-
-
Save dinomite/b516e835b09ea08526ff17114979900f to your computer and use it in GitHub Desktop.
| #!/usr/bin/env bash | |
| set -ex | |
| BACKUP_DIR=/path/to/where/backups/should/live | |
| HOSTS=($(lxc list -c n --format csv)) | |
| for HOST in "${HOSTS[@]}" | |
| do | |
| BACKUP_NAME=${HOST}-$(date +"%Y-%m-%d") | |
| lxc snapshot ${HOST} auto-backup | |
| lxc publish ${HOST}/auto-backup --alias ${BACKUP_NAME} | |
| lxc image export ${BACKUP_NAME} ${BACKUP_DIR}/${BACKUP_NAME} | |
| lxc image delete ${BACKUP_NAME} | |
| lxc delete ${HOST}/auto-backup | |
| done |
Drew thanks for the script i added a tidyup option so the directory doesn't get to large, deletes backups older than 14 days
find ${BACKUP_DIR}/ -maxdepth 1 -mtime +14 -type d -exec rm -rv {} ;
Thanks, I just made my first backup in 2 years :D
Does this backup the config files as well?
Like if you need to reinstall your system then it's just a case of re-importing the images?
Thanks, I just made my first backup in 2 years :D
Does this backup the config files as well?
Like if you need to reinstall your system then it's just a case of re-importing the images?
Hmmm, I think I tested unpacking the image on another host and it started right up. Since you're achieving your new year's resolutions early maybe a test of your backups are in order to confirm my memory! (that'd be a good thing for met to check, too)
Tested today and importing on another host works with this sequence:
# Import the image
lxc image import <tarball> --alias <image_alias>
# Create the container from the image
lxc init <image_alias> <container_name>
# Start the container
lxc start <container_name>For example, I started my nginx container on a new host with:
lxc image import nginx-2020-01-01.tar.gz.tar.gz --alias nginx-copy
lxc init nginx-copy nginx-copy
lxc start nginx-copyI use UFW rules to route from the host interface to the container setup the rules:
# /etc/ufw/before.rules
*nat
:PREROUTING ACCEPT [0:0]
# nginx container
-A PREROUTING -i eno1 -p tcp --dport 80 -j DNAT --to <container_ip>:80
-A PREROUTING -i eno1 -p tcp --dport 443 -j DNAT --to <container_ip>:443
COMMIT
# Remainder of file unchanged
…and turn on UFW:
sudo ufw enableWhen I edit /etc/ufw/before.rules, I use this one-liner to reload the firewall rules:
for i in $( sudo iptables -t nat --line-numbers -L | grep ^[0-9] | awk '{ print $1 }' | tac ); do sudo iptables -t nat -D PREROUTING $i; done; sudo ufw reload
Awesome :)
One question though.. Will this also re add devices back to the container's config that you've added with:
lxc config device add c1 sharedwww disk source=/wwwdata/ path=/var/www/html/
Drew...
You might consider adding the compliment of this lxc-backup.sh script that does the "restore".
Brian