On Thu, Dec 14, 2000 at 09:29:24PM -0600, Jonathan Wilson wrote:
Howdy,
Now that we've spent a good deal of time setting up our system of servers, it's occurred to us that we should be dome something more rigorous then once a week manual "cp -a /etc /backup/$DATE"
First off, we do NOT want to buy a commercial app like Arieka or BRU. We want to use Free Software, and will write it myself if we can't find something good enough.
Take a look at amanda. It's included in SuSE, or you may look at the sorce (http://www.amanda.org)
Also I'm NOT going to use tape. Hard drive space is cheap, and so are CDs. And faster, IMHO.
Amanda can do this.
That said, I've had a good look over freshmeat and found more then enough apps/scripts
So what I'm really concerned about is not the tools to do this with but the
methodology of it.
I can think of several considerations:
1. At least some level of backup needs to happen every day, i.e. at least a back up of
/etc to a local tarball.
Amanda automatically calculates dates for full and incremental backups.
2. Though we have lots of space and can get more, we can't keep archives forever.
There
From: Cliff Sarginson
3. We need to be able to get single files back out of the archive without a big to-do.
You know, like if someone edit's Apache's conf file right before they leave and we find out the next morning that it's screwed up and we want to go back a day. This is my primary reason for not wanting to use tapes, and wanting to use hard disks.
Pretty simple in amanda
4. We have local workstations/servers and remote (co-located) ones. We'll probably
swap data - both local back ups and remote backups need to be stored BOTH locally and remotely. Why? Well, if our office were to burn down, for instance, all of our local data would already be stored in town. If our ISP burns down, we'll have all of our server data stored locally.
Amanda does backups over the network.
5. we need to be able to do a very quick reinstall if, say, a hard drive totally
fails, or a cracker breaks in (in both cases it would require starting from scratch).
AFAIK, amanda is not capable of restore from scratch disk. You have to restore your basic system first, and then you can restore your data from backup.
6. We've thought about combining a "honeypot", as they are some times called, with a
back up box. (A honeypot, as I understand it, is basically a box that is not running any services at all. Once a night (or whenever) it makes a connection to remote machines to
collect log files (and I'm thinking back up files). All ports are closed and no incoming connection is ever accepted (it would be a local box with only direct keyboard control - no telnet or ssh). > > Honeypot is usually designed to lead crackers attention in wrong direction. It's kind of fake system which pretends to be a real one. Cracker gets in, leaves traces, while the real system stays untouched. > > > > > 7. It HAS to be automated. We've found that anything that waits for human intervention doesn't get done reliably. > > You just specify a schedule for amanda, basically two times, first to check that the media is in backup device, second for the actual dump. > > > > > 8. It needs to have some sort of failover/failproof -ness. Something like it emails 2 other servers whenever the job is complete. Something should run on the other servers that checks for that email every night. If they don't receive the email they can email the admins and/or page their beepers. > > Amanda sends e-mails on the results of backup. > > > > > 9. (kind of a repeat) We MUST be able to do a quick restore of a whole drive in case of emergency. I've never had to restore a whole drive before, but I've been around people that /thought/ they had a back up system going well, and after a disk failure, they found out the hard way that they didn't really have a way to restore a whole drive. That's no good. What's the best solution - some sort of drive image we can dd back onto the drive? That would take a LOT of space. The idea here is we need a total restore - we don't have time to reinstall Linux form our distro CD then manually copy the files we need out of our backups. > > I think at this level of requirement you might be needing to look at raid technologies and hot-swap disks etc. A restore of a whole disk takes some time, beyond a certain point it cannot be made faster; this will be especially true from CD's of course. If you have money to burn choose a solution based on DLT's .. no idea if Suse supports these. But we are talking *big* bucks there ..
I think you might need to do a bit more analysis here. Determine what is critical and what isn't. For example on a mail server /var is super critical, on a development machine less so (although you want to save logs etc in case of crackers). For the root file system, if you cannot have mirrors, then you might consider creating a copy of the root file system every .. well every whenever, that you can boot into if the main root system fails. You need to think that out pretty carefully though. You are right, you don;t need to buy anything ! It's all out there - waiting for you to assemble it into a coherent whole :) Cliff
Any and all advise is very much appreciated. I'd really like to hear from people who
have working backup systems.
Is there anything I forgot, or does anyone see something wrong with anything I said?
Thanks!
JW
---------------------------------------- Jonathan Wilson System Administrator
Cedar Creek Software http://www.cedarcreeksoftware.com
Central Texas IT http://www.centraltexasit.com
-Kastus
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq