nixos/servnerr-3: zrepl snapshot/replication from primary to secondary only for now

Signed-off-by: Matt Layher <mdlayher@gmail.com>
2024-12-14 11:47:32 +00:00 · 2022-02-14 16:58:00 -05:00 · 2022-02-14 16:58:00 -05:00 · 6d02ed0e0e
commit 6d02ed0e0e
parent 9d2c43eb6c
1 changed files with 71 additions and 66 deletions
--- a/nixos/servnerr-3/storage.nix
+++ b/nixos/servnerr-3/storage.nix
@ -3,87 +3,91 @@
 let
  secrets = import ./lib/secrets.nix;

-  # Make a local zrepl push job from primary to the target zpool.
-  pushLocal = (zpool: {
-    name = pushName zpool;
-    type = "push";
+  # Create a local zrepl push job from source to the target zpool.
+  pushLocal = (source:
+    (target: {
+      name = pushName source target;
+      type = "push";

-    # Replicate all of primary locally.
-    filesystems."primary<" = true;
-    connect = {
-      type = "local";
-      listener_name = sinkName zpool;
-      client_identity = "local";
-    };
+      # Replicate all of the source zpool locally.
+      filesystems."${source}<" = true;
+      connect = {
+        type = "local";
+        listener_name = sinkName target;
+        # Assumes only a single client will ever push locally to sink.
+        client_identity = "local";
+      };

-    # Snapshot every 15 minutes.
-    snapshotting = {
-      type = "periodic";
-      prefix = "zrepl_";
-      interval = "15m";
-    };
+      # Snapshot every 15 minutes.
+      snapshotting = {
+        type = "periodic";
+        prefix = "zrepl_";
+        interval = "15m";
+      };

-    pruning = {
-      keep_sender = [
-        # Keep snapshots that are not already replicated.
-        {
-          type = "not_replicated";
-        }
-        # Keep manual snapshots.
-        {
-          type = "regex";
-          regex = "^manual_.*";
-        }
-        # Keep time-based bucketed snapshots.
-        keepGrid
-      ];
-      # Keep the same automatic snapshots as source.
-      keep_receiver = [ keepGrid ];
-    };
-  });
+      pruning = {
+        keep_sender = [
+          # Keep snapshots that are not already replicated.
+          {
+            type = "not_replicated";
+          }
+          # Keep manual snapshots.
+          {
+            type = "regex";
+            regex = "^manual_.*";
+          }
+          # Keep time-based bucketed snapshots.
+          keepGrid
+        ];
+        # Keep the same automatic snapshots as source.
+        keep_receiver = [ keepGrid ];
+      };
+    }));

  # Make a local zrepl sink job to the target zpool.
  sinkLocal = (zpool: {
    name = sinkName zpool;
    type = "sink";
    root_fs = "${zpool}";
-    recv.properties = {
-      # Inherit any encryption properties.
-      "inherit" = [ "encryption" "keyformat" "keylocation" ];

-      override = {
-        # Always enable compression.
-        compression = "on";
+    recv = {
+      # Necessary for encrypted destination with unencrypted source.
+      placeholder.encryption = "inherit";

-        # Do not mount sink pools.
-        mountpoint = "none";
+      properties = {
+        # Inherit any encryption properties.
+        "inherit" = [ "encryption" "keyformat" "keylocation" ];

-        # Do not auto-snapshot sink pools.
-        "com.sun:auto-snapshot" = false;
-        "com.sun:auto-snapshot:frequent" = false;
-        "com.sun:auto-snapshot:hourly" = false;
-        "com.sun:auto-snapshot:daily" = false;
-        "com.sun:auto-snapshot:weekly" = false;
-        "com.sun:auto-snapshot:monthly" = false;
+        override = {
+          # Always enable compression.
+          compression = "on";
+
+          # Do not mount sink pools.
+          mountpoint = "none";
+
+          # Do not auto-snapshot sink pools.
+          "com.sun:auto-snapshot" = false;
+          "com.sun:auto-snapshot:frequent" = false;
+          "com.sun:auto-snapshot:hourly" = false;
+          "com.sun:auto-snapshot:daily" = false;
+          "com.sun:auto-snapshot:weekly" = false;
+          "com.sun:auto-snapshot:monthly" = false;
+        };
      };
    };
+
    serve = {
      type = "local";
      listener_name = "sink_${zpool}";
    };
  });

-  # Make a local zrepl encrypted sink job to the target zpool.
+  # Generate the zrepl push job name for a source and target zpool.
  #
-  # TODO(mdlayher): unconditionally set this in sinkLocal anyway?
-  sinkLocalEncrypted = (zpool:
-    lib.mkMerge [
-      (sinkLocal zpool)
-      { recv.placeholder.encryption = "inherit"; }
-    ]);
-
-  # Generate the zrepl push job name for a target zpool.
-  pushName = (zpool: "primary_to_${zpool}");
+  # TODO(mdlayher): it would be nice to prefix this with push_ but job renames
+  # are not possible without major upheaval. See:
+  # https://github.com/zrepl/zrepl/issues/327.
+  pushName = (source: (target: "${source}_to_${target}"));

  # Generate the zrepl sink job name for a target zpool.
  sinkName = (zpool: "sink_${zpool}");
@ -207,15 +211,16 @@ in {
          listen = ":9811";
        }];
        jobs = [
-          # Replicate from primary pool to sinks.
-          (pushLocal "secondary")
-          (pushLocal "backup0")
-          (pushLocal "backup1")
+          # Replicate from primary to secondary.
+          #
+          # TODO(mdlayher): fan-out replication from secondary to backup{0,1},
+          # and make smart logic like a udev listener to signal replication when
+          # the drives are plugged in and spun up.
+          # https://zrepl.github.io/quickstart/fan_out_replication.html
+          (pushLocal "primary" "secondary")

          # Local sink jobs for backups.
          (sinkLocal "secondary")
-          (sinkLocalEncrypted "backup0")
-          (sinkLocalEncrypted "backup1")
        ];
      };
    };