From 24b67786c8077146bc77044006476300087a43ee Mon Sep 17 00:00:00 2001 From: Dale Newby Date: Tue, 10 Mar 2020 14:00:46 -0400 Subject: [PATCH] Remove rsyslog and Logentries The system was modified to remove cron, runny, rsyslog, and the integration with Logentries. All output is now sent to STDOUT/STDERR. Messages were updated and additional error handling and reporting was added. --- Dockerfile | 22 ++++++---------- README.md | 4 --- application/backup.sh | 45 ++++++++++++++++++++++++++------- application/entrypoint.sh | 24 ++++++++++-------- application/restore.sh | 53 +++++++++++++++++++++++++++++++-------- dockerbuild/rsyslog.conf | 16 ------------ local.env.dist | 1 - 7 files changed, 99 insertions(+), 66 deletions(-) delete mode 100644 dockerbuild/rsyslog.conf diff --git a/Dockerfile b/Dockerfile index ff2f73b..18d1920 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,14 @@ -FROM alpine:3.8 +FROM alpine:3.11 RUN apk update \ - && apk add --no-cache rsyslog rsyslog-tls \ - ca-certificates openssl \ - bash \ - postgresql \ - postgresql-client \ - python py-pip \ - && update-ca-certificates \ + && apk add --no-cache \ + bash \ + postgresql \ + postgresql-client \ + python py-pip \ && pip install s3cmd python-magic -COPY dockerbuild/rsyslog.conf /etc/rsyslog.conf - -RUN wget https://raw.githubusercontent.com/silinternational/runny/0.2/runny -O /usr/local/bin/runny \ - && chmod +x /usr/local/bin/runny - COPY application/ /data/ WORKDIR /data -ENTRYPOINT ["./entrypoint.sh"] -CMD ["crond -f"] +CMD ["./entrypoint.sh"] diff --git a/README.md b/README.md index 682abd1..8659cb0 100644 --- a/README.md +++ b/README.md @@ -8,12 +8,8 @@ Service to backup and/or restore a PostgreSQL database using S3 4. Run a backup and check your bucket for that backup ### Environment variables -`LOGENTRIES_KEY` - `MODE=[backup|restore]` -`CRON_SCHEDULE="0 2 * * *"` _defaults to every day at 2:00 AM_ [syntax reference](https://en.wikipedia.org/wiki/Cron) - `DB_HOST=` hostname of the database server `DB_NAME=` name of the database diff --git a/application/backup.sh b/application/backup.sh index 9f3a347..7a098bf 100755 --- a/application/backup.sh +++ b/application/backup.sh @@ -1,15 +1,42 @@ #!/usr/bin/env sh - logger -p user.info "backing up ${DB_NAME}..." +STATUS=0 - start=$(date +%s) - runny $(PGPASSWORD=${DB_USERPASSWORD} pg_dump --host=${DB_HOST} --username=${DB_USER} --create --clean ${DB_OPTIONS} --dbname=${DB_NAME} > /tmp/${DB_NAME}.sql) - end=$(date +%s) +echo "postgresql-backup-restore: backup: Started" - logger -p user.info "${DB_NAME} backed up ($(stat -c %s /tmp/${DB_NAME}.sql) bytes) in $(expr ${end} - ${start}) seconds." +echo "postgresql-backup-restore: Backing up ${DB_NAME}" - runny gzip -f /tmp/${DB_NAME}.sql - runny s3cmd put /tmp/${DB_NAME}.sql.gz ${S3_BUCKET} -# runny aws s3 cp /tmp/${DB_NAME}.sql.gz ${S3_BUCKET} +start=$(date +%s) +$(PGPASSWORD=${DB_USERPASSWORD} pg_dump --host=${DB_HOST} --username=${DB_USER} --create --clean ${DB_OPTIONS} --dbname=${DB_NAME} > /tmp/${DB_NAME}.sql) || STATUS=$? +end=$(date +%s) - logger -p user.info "${DB_NAME} backup stored in ${S3_BUCKET}." +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Backup of ${DB_NAME} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Backup of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds, ($(stat -c %s /tmp/${DB_NAME}.sql) bytes)." +fi + +start=$(date +%s) +gzip -f /tmp/${DB_NAME}.sql || STATUS=$? +end=$(date +%s) + +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Compressing backup of ${DB_NAME} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Compressing backup of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds." +fi + +start=$(date +%s) +s3cmd put /tmp/${DB_NAME}.sql.gz ${S3_BUCKET} || STATUS=$? +end=$(date +%s) + +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Copy backup to ${S3_BUCKET} of ${DB_NAME} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Copy backup to ${S3_BUCKET} of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds." +fi + +echo "postgresql-backup-restore: backup: Completed" diff --git a/application/entrypoint.sh b/application/entrypoint.sh index 63f8bb5..1f4d970 100755 --- a/application/entrypoint.sh +++ b/application/entrypoint.sh @@ -5,15 +5,19 @@ echo ${DB_HOST}:*:*:${DB_USER}:${DB_USERPASSWORD} > /root/.pgpass echo ${DB_HOST}:*:*:${DB_ROOTUSER}:${DB_ROOTPASSWORD} >> /root/.pgpass chmod 600 /root/.pgpass -if [ "${LOGENTRIES_KEY}" ]; then - sed -i /etc/rsyslog.conf -e "s/LOGENTRIESKEY/${LOGENTRIES_KEY}/" - rsyslogd - sleep 10 # ensure rsyslogd is running before we may need to send logs to it -else - logger -p user.error "Missing LOGENTRIES_KEY environment variable" -fi +STATUS=0 + +case "${MODE}" in + backup|restore) + /data/${MODE}.sh || STATUS=$? + ;; + *) + echo postgresql-backup-restore: FATAL: Unknown MODE: ${MODE} + exit 1 +esac -# default to every day at 2 am when no schedule is provided -echo "${CRON_SCHEDULE:=0 2 * * *} runny /data/${MODE}.sh" >> /etc/crontabs/root +if [ $STATUS -ne 0 ]; then + echo postgresql-backup-restore: Non-zero exit: $STATUS +fi -runny $1 +exit $STATUS diff --git a/application/restore.sh b/application/restore.sh index 3298ae0..a886203 100755 --- a/application/restore.sh +++ b/application/restore.sh @@ -1,41 +1,72 @@ #!/usr/bin/env sh +STATUS=0 + +echo "postgresql-backup-restore: restore: Started" + # Does the database exist? -logger -p user.info "checking for DB ${DB_NAME}..." +echo "postgresql-backup-restore: checking for DB ${DB_NAME}" result=$(psql --host=${DB_HOST} --username=${DB_ROOTUSER} --list | grep ${DB_NAME}) if [ -z "${result}" ]; then message="Database "${DB_NAME}" on host "${DB_HOST}" does not exist." - logger -p 1 -t application.crit "${message}" + echo "postgresql-backup-restore: FATAL: ${message}" exit 1 fi # Ensure the database user exists. -logger -p user.info "checking for DB user ${DB_USER}..." +echo "postgresql-backup-restore: checking for DB user ${DB_USER}" result=$(psql --host=${DB_HOST} --username=${DB_ROOTUSER} --command='\du' | grep ${DB_USER}) if [ -z "${result}" ]; then result=$(psql --host=${DB_HOST} --username=${DB_ROOTUSER} --command="create role ${DB_USER} with login password '${DB_USERPASSWORD}' inherit;") if [ "${result}" != "CREATE ROLE" ]; then message="Create role command failed: ${result}" - logger -p 1 -t application.crit "${message}" + echo "postgresql-backup-restore: FATAL: ${message}" exit 1 fi fi -logger -p user.info "changing DB ownership to ${DB_USER}..." +echo "postgresql-backup-restore: changing DB ownership to ${DB_USER}" result=$(psql --host=${DB_HOST} --username=${DB_ROOTUSER} --command="alter database ${DB_NAME} owner to ${DB_USER};") if [ "${result}" != "ALTER DATABASE" ]; then message="Alter database command failed: ${result}" - logger -p 1 -t application.crit "${message}" + echo "postgresql-backup-restore: FATAL: ${message}" exit 1 fi -logger -p user.info "restoring ${DB_NAME}..." +echo "postgresql-backup-restore: restoring ${DB_NAME}" -runny s3cmd get -f ${S3_BUCKET}/${DB_NAME}.sql.gz /tmp/${DB_NAME}.sql.gz -runny gunzip -f /tmp/${DB_NAME}.sql.gz +start=$(date +%s) +s3cmd get -f ${S3_BUCKET}/${DB_NAME}.sql.gz /tmp/${DB_NAME}.sql.gz || STATUS=$? +end=$(date +%s) + +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Copy backup of ${DB_NAME} from ${S3_BUCKET} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Copy backup of ${DB_NAME} from ${S3_BUCKET} completed in $(expr ${end} - ${start}) seconds." +fi start=$(date +%s) -runny psql --host=${DB_HOST} --username=${DB_USER} --dbname=${DB_NAME} ${DB_OPTIONS} < /tmp/${DB_NAME}.sql +gunzip -f /tmp/${DB_NAME}.sql.gz || STATUS=$? end=$(date +%s) -logger -p user.info "${DB_NAME} restored in $(expr ${end} - ${start}) seconds." +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Decompressing backup of ${DB_NAME} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Decompressing backup of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds." +fi + +start=$(date +%s) +psql --host=${DB_HOST} --username=${DB_USER} --dbname=${DB_NAME} ${DB_OPTIONS} < /tmp/${DB_NAME}.sql || STATUS=$? +end=$(date +%s) + +if [ $STATUS -ne 0 ]; then + echo "postgresql-backup-restore: FATAL: Restore of ${DB_NAME} returned non-zero status ($STATUS) in $(expr ${end} - ${start}) seconds." + exit $STATUS +else + echo "postgresql-backup-restore: Restore of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds." +fi + +echo "postgresql-backup-restore: restore: Completed" +exit $STATUS diff --git a/dockerbuild/rsyslog.conf b/dockerbuild/rsyslog.conf deleted file mode 100644 index 2a2b661..0000000 --- a/dockerbuild/rsyslog.conf +++ /dev/null @@ -1,16 +0,0 @@ -# if you experience problems, check: -# http://www.rsyslog.com/troubleshoot - -$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) - -# -# Configure TLS (logentries-specific example: https://docs.logentries.com/docs/rsyslog/) -# -$DefaultNetstreamDriverCAFile /etc/ssl/certs/ca-certificates.crt -$ActionSendStreamDriver gtls -$ActionSendStreamDriverMode 1 -$ActionSendStreamDriverAuthMode x509/name -$ActionSendStreamDriverPermittedPeer *.logentries.com - -$template LogentriesFormat,"LOGENTRIESKEY %msg%\n" -*.emerg,*.alert,*.crit,*.err,*.warning,user.* @@data.logentries.com:443;LogentriesFormat diff --git a/local.env.dist b/local.env.dist index 240dfe6..3124830 100644 --- a/local.env.dist +++ b/local.env.dist @@ -1,4 +1,3 @@ -LOGENTRIES_KEY= AWS_ACCESS_KEY= AWS_SECRET_KEY= S3_BUCKET=