Configure TSM client using Puppet

This working instruction shows how to configure the TSM client for Puppet machines.

By default, this will allow regular incremental filesystem backups for the node.

Make sure that the node is registered following the steps described in the node registration page: you need the password for each of your nodes for Puppet to finish the configuration of your node.

All you should need to do is add the module:

include tsmclient

Then you must set the password in Teigi:

tbag set --hg myhostgroup tsmclient_password

You should have received the default password in the registration email, but note that you are strongly advised to change it.

All the other Hiera data is optional:

Hiera data Description Default
tsmclient::node_name: The node name for your client. Node hostname
tsmclient::active: Boolean that defines whether the TSM client is fully configured and the scheduler is activated or not. true
tsmclient::backup: An array containing the directories (not files) to back up. See here
tsmclient::server: The server to back up to. hostname.backup.cern.ch
tsmclient::include_exclude: The client-side include/exclude list to apply. In any case, note that a server-side include/exclude overrides it. See here

In order to use client-side encryption, you have to use the include.encrypt include/exclude rule. For example, this would encrypt all your files before sending them to the backup system:

---
tsmclient::backup:
- /fs1
- /fs2
tsmclient::include_exclude:
- include.encrypt: '/.../*'

Please read this information on client-side encryption for more details on how to configure it and the caveats that apply.

Playground example

To install the tsmclient on all the machines in hostgroup playground/mytest, create this manifest:

class hg_playground::mytest {
    include tsmclient
}

Then configure the tsmclient password for the machine tsmtest01.cern.ch:

tbag set --host tsmtest01.cern.ch tsmclient_password

To fine-tune the configuration, create the file /it-puppet-hostgroup-playground/data/fqdns/tsmtest01.cern.ch.yaml with this content:

---
tsmclient::backup:
- /fs1
- /fs2
- /fs3/data2
tsmclient::include_exclude:
- exclude.dir: '/useless1'
- exclude.dir: '/useless2'
- exclude: '/.../*.bak'

 

This will configure your puppet client to backup /fs1 /fs2 /fs3/data2 folders, excluding anything located in directories /useless1 /useless2 and any file with the .bak extension. Note that you can't list individual files in tsmclient::backup; you should instead list the directories that contain them and exclude anything you're not interested in via tsmclient::include_exclude.

If you want to specify special configuration options, you can do so by defining the tsmclient class, instead of importing it:

class hg_playground::mytest {
    class { 'tsmclient':
      options => [{
        'errorlogname' => '/var/log/backup.log',
        'ENCRYPTKey' => 'save',
      }],
    }
}

More information