containers icon indicating copy to clipboard operation
containers copied to clipboard
verified publisher icon bitnami

[bitnami/openldap]: backup strategy

Open sixsax opened this issue 3 years ago • 3 comments

Name and Version

bitnami/openldap:2.6

What is the problem this feature will solve?

any advice about automatic backup strategy using slapcat?

What is the feature you are proposing to solve the problem?

None

What alternatives have you considered?

No response

sixsax avatar Aug 04 '22 11:08 sixsax

For information regarding the application itself, customization of the content within the application, or questions about the use of technology or infrastructure; we highly recommend checking forums and user guides made available by the project behind the application or the technology.

That said, we will keep this ticket open until the stale bot closes it just in case someone from the community adds some valuable info.

carrodher avatar Aug 04 '22 14:08 carrodher

Here is how I back up my openldap container:

  1. Add an additional backup volume to the openldap container, e.g. at /backup
  2. Use ofelia to periodically run slapcat in the openldap container.

Here is an exemplary compose definition of the ofelia container:

services:
  ofelia:
    image: mcuadros/ofelia:latest
    container_name: ofelia
    restart: always
    command: daemon --docker
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      ofelia.job-exec.openldap-backup-config.schedule: "@weekly"
      ofelia.job-exec.openldap-backup-config.container: openldap
      ofelia.job-exec.openldap-backup-config.command: 'sh -c "slapcat -n 0 -F /bitnami/openldap/slapd.d/ | gzip > /backup/config_$$(date -Iseconds).ldif.gz"'
      ofelia.job-exec.openldap-backup-data.schedule: "@weekly"
      ofelia.job-exec.openldap-backup-data.container: openldap
      ofelia.job-exec.openldap-backup-data.command: 'sh -c "slapcat -n 2 -F /bitnami/openldap/slapd.d/ | gzip > /backup/data_$$(date -Iseconds).ldif.gz"'

All that remains is to copy the backup archives from the /backup directory. For this purpose, I bind the backup volume to an rsyncd container, which is the target of a separate backup script. You may also choose to copy the files directly using docker cp if you wish to.

unmacaque avatar Aug 09 '22 07:08 unmacaque

Here is how I back up my openldap container:

  1. Add an additional backup volume to the openldap container, e.g. at /backup
  2. Use ofelia to periodically run slapcat in the openldap container.

Here is an exemplary compose definition of the ofelia container:

services:
  ofelia:
    image: mcuadros/ofelia:latest
    container_name: ofelia
    restart: always
    command: daemon --docker
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      ofelia.job-exec.openldap-backup-config.schedule: "@weekly"
      ofelia.job-exec.openldap-backup-config.container: openldap
      ofelia.job-exec.openldap-backup-config.command: 'sh -c "slapcat -n 0 -F /bitnami/openldap/slapd.d/ | gzip > /backup/config_$$(date -Iseconds).ldif.gz"'
      ofelia.job-exec.openldap-backup-data.schedule: "@weekly"
      ofelia.job-exec.openldap-backup-data.container: openldap
      ofelia.job-exec.openldap-backup-data.command: 'sh -c "slapcat -n 2 -F /bitnami/openldap/slapd.d/ | gzip > /backup/data_$$(date -Iseconds).ldif.gz"'

All that remains is to copy the backup archives from the /backup directory. For this purpose, I bind the backup volume to an rsyncd container, which is the target of a separate backup script. You may also choose to copy the files directly using docker cp if you wish to.

I didn't know Ofelia, thanks! I have added a script into "/docker-entrypoint-initdb.d/", it do a slpacat into a volume with a very trivial logic beacuse I should have to reinvent cron, furthermore I didn't want to customize the Dockerfile. So Ofelia seems to be a better solution :)

sixsax avatar Aug 09 '22 13:08 sixsax

In case it might help anyone:

I use Bivac to backup my docker volumes. https://bivac.io/ https://github.com/camptocamp/bivac

Bivac supports executing commands before and after backups using providers. This is my provider configuration for the bitnami openldap:

[providers.openldapbitnami]
	detect_cmd = "[[ -d /bitnami/openldap/slapd.d/ ]]"
	pre_cmd = "mkdir -p $volume/data/backups && slapcat -n 0 -F $volume/slapd.d/ -l $volume/data/backups/config.ldif && slapcat -n 2 -F $volume/slapd.d/ -l $volume/data/backups/data.ldif"
	post_cmd = "rm -rf $volume/data/backups"
	backup_dir = "data/backups"
	restore_pre_cmd = "mkdir -p $volume/data/backups"
	restore_post_cmd = "slapadd -n 2 -F $volume/slapd.d/ -l $volume/data/backups/data.ldif && slapadd -n 0 -F $volume/slapd.d/ -l $volume/data/backups/config.ldif ; rm -rf $volume/data/backups"

Restoring the config doesn't work yet, not quite sure why.

acul009 avatar Aug 13 '22 21:08 acul009

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

github-actions[bot] avatar Aug 29 '22 01:08 github-actions[bot]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

github-actions[bot] avatar Sep 04 '22 01:09 github-actions[bot]