---
layout: post
title: "Automated backups for Chef Server 11"
date: 2013-04-27 21:34
comments: true
categories:
- chef
- opscode
- backup
- cron
- knife-backup
description: "Automated backups for Chef Server 11 using cron"
---

In this article I will share my setup, I use to backup chef server.
In the best case, you have a dedicated machine, which has network access to your chef
server. Otherwise you will have to additionally use a different backup program
like [rsnapshot](http://www.rsnapshot.org/) or
[duplicity](http://duplicity.nongnu.org/) to backup the created export
directory. In my case I use a raspberry pie with a
[hdd docking station](http://www.amazon.de/dp/B0017J4IAQ?tag=gitblo-21) and a
[power saving harddrive](http://www.amazon.de/dp/B004VFJ9MK?tag=gitblo-21)

To get started you will need ruby on the backup machine. I prefer using rvm for
this job. Feel free to choose your preferred way:

```bash
$ curl -L https://get.rvm.io | bash -s stable --autolibs=enabled
```

To create the backup, I use the great [knife-backup gem](https://github.com/mdxp/knife-backup) of [Marius Ducea](http://www.ducea.com/):

```bash
$ gem install knife-backup
```

Then add these scripts to your system:

```bash
$ mkdir -p ~/bin && cd ~/bin
$ wget http://blog.higgsboson.tk/downloads/code/chef-backup/backup-chef.sh
$ wget http://blog.higgsboson.tk/downloads/code/chef-backup/restore-chef.sh
$ chmod +x {backup,restore}-chef.sh
```

{% include_code backup script lang:bash chef-backup/backup-chef.sh %}

{% include_code restore script lang:bash chef-backup/restore-chef.sh %}

Modify BACKUP variable to match your backup destination.
Next you will need a knife.rb to get access to your server.
I suggest to create a new client:

```bash
$ mkdir -p ~/.chef
$ knife client create backup --admin --file "$HOME/.chef/backup.pem"
$ cat <<'__EOF__' >> ~/.chef/knife-backup.rb
log_level                :info
log_location             STDOUT
node_name                'backup'
client_key               "#{ENV["HOME"]}/.chef/backup.pem"
chef_server_url          'https://chef.yourdomain.tld' # EDIT HERE
syntax_check_cache_path  "#{ENV["HOME"]}.chef/syntax_check_cache"
__EOF__
$ knife role list # test authentication
```

Now test the whole setup, by running the `backup-chef.sh` script:

```bash
$ ~/bin/backup-chef.sh
```

It should create a tar file in the backup directory.

If everything works, you can add a cronjob to automate this.

```bash
$ crontab -e
```

    @daily $HOME/bin/backup-chef.sh

To restore a backup simply run (where `DATE` is the date of the backup)

```bash
$ ~/bin/restore-chef.sh /path/to/backup/DATE.tar.bz2
```

That's all folks!