[DRBD-user] DRBD as a "backup" System

Diego Julian Remolina diego.remolina at ibb.gatech.edu
Fri Nov 11 21:51:33 CET 2005

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.


You should not really use drbd in this case. No offense, but remember 
the well known phrase: "Keep it simple, stupid"

Let one machine (system A) be a simple standalone server, then let the 
second machine (system B) use an ssh key to rsync the data each month. 
You do not need to turn off the secondary server, just rsync it every 
month with a cron job. That will accomplish what you want without going 
into drbd (complicating your life).

If you want the second machine to be a real backup server, then you 
should rather explore these options:

http://www.nongnu.org/rdiff-backup/
http://www.bacula.org/
http://www.amanda.org/
...there are many others

Depending on space you could also even rsync first then run dump to 
create backup copies.  However be aware that the 2.6 kernel may break 
dump and restore in some cases.  For example I cannot use dump and 
restore on raid 5 partitions on 3ware cards.  No idea why, my theory is 
that the size of the partitions (1.8 TB) makes dump crash (segfaults).

For rsync:

1. Create a key with ssh-keygen, and do not set a passphrase
cd /root/backup
ssh-keygen -b 1024 -f backupkey

2. Create a backup-script:

#!/bin/bash
RSYNC=`which rsync`
SSH=`which ssh`
BACKUPDIR=/path/to/your/backup/dir
KEY=/path/to/backupkey
${RSYNC} -av --delete --exclude=/dev --exclude=/proc --exclude=/sys 
--exclude=/var/log/lastlog -e "${SSH} -i ${KEY}" HOST-A.domain.com:/ 
${BACKUPDIR}

Adjust the above to exclude other things, or simply backup the directory 
you want if you do not care about other directories in your machine.  If 
your machines are 64Bit you really *need* to exclude /var/log/lastlog 
from the backup.

3. On machine A where you are backing up the data, create the file 
/root/.ssh/authorized_keys and enter:

from="HOST-B.domain.com",command="/root/.ssh/validate-rsync" 
your_ssh_public_key_here

The validate-rsync script follows:
--------------begin validate-rsync--------------------
#!/bin/bash
case "$SSH_ORIGINAL_COMMAND" in
         *\&*)
                 echo "Rejected"
                 ;;
         *\;*)
                 echo "Rejected"
                 ;;
         rsync\ --server*)
                 $SSH_ORIGINAL_COMMAND
                 ;;
         *)
                 echo "Rejected"
                 ;;
esac
--------------end validate-rsync--------------------
This is to restrict the key to only allow rsync.  If you do not care 
about security you can just simply add the entry:

ssh-dss your_ssh_public_key_here

to authorized_keys

4. add the appropriate entry in crontab for backup-script.

HTH,

Diego


Luc de Louw wrote:
> Folks,
> 
> Following Situation:
> 
> I have to create a Archive System with some backup. The System includes 
> two Server which have a Raid5 Disk Subsystem attached.
> 
> My Plan is now to set up DRBD with heartbeart and disable automated 
> takeover.
> 
> The second server will be powered on only once each month to get in sync 
> again (very little data will change)
> 
> In case of accidential deletetion of data, the secondary server (which 
> is usually powered down) will be forced to be sync source.
> 
> What do you think about such a scenario? It is some kind of abuse of 
> DRBD, but from my point of view it should work.
> 
> Your opinions?
> 
> rgds
> 
> Luc
> _______________________________________________
> drbd-user mailing list
> drbd-user at lists.linbit.com
> http://lists.linbit.com/mailman/listinfo/drbd-user

-- 
Diego Julian Remolina
System Administrator - Systems Support Specialist III
Institute for Bioengineering and Bioscience
Georgia Institute of Technology
Phone (404) 385-0127
Fax   (404) 894-2291
315 Ferst Drive
Atlanta, GA 30332-0363



More information about the drbd-user mailing list