Traditional backup software connection vector is initiated by the backup server. However, firewalls and NATs are the most frequent intermediary devices that can impact traffic on the Internet [1], blocking this type of communication. Also, it is very hard and laborious to open local premises network ports to every machine that needs remote backup.
Backup clients behind firewalls or with NAT addresses shall be able to transverse these devices, starting the connection and backup jobs to the remote backup service themselves over the Internet. This is one of the Community & Enterprise Bacula Tray Monitor service features, as shown in Figure 1.
Figure 1: Client Initiated Backup flow[2]
Enterprise Bacula Tray Monitor Install
On Linux, Bacula Tray Monitor is provided by the same BAT installation package (e.g. bacula-enterprise-bat-8.8.6-1.el7.x86_64.rpm).
On Windows, the all-in-one installation package allows the selection of Tray Monitor component.
Community Bacula Tray Monitor Install
Community Bacula Tray Monitor might be also be installed with Windows executable installation package and with Linux standalone or bat package (e.g. rpm, deb), depending on how it was packed.
Nevertheless, it is also possible to compile and install the Tray Monitor from Bacula source code toguether with the Bacula Client, as follows:
wget -qO- http://www.bacula.com.br/atual | tar -xzvf - -C /usr/src cd /usr/src/bacula-*/ ./configure --enable-client-only --enable-build-dird=no --enable-build-stored=no --enable-smartalloc --enable-bat yum install -y qt-devel qt ln /usr/bin/qmake-qt4 /usr/bin/qmake cd src/bacula-*/src/qt-console/tray-monitor/ qmake make make install cd ../../../ make && make install && make install-autostart-fd service bacula-fd restart
Tray Monitor Configuration
Director Side
Add the following resource to the /opt/bacula/etc/bacula-dir.conf Director configuration file. It can suit the connection of multiple remote clients.
Console {
Name = fd-cons
Password = yyy
# These commands are used by the tray-monitor, it is possible to restrict
CommandACL = run, restore, wait, .status, .jobs, .clients
CommandACL = .storages, .pools, .filesets, .defaults, .estimate
# Adapt for your needs
jobacl = *all*
poolacl = *all*
clientacl = *all*
storageacl = *all*
catalogacl = *all*
filesetacl = *all*
}
Remote Clients Side
Add the following resources to the /opt/bacula/etc/bacula-fd.conf Client configuration file (on Windows: Start Menu, Bacula, Configuration, Edit Client Configuration):
Console { # Console to connect the Director
Name = fd-cons
DIRPort = 9101
address = localhost # Director Internet/Public Address
Password = "yyy"
}
Director {
Name = remote-cons
Password = "xxx"
Remote = yes
}
Restart the client to apply changes.
Add the following to the /opt/bacula/etc/bconsole.conf Console Configuration File (on Windows: Start Menu, Bacula, Configuration, Edit Console Configuration):
Director {
Name = localhost-fd
address = localhost # Specify the FD address
DIRport = 9102 # Specify the FD Port
Password = "notused"
}
Console {
Name = remote-cons
Password = "xxx"
}
Finally, replace or create a Bacula Tray Monitor user configuration file, for exemple: ~/.bacula-tray-monitor.conf (on windows, C:Users<user>AppDataRoamingbacula-tray-monitor.conf).
Remark: it is possible to make this configuration graphically using the Tray Monitor interface.
Monitor {
Name = remote-cons
Command Directory = /tmp # Directory to create "*.bcmd" files that runs backups automatically
}
Client {
Name = localhost-fd
address = localhost # Specify the FD address
Port = 9102 # Specify the FD Port
Password = "xxx"
Remote = yes
Monitor = yes
}
Running Backup Jobs
It is possible to use Tray Monitor GUI to start new backup jobs. Also, the Tray Monitor service will scan the “Command Directory” periodically and process user created “*.bcmd” files to find jobs to run.
The format of the “file.bcmd” command file is the following [2]:
<component name>:<run command> <component name>:<run command> ... <component name> = string <run command> = string (bconsole command line)
For example:
localhost-fd: run job=backup-localhost-fd level=full localhost-dir: run job=BackupCatalog
The command file should contain at least one command. The component specified in the first part of the command line should be defined in the tray monitor. Once the command file is detected by the tray monitor, a popup is displayed to the user and it is possible for the user to cancel the job directly.
The file can be created with tools such as “cron” or the “task scheduler” on Windows.
Screenshots
References
[1] Stiemerling, Martin. “NAT and Firewall Traversal Issues of Host Identity Protocol (HIP) Communication,” 2008. https://tools.ietf.org/html/rfc5207.txt.
[2] Bacula. “Release 9.0.0 | Bacula,” 2017. http://blog.bacula.org/release-9-0-0/.
Disponível em: 
Português (Portuguese (Brazil))
English
