All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Encrypted Duplicity Backups to Openstack Swift/Objectstore
This is a guide on backing up your data to an Openstack Swift (Objectstore) instance using Duplicity. It provides encrypted backups using gpg so that you can safely use any public cloud storage to store them. This tutorial is for Ubuntu and CentOS and includes initial setup plus a script to automate it all.
We will be using the Dutch provider CloudVPS, which is not bound to the Patriot Act, so your data is more safe than it is with a provider that is vulnerable to the Patriot Act. Although your data is already encrypted with GPG, you can never be to sure. CloudVPS provides 10GB free ObjectStore, if you have VPS with them, the data is stored on at least 3 machines in 3 locations and they have a boatload of certifications.
If you order a VPS or Objectstore at CloudVPS, please mention my name or this article. I'll get a little referal bonus, which will be used to keep this awesome website running.
Openstack is one of those cloudy cloud projects. Warning, keep your buzzword bingo cards ready for the Wikipedia definition:
OpenStack is a free and open-source software cloud computing platform. It is primarily deployed as an infrastructure as a service (IaaS) solution. The technology consists of a series of interrelated projects that control pools of processing, storage, and networking resources throughout a data center, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API. It is released under the terms of the Apache License.
Basically it is a very nice project which provides an easy and scalable way to:
- Virtualize (Compute / Nova) (KVM, VMWare, Xen)
- Provide scalable object access (Swift / Objectstore) (like s3)
- Manage it all using a nice dashboard (Horizon)
- Have a great API which lets people develop applications for it.
- Be open source. There is no vendor lock in, you can switch between any provider providing OpenStack.
My summary is, lets say, sparse. For the sake of this tutorial, we will be using the Swift service (Object Store) to store backups we make with Duplicity.
Duplicity is another wonderfull open source project which lets you easily make (encrypted) (remote) full or incremental backups. I've been using it for many years now, it is awesome and very easy to manage.
As we all know, your data is not backed up until it is at least backed up in three places:
- Locally (homeserver)
- Off site (the cloud)
- Offline (DVD / Tape in a box at your bank)
Why would we want to use the Openstack Swift service to send our backups to instead of your own ssh server? Duplicity supports that as well, right?
To be honest, you can use both to your preference. Objectstore provides a nice scalable way to acces data. Because it only needs to provide access to data, it (can be)/(mostly is) faster than one VPS or off site Rasberry Pi. It (depending on the provider) can also be stored on more than one place, without to much user hassle.
An example can be a company providing managed services with their own (Openstack based) "private cloud". They also provide backups, of course, and most of the time they use Duplicity to make them. It is easier to scale up ObjectStore then it is to scale up an SSH server. Both can be done of course, take a SAN or NFS backend and it also scales.
Therefore, the choice is up to you. Both can complement each other, sometimes one is better and sometimes the other. Speaking like a lawyer, it depends.
Requirements
You will need the following for this tutorial:
- Data to back up
- Duplicity
- Openstack Swift/Objectstore access
You will need Duplicity version v0.6.22 or higher. v0.6.22 added support for Openstack Swift as a backend.
This tutorial was written for and tested on Ubuntu 12.04, 14.04 and CentOS 6.
It also works on any other distro where the above requirements are met.
Note that there are more Openstack providers, for example Rackspace. Do note, that they fall under the Patriot Act and thus the NSA probably can access your data.
I will be using an example data set containing photo's in this tutorial. Since the cost can sometimes be unclear with these Cloud providers, it is best to start with a small data set.
Comments
I wonder can you use this with OVH's Hubic. If I remember correctly, it's Openstack Swift, but with some different/custom method of authentication slapped on top.