Configuring Bacula Tray Monitor on Ubuntu

I use Bacula to back up my servers and desktop/laptop computers. It's always bugged me that I didn't have a little icon on my Ubuntu desktop showing the status of the backup: whether it was running or not and some indication of progress. Most backup systems have this. In Bacula it's called the tray monitor. The configuration file documentation seemed straightforward, but it took a lot of fiddling to get it right.

I think I have a fairly typical situation:

• A backup server with a direct attached backup storage device (in my case, two: a USB-connected 1 TB hard drive, and a DAT-72 tape drive)
• Several clients being backed up on a regular schedule
• One client is the laptop I use as my normal workstation. This is the one I want to put the tray monitor on
• I'm already successfully backing up this configuration, so all my passwords in my Bacula configuration files are correct, and all my firewalls are configured to allow the backup to work
• The laptop and the backup server are both running Ubuntu 10.04

Here's what I did to get the tray monitor to work (read my notes below before you start cutting and pasting the following into your configuration):

1. I installed the tray monitor software on my laptop:

sudo apt-get install bacula-traymonitor

2. On my laptop I changed the tray monitor configuration file (/etc/bacula/tray-monitor.conf) to look like this:

Monitor {
  Name = backup02-mon
  Password = "Monitor-Password"
  RefreshInterval = 5 seconds
}

Client {
  Name = pacal-mon
  Address = pacal.pender.jadesystems.ca
  FDPort = 9102
  Password = "Monitor-Password"
}

3. Still on the laptop, I added the following to the file daemon, aka backup client, configuration file (/etc/bacula/bacula-fd.conf):

# Restricted Director, used by tray-monitor to get the
#   status of the file daemon

Director {
  Name = backup02-mon
  Password = "Monitor-Password"
  Monitor = yes
}

4. I restarted the file daemon on the laptop (don't forget this or you'll confuse yourself horribly):

sudo service bacula-fd restart

5. On the backup server, I added the following to the director configuration file (/etc/bacula/bacula-dir.conf):

# Restricted console used by tray-monitor to get the status of the director
Console {
  Name = backup02-mon
  Password = "Monitor-Password"
  CommandACL = status, .status
}

6. Finally, I reloaded the configuration file on the backup server:

sudo bconsole 
reload 
exit 

Now all I had to do is start the tray monitor. The command line is:

bacula-tray-monitor -c /etc/bacula/tray-monitor.conf

Then I made a menu item for it. I put it in Applications-> System Tools.

1. Select System-> Preferences-> Main Menu
2. Select "System Tools" on the left side of the window
3. Click on the "New Item" button on the right side of the window
4. Fill in the "Name:" box with "Bacula Tray Monitor" and the "Command:" box with the command line above
5. Click "OK"
6. Click "Close" in the "Main Menu" window

Notes:

• I used a separate password specifically for the monitor. The tray monitor's configuration file has to be readable by an ordinary user without special privileges. So anyone can see the password. Don't use the same password for the monitor as you use for the director or the file daemons, or you'll be making it easy for anyone who gets access to your computer to read all the files on your network.
• You have to change to above bits of configuration file to match your particular configuration. Change: "laptop.example.com" to the fully qualified domain name of the computer on which you're installing the tray monitor. Change "Monitor-Password" to something else more secure that everyone who reads this blog doesn't know about. 
• "backup02-mon" and "laptop-mon" are both names you can change to be anything you want them to be. In my case, "backup02-mon" means the monitor on the backup server (hostname: backup02), and "laptop-mon" means the monitor on the laptop (hostname: laptop)

Google Chrome, Ubuntu, and Cisco AnyConnect

I need to use Cisco's AnyConnect VPN client. It's worked quite well with FireFox on Ubuntu, although I had to forgo the upgrade to 9.10 because the VPN client wouldn't work with the kernels that came with 9.10. (That wasn't the only reason I didn't go to 9.10, so I wasn't really bothered by it.)

I've been using Google Chrome for the last few weeks instead of FireFox. It is noticeably faster on my Lenovo x300. Going back to FireFox seems excruciatingly slow. I decided to try Chrome with the Cisco VPN client. It's not officially supported, but both FireFox and Chrome are supposed to support standards, so what could be the problem?

It worked on my Lenovo with Ubuntu 10.04, but when I tried it on my netbook with Ubuntu Netbook Remix 10.04, it didn't work. It would get to the point where the client is supposed to actually start, and then nothing would happen.

I finally noticed that on the Lenovo, I had the IcedTea plugin installed, whereas on the netbook I was trying to do exactly what was supported by Cisco (Sun Java and some fiddling to get the plugin working). So I installed IcedTea on the netbook, and it worked just fine.

To install IcedTea, start System-> Adminstration-> Synaptic Package Manager, enter your password, then put "icedtea" in the "Search" field. Right click on "icedtea6-plugin", select "Mark for installation" and then click on the "Apply" button. Or, if you like the Terminal, type "sudo apt-get install icedtea6-plugin" in a terminal.

(Update for Ubuntu 11.04: the package to install is called "icedtea-plugin" now. No version number.)

It's always fun when you try to do something exactly by the book and it doesn't work, and then you do it the way you think should work, and it does.

Unfortunately, Exchange 2010 Outlook Web Access doesn't support Chrome, so I'm forced to use the crippled "Lite" interface. So I'll probably end up using FireFox anyway.

Web Trap Pages

I'm looking for an open source friendly accounting company to do my taxes and give me advice. The only reason I need a Windows box anymore is to do my accounting, since most accountants want their clients to use Windows-based software.

I typed something into Google to see if I could find an accounting firm that was open source friendly. I got one of those bogus pages that's just scraped together from bits of the internet by a computer program. Sleaze-balls put up sites like this to try to get you to land there from a search and then click on a link, generating ad revenue for the sleaze-ball.

The thing was, it took me a few moments to realize the page for what it was. It almost looked like a real site dedicated to open source accounting software. I thought, "wow, this sleaze-ball software is getting pretty good."

The I realized that it could also be that so many sites on the Internet are still so bad, that a computer can do as good a job as a person.

(Is this a variant of the Turing Test?)

CFOs: Use the Cloud Now

It occurred to me that there's an easy way for CFOs and CEOs to use the cloud right now, without waiting for the IT department to touch a single piece of equipment. Here's how:

Ask your IT department how many servers and how much data you have. (Ask how much data is actually being used, not how much capacity you have.) Then, go to Amazon's site for cloud services and calculate how much it would cost to host that on Amazon. Finally, call in the CIO and ask her why your IT infrastructure budget is a lot higher than what it would cost to host on Amazon. It will be. You're asking for the whole infrastructure budget, not just the cost of the equipment.

For example, suppose you have 460 Windows servers and 200 TBs of data. Amazon has different prices for different size servers, but start by assuming all your servers are what Amazon calls "large". Your annual cost for that (October, 2010) is $2.5M. That includes 400 Mbps of network traffic into and out of the data centre 24 hours per day.

Ask your CIO out what services you're getting that justify the premium you pay for having an in-house IT infrastructure department.

In reality, you're CIO's no dummy. She'll be able to give you a pretty good story about why the IT infrastructure budget is so much. That's when you can use an independent IT consultant who's not owned by a company selling the infrastructure that drives up your costs. The real value comes when you start to use the benchmark cost of Amazon to identify and drive improvements in the value provided by your infrastructure department.

For example, when your CIO is talking about the services she provides, ask her when she's going to offer servers that can be spun up by a user, through a web site, with no intervention at all from the IT infrastructure group, like on Amazon? Or when the business will be able to downsize how much it's paying if it discovers that it doesn't need a large server, like on Amazon? Or when you'll start paying only for the data storage you're using, and not for a bunch of empty disk that you had to buy for "future growth", like on Amazon?

And that's how to use the cloud without changing one piece of technology.

Terry Fox Run

I like the web site the Terry Fox Foundation has put together for their annual school run to raise funds for cancer research. It lets people donate on-line, of course. Much more interesting is that it lets kids collect and create their own content -- photos and videos -- and post them on their own page, along with a graph showing how close to reaching their fund-raising goal they are.

My son Marc got right into making videos for it. For the Foundation, it gets kids thinking and talking about Terry Fox and the importance of cancer research. For the kids, it gets them producing content for the web. The future belongs to those who produce content. (Those of us who produce the technology will be like the guys today who keep the mainframes running.)

Shameless commercial: You can contribute to cancer research by supporting Marc's run here.

The Cost of Storage: Reality Check

A friend pointed me at this awesome blog post from Backblaze, who sell cloud storage: Petabytes on a budget: How to build cheap cloud storage | Backblaze Blog. They build their own storage boxes based on a commodity motherboard running Linux, and standard open source software.

Backblaze gets a cost per gigabyte of under $0.12. Yes, 12 cents per GB. And that's per GB of RAID 6 storage. It's easy to find storage costing $12 or more per GB from the mainstream storage vendors -- two orders of magnitude more. The blog post also compares prices of storage. They show a price difference of up to 2,000 times!

I think there are a lot of areas of IT that a fundamentally broken. Storage is an area that is most obviously broken, and these price differences should make that obvious.

What I find really interesting is Backblaze's approach. They published their hardware design in the blog post. They've open-sourced their hardware. The supplier of their cabinet is already offering the cabinet as a product because they've had so much demand. People are buying and building these boxes, and I'm sure it won't be long before lots of open source software becomes available that provides storage solutions based on this hardware.

This gives hope. In ten years, perhaps, open source will do to storage what it's doing to CPU cycles and the operating system business -- get rid of the artificial cost imposed by proprietary vendors who hoard technology.

Can't Run VMWare Server 2 Management Interface

I filled the disk on my VMWare Server 2 host, which caused all sorts of grief. Part of the grief was that I couldn't get to the management interface at https://vmhost:8333/ui. I solved that problem by killing the VMWare hostd process (after freeing up some space on the disk):

1. Look up the process ID: ps -ea | grep hostd
2. Kill the process: sudo kill pid 
3. Remove the old lock file: sudo rm /var/run/vmware/vmware-hostd.PID
4. Restart VMWare management: sudo /etc/init.d/vmware-mgmt restart