工具链备份|8月更文挑战

367 阅读2分钟

工具链备份

背景

  • 其实在之前自己备份意识是不够的,而且我发现公司所有工具链都在阿里云外网访问,更可怕的是没有定时备份(docker 启动并没有持久化)。不敢想象被xx会是什么结果。我到公司后第一件事就是迁入内网,但是内网机器好多人都有账号而且sudo权限也大,所以备份也是要做的,毕竟内网也不安全。

  • 备份作为最基础的运维是必要的,备份也是提高服务可用性中重要的一环,在灾难来临之时,可以做到快速恢复服务。举个例子警示一下,比如gitlab误删数据事故 当然gitlab有多重备份机制,恢复是肯定的。想一想如果gitlab没有备份这将会是巨大灾难,过往种种事件都在警示我们做好备份,只要数据还在一切都不是问题。

环境

  • confluence,jira,gitlab,yapi都是采用docker启动
  • gitlab,yapi做了持久化
  • 尴尬的一点是jira和confluence没有做持久化,所以备份是必须的,有空这个坑得处理一下,因为下面做的备份是按天,如果容器崩溃会丢失一部分数据。

重要提示:容器做数据持久化

gitlab备份

cat /root/backup_gitlab.sh  备份脚本
#!/bin/bash

backup_time=`date +"%Y-%m-%d"`
docker exec -t gitlab-docker gitlab-rake gitlab:backup:create

if [ $? -eq 0 ]
then 
	echo "gitlab ${backup_time} Successful backup" >> /root/backup.log
else
	echo "gitlab ${backup_time} backup failed" >> /root/backup.log

fi

find /mnt/md0/gitlab-docker/data/backups/ -maxdepth 1  -mtime +7 -name "*.tar" | xargs rm -f



设置定时任务

30 1 * * * /root/backup_gitlab.sh >/dev/null 2>&1

jira备份

root@pc-Super-Server:~# cat backup_jira.sh 
#!/bin/bash

backup_time=`date +"%Y-%m-%d"`
PGPASSWORD=jiradb pg_dump -h 172.168.1.235 -p 9999 -U jiradb  > /mnt/md0/backup_data/jira/jiradb_${backup_time}.sql

if [ $? -eq 0 ]
then
	echo "jira ${backup_time} sql Successful backup" >> /root/backup.log
else
	echo "jira ${backup_time} sql backup failed" >> /root/backup.log

fi


docker cp jira:/var/jira/data/ /mnt/md0/backup_data/jira/data/
docker cp jira:/var/jira/dbconfig.xml /mnt/md0/backup_data/jira/
docker cp jira:/var/jira/caches/ /mnt/md0/backup_data/jira/

# 查找7天前的文件执行删除
find /mnt/md0/backup_data/jira/ -maxdepth 1  -mtime +7 -name "*.sql" | xargs rm -f

30 3 * * * /root/backup_jira.sh >/dev/null 2>&1

confluence备份

root@pc-Super-Server:~# cat backup_confluence.sh 
#!/bin/bash

backup_time=`date +"%Y-%m-%d"`
PGPASSWORD=confdb pg_dump -h 172.168.1.235 -p 9999 -U confdb  > /mnt/md0/backup_data/confluence/confdb_${backup_time}.sql

if [ $? -eq 0 ]
then
	echo "confluence ${backup_time} sql Successful backup" >> /root/backup.log
else
	echo "confluence ${backup_time} sql backup failed" >> /root/backup.log

fi


docker cp confluence:/var/atlassian/confluence/attachments /mnt/md0/backup_data/confluence/
docker cp confluence:/var/atlassian/confluence/confluence.cfg.xml /mnt/md0/backup_data/confluence/
docker cp confluence:/var/atlassian/confluence/index /mnt/md0/backup_data/confluence/

# 查找7天前的文件执行删除
find /mnt/md0/backup_data/confluence/ -maxdepth 1  -mtime +7 -name "*.sql" | xargs rm -f

0  3 * * * /root/backup_confluence.sh >/dev/null 2>&1

yapi备份

root@pc-Super-Server:~# cat backup_yapi.sh 备份脚本
#!/bin/bash

backup_time=`date +"%Y-%m-%d"`

docker exec -t mongo-yapi mongodump -u yapi -p yapi2019 -d yapi -o /data/db/backups/`date +'%Y-%m-%d'`/

if [ $? -eq 0 ]
then
	echo "yapi ${backup_time} Successful backup" >> /root/backup.log
else
	echo "yapi ${backup_time} backup failed" >> /root/backup.log

fi

find /data/yapi-data/backups/  -maxdepth 1 -type d -mtime +7 |xargs rm -rf


crontab 定时任务

30 2 * * * /root/backup_yapi.sh >/dev/null 2>&1

yapi恢复

  • docker 启动一个全新的yapi 和mongo
mongo
use admin

db.createUser(  
  { user: "admin",  
    pwd: "admin",  
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]  
  }  
) 

db.createUser(  
  { user: "yapi",  
    pwd: "yapi2019",  
    roles: [ { role: "dbAdmin", db: "yapi" } ]  
  }  
) 
exit
mongorestore -u yapi -p yapi2019 -d yapi --authenticationDatabase admin --drop --dir /root/yapi/

/root/yapi 是备份数据目录

注意: 在所有备份脚本测试完成后,使用备份数据还原一个测试环境,验证备份数据覆盖面