gavin at openfusion.com.au
Thu Jan 7 14:20:27 UTC 2010
On Thu, Jan 07, 2010 at 03:08:45PM +0200, Kostas Chatzikokolakis wrote:
> Gavin Carr wrote:
> > Brackup::Target::Amazon is weird. It doesn't store any of the config items
> > in the brackup metafile header like the other targets do - I'm not sure if
> > this is by design or just an oversight? I'd have thought it makes sense to
> > store all of aws_access_key_id, aws_prefix, aws_location, and backup_prefix
> > in the metafile i.e. everything except the aws_secret_access_key. Are there
> > security reasons to omit any of these other things from the metafile? Any
> > thoughts?
> Sounds very reasonable to me to have as much non-sensitive information
> as possible. Everything apart from the secret key sounds non-sensitive
> to me.
Yeah, and doc/design-decisions.txt seems to agree. So be it.
> brackup-restore should read those, so that even if you don't have the
> config file, you'd need to enter only the secret key.
> > It also doesn't reference aws_location or brackup_prefix in
> > new_from_backup_header, so I can't see how it's possible to do do a restore
> > if you've set either of those. Anyone done an Amazon restore with EU buckets,
> > or an explicit brackup_prefix?
> I use backup_prefix and restore works fine. From what I understand,
> backup_prefix is used only in the filename of the .brackup file stored
> on the target. brackup-restore receives the .brackup file locally, so it
> shouldn't need it.
Ah, that makes sense, thanks. Looks like location is similar, in that it's
set at bucket creation time, not later. So it's only required for your first
backup (per-prefix), and not required for restore.
More information about the brackup