Having up-to-date backups is an important part of any Ansible security posture (on Cloud VPS Hosting or otherwise). If your Ansible control machine (server or local machine) suffers a cyber attack, sometimes the best option is to restore an Ansible backup file.
There are multiple ways to manage Ansible playbook backups:
- Git or other Version Control System (VCS)
- File Archival
- Account Management Panel (AMP) Snapshots
- Ansible Tools
The best method for backing up Ansible is with git or a similar version control system (VCS), which creates a repository with a full list of changes. Below are the steps for all Git-based workflows.
- Log into your terminal
- Navigate to the your Ansible root directory
- Create a new git repo:
You can also create repos using GitLab, Github, or another preferred workflow.
- Add your newly created git repo:
git remote add [new-repo-name] [email protected]:[user]/[repo].git
- Specify the files to add to the repo backup:
git add --a
- Commit your changes with a note to on its purpose:
git commit -m "Backup XX/XX/XXXX"
- Push/save your changes:
git push [new-repo-name] master
- View all archived repos:
git remote -v
There are other ways to quickly duplicate your Ansible git repositories:
- clone command copies the entire git repository to a new directory
- bundle command adds the git repository to a single file for easy archival
- git stash
Operating systems have native commands to copy files and directories.
There are many CLI commands to create backups on Linux, MacOS, and other Unix-based systems:
- cp command copies files to another directory on the same machine
- tar command adds files to a new compressed tar file on the same machine
- zip command adds files to a new compressed zip file on the same machine
- cron command can run the above commands at scheduled intervals and logs successful cron jobs
- rsync command can copy and transfer files between machines
The Windows copy command copies files to another directory on the same machine.
AWS Command Line Interface (CLI) is an open source tool for connecting your local machine or server to your Amazon S3 cloud storage. You can schedule and restore backups among other features with AWS CLI commands.
Focus on your mission and have our Managed Hosting team configure AWS CLI on your VPS or Dedicated server with Launch Assist.
Google Cloud FUSE is an open source FUSE adapter that connects your Dedicated server to a Google Cloud Bucket.
An AMP Snapshot is a copy of all data on the server. It doesn’t affect server disk space. It’s an important last resort for hack recovery, especially if other backups are compromised or out of date. Server snapshots can easily be configured for automated Ansible playbook backups.
The differences between snapshots and other backup methods:
- You cannot extract individual files from a snapshot
- You cannot export snapshots from AMP
Ansible backup modules can be run separately or within playbooks such as copy and product-specific modules for Cisco ACI, Avi Networks, VMware, and more.
Ansible Galaxy includes community-sourced collections and roles if you wish to use Ansible for backups. This is essential if you’re also using Ansible for security improvements.
The Ansible Tower web console natively includes backup options.
Follow our Ansible Education Channel for more on IT automation.