Snapshot System Data
TAG snapshot
Both system and user data is backed up by Bacula. In a disaster recovery situation, we would do a clean install and replace the system and user data from backups after the machine is running. During the install we would end up generating a bunch of keys and certs, perhaps from third parties like LetsEncrypt, that we would then abandon.
When reimaging or migrating to a new machine in a pre-planned fashion, we can collect small amounts of unique local system data like certs, host keys, mail passwords, and DKIM keys and use them during our initial install. This avoids churning the certs and keys. Once the machine is up and running, you can use Bacula if needed to restore other user data if needed.
Use the snapshot tag with site.yml to
create a snapshot/<hostname> local directory for
each machine. This contains tarfiles with system data collected from
the machine. Roles in the playbook check if this directory exists and
restores the system data if it is present.
Remove the snapshot directory after the machine is configured so that it does not go stale and inadvertantly overwrite good data weeks or months later.
# make snapshot/machine.name directory $ ansible-playbook -K --ask-vault-pass -i ../myhosts site.yml --tags snapshot # wipe/rebuild machine # initialize the new machine $ ansible-playbook -k --ask-vault-pass -i ../myhosts first.yml $ ansible-playbook -K --ask-vault-pass -i ../myhosts site.yml # delete snapshot/machine.name directory
Copyright © 2020-2025 David Loffredo, licensed under CC BY-SA 4.0.