419 lines
15 KiB
Python
Executable File
419 lines
15 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
import argparse
|
|
from configparser import ConfigParser
|
|
from urllib.parse import urlparse
|
|
from os.path import normpath, join, exists
|
|
from os import chmod, chown, stat, environ
|
|
from enum import Enum
|
|
import subprocess
|
|
from requests import get, put, head
|
|
from threading import Thread
|
|
|
|
|
|
SSH_KEY_PATH = environ["DATADB_KEYPATH"] if "DATADB_KEYPATH" in environ else '/root/.ssh/datadb.key'
|
|
RSYNC_DEFAULT_ARGS = ['rsync', '-avzr', '--exclude=.datadb.lock', '--whole-file', '--one-file-system', '--delete']
|
|
SSH_CMD = 'ssh -i {} -p {} -o StrictHostKeyChecking=no'
|
|
|
|
|
|
class SyncStatus(Enum):
|
|
"Data is on local disk"
|
|
DATA_AVAILABLE = 1
|
|
"Data is not on local disk"
|
|
DATA_MISSING = 2
|
|
|
|
|
|
# Requests will call tell() on the file-like stdout stream if the tell attribute exists. However subprocess'
|
|
# stdout stream (_io.BufferedReader) does not support this (raises OSError: [Errno 29] Illegal seek).
|
|
# If the tell attribute is missing, requests will fall back to simply iterating on the file-like object,
|
|
# so, we support only the iterable interface
|
|
class WrappedStdout(object):
|
|
BUFFSIZE = 256 * 1024
|
|
|
|
def __init__(self, stdout):
|
|
self.stdout = stdout
|
|
|
|
def __iter__(self):
|
|
return self
|
|
|
|
def __next__(self):
|
|
data = self.stdout.read(self.BUFFSIZE)
|
|
if not data:
|
|
raise StopIteration()
|
|
return data
|
|
|
|
def close(self):
|
|
self.stdout.close()
|
|
|
|
|
|
def restore(api_url, profile, conf, force=False): # remote_uri, local_dir, identity='/root/.ssh/datadb.key'
|
|
"""
|
|
Restore data from datadb
|
|
"""
|
|
|
|
# Sanity check: If the lockfile exists we assume the data is already there, so we wouldn't want to call rsync again
|
|
# as it would wipe out local changes. This can be overridden with --force
|
|
if not ((status(profile, conf) == SyncStatus.DATA_MISSING) or force):
|
|
raise Exception("Data already exists (Use --force?)")
|
|
|
|
original_perms = stat(conf["dir"])
|
|
dest = urlparse(conf["uri"])
|
|
|
|
status_code = head(api_url + 'get_backup', params={'proto': dest.scheme, 'name': profile}).status_code
|
|
if status_code == 404:
|
|
print("Connected to datadb, but datasource '{}' doesn't exist. Exiting".format(profile))
|
|
# TODO: special exit code >1 to indicate this?
|
|
return
|
|
|
|
if dest.scheme == 'rsync':
|
|
args = RSYNC_DEFAULT_ARGS[:]
|
|
args += ['-e', SSH_CMD.format(SSH_KEY_PATH, dest.port or 22)]
|
|
|
|
# Request backup server to prepare the backup, the returned dir is what we sync from
|
|
rsync_path = get(api_url + 'get_backup', params={'proto': 'rsync', 'name': profile}).text.rstrip()
|
|
|
|
# Add rsync source path
|
|
args.append('nexus@{}:{}'.format(dest.hostname, normpath(rsync_path) + '/'))
|
|
|
|
# Add local dir
|
|
args.append(normpath(conf["dir"]) + '/')
|
|
print("Rsync restore call: {}".format(' '.join(args)))
|
|
|
|
subprocess.check_call(args)
|
|
|
|
elif dest.scheme == 'archive':
|
|
# http request backup server
|
|
# download tarball
|
|
args_curl = ['curl', '-s', '-v', '-XGET', '{}get_backup?proto=archive&name={}'.format(api_url, profile)]
|
|
# unpack
|
|
args_tar = [get_tarcmd(), 'zxv', '-C', normpath(conf["dir"]) + '/']
|
|
|
|
print("Tar restore call: {} | {}".format(' '.join(args_curl), ' '.join(args_tar)))
|
|
|
|
dl = subprocess.Popen(args_curl, stdout=subprocess.PIPE)
|
|
extract = subprocess.Popen(args_tar, stdin=dl.stdout)
|
|
|
|
dl.wait()
|
|
extract.wait()
|
|
# TODO: convert to pure python?
|
|
|
|
if dl.returncode != 0:
|
|
raise Exception("Could not download archive")
|
|
if extract.returncode != 0:
|
|
raise Exception("Could not extract archive")
|
|
|
|
# Restore original permissions on data dir
|
|
# TODO store these in conf file
|
|
chmod(conf["dir"], original_perms.st_mode)
|
|
chown(conf["dir"], original_perms.st_uid, original_perms.st_gid)
|
|
# TODO apply other permissions
|
|
|
|
|
|
def backup(api_url, profile, conf, force=False):
|
|
"""
|
|
Backup data to datadb
|
|
"""
|
|
|
|
# Sanity check: If the lockfile doesn't exist we assume the data is missing, so we wouldn't want to call rsync
|
|
# again as it would wipe out the backup.
|
|
if not ((status(profile, conf) == SyncStatus.DATA_AVAILABLE) or force):
|
|
raise Exception("Data is missing (Use --force?)")
|
|
|
|
dest = urlparse(conf["uri"])
|
|
|
|
if dest.scheme == 'rsync':
|
|
args = RSYNC_DEFAULT_ARGS[:]
|
|
args += ['-e', SSH_CMD.format(SSH_KEY_PATH, dest.port or 22)]
|
|
# args += ["--port", str(dest.port or 22)]
|
|
|
|
# Excluded paths
|
|
if conf["exclude"]:
|
|
for exclude_path in conf["exclude"].split(","):
|
|
if not exclude_path == "":
|
|
args.append("--exclude")
|
|
args.append(exclude_path)
|
|
|
|
# Add local dir
|
|
args.append(normpath(conf["dir"]) + '/')
|
|
|
|
new_backup_params = {'proto': 'rsync',
|
|
'name': profile,
|
|
'keep': conf["keep"]}
|
|
if conf["inplace"]:
|
|
new_backup_params["inplace"] = 1
|
|
# Hit backupdb via http to retreive absolute path of rsync destination of remote server
|
|
rsync_path, token = get(api_url + 'new_backup', params=new_backup_params).json()
|
|
|
|
# Add rsync source path
|
|
args.append(normpath('nexus@{}:{}'.format(dest.hostname, rsync_path)) + '/')
|
|
|
|
# print("Rsync backup call: {}".format(' '.join(args)))
|
|
|
|
try:
|
|
subprocess.check_call(args)
|
|
except subprocess.CalledProcessError as cpe:
|
|
if cpe.returncode not in [0, 24]: # ignore partial transfer due to vanishing files on our end
|
|
raise
|
|
|
|
# confirm completion if backup wasnt already in place
|
|
if not conf["inplace"]:
|
|
put(api_url + 'new_backup', params={'proto': 'rsync', 'name': profile, 'token': token,
|
|
'keep': conf["keep"]})
|
|
|
|
elif dest.scheme == 'archive':
|
|
# CD to local source dir
|
|
# tar+gz data and stream to backup server
|
|
|
|
args_tar = []
|
|
|
|
if has_binary("ionice"):
|
|
args_tar += ['ionice', '-c', '3']
|
|
|
|
args_tar += ['nice', '-n', '19']
|
|
args_tar += [get_tarcmd(),
|
|
'--exclude=.datadb.lock',
|
|
'--warning=no-file-changed',
|
|
'--warning=no-file-removed',
|
|
'--warning=no-file-ignored',
|
|
'--warning=no-file-shrank']
|
|
|
|
# Use pigz if available (Parallel gzip - http://zlib.net/pigz/)
|
|
if has_binary("pigz"):
|
|
args_tar += ["--use-compress-program", "pigz"]
|
|
else:
|
|
args_tar += ["-z"]
|
|
|
|
# Excluded paths
|
|
if conf["exclude"]:
|
|
for exclude_path in conf["exclude"].split(","):
|
|
if not exclude_path == "":
|
|
args_tar.append("--exclude")
|
|
args_tar.append(exclude_path)
|
|
|
|
args_tar += ['-cv', './']
|
|
tar_dir = normpath(conf["dir"]) + '/'
|
|
print("Tar call in {}: {}".format(args_tar, tar_dir))
|
|
|
|
tar = subprocess.Popen(args_tar, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=tar_dir)
|
|
|
|
put_url = '{}new_backup?proto=archive&name={}&keep={}'.format(api_url, profile, conf["keep"])
|
|
print("Putting to: {}".format(put_url))
|
|
|
|
tar_errors = []
|
|
error_scanner = Thread(target=scan_errors, args=(tar.stderr, tar_errors), daemon=True)
|
|
error_scanner.start()
|
|
|
|
upload = put(put_url, data=WrappedStdout(tar.stdout))
|
|
if upload.status_code != 200:
|
|
print(upload.text)
|
|
raise Exception("Upload failed with code: {}".format(upload.status_code))
|
|
|
|
tar.wait()
|
|
error_scanner.join()
|
|
|
|
if tar.returncode != 0 and len(tar_errors) > 0:
|
|
raise Exception("Tar process exited with nonzero code {}. Tar errors: \n {}".
|
|
format(tar.returncode, "\n ".join(tar_errors)))
|
|
|
|
|
|
def scan_errors(stream, error_list):
|
|
"""
|
|
Read and print lines from a stream, appending messages that look like errors to error_list
|
|
"""
|
|
# Tar does not have an option to ignore file-removed errors. The warnings can be hidden but even with
|
|
# --ignore-failed-read, file-removed errors cause a non-zero exit. So, hide the warnings we don't care about
|
|
# using --warnings=no-xxx and scan output for unknown messages, assuming anything found is bad.
|
|
for line in stream:
|
|
line = line.decode("UTF-8").strip()
|
|
if not line.startswith("./"):
|
|
if line not in error_list:
|
|
error_list.append(line)
|
|
print(line)
|
|
|
|
|
|
def status(profile, conf):
|
|
"""
|
|
Check status of local dir - if the lock file is in place, we assume the data is there
|
|
"""
|
|
|
|
lockfile = join(conf["dir"], '.datadb.lock')
|
|
|
|
if exists(lockfile):
|
|
return SyncStatus.DATA_AVAILABLE
|
|
return SyncStatus.DATA_MISSING
|
|
|
|
|
|
def shell_exec(cmd, workdir='/tmp/'):
|
|
"""
|
|
Execute a command in shell, wait for exit.
|
|
"""
|
|
print("Calling: {}".format(cmd))
|
|
subprocess.Popen(cmd, shell=True, cwd=workdir).wait()
|
|
|
|
|
|
def get_tarcmd():
|
|
return "gtar" if has_binary("gtar") else "tar"
|
|
|
|
|
|
def has_binary(name):
|
|
"""
|
|
Check if the passed command is available
|
|
:return: boolean
|
|
"""
|
|
try:
|
|
subprocess.check_call(['which', name], stdout=subprocess.DEVNULL)
|
|
except subprocess.CalledProcessError:
|
|
return False
|
|
return True
|
|
|
|
|
|
def main():
|
|
"""
|
|
Excepts a config file at /etc/datadb.ini. Example:
|
|
|
|
----------------------------
|
|
[gyfd]
|
|
uri=
|
|
dir=
|
|
keep=
|
|
auth=
|
|
restore_preexec=
|
|
restore_postexec=
|
|
export_preexec=
|
|
export_postexec=
|
|
exclude=
|
|
----------------------------
|
|
|
|
Each [section] defines one backup task.
|
|
|
|
Fields:
|
|
|
|
*uri*: Destination/source for this instance's data. Always fits the following format:
|
|
|
|
<procotol>://<server>/<backup name>
|
|
|
|
Valid protocols:
|
|
|
|
rsync - rsync executed over SSH. The local dir will be synced with the remote backup dir using rsync.
|
|
archive - tar archives transported over HTTP. The local dir will be tarred and PUT to the backup server's
|
|
remote dir via http.
|
|
|
|
*dir*: Local dir for this backup
|
|
|
|
*keep*: Currently unused. Number of historical copies to keep on remote server
|
|
|
|
*auth*: Currently unused. Username:password string to use while contacting the datadb via HTTP.
|
|
|
|
*restore_preexec*: Shell command to exec before pulling/restoring data
|
|
|
|
*restore_postexec*: Shell command to exec after pulling/restoring data
|
|
|
|
*export_preexec*: Shell command to exec before pushing data
|
|
|
|
*export_postexec*: Shell command to exec after pushing data
|
|
|
|
*exclude*: if the underlying transport method supports excluding paths, a comma separated list of paths to exclude.
|
|
Applies to backup operations only.
|
|
|
|
*inplace*: rsync only. if enabled, the server will keep only a single copy that you will rsync over. intended for
|
|
single copies of LARGE datasets. overrides "keep".
|
|
|
|
"""
|
|
|
|
required_conf_params = ['dir', 'uri']
|
|
conf_params = {'export_preexec': None,
|
|
'exclude': None,
|
|
'keep': 5,
|
|
'restore_preexec': None,
|
|
'restore_postexec': None,
|
|
'auth': '',
|
|
'export_postexec': None,
|
|
'inplace': False}
|
|
conf_path = environ["DATADB_CONF"] if "DATADB_CONF" in environ else "/etc/datadb.ini"
|
|
|
|
# Load profiles
|
|
config = ConfigParser()
|
|
config.read(conf_path)
|
|
|
|
config = {section: {k: config[section][k] for k in config[section]} for section in config.sections()}
|
|
global_config = {}
|
|
for conf_k, conf_dict in config.items():
|
|
if conf_k == "_backupdb":
|
|
global_config = conf_dict
|
|
continue
|
|
for expect_param, expect_default in conf_params.items():
|
|
if expect_param not in conf_dict.keys():
|
|
conf_dict[expect_param] = expect_default
|
|
for expect_param in required_conf_params:
|
|
if expect_param not in conf_dict.keys():
|
|
raise Exception("Required parameter {} missing for profile {}".format(expect_param, conf_k))
|
|
|
|
parser = argparse.ArgumentParser(description="Backupdb Agent depends on config: /etc/datadb.ini")
|
|
|
|
parser.add_argument('-f', '--force', default=False, action='store_true',
|
|
help='force restore operation if destination data already exists')
|
|
parser.add_argument('--http-api', help="http endpoint", default=environ.get('DATADB_HTTP_API'))
|
|
parser.add_argument('-n', '--no-exec', default=False, action='store_true', help='don\'t run pre/post-exec commands')
|
|
parser.add_argument('-b', '--no-pre-exec', default=False, action='store_true', help='don\'t run pre-exec commands')
|
|
parser.add_argument('-m', '--no-post-exec', default=False, action='store_true',
|
|
help='don\'t run post-exec commands')
|
|
|
|
parser.add_argument('profile', type=str, choices=config.keys(), help='Profile to restore')
|
|
|
|
# parser.add_argument('-i', '--identity',
|
|
# help='Ssh keyfile to use', type=str, default='/root/.ssh/datadb.key')
|
|
# parser.add_argument('-r', '--remote',
|
|
# help='Remote server (rsync://...)', type=str, required=True)
|
|
# parser.add_argument('-l', '--local_dir',
|
|
# help='Local path', type=str, required=True)
|
|
|
|
subparser_modes = parser.add_subparsers(dest='mode', help='modes (only "rsync")')
|
|
|
|
subparser_modes.add_parser('backup', help='backup to datastore')
|
|
subparser_modes.add_parser('restore', help='restore from datastore')
|
|
subparser_modes.add_parser('status', help='get info for profile')
|
|
|
|
args = parser.parse_args()
|
|
|
|
if args.http_api:
|
|
api = args.http_api
|
|
else:
|
|
api = global_config.get("http_api", None)
|
|
|
|
if not api:
|
|
parser.error("--http-api is requried")
|
|
|
|
if args.no_exec:
|
|
args.no_pre_exec = True
|
|
args.no_post_exec = True
|
|
|
|
if args.mode == 'restore':
|
|
if not args.no_pre_exec and config[args.profile]['restore_preexec']:
|
|
shell_exec(config[args.profile]['restore_preexec'])
|
|
|
|
restore(api, args.profile, config[args.profile], force=args.force)
|
|
|
|
if not args.no_post_exec and config[args.profile]['restore_postexec']:
|
|
shell_exec(config[args.profile]['restore_postexec'])
|
|
|
|
elif args.mode == 'backup':
|
|
if not args.no_pre_exec and config[args.profile]['export_preexec']:
|
|
shell_exec(config[args.profile]['export_preexec'])
|
|
|
|
try:
|
|
backup(api, args.profile, config[args.profile], force=args.force)
|
|
finally:
|
|
if not args.no_post_exec and config[args.profile]['export_postexec']:
|
|
shell_exec(config[args.profile]['export_postexec'])
|
|
|
|
elif args.mode == 'status':
|
|
info = status(args.profile, config[args.profile])
|
|
print(SyncStatus(info))
|
|
|
|
else:
|
|
parser.print_usage()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|