1

I have a couple of docker volumes i want to backup onto another server, using scp/sftp. I don't know how to deal with that so i decided to have a look at blacklabelops/volumerize GitHub project.

This tool is based on the command line tool Duplicity. Dockerized and Parameterized for easier use and configuration. Tutorial is dealing with a jenkins docker, but i don't understand how to mention i'm want to use a pem file.

I've tried different solution (adding -i option to scp command line) without any success at the moment.

Duplicity man page is mentioning the use of cacert pem files (--ssl-cacert-file option), but i suppose i have to create an env variable when running the docker (with -e option), and i don't know which name to use.

Here what i have so far, can someone please point me in the right direction ?

docker run -d --name volumerize -v jenkins_volume:/source:ro -v backup_volume:/backup     -e "VOLUMERIZE_SOURCE=/source"  -e "VOLUMERIZE_TARGET=scp://me@serverip/home/backup" blacklabelops/volumerize
Tanc
  • 667
  • 3
  • 6
  • 25

1 Answers1

2

The option --ssl-cacert-file is only for host verification not for authentication.

I have found this example on how to add pem files inside an scp command:

scp -i /path/to/your/.pemkey -r /copy/from/path user@server:/copy/to/path

The parameter -i /path/to/your/.pemkey can be passed in blacklabelops/volumerize with the env variable `VOLUMERIZE_DUPLICITY_OPTIONS``

Example:

$ docker run -d \
  --name volumerize \
  -v jenkins_volume:/source:ro \
  -v backup_volume:/backup \
  -e "VOLUMERIZE_SOURCE=/source" \
  -e "VOLUMERIZE_TARGET=scp:///backup" \
  -e 'VOLUMERIZE_DUPLICITY_OPTIONS=--ssh-options "-i /path/to/your/.pemkey"' \
blacklabelops/volumerize
blacklabelops
  • 4,708
  • 5
  • 25
  • 42
  • Thanks a ton maybeg! When i did my first backup, i have to deal with the following "The authenticity of host 'myserver' can't be established. SSH-ED25519 key fingerprint is 1b:75:e8:9d:d6:88:0a:c3:55:3a:95:18:05:54:70:63. Are you sure you want to continue connecting (yes/no)? yes BackendException: ssh connection to myserver:22 failed: [Errno 2] No such file or directory: '/root/.ssh/known_hosts'" 1.Had to enter the volumerize docker and ssh my server for it to be permanently added to the list of known host and 2. docker commit to save. Works like a charm. – Tanc Aug 20 '17 at 13:17
  • Adding the host manually is much more secure. But you can deactivate it with additional parameters: -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null – blacklabelops Aug 20 '17 at 18:34