4.4 KiB
Specification
Summary
Creating automated backups of docker swarm services is an often needed task. This specification describes how backups can be configured via service labels in a standardised way.
Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in RFC-2119.
Backup
To enable backups for a docker stack, the backupbot.backup=true label MUST be set on one of its services. The label MUST NOT be set multiple times for a docker stack. Otherwise the implementation MUST show an error. The label SHOULD be declared on the main service.
Volumes and paths
By default all volumes MUST be backed up. A volume MUST be excluded from the backup when backupbot.backup.volumes.{volume_name}=false is set, where {volume_name} is the name of the volume.
By default all files MUST be backed up on a volume. backupbot.backup.volumes.{volume_name}.path MAY be set to limit the paths for that volume. The value MUST be a valid path relative to the volume root. It MAY contain multiple paths which get separated by a comma. When the label is set only the given paths MUST be backed up.
Pre/Post Hooks
A backupbot.backup.pre-hook and backupbot.backup.post-hook MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after backing up files.
There is no guaranteed order in which different hooks MUST be executed.
TODO: escaping
Output
A backup implementation SHOULD provide the backup of one or multiple stacks in a .tar.gz format. In that case each volume MUST be in /var/lib/docker/volumes/{stack_name}_{volume_name}, where {stack_name} is the name of the docker stack and {volume_name} is the name of each volume that got backed up.
Restore
By default all files MUST be restored into their volume. A volume or path MAY be excluded from restoring. When restoring a backup from a .tar.gz it expects the directory layout as described in the backup output section.
Pre/Post Hooks
A backupbot.restore.pre-hook and backupbot.restore.post-hook MAY be set on a service. When set the command MUST be executed inside the running container of the service before/after restoring the files.
There is no guaranteed order in which different hooks MUST be executed.
Labels
backupbot.backup
Type: boolean Default: false Description: Enables backups for this compose stack. The label should be added to the main service of the compose stack.
Example:
backupbot.backup: true
backupbot.backup.volumes.{volume_name}
Type: boolean Default: true Description: When set to false the volume is excluded from backups.
Example:
backupbot.backup.volumes.{volume_name}: false
backupbot.backup.volumes.{volume_name}.path
Type: string Default: "" Description: A comma seperated list of paths. When one or more paths are set, it only backs up those on the given volume instead of the whole volume.
Example 1:
backupbot.backup.volumes.{volume_name}.path: '/var/lib/mariadb/dump.sql.gz'
Example 2:
backupbot.backup.volumes.{volume_name}.path: '/var/lib/myapp/foo,/var/lib/myapp/bar'
backupbot.backup.pre-hook
Type: string Default: "" Description: A command, that gets executed before the files are backed up.
Example:
backupbot.backup.pre-hook: 'mysqldump -u root -p"$(cat /run/secrets/db_root_password)" -f /volume_path/dump.db'
backupbot.backup.post-hook
Type: string Default: "" Description: A command, that gets executed after the files are backed up.
Example:
backupbot.backup.post-hook: "rm -rf /volume_path/dump.db"
backupbot.restore.pre-hook
Type: string Default: "" Description: A command, that gets executed before the files are restored. Note, that there is no guaranteed order in which multiple hooks get executed.
Example:
backupbot.restore.pre-hook: "lock db"
backupbot.restore.post-hook
Type: string Default: "" Description: A command, that gets executed after the files are restored.
Example:
backupbot.restore.post-hook: "sqldump dump.sql && unlock db && rm dump.sql"