Opensimulator Grid Backup & Restore is a guide describing good backup practices for Opensim Grids. It covers basic backup principles and requirements for Opensim. Finally, it links to two additional articles, one for Ubuntu and another for Windows. This article is part of a larger whole covering all aspects of setting up and maintaining a grid.
Backup Principals – Opensimulator Grid Backup & Restore
The 3-2-1 backup rule is a standard that many adhere to. Firstly it states to keep three copies of all data. Secondly that the data must be in two different locations. Finally, that one of those locations needs to be off-site. Notably, one of these backups must be available quickly.
While this guide does not adhere strictly to the 3-2-1 rule, it does stick to the same principles. The system it is going to establish has multiple layers.
- Primary – Server Host Backup Store
- Secondary – Backblaze
- Third – Google Drive
- Fourth – Local copy
- Fith level? – 2nd copy on physical hardware drawn from the secondary backup source on a machine with no access to any of the servers. Additionally it should not be accessible to the other local backup system. – Theory only in this system.
Privacy is as important as being able to backup and restore data. Therefore, data stored on remote systems needs encrypting. If the backup location doesn’t use encryption, this must happen before transmission. Additionally, if encryption doesn’t occur before dispatch, the transport must be secure.
Security considerations also exist. It should not be possible to erase all the backups in the event of a single server breach.
What to Backup
- Robust Databases
- Robust Addins Folders
- FS-Asset Folders
- Simulator Databases
- Script States
- Settings Files
- Website Data
- Current “Bin” folder.
- A never run copy of the bin folder.
- Log Files
How Will it work? – Opensimulator Grid Backup & Restore
Think back to the file structure in use
├── OpenSim │ ├── Bin │ ├── Data │ │ ├── MapTiles │ │ ├── Oars │ │ ├── Robust │ │ │ ├── addins-registry │ │ │ ├── fsassets │ │ │ │ ├── data │ │ │ │ ├── Main │ │ │ │ └── tmp │ │ │ └── Maptiles │ │ └── Simulators │ │ └── ScriptEngines │ │ ├── Simulator00 │ │ ├── Simulator01 │ │ └── Simulator02 │ ├── Logs │ ├── Scripts │ └── Settings │ ├── OpenSimConstants.ini │ ├── OpenSimLogs.config │ ├── Robust │ │ ├── RobustDefaults.HG.ini │ │ ├── Robust.HG.Asset.ini │ │ ├── Robust.HG.GridUser.ini │ │ ├── Robust.HG.Main.ini │ │ └── Robust.HG.Map.ini │ └── Simulators │ ├── Defaults │ │ ├── FlotsamCache.ini │ │ ├── GridCommon.ini │ │ ├── GridHypergrid.ini │ │ ├── OpenSim.ini │ │ └── osslEnable.ini │ ├── Simulator00 │ │ ├── OpenSim.ini │ │ └── Regions │ │ └── Regions.ini │ ├── Simulator01 │ │ ├── OpenSim.ini │ │ └── Regions │ │ └── Regions.ini
Everything desirable to backup is kept inside the “OpenSim” folder with all the cache moved. However, some data needs adding to this before the folder is backed up. The databases need dumping and adding to
Any websites need adding to
The entire “OpenSim” folder will be backed up twice. Firstly to the primary location, secondly to the secondary store, thirdly, the database dumps and settings files are stored in the third level backup. Finally, the fourth level is run independently from a different computer. The third level backup contains fewer items and will not allow for a full restore. However, the majority of regions will not require the script state. Similarly, map tiles are necessary to restore a customers region completely, however not essential to give them access to their Sim and avatar.
Accessing Backup stores.
Firstly, the host’s backup store in the example system with OVH uses FTP. This drive is mounted as a local drive on the server it is connected with. Secondly, connecting to Backblaze is done with the S3 API. Thirdly Google drive is mounted as a local drive. Finally, the local store connects to each server with SSH.
Maintaining Security – Opensimulator Grid Backup & Restore
Protection Against Server Breaches
Firstly the primary backup is a per-server backup store. Thus if there is a server breach, the primary of all other servers remains secure. Secondly, the secondary backup store uses a separate bucket for each server. Thus is has similar protection to the primary backup. Finally, the fourth level is a local store which is not accessible to any of the main grid servers.
The primary and secondary backup uses Restic, which encrypts data before sending it to the back location. Alternatively, Google’s API only works with secure connections; it stores the files with encryption. Finally, the fourth local backup connects to each server using SSH. Consequently, that data is also safe during transport to the local machine.
Operating System Specifics
The overall principles are the same using Ubuntu and Windows. However, the approach differs between them.
Windows Opensim Server Backup – coming soon