running reliable services
Pierre Abbat
phma at leaf.dragonflybsd.org
Sat Apr 5 21:04:48 PDT 2014
On Saturday, April 05, 2014 17:24:33 Matthew Dillon wrote:
> My recommendation for a backup scheme is to have a dedicated on-site backup
> box and an off-site backup box. Use a daily cpdup or rdist from the
> various machines to the local on-site backup box, and then mirror-stream
> from the on-site backup box to the off-site backup box. Keep as many days
> worth of snapshots as possible on the on-site and off-site boxes.
>
> For security reasons the rdist or cpdup operations should be initiated from
> the on-site backup box to access the various machines. That is, the
> various servers should not have root access via ssh to the on-site backup
> box. The onsite backup box needs to be the most secure box.
Why cpdup or rdist, rather than rsync?
Wouldn't it make more sense to mirror-stream from the web/mail/whatever server
to the on-site backup (initiated by the on-site backup) so that it will always
be up to date, and rsyncing the on-site to the off-site backup?
> Another way of doing it which reduces exposure to the on-site backup box is
> for the on-site backup box to NFS-mount all the servers and use something
> like cpdup locally for daily backups.
>
> I generally wouldn't recommend a mirror-stream from the servers to the
> on-site backup box as that limits your OS and filesystem choices for the
> servers. Whereas cpdup/rdist with or without NFS mounts is far more
> flexible.
>
> You generally do NOT want to give users direct access (even via NFS mount)
> to the backup boxes.
Should the local backup box even have a publicly visible IP address? (I don't
yet know if the local customers will have public IPv4 addresses.)
Pierre
--
La sal en el mar es más que en la sangre.
Le sel dans la mer est plus que dans le sang.
More information about the Users
mailing list