jmsperu opened a new pull request, #12900: URL: https://github.com/apache/cloudstack/pull/12900
## Summary Adds a new `InfrastructureBackupTask` to the NAS backup plugin that performs daily backups of CloudStack infrastructure (database, management/agent configs, SSL certs) to NAS storage. ## Problem CloudStack's NAS backup provider only backs up VM disks. The management server database, agent configurations, SSL certificates, and global settings are not backed up. If the management server fails, all metadata is lost unless someone manually configured mysqldump cron. ## Solution A new background poll task that automatically backs up: 1. **MySQL databases** (`cloud` + optionally `cloud_usage`) using `mysqldump --single-transaction` for InnoDB-consistent hot backups 2. **Management server configs** (`/etc/cloudstack/management/`) 3. **Agent configs** (`/etc/cloudstack/agent/`) if present 4. **SSL certificates** (`/etc/cloudstack/management/cert/`) if present 5. **Automatic retention** management (removes old backup sets) Database credentials are read from `/etc/cloudstack/management/db.properties` at runtime (no secrets stored in global config). ### Configuration | Setting | Scope | Default | Description | |---------|-------|---------|-------------| | `nas.infra.backup.enabled` | Global | `false` | Master switch for infrastructure backup | | `nas.infra.backup.location` | Global | (empty) | NAS mount path (e.g. `/mnt/nas-backup`) | | `nas.infra.backup.retention` | Global | `7` | Number of backup sets to keep | | `nas.infra.backup.include.usage.db` | Global | `true` | Include `cloud_usage` database | ### Backup Structure ``` /mnt/nas-backup/infra-backup/ ├── 20260327-020000/ │ ├── cloud-20260327-020000.sql.gz │ ├── cloud_usage-20260327-020000.sql.gz │ ├── management-config.tar.gz │ ├── agent-config.tar.gz │ └── ssl-certs.tar.gz ├── 20260326-020000/ │ └── ... ``` ### Changes - **New:** `InfrastructureBackupTask.java` - background task implementing `BackgroundPollTask` - **Modified:** `NASBackupProvider.java` - added 4 ConfigKeys, scheduled the backup task ## Test plan - [ ] Enable backup framework and set provider to NAS - [ ] Configure `nas.infra.backup.enabled=true` and `nas.infra.backup.location=/mnt/test-backup` - [ ] Verify backup directory structure is created - [ ] Verify `cloud-*.sql.gz` database dump is created and restorable - [ ] Verify `management-config.tar.gz` contains `/etc/cloudstack/management/` files - [ ] Verify `agent-config.tar.gz` is created only when agent config dir exists - [ ] Set retention=2, trigger multiple cycles, verify old backups are cleaned up - [ ] Verify task is a no-op when disabled - [ ] Verify task handles missing `db.properties` gracefully - [ ] Verify `cloud_usage` backup is included/excluded based on config -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
