Hello,
2013/9/18 Robert M. Candey <robert.m.can...@nasa.gov>
> **
> As a follow up on Uthra Rao's question ("client connect to storage daemon
> problem"), here's a different explanation of what we are trying to
> accomplish, plus the requested config files.
>
> We have been successfully using Bacula for many years and now need to add
> clients on a separate high speed network (due to the volume of data). We
> added a 10 GbE switch and network interface cards to the large data clients
> (but not all) and the backup server, to form a private network
> (192.168.0.*).
>
Great. I've configured this kind of setup many times.
>
> Since the Storage resource is defined with one address (on the regular
> network) and not its address on the private network, we get errors:
>
> Fatal error: Authorization key rejected by Storage daemon.
> Fatal error: Failed to authenticate Storage daemon.
> Fatal error: Bad response to Storage command: wanted 2000 OK storage , got
> 2902 Bad storage
>
>
You need to define a second Storage resource pointed to the same bacula-sd
instance. I did it by simple copy-paste of current Storage resource
configuration and change a its name and address parameters. I leave
password, device and media type unchanged.
This operation does not interference with current setup, so all your
current jobs should run unaffected. If not, you make a mistake somewhere.
Take an original config and start again.
> Below are the beginning of our config files. The "*Address = 0.0.0.0" was
> added based on an old comment on the list, to ensure the services listen to
> all network interfaces (which they seem to do by default anyway).
>
>
Absolutely. It listen by default. And it is not the problem. :)
> I assume the requirement to match the storage server name/address is for
> added security over the passwords, but it makes this situation much more
> difficult.
>
No. To handle backups Bacula Director connects Bacula SD and authorize, so
the name of the Director and Storage Password should match.
See:
http://bacula.org/5.2.x-manuals/en/main/main/Customizing_Configuration_F.html#SECTION001340000000000000000
The name of the Storage at bacula-sd.conf doesn't matter.
>
> Has anyone succeeded at running one backup server with clients on two
> networks and network cards? Any suggestions for this? Thanx.
>
I configured it many times. :)
>
> Robert Candey
> *
> *
>
> Director {
> Name = backup-dir
>
It is important.
> DirAddress = 0.0.0.0
> DIRport = 9101 # where we listen for UA connections
> QueryFile = "/usr/local/bacula/etc/query.sql"
> WorkingDirectory = "/var/bacula/working"
> PidDirectory = "/var/run"
> ScriptsDirectory = /usr/local/etc/bacula-clients
> Maximum Concurrent Jobs = 4
> Password = <password> # Console password
> Messages = Daemon
> fd connect timeout = 60sec
> Heartbeat Interval = 60
> }
> JobDefs {
> Name = standard-job
> Type = Backup
> Level = Incremental
> FileSet = standard-set
> Schedule = standard-sched
> Storage = jukebox
> Messages = Standard
> Pool = server-partial
> Priority = 10
> Write Bootstrap = "/var/bacula/working/BootStrap/%c.bsr"
> Spool data = yes
> }
> JobDefs {
> Name = standard-job-p
> Type = Backup
> Level = Incremental
> FileSet = standard-set
> Schedule = standard-sched
> Storage = jukebox-p
> Messages = Standard
> Pool = server-partial
> Priority = 10
> Write Bootstrap = "/var/bacula/working/BootStrap/%c.bsr"
> Spool data = yes
> }
>
> Storage {
> Name = jukebox
> Address = backup.gsfc.nasa.gov
> SDPort = 9103
> Password = <password>
>
Above password has to match the password at bacula-sd.conf.
> Device = Autochanger
> Media Type = LTO-5
> autochanger = yes
> maximum concurrent jobs = 20
> }
>
> Storage {
> Name = jukebox-p
> Address = 192.168.0.5
> SDPort = 9103
> Password = <password>
>
It has to be the same password as above Storage resource.
> Device = Autochanger
> Media Type = LTO-5
> autochanger = yes
> maximum concurrent jobs = 20
> }
>
> bacula-sd.conf:
> Storage {
> Name = backup-sd
>
This name doesn't matter :)
> SDAddress = 0.0.0.0
> SDPort = 9103 # Director's port
> WorkingDirectory = "/var/bacula/working"
> Pid Directory = "/var/run"
> Maximum Concurrent Jobs = 20
> Heartbeat Interval = 60
> }
>
> #
> # List Directors who are permitted to contact Storage daemon
> #
> Director {
> Name = backup-dir
>
Good.
> Password = <password>
>
It need to be the same password as defined in bacula-dir.conf Storage
resources.
}
>
The most important in this case is the bacula-dir.conf Storage resource
Address parameter. This parameter is forwarded to the client (FD) as text.
So client is responsible for address resolving.
So, at your previous thread, you've got a message:
> When I try to schedule a full backup I see the following message in the
> bsonsole:
>
> “7827 Full ****.2013-09-13_16.30.23_03 is waiting for Client ***-fd to
> connect to Storage jukebox”
**
****
If that was a job which should be performed on 10G private network, then
your job resource storage parameter is invalid (jukebox) and should be
corrected into jukebox-p.
I hope it helps.
best regards
--
Radosław Korzeniewski
rados...@korzeniewski.net
------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
