Re: [Bacula-users] managing backups of multiple remote customers

On 4/6/2014 6:06 PM, luca_uby AT yahoo DOT it wrote:

Greetings

This is going to be a very general question about bacula capabilities as I'm trying to understand if this is the right tool for my scenario. I'm new to this software so please excuse me if I'm making obvious mistakes in my reasonings.

Basically I would like to set up off-site backups for some of our customers. The data to backup is not too big and bandwidth is enough. I would like to have a single point where I can check if the backups are working and as a bonus the customers should be able to recover files by themselves (without seeing other people data)

I was thinking to set up a director and storage service on my servers and install Bacula clients on the customers servers.

Now, the major problem is I do not have full control over those remote servers, meaning I can install the Bacula client on them but I can't ask them to open a Nat on their routers nor can I install vpn clients on their network to allow my bacula director to directly contact the clients. They contain sensitive data so they often do not want to expose these servers in any way. Outgoing communication to my servers on the other hand is not a problem.

Can the client poll the director instead of being the other way around?

No. A TCP port must be opened to allow the director to connect to the client. Even if there were a client initiated connection for backup, the director would still be required to connect to the client to get client status, else it wouldn't be possible to remotely monitor the client's jobs.

Alternatively I was thinking a solution could be to install a director at each remote location but I guess I would no longer be able to monitor the backups as a whole.

Am I missing something?

Should I use a different backup solution?

In the case where the client TCP port cannot be opened and OpenVPN or such is not allowed, a local director is the only possible choice. Since you imply that you can monitor backups at the individual sites, I assume you have SSH access. In that case, you could backup to local disk and then push copies of the backup volumes to your server using rsync over SSH. The rsync can be started automatically by specifying a RunAfter script for an admin job that each individual director runs after all backup jobs have completed. Restores would be made from local disk and the copies on your server would be only for disaster recovery.

The only other choice is to backup to tape and physically move the tapes off-site in some secure fashion. I have a client who periodically hand carries tapes to a bank safe deposit box because they do not want their data on ANY remote computer.

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees_APR

_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users