Now that I have deploying VMs sorted I am migrating the first service from my router onto a new VM, my BackupPC server. This should be relatively straight forward as the server set-up is managed in SaltStack and the data resides on an iSCSI volume from my NAS, do configuration and “transfer” should be simple. Should be.

Preparing the old system (physical server)

First step is to shutdown BackupPC, following standard process from when I set it up:

systemctl stop backuppc
umount /var/lib/backuppc
vgchange -a n backuppc
cryptsetup luksClose backuppc-pv
iscsiadm --mode node --targetname "iqn.1994-11.com.netgear:isolinear:6349f3fd:backuppc" --logout

Preparing the new system (VM)

The new VM needs the pre-requisites installed. From my SaltStack configuration, this is easily done by adding the backuppc-server role to the VM and running the configuration system against it. One issue I found was that lvm was not installed on the VM (I did not use LVM on the VM) bit it was required as I did use it on the encrypted volume (to be able to snapshot it). Adding this as a requirement fixed it.

I also needed to put the new authentication information into the pillar data before running SaltStack’s state.highstate on the VM.

After putting in this data and applying the role, SaltStack installed and set-up BackupPC, nginx webserver, open-iscsi, cryptsetup, lvm2 etc.

After this install, /var/lib/backuppc is still unmounted as it requires the encrypted volume to be unlocked to continue. To avoid problems, I manually removed files from the /var/lib/backuppc mountpoint before anything gets mounted there:

rm -r /var/lib/backuppc/{cpool,log,pc,pool,trash}

As the VM’s hard disk is vda and there are no other sd* devices, the iSCSI device is sda, not sdc on the new system:

cryptsetup luksOpen /dev/sda1 backuppc-pv

Once opened, running SaltStack a second time mounted the file-system. BackupPC still failed to start as the user has been allocated a different UID and GID on this install. Perhaps I should set-up LDAP, but that is a problem for another day. I thought I would simply changed the ownership of the existing files:

chown -R backuppc:backuppc /var/lib/backuppc/{cpool,log,pc,pool,trash} /var/lib/backuppc

However this ended up taking 2.5 days to complete. With hindsight I wish I had instead taken a different approach.

After the files ownerships have been fixed, backuppc should start cleanly:

systemctl start backuppc

Tidying up

I then disabled the local backups for the router, which the service was running on, as it is now using a remote method. I also added a backup of the local system (the VM), excluding the backuppc iSCSI file-system.

I manually removed the configuration for the old local backups from the router:

rm /etc/sudoers.d/backuppc
apt-get purge open-iscsi backuppc
apt-get autoremove