolve. They can't see each other currently. And the Self-test and Catalog backup tasks are pre-configured to expect this interoperability.

The problem here I think is the artificial seperation into too many container of what ultimate upstream (BareOS themselves) considers as on the same machine. Do you see a simple fix here: or are we doomed to have to eternally support our own docker images for BareOS: a project I'm super keen to represent within the Rock-ons we offer. Another example of this artificial seperation is how the php is contained in it's own dedicated container: forcing us to share mounts (with differing internal mount points) to the web-ui that uses the php!

@FroggyFlox
Copy link
Member

That constraint error is curious... I thought I used a unique source + target constraint and not just a source constraint... Will have to look into that further.

A temporary solution I see: given you already create this docker network and you know its name, you could add it as an option to the docker run command of that container. See https://docs.docker.com/engine/containers/run/#container-networking

Would that help what you're trying to do? Sorry I'm unable to properly look at it now.

@Hooverdan96
Copy link
Member

Hooverdan96 commented Sep 12, 2024

Considering that the container link option --link is now considered legacy, would it be better (aka "futureproof") to use the rocknet approach (aka container networking) instead to connect all of these containers appropriately?

for reference: https://docs.docker.com/engine/network/links/

@phillxnet
Copy link
Member Author

phillxnet commented Sep 12, 2024

@Hooverdan96 the approach here, thus-far, does use @FroggyFlox's rocknets, but all these containers, and the fact that we have the indicated limit (on what is likely the last rocknet requried) and that this approach is some-what distant from the ultimate upstream (BareOS): I'm instead now working on our own containerisation of BareOS: as close as possible to BareOS's own install instructions. And, if all goes well, far easier/simpler to Rock-onify.

Hopefully I will have a rough draft ready soon; and I will definitely need some assistance in its later development as both your and Flox are more knowledgeable in container building. Likely this will first appear in my personal GitHub as a dedicated repo. With a later promotion to the org.

[EDIT] I'm also keen to have this container, via env vars, be capable of configuring itself (on first instantiation) to use BareOS subscription repos. But if no BareOS credentials are entered (blank env vars) then it will use the unsuported community packages from BareOS. Plans afoot but little to show just yet!

@Hooverdan96
Copy link
Member

Hooverdan96 commented Sep 12, 2024

ah, ok, I misinterpreted the container links (since I have not used that label before in a definition file). Sorry for the detour here.

For my own education:
When looking at the model, it seems you've defined the unique_together:

https://github.com/rockstor/rockstor-core/blob/1ddcf4b6f6ad6a451fdaef492fe974417d4dbfe3/src/rockstor/storageadmin/models/rockon.py#L112-L119

Do I read that correctly?

When I look at the 4.2 Django documentation, this is considered a list of lists... so shouldn't this parameter have [ instead of ( ?

(https://docs.djangoproject.com/en/4.2/ref/models/options/#unique-together)

It seems in the 2.x version of Django it was a tuple of tuples, and then changed to the list of lists concept (and now they're recommending to work the constraint tag):
(https://docs.djangoproject.com/en/2.1/ref/models/options/#unique-together)

I see more instances of that in our coding, if my observation is correct.

@phillxnet
Copy link
Member Author

@Hooverdan96 That may well be a nice find, and may explain @FroggyFlox exclamation (#383 (comment)) on the observed limitation seen here with the rock-nets. I'm heading in another direction currently re this PR, but a minimal multi-container reproducer rock-on with duplicate "source_container" value entries across 2 rock-nets defined via the "container_links" element would be good to open an issue for this current observed limitation. That way we could easily see if this Django 2.1 to 4.2 change is to blame.

@Hooverdan96
Copy link
Member

Hooverdan96 commented Sep 13, 2024

I believe, I reproduced the behavior and captured my observations in a new Issue on the rockstor-core repository: #2900

@phillxnet
Copy link
Member Author

Update: I am shortly due to resume this effort once I have finished the initial development of a new set of fully updated docker images; intended in this case to share /etc/bareos (to ease config and enable the default config backup job) and that instantiate official community current upstream packages from:

With the hope that these same images can similarly, once I or a contributor has worked out how, implement the subscription images offered by Bareos available from:

@Hooverdan96
Copy link
Member

When looking at the community vs subscription repository add programs add_bareos_repositories_template.sh and add_bareos_repositories.sh, the only difference seems to be the URL maintained and one not requiring any credentials to add vs. the other one requiring it.

I guess, if both options should be offered in the same Rockon/set of docker containers, then it would require an installation during the spinning up of the Rockon?

@phillxnet
Copy link
Member Author

phillxnet commented Dec 4, 2024

@Hooverdan96 Re:

I guess, if both options should be offered in the same Rockon/set of docker containers, then it would require an installation during the spinning up of the Rockon?

Yes, I noticed that. But currently I'm favouring two different Rock-ons. Messy I know but otherwise it looks to be difficult to do this when running the containers under the upstream preferred user. I'll likely get to this soon and we can see what we have with the non subscription arrangement first. Hopefully we can wing as per the docs I've done to date in my own images.

Bit by bit. But yes, I intended from the start to enable a choice between the two. But easier said than done it seems. I've also got to reduce the levels I'm currently creating as I had not realised there is additional overhead when using more steps in the docker image.

@phillxnet phillxnet mentioned this pull request Dec 5, 2024
@phillxnet
Copy link
Member Author

Closing this second draft attempt using barcus's docker images as having now learned a lot from their work over the years I think we are better off rolling our own. See my #94 (comment) for more details. Essentially I've had to use way too many hacks to squeeze the specific use case of barcus's docker images to ignore. And as such I am starting over with docker images under our own authorship that can be modified to fit our Rock-on system. But I am also keen that our docker images are also appropriate for general use independent of Rockstor's Rock-on docker wrapper.

@phillxnet phillxnet closed this Dec 5, 2024
@phillxnet phillxnet deleted the 94-BareOS-server-set branch December 5, 2024 19:34
@phillxnet phillxnet mentioned this pull request Dec 7, 2024
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Bareos backup server
3 participants