4 \chapter{Client/File daemon Configuration}
5 \label{FiledConfChapter}
6 \index[general]{Configuration!Client/File daemon }
7 \index[general]{Client/File daemon Configuration }
9 The Client (or File Daemon) Configuration is one of the simpler ones to
10 specify. Generally, other than changing the Client name so that error messages
11 are easily identified, you will not need to modify the default Client
14 For a general discussion of configuration file and resources including the
15 data types recognized by {\bf Bacula}, please see the
16 \ilink{Configuration}{ConfigureChapter} chapter of this manual. The
17 following Client Resource definitions must be defined:
21 \ilink{Client}{ClientResource} -- to define what Clients are to
24 \ilink{Director}{DirectorResource} -- to define the Director's
25 name and its access password.
27 \ilink{Messages}{MessagesChapter} -- to define where error and
28 information messages are to be sent.
31 \section{The Client Resource}
32 \label{ClientResource}
33 \index[general]{Resource!Client }
34 \index[general]{Client Resource }
36 The Client Resource (or FileDaemon) resource defines the name of the Client
37 (as used by the Director) as well as the port on which the Client listens for
42 \item [Client (or FileDaemon)]
43 \index[fd]{Client (or FileDaemon)}
44 \index[fd]{Directive!Client (or FileDaemon)}
45 Start of the Client records. There must be one and only one Client resource
46 in the configuration file, since it defines the properties of the current
49 \item [Name = \lt{}name\gt{}]
51 \index[fd]{Directive!Name}
52 The client name that must be used by the Director when connecting. Generally,
53 it is a good idea to use a name related to the machine so that error messages
54 can be easily identified if you have multiple Clients. This directive is
57 \item [Working Directory = \lt{}Directory\gt{}]
58 \index[fd]{Working Directory}
59 \index[fd]{Directive!Working Directory}
60 This directive is mandatory and specifies a directory in which the File
61 daemon may put its status files. This directory should be used only by {\bf
62 Bacula}, but may be shared by other Bacula daemons provided the daemon
63 names on the {\bf Name} definition are unique for each daemon. This directive
66 On Win32 systems, in some circumstances you may need to specify a drive
67 letter in the specified working directory path. Also, please be sure
68 that this directory is writable by the SYSTEM user otherwise restores
69 may fail (the bootstrap file that is transferred to the File daemon from
70 the Director is temporarily put in this directory before being passed
71 to the Storage daemon).
73 \item [Pid Directory = \lt{}Directory\gt{}]
74 \index[fd]{Pid Directory}
75 \index[fd]{Directive!Pid Directory}
76 This directive is mandatory and specifies a directory in which the Director
77 may put its process Id file files. The process Id file is used to shutdown
78 Bacula and to prevent multiple copies of Bacula from running simultaneously.
79 This record is required. Standard shell expansion of the {\bf Directory} is
80 done when the configuration file is read so that values such as {\bf \$HOME}
81 will be properly expanded.
83 Typically on Linux systems, you will set this to: {\bf /var/run}. If you are
84 not installing Bacula in the system directories, you can use the {\bf Working
85 Directory} as defined above.
87 \item [Heartbeat Interval = \lt{}time-interval\gt{}]
88 \index[fd]{Heartbeat Interval}
89 \index[fd]{Directive!Heartbeat Interval}
90 \index[general]{Heartbeat Interval}
91 \index[general]{Broken pipe}
93 \index[general]{Backups!slow}
94 This record defines an interval of time in seconds. For each heartbeat that the
95 File daemon receives from the Storage daemon, it will forward it to the
96 Director. In addition, if no heartbeat has been received from the
97 Storage daemon and thus forwarded the File daemon will send a heartbeat
98 signal to the Director and to the Storage daemon to keep the channels
99 active. The default interval is zero which disables the heartbeat.
100 This feature is particularly useful if you have a router such as 3Com
101 that does not follow Internet standards and times out a valid
102 connection after a short duration despite the fact that keepalive is
103 set. This usually results in a broken pipe error message.
105 If you continue getting broken pipe error messages despite using the
106 Heartbeat Interval, and you are using Windows, you should consider
107 upgrading your ethernet driver. This is a known problem with NVidia
108 NForce 3 drivers (4.4.2 17/05/2004), or try the following workaround
109 suggested by Thomas Simmons for Win32 machines:
112 Start \gt{} Control Panel \gt{} Network Connections
114 Right click the connection for the nvidia adapter and select properties.
115 Under the General tab, click "Configure...". Under the Advanced tab set
116 "Checksum Offload" to disabled and click OK to save the change.
118 Lack of communications, or communications that get interrupted can
119 also be caused by Linux firewalls where you have a rule that throttles
120 connections or traffic.
123 \item [Maximum Concurrent Jobs = \lt{}number\gt{}]
124 \index[fd]{Maximum Concurrent Jobs}
125 \index[fd]{Directive!Maximum Concurrent Jobs}
126 where \lt{}number\gt{} is the maximum number of Jobs that should run
127 concurrently. The default is set to 2, but you may set it to a larger
128 number. Each contact from the Director (e.g. status request, job start
129 request) is considered as a Job, so if you want to be able to do a {\bf
130 status} request in the console at the same time as a Job is running, you
131 will need to set this value greater than 1.
133 \item [FDAddresses = \lt{}IP-address-specification\gt{}]
134 \index[fd]{FDAddresses}
135 \index[fd]{Directive!FDAddresses}
136 Specify the ports and addresses on which the File daemon listens for
137 Director connections. Probably the simplest way to explain is to show
143 ip = { addr = 1.2.3.4; port = 1205; }
145 addr = 1.2.3.4; port = http; }
154 ip = { addr = 1.2.3.4 }
156 addr = 201:220:222::2
159 addr = bluedot.thun.net
165 where ip, ip4, ip6, addr, and port are all keywords. Note, that the address
166 can be specified as either a dotted quadruple, or IPv6 colon notation, or as
167 a symbolic name (only in the ip specification). Also, port can be specified
168 as a number or as the mnemonic value from the /etc/services file. If a port
169 is not specified, the default will be used. If an ip section is specified,
170 the resolution can be made either by IPv4 or IPv6. If ip4 is specified, then
171 only IPv4 resolutions will be permitted, and likewise with ip6.
173 \item [FDPort = \lt{}port-number\gt{}]
175 \index[fd]{Directive!FDPort}
176 This specifies the port number on which the Client listens for Director
177 connections. It must agree with the FDPort specified in the Client resource
178 of the Director's configuration file. The default is 9102.
180 \item [FDAddress = \lt{}IP-Address\gt{}]
181 \index[fd]{FDAddress}
182 \index[fd]{Directive!FDAddress}
183 This record is optional, and if it is specified, it will cause the File
184 daemon server (for Director connections) to bind to the specified {\bf
185 IP-Address}, which is either a domain name or an IP address specified as a
186 dotted quadruple. If this record is not specified, the File daemon will bind
187 to any available address (the default).
189 \item [FDSourceAddress = \lt{}IP-Address\gt{}]
190 \index[fd]{FDSourceAddress}
191 \index[fd]{Directive!FDSourceAddress}
192 This record is optional, and if it is specified, it will cause the File
193 daemon server (for Storage connections) to bind to the specified {\bf
194 IP-Address}, which is either a domain name or an IP address specified as a
195 dotted quadruple. If this record is not specified, the kernel will choose
196 the best address according to the routing table (the default).
198 \item [SDConnectTimeout = \lt{}time-interval\gt{}]
199 \index[fd]{SDConnectTimeout}
200 \index[fd]{Directive!SDConnectTimeout}
201 This record defines an interval of time that the File daemon will try to
202 connect to the Storage daemon. The default is 30 minutes. If no connection
203 is made in the specified time interval, the File daemon cancels the Job.
205 \item [Maximum Network Buffer Size = \lt{}bytes\gt{}]
206 \index[fd]{Maximum Network Buffer Size}
207 \index[fd]{Directive!Maximum Network Buffer Size}
208 where \lt{}bytes\gt{} specifies the initial network buffer size to use with
209 the File daemon. This size will be adjusted down if it is too large until it
210 is accepted by the OS. Please use care in setting this value since if it is
211 too large, it will be trimmed by 512 bytes until the OS is happy, which may
212 require a large number of system calls. The default value is 65,536 bytes.
214 Note, on certain Windows machines, there are reports that the
215 transfer rates are very slow and this seems to be related to
216 the default 65,536 size. On systems where the transfer rates
217 seem abnormally slow compared to other systems, you might try
218 setting the Maximum Network Buffer Size to 32,768 in both the
219 File daemon and in the Storage daemon.
221 \item [Maximum Bandwidth Per Job = \lt{}speed\gt{}]
222 \index[fd]{Maximum Bandwidth Per Job}
223 \index[fd]{Directive!Maximum Bandwidth Per Job}
225 The speed parameter specifies the maximum allowed bandwidth that a job may
226 use. The speed parameter should be specified in k/s, kb/s, m/s or mb/s.
228 \item [Heartbeat Interval = \lt{}time-interval\gt{}]
229 \index[console]{Heartbeat Interval}
230 \index[console]{Directive!Heartbeat}
231 This directive is optional and if specified will cause the File daemon to
232 set a keepalive interval (heartbeat) in seconds on each of the sockets
233 to communicate with the Storage daemon. It is implemented only on systems
234 (Linux, ...) that provide the {\bf setsockopt} TCP\_KEEPIDLE function.
235 The default value is zero, which means no change is made to the socket.
238 \item [PKI Encryption]
239 See the \ilink{Data Encryption}{DataEncryption} chapter of this manual.
241 \item [PKI Signatures]
242 See the \ilink{Data Encryption}{DataEncryption} chapter of this manual.
245 See the \ilink{Data Encryption}{DataEncryption} chapter of this manual.
247 \item [PKI Master Key]
248 See the \ilink{Data Encryption}{DataEncryption} chapter of this manual.
252 The following is an example of a valid Client resource definition:
256 Client { # this is me
258 WorkingDirectory = $HOME/bacula/bin/working
259 Pid Directory = $HOME/bacula/bin/working
264 \section{The Director Resource}
265 \label{DirectorResource}
266 \index[general]{Director Resource }
267 \index[general]{Resource!Director }
269 The Director resource defines the name and password of the Directors that are
270 permitted to contact this Client.
276 \index[fd]{Directive!Director}
277 Start of the Director records. There may be any number of Director resources
278 in the Client configuration file. Each one specifies a Director that is
279 allowed to connect to this Client.
281 \item [Name = \lt{}name\gt{}]
283 \index[fd]{Directive!Name}
284 The name of the Director that may contact this Client. This name must be the
285 same as the name specified on the Director resource in the Director's
286 configuration file. Note, the case (upper/lower) of the characters in
287 the name are significant (i.e. S is not the same as s). This directive
290 \item [Password = \lt{}password\gt{}]
292 \index[fd]{Directive!Password}
293 Specifies the password that must be supplied for a Director to be authorized.
294 This password must be the same as the password specified in the Client
295 resource in the Director's configuration file. This directive is required.
297 \item [Maximum Bandwidth Per Job = \lt{}speed\gt{}]
298 \index[fd]{Maximum Bandwidth Per Job}
299 \index[fd]{Directive!Maximum Bandwidth Per Job}
301 The speed parameter specifies the maximum allowed bandwidth that a job may use
302 when started from this Director. The speed parameter should be specified in
303 k/s, Kb/s, m/s or Mb/s.
305 \item [Monitor = \lt{}yes\vb{}no\gt{}]
307 \index[fd]{Directive!Monitor}
308 If Monitor is set to {\bf no} (default), this director will have full access
309 to this Client. If Monitor is set to {\bf yes}, this director will only be
310 able to fetch the current status of this Client.
312 Please note that if this director is being used by a Monitor, we highly
313 recommend to set this directive to {\bf yes} to avoid serious security
317 Thus multiple Directors may be authorized to use this Client's services. Each
318 Director will have a different name, and normally a different password as
321 The following is an example of a valid Director resource definition:
326 # List Directors who are permitted to contact the File daemon
330 Password = very_good # password HeadMan must supply
334 Password = not_as_good
340 \section{The Message Resource}
341 \label{MessagesResource3}
342 \index[general]{Message Resource}
343 \index[general]{Resource!Message }
346 \ilink{Messages Resource}{MessagesChapter} Chapter of this
347 manual for the details of the Messages Resource.
349 There must be at least one Message resource in the Client configuration file.
351 \section{Example Client Configuration File}
352 \label{SampleClientConfiguration}
353 \index[general]{Example Client Configuration File }
354 \index[general]{File!Example Client Configuration }
356 An example File Daemon configuration file might be the following:
361 # Default Bacula File Daemon Configuration file
363 # For Bacula release 1.35.2 (16 August 2004) -- gentoo 1.4.16
365 # There is not much to change here except perhaps to
366 # set the Director's name and File daemon's name
367 # to something more appropriate for your site.
370 # List Directors who are permitted to contact this File daemon
374 Password = "/LqPRkX++saVyQE7w7mmiFg/qxYc1kufww6FEyY/47jU"
377 # Restricted Director, used by tray-monitor to get the
378 # status of the file daemon
382 Password = "FYpq4yyI1y562EMS35bA0J0QC0M2L3t5cZObxT3XQxgxppTn"
386 # "Global" File daemon configuration specifications
388 FileDaemon { # this is me
390 WorkingDirectory = $HOME/bacula/bin/working
391 Pid Directory = $HOME/bacula/bin/working
393 # Send all messages except skipped files back to Director
396 director = rufus-dir = all, !skipped