Advice on external backup of a Linux server.

Bill Gradwohl bill at ycc.com
Thu Feb 10 02:56:00 UTC 2005 

Arthur Pemberton wrote:

> However I'm planning this for a smal business. As I'm sure you're 
> aware normal employees (ie. non geek, or computer centric) shouldnt' 
> really be trusted with anything computer, so if possible, I woudl 
> prefer not to rely on them to switch on the USB HDD to allow it to 
> backup.

In a business situation, you have to answer the question: "Am I going to 
take a true disaster into consideration or not?"

Since 1982, we've seen only 1 real disaster. A twister that rolled thru 
downtown Ft. Worth and did lots of damage. One of the larger building 
was so heavily damaged that it was condemned by the city. A client of 
ours in that building had their office space so completely trashed, we 
couldn't identify where we were when we hit their floor. The interior 
walls were gone, exterior windows blown out, etc. We found a users area 
where the monitor was sucked out the window, severing the cable to the 
computer. The computer however worked just fine when we retrieved it 
from under the desk and gave it a new monitor.

Their server room was drenched in water with soaked ceiling tiles and 
insulation all over the equipment.. We physically moved the gear to a 
new site a few miles away, opened up and dried off everything, plugged 
things in and they were up. Not one computer was lost.

Now, when someone says that you HAVE to consider disaster recovery, I'm 
no longer in complete agreement. Its up to you. If you want off site 
backup fine. If not, that's fine too.

We don't think software RAID is a good idea. We prefer real hardware 
RAID. RAIDing a server does not provide disaster recovery protection. If 
the box burns, gets flooded, stolen, etc, its ALL gone. RAID isn't even 
good for "oops" recovery. When someone creates an "oops" mini disaster 
by erasing the payroll master file, its still gone even with a RAID array.

In our experience, "oops" mini disasters occur all the time. They are 
the ones you need to protect against. Having a spinning "snapshot" 
backup on disk is the way to go. We set them up to snapshot the servers 
main drive or drive array(s) every hour during working hours, and once 
over night. Should someone destroy a file, the admin can reach into the 
latest snapshot and retrieve it, or the generation from an hour ago, or 
the one from 3 hours ago, or the one for 3PM last Thursday, etc. That's 
the flexibility a business needs. If the latest upgrade to the 
accounting system software turns out to be problematic, we can roll it 
back by grabbing a generation of the environment from before the 
upgrade. These are the common problems that backup can handle well and 
occur routinely in any business environment.

Most small business users can't properly handle restores from tape, or 
even consistently feed the machine a new tape daily. Therefore, we gave 
up on tape a few years ago. Any "admin" can use their Windows Explorer 
to hit the snapshot area and retrieve a file with a few mouse clicks. 
Note that only the admin and the business owners are given access rights 
to the snapshot area. Internal drives are perfect for this, and require 
no manual intervention. If a site has more than one server, we'll 
consider backing up server1 to the backup drives of server2 and vice 
versa as added protection. In a pinch, server2 can mount those drives 
for the end users to access almost immediately should server1 go up in 
smoke, for example.

If you want disaster recovery backup on top of this, then you need to be 
able to take something off site. Realistically, thats a stack of drives 
for a raid array, or a USB drive. That client I mentioned previously 
with the 2TB data area takes 6 400Gig drives in a RAID 5 out of their 
backplane chassis and replaces them with a new set of drives to start 
the snapshot process all over again. They keep one set of drives off 
site. They swap the drives on an as needed basis, using a 400Gig USB 
drive to backup the backup and take that off site nightly.

The added benefit of this is that they can ship these drives to their 
sister locations in a true disaster situation, or just to move a huge 
amount of data between offices (Civil Engineers with tons of CAD 
drawings). The other benefit is that the data is immediately usable. No 
waiting for eons as a tape tries to find the file needed. Instant access.

So, when you say you want backup, think thru what you're trying to 
protect against, and then get that set up.

-- 
Bill Gradwohl
bill at ycc.com
http://www.ycc.com
spamSTOMPER Protected email

More information about the fedora-list mailing list