Is our planned backup strategy adequate for my new server insfrastructure?

We remain in the procedure of establishing a new web server for moving the old ones.¢ Basically we'll have a Windows Server (2003 or 2008) running 6+digital box web servers (Windows and also Linux growth, applications, data sources and also a number of screening workstations) on RAID 5.

Additionally we require to systematize information (documents and also SVN databases), so a documents web server will certainly be required. As we do not have any kind of admin experience and also never ever done backup in the past, do you have any kind of experience virtualizing documents web servers? It is best to run them on a physical box? Any kind of suggestions on running this will certainly rate.

Concerning our backup approach, the one laid out in the meantime is: ¢ Note: tape backup in the meantime is not an alternative for us, as a result of cash restraints.

  • Do a complete backup once a week to a different backup web server on RAID 5 (see Should a backup server use RAID?) and also to exterior drive (type of pauper is disk drive)
  • Differential day-to-day back-ups
  • Planning to do a month-to-month backup to on-line solutions

Do you assume this strategy is practical? Im sure there are a great deal of facet to lug concerning that we are undoubtedly missing out on.

Last but not least, one assume that fears us is just how to backup virtualbox equipments. One straightforward means is to straightforward backup everithing (as advised in among the inquiries, i can not locate wich ). ¢ What is your suggestions concerning the information had because vboxes? Should be supported additionally ("just in instance "), or it is secure to backup the digital photos straight?

If it acts as added details, we are intending to make use of BackupExec.

Many thanks for thaking the moment to read this.

- - - - - 2009/08/04 UPDATE - - - - -

Due to wellness factors i couln't go on with this inquiry. Many thanks to those that addressed my inquiry, it was a large aid.

Below is the backup strategy we've laid out currently we've obtained extra history: As we are a tiny firm (from southern america), in the meantime we can not manage a disk drive.

I currently bacukp isn't bacukp if it is not offsite & offline, yet we are attempting to get the far better approach for out cash restraint:

Data loss window: 1 day/8hrs. Recuperation Time: 1 day/8hrs. Things to backup: all (information & web server installments)

  • Daily: do a diff backup day-to-day to a physical backup web server, perhaps with BackupExec. A person recommended to make use of among those exterior storage centers with sata assistance. An additional recommended posting it to a storage solution while we can get a tape. We do not have the alternative for taking after that offsite now (so information loss window 'phony')
  • Weekly: obtain a complete backup with an exterior 1TB drive
  • Monthly/Yearly: like once a week. We have the trouble of where to store those back-ups

We intend to maintain it straightforward, yet i assume we are obtaining it intricate with all those day-to-day approaches for getting over the leakage of offsite backup.

2022-06-07 15:17:39
Source Share
Answers: 7

Answers for Nick - Keep in mind this methodology is for low-cost small business use, purchasing name brand pre-built systems for workstations. It's a scenario to make use of the extra wasted resources available. We use all available resources. When users leave for the day their workstations are rebooted into the cluster for automated build and testing. The backup method I put forth is a way to utilize the extra space in each workstation using multiple machines for redundant copies.

...Joe, what do you mean with live system? The production servers?

Yes. Raid is for reduced time loss. Therefore it should be used on a 24/7 running system. It has much less value for a backup system that only needs to be running during the backup data transfer or workstations that only "need" to be on during the day.

...So in the option you describe the plan is: journaling in each workstation the public data (encrypted).

Yes. It could be public shared or cross-workstation. Journal/snapshot the changes hourly on the raid system between backup transfers to another medium which is usually twice a day, noon and nightly. (Keep as much journaled backup as possible on the production system up to 80% of disk space. After this performance may take a hit.) This way users can easily recover overwritten or deleted files without talking to a sysadmin by going to their /username/date/time folder on the raid production system and use standard diff tools, have access to all available snapshots of the day, etc..

Encryption is in case a workstation is stolen and/or to protect against "prying eyes". We have good developers so you trust them to not try and decrypt. They can do damage to the business in many other ways, trust is required.

...Those snapshots goes to the system with 5 external disks daily or take the daily off-site in one of the 5 disks?

Traveling data is always on tape. Tape survives shock. Disk is faster for seeking, that's why we prefer disks as the "journal" backup. Tapes are full or incremental backups usually with no journals/snapshots. Most data recovery will be done during the day - for our user base. "I need the file the way it was before lunch." "I just deleted the wrong file." The granularity of restores from previous days are usually sufficient with one version per day. If more journaling is needed the backup is adjusted or a revision control system is implemented and the revision tree is backed up.

The five disks is an arbitrary number to show the relative cost against a tape only system. Five separate disks with copies of the same data have much higher redundancy than any small business raid system. If the workstations have adequate space, one dedicated backup disk may be sufficient. (Given that multiple copies are on workstations and tape)

At a set point in time data is transfered off the production servers journaled backup partition and moved to a backup system with external drive(s) connected making 2-5 copies, one on internal disk, one on external disk and to tape. The workstations are backed-up to the backup systems then receive a copy of the shared production system's backup before shutting down each workstation. At no time are there less than three physical copies of back-ed up data. The 3 copies, 5 copies, etc. is a redundancy question that needs to be modeled for each business and each type of data. You might want 5 copies of invoices, 7 copies of contracts, only 2 copies of a standard graphic and a single copy of the current test build executables, etc..

...Also, the snapshots in each workstation are equal? or they all sum up the complete public data?

Either. Depends on available space and needs. Our purchased systems always come with disks much larger than needed for the average user (developers may make use of extra space but the receptionist has no need for a 500gb+ disk)

...What do you think of those external storage hub like…?

Don't know. We prefer machines that can be put to another use, backup server today, someone's workstation tomorrow, offload copies of virtuals during a major upgrade for quick failover, etc.. That's one of the reasons for the external disk - to keep all workstations as similar as possible. Therefore the "backup server" will have the same 500gb+ disk that every workstation has. It's the same physical machine, purchased in sets, so over time there will be differences in CPU, memory and disk based on the deal du jour. Machines are allocated based on performance needs and swapping a new machine to increase memory takes less overall sysadmin time than installing a memory chip in a perfectly running machine. If we keep CPU and video (AMD64, Nvidia) relatively consistent machine swaps are painless.

The production server uses two raid cards one running 10k rpm scsi and another running 7200rpm scsi drives for maximum performance. A $60 SATA terabyte drive used for backup holds as much as thousands of dollars worth of scsi drives, raid controllers, hot swap rack case, etc.. Development servers are usually adequate with SATA raid, more space but less performance. Since there are less simultaneous users the performance difference is usually negligible.

In simple terms -

  1. Production system - active shared data and OS on raid "primary data partition"
  2. Production system - hourly journaled snapshots since the last backup on raid "backup data partition"
  3. Workstation system - active data and OS on non-raid "primary data partition"
  4. Workstation system - backup data on non-raid "backup data partition"

Average workstations purchased with 500gb+ drives and use ~40gb max for multi boot windows/linux/bsd/opensolaris partitions. The rest is the backup partition which contains backup copies of each others workstation OS's, production server's OS backup, production servers journaled data backups and/or productions servers incremental data backups.

If any two machines dies in the building recovery takes minutes. There are at least three physical copies on site of each OS and usually we have enough unused workstation + external drive space to keep a week or two of incremental backups from the production server and at least two copies of the last full backup.

We can lose the raid system, the tape and two workstations and not lose any data and be up and running within minutes. (albeit without the raid until it's repaired) But the data is accessible "instantly". This has saved hours of time during a failure which always seems to happen at the worst possible business time. Power supplies will invariably fail right before an important sales meeting/demo. Raid systems always seem to fail in the morning never on a Friday evening so you can fix them and be back up by Monday morning.

The docs describing the backup process are company property. I'll try and re-write for public viewing with diagrams and use cases. I've used this general methodology for many years now and it has saved time and data when the standard tape only systems fail. I've seen failures on IBM, Compaq, HP and Dell systems using DLT, LTO, etc. A common failure is no errors during the backup but when you try to restore the data is corrupted. Always test restore. That's one of the reasons why we use an online journal backup which can easily be tested daily. Since the users get used to it we never have gone more than a week without someone using the journaled backups and almost never use the tapes. The tapes are in case the building burns down.

2022-06-09 15:46:44
  • Raid is for the real-time system and also may/should have neighborhood back-ups and/or journaled photos
  • Tape is shock - evidence for traveling, off - website backup. Yet tape does not take care of high cycle prices (ordinary 250 overwrites)
  • Disk is less costly and also much faster than tape and also has a lot greater overwrite capacity

If you do not have the experience I would certainly not advise raid independently for a backup system. Redundancy is more vital. A raid system constructed from 5 drives has on the whole a much greater failing price than 5 different drives. If the backup system falls short, every little thing is down till a new system is constructed and also examined. If the raid controller falls short, every little thing is gone. If even more drives than parity fall short, every little thing is gone. You are usually secured right into the very same controller needing you to acquire an extra controller or it will certainly set you back time searching for and also changing it with the very same controller if required. You are rather secured to a disk dimension and also version. If a drive falls short making use of different disks you can acquire a more recent, bigger drive for the very same cash.

An additional alternative is to acquire 5 - 1 terabyte exterior sata drives $90 each - Total price $450

No equipment required, no raid card, no raid config, each drive can be a various make, version and also dimension.

Revolve drives, make use of tape to store off - website at your firm financial institution secure down payment box. You might have a bigger quantity of possible information loss window, yet this can be minimized by supporting to 2 or even more or disk and also tape at each backup timetable and/or including snapshots/journaling on the real-time system.

If you can partition the information right into public and also personal you can make use of added room in workstations for the general public backup swimming pool. Place a terabyte in each workstation and also assign 500mb from each to the backup swimming pool. Utilize this location for public information backup duplicates or encrypted exclusive backup information.

This is the most convenient and also fastest arrangement to recoup from. Bacula functions wonderful with this design of backup. The most effective arrangements I've seen and also made use of are real-time raid systems with neighborhood back-ups made use of for journaled differential back-ups per hour, after that contacted exterior disks - secured on neighborhood workstations extra room for redundancy and also taped daily for off - website storage space.

Raid makes good sense for the energetic system. Update your raid 5 to a raid 60 or whatever fits ideal with your information and also load. After that make use of added room on the real-time system to store photo back-ups. Neighborhood disk backup is the fastest feasible and also suggests the least time the system is secured for the backup purchase. Supporting these photos to externals or tape can after that be done throughout lunch and also reduced use factors throughout the day.

Create a backup strategy with various regularities for each and every information type, directory site, documents, etc as required. Backup in your area as usually as feasible, ideally every documents write. (journaling) Get the neighborhood back-ups off the system asap. (daily at the very least) Make as several duplicates as you can/need of the backup information. (5 is generally greater than ample)

2022-06-08 03:17:59

My typical backup suggestions:

The entire factor of supporting is to be able to recover. Unless you are totally certain that you can get your things back, your back-ups are pointless . Every little thing you implement in your backup remedy need to be originating from the viewpoint of "how do I recover from this?"

Tape isn't that pricey, and also it has the benefit that it is even more sturdy than disk. Much less moving components, no real-time electric existing experiencing it on a constant basis, all excellent things. If it conserves your butt as soon as after that it is currently spent for itself in my publication.

Along with "how much information can you manage to lose" you additionally require to take into consideration "how long can you manage to be down for when it comes to a DR scenario?" A 3 day recover time is 3 days of shed organization. You need to be counting your recover times in hrs and also on the fingers of one hand.

You can really promptly get involved in foolish cash if you permit on your own to get also paranoid concerning this nonetheless, so you need to be aiming to separate your web servers right into 2 or 3 whole lots. Those you definitely require to come back NOW in order to proceed your core organization features, and also those you can postpone till after the core ones are back. Place the hefty financial investment right into the first whole lot, make certain that you have actually totally recorded recover treatments (for the OS, for applications and also for information) that a blind leprous ape with one hand linked behind it is back can adhere to. Publish and also bind a duplicate and also maintain it in a fire resistant secure - you are screwed if all you have is a digital duplicate which obtains shed or damaged. Yet do not assume that this suggests you can get lax with the 2nd whole lot, simply that you can postpone obtaining them back or take a little bit longer doing so (eg. by placing them on slower media).

Details instances: your core fileserver enters into the first whole lot, without a doubt. Your human resources web server enters into the 2nd whole lot. It is necessary to the human resources individuals, yet will your core organization features be alright for a coupla days without a human resources system? Yea, I believe they will.

Maintain your backup remedy straightforward and also monotonous. Much frequently I have actually seen individuals implement expensive or intricate backup remedies that simply wind up being also intricate, fiddly and also unstable. Back-ups are burning out due to the fact that back-ups need to be monotonous. The less complex they are, the less complicated it will certainly be to recover. You desire a "me Og, Og click switch, Og get information back" strategy. Maintain a day-to-day guidebook component therein. This aids to develop a drill, which can stay clear of scenarios where a person neglects to transform a tape or revolve a HD in the swimming pool. You can discharge the individual liable after that if this takes place, yet presume what? You are still in a placement where you've shed a month of information.

2022-06-08 03:17:37

I would certainly recommend running the fileserver on a physical box, given that it is most likely to be fairly I/O heavy. It would certainly additionally behave to be able to hotswap a dead drive, without powering down all VM's. This relies on your details arrangement though.

Your backup timetable appears practical, yet relies on just how much you can manage to shed. It resembles a lot of your back-ups (other than the month-to-month one) get on - website, which suggests you'll shed at the majority of a month if the structure refute, or is burglarized.

If you take the exterior drive residence, you'll need to maintain it home, till right prior to the backup schedules, or else it is not actually an off - website backup, is it? If you are disciplined concerning it, you'll shed at the majority of a week. Much better would certainly be to revolve a trine exterior harddisks, so you'll constantly have the earliest one on - website, and also the latest one off - website.

Do not neglect to examine and also record your back-ups occasionally ; You require the satisfaction that each of your backup systems can recover appropriately. You'll require documents so among your coworkers can recover information. You'll additionally require documents on just how to restore a whole server. If one falls short, you'll have way too much on your mind to bear in mind every information.

Off - subject: As it takes place, I'm checking into a comparable framework for our tiny firm. Comparable experience degrees, although we do have back-ups in position currently. I'll share our existing layout with you, to offer you a different viewpoint, not to evaluate your own: ¢ We are intending 3 web servers: 2 virtualization hosts, and also one storageserver. The storageserver will certainly more than likely run Openfiler. It will certainly be attached over (possibly twin) gigabit - ethernet to 2 hosts, both with excellent CPU is and also a lot of memory, yet hardly any kind of storage space (possibly simply tiny SSD's). Those hosts will certainly run Citrix Xenserver (or possibly VMWare ESXi) on the bare-metal, due to the fact that it is far more reliable than running the virtualization software program inside an additional os that is primarily refraining much (as an example see the distinctions in efficiency in between VMWare Server and also VMWare ESXi). Xenserver appears most intriguing given that it gives venture attributes absolutely free, while ESXi can get pricey if you desire greater than the essentials. The Xenserver hosts will certainly not have storage space themselves, yet will certainly make use of block - degree storage space using iSCSI from the Openfiler server as virtual harddisks. Openfiler can do photos, RAID and more. Xenserver can do Live movements of digital equipments from one server to the various other, so we can do upkeep on one server without closing down any kind of visitor VM's. Get a gigabit button that sustains VLAN's, so you can divide the storage space website traffic from the VM website traffic. A couple of UPS is to permit regulated closure in instance of power failing and also you are done. Mostly all of the price is for the equipment, given that the software program is (extremely) free.

Sorry that this solution ended up a little bit lengthy, yet I wished an additional viewpoint would certainly be beneficial to you.

2022-06-07 15:52:23


I would highly advise you have a look at guide "Backup & Recovery" from O'Reilly.

It will certainly clarify to you terms such as "single factor of failure" along with basic approach for supporting your essential systems.

This is an excellent publication for any person is shelf.

2022-06-07 15:52:08

The key inquiry is just how much information are you prepaired to shed? One months? Eventually? 6 hrs? 5 minutes?

It obtains extra pricey as the information loss window obtains smaller sized.

2022-06-07 15:48:10

bI'll make the comment that I constantly make concerning "backup":

Backup is off - website and also offline. If it is not off - website and also offline it is not backup.

  • Off - website is necessary if the structure refute. On - website yet offline (assume an unplugged exterior disk drive in a cabinet) after that it is gone when the structure refute (see Cleaning soot out of a server ).

  • Offline is necessary if a person strikes you and also tries to corrupt your information. If it is off - website yet online after that it is at risk to strike and also "corruption". Offline methods "air void in between the backup and also the network".

The Tao of Backup is a little a tacky sales pitch, yet every little thing in the website is message holds true and also vital. I would certainly suggest reviewing it.

I would certainly run a documents web server on a physical box. Submit offering is IO, and also virtualization is a fine for IO. Virtualization is wonderful for applications that "demand" a different os instance yet do not require the horse power of a whole physical box. For applications that are entirely IO based virtualization earns less feeling.

You need to read my Server Fault Backup Roundup spread sheet contrasting numerous backup remedies. LTO - 4 and also tapes for a 5 week turning aren't that pricey. It is also much less if you select a lower - end tape modern technology like LTO - 3, LTO - 2, or VXA.

If you desire also much better referrals concerning backup, inform us points like:

  • How much information complete will certainly be supported
  • How much information adjustments on a day - to - day basis
  • How lengthy is the window for backup
  • How several back-ups do you intend to preserve
  • How several back-ups per amount of time will certainly you maintain completely
  • How usually will certainly you revolve backup medias off - website
  • How several medias / weeks do you intend to revolve

You kinda claim several of these points in your inquiry currently, yet I ask yourself if you've actually analyzed, as an example, what it would certainly do to your organization if you are doing monthly off - website duplicates and also you have a calamity 2 days prior to the next month-to-month off - website duplicate. I would certainly recommend you re - analyze your needs after talking with the procedures individuals in your organization and also inquiring the amount of bucks it would certainly set you back the firm to shed numerous quantities of information (in regards to hrs / days / weeks of information).

(You can get even more of the information concerning presumptions made in my "Server Fault Backup Roundup" record at: Recommended Backup Media for Circa 2009?)

2022-06-07 15:46:44