from Laz: ” Lots of people don’t think about backups for one thing. Another is they have that “it won’t happen to me” mentality. Well, I have seen more than my share of drives fail, and brothers and sisters, it dang sure can happen to you. In fact, I have seen two statistical anomalies/impossibilities in the last couple of years alone, and that was two separate servers, made by two separate vendors, that at two separate times, had two drives fail at the same time. This took out a RAID 5 array on one server, and a mirror on the other. Luckily though, my team knows and understands backups so it was really a non-event, we pulled the data off of tape and were back in business. Aaah, but if there wasn’t a good backup!!?? “ [ Read more ... ]
Archive for the ‘Backups’ Category
Backups, by Laz
July 18, 2007Holy Grail of Remote Backup
December 11, 2006I think it has been a dream of mine for almost three years now to figure out how to perform remote system backups without any human intervention whatsoever. I’ve had pieces of the puzzle in my hands for a long time, but always ran into road blocks. One big road block has always been transferring data over a network with the ssh protocol without having to type in a password. I’ve finally unlocked the keys to this little mystery. The answers were found in the comments of an article posted on Mezzoblue (Just do a search on “webserver backup” on the mezzoblue.com website).
The first thing I had to learn was to write a well crafted command using “rsync”, with all the appropriate flags to pull down the data from a remote server and into the local backup directory. The command looks like the example that follows:
# rsync -aze ssh user@ip:/path/to/file /local/path/for/backup
I scooped this right off the article on Mezzoblue. There are man pages and documentation, but why go to college to learn how to make a backup, right? Anyway, that example shows the basic idea.
Now, you probably notice we are using the ssh protocol to transfer those backups across the network. The ssh protocol is good because of its security, but it can be a pain for this kind of task. However, the trick is to create encryption key pairs for the local and remote machines, so that a password becomes unnecessary. The way you do this is with another kind of ssh command:
# ssh-keygen -t rsa
This command will create the a keypair in your .ssh directory. You will need to copy the public key to the remote machine. You can do this using the scp command as follows:
# scp ~/.ssh/id_rsa.pub user@ip:/home/username/.ssh/authorized_keys
Note all the tiny dots and colons in that command. Its easy to forget the punctuation.
Once you have that keypair copied to the remote machine, you can now log into it without having to type in a password. This is perfect, because now you can run you rsync command without having to be sitting there to type in the password.
The next logical step is to put all of this into a bash shell script, which you can then execute on a schedule using a cronjob.
