The purpose of this thread is to discuss backups. Backups are obviously very essential to hosts and clients alike. When they are made, everybody is happy.

So, share your backup methods. How do you do it?

I was thinking this. Sign up for an unidentified hosting account, kind of like an unaffiliated hosting account that offers many gigabytes of storage. Have all backups made and sent to that server so they are never actually stored on your own server (for space-saving purposes). Then, download all backups to an external hard drive. Maybe have one external HDD per server?

That's how I would like to start doing it. With 2 people, you could do that very efficiently. Right now, I am simply storing backups on the server but I learned fast it's not a very good way to go about it.

I currently backup client's accounts once per week. I am going to offer a new service, maybe for $10.00 a month (give or take) where we would backup client's hosting accounts daily.

So, elaborate on all of this, and I would love to hear some input from other users.

-Sam

EDIT: Can someone also fully explain the cPanel backup options to me?

I would not recommend setting up an account on a host offering a ridiculous amount of storage space. Yes, that backup method would work via ftp, but what about security? You need to make sure that the backups are only accessible by you, and that they are encrypted as well.

You can backup to a secondary drive on the same machine. Then do a offsite backup to a different server through SSH keys and scp.

Shame on me for asking, but what is SCP? And my only secondary drives are RAID-1.

You make SO MANY threads.

SCP is secure remote file copy. Its a transfer protocol.

We do our backups with Rsync.

We do our backups with Rsync.

I use rsync as well as cpbackup, but prefer the rsync backups. I'm wondering this... if a server crashed completely, could you restore files with the correct permissions from an rsync backup? Wouldn't the UID/GID be all screwed up?

That's why I use cpbackup as well. :-)

if a server crashed completely, could you restore files with the correct permissions from an rsync backup?

Yes provided u use rsync correctly. you can get it to copy permissions with the files.

Yes provided u use rsync correctly. you can get it to copy permissions with the files.

My admin told me the same thing but I wanted a second opinion. :-)

You make SO MANY threads.

I guess I'll take that as a compliment, I like to learn. At least I'm not one of those guys you see spamming in every topic at every chance they get :P Many of my posts come from my own topics.

I guess I'll take that as a compliment, I like to learn. At least I'm not one of those guys you see spamming in every topic at every chance they get :P Many of my posts come from my own topics.


Kudos on starting a good topic!

Why thank you :)

cpanel, et al, to a 2nd drive is a must as it's 'free' and a fast way to do restores, but the nightlies are overwriten, ahem, nightly. (if you are a 1U server and both drives are RAID 1- first be sure it's a hardware raid card, or it's not worth it, 2- if you have enough space, make a new folder for local backups to disk. this obviously won't deal with array failure, but will help with cpanel overwritig - see below)

cPanel - so if your client borks their data tuesday night, then tells you wednesday morning (and cpanel backed up over night) the best you can do is the weekly, since you just backed up their poopoo data and have only that to restore- so your weekly restore could be 1-6 days old, roll the dice.

so, setting/managing expectations is a must. if they're fine with that, fine.

what i say: you 'probably' have a spare box at home. get dyndns going so your poopoo DSL's dynamic IP is set up as reachable using a FQDN, whether a windows box, or a *nix box in your basement - get SSHD running on it and as stated above, use SCP or rsync piped via SSH. (plenty of cookbook howto's for this)

i have FIOS, so it's wicked fast (30mb down) but even a 1.5-3.0 mb dsl or cable is great in 'this direction' and with your differentials after the first seeding, it's very fast, and the retentions you keep is up to you.

to keep it simple, i back up to a raid-1 array in my home server, then use a LOCAL app to run nightly backups from this raid 1 array to a 2nd raid 5 array - this does my versioning. (this smaller raid 5 appliance is hidden so if we get robbed, hopefully they only find the larger sexier raid 1+0 box, not this small hidden appliance, heres to hoping)

connectivity security: to be further secure, beyond having a home firewall that allows for an ACL that limits which IPs can connect to me via SSH (ie: only my dedicated box can) - to avoid man in the middles, and a compromised web box nuking my backups at home, (after i got the initial seeding done) i have my firewall at home open up this NAT port (SSH) for only a specific time window 20 minutes- during which the web server sends data down to me. and the account on the first box, does not have delete rights to the 2nd box (this 2nd box 'reads' the data on the first and pulls it over) so even if my webserver is nuked, and my ssh target at home is compromised, my 3 raid 5 appliance has the versioned backups.

if you just want it done for you, call Amerivault and they'll do you up (disclaimer: i use them during my day gig, and also for my critical data at home) but it's nice to have it done for you, offsite and encrypted.

you'll need to have it set up before you need it. and do a few test restores with test domains and test data on a spare sunday afternoon, get your processees down now, so when it's for real, you're just going through the motions.

a healthy dose of paranoia is a good thing for a successful sysadmin :)

I've never been comfortable with rsync backups being automated because don't you have to have a passphrase that's empty to do this?

passphrase?

dunno, i use RSA keys for SSH so it's doing the auth:

# ssh-keygen -t rsa -N ''

then copy key to remote server:

# scp ~/.ssh/id_rsa.pub user@server:keys/servername

then tell crontab to run it:

backup my web servers whole home directory at 3am every day...
* 3 * * 0 rsync -avz -e ssh /home ~root user@server:target-foldername1
* 3 * * 1 rsync -avz -e ssh /home ~root user@server:target-foldername2
* 3 * * 2 rsync -avz -e ssh /home ~root user@server:target-foldername3
* 3 * * 3 rsync -avz -e ssh /home ~root user@server:target-foldername4
* 3 * * 4 rsync -avz -e ssh /home ~root user@server:target-foldername5
* 3 * * 5 rsync -avz -e ssh /home ~root user@server:target-foldername6
* 3 * * 6 rsync -avz -e ssh /home ~root user@server:target-foldername7

enough howto, that's what manpages are for! ;)

www.bqbackup.com