Security Basics
Re: OS Level Backup Solution Dec 19 2012 05:38AM
Amit Bhardwaj (meet d difference amit23 gmail com) (4 replies)
RE: OS Level Backup Solution Dec 20 2012 04:50PM
Guy Goodenough (GGoodenough gaithersburgmd gov) (1 replies)
RE: OS Level Backup Solution Dec 20 2012 05:37PM
Joseph Laico (LAICO 0IS US) (1 replies)
RES: OS Level Backup Solution Dec 21 2012 11:21AM
Samuel Riesz (samuel cecred coop br)
Re: OS Level Backup Solution Dec 19 2012 10:26PM
josef (meineanschrift yahoo de)
Re: OS Level Backup Solution Dec 19 2012 01:42PM
Matthew Caron (Matt Caron redlion net)
On 12/19/2012 12:38 AM, Amit Bhardwaj wrote:
> I have checked internet and have found Bacula as possible solution but
> i am not sure if it takes OS level backup as i have mentioned above or
> not.

I do not believe so. I have used it in the past, but only for data, not
the OS.

As a general case, it is exceedingly difficult to take a *good* backup
of the OS while the OS is running, because it will often lock specific
files or partitions such that the backup cannot have access to it.
Further, you may lack specific partition metadata (RAID information,
partition UUIDs, etc.) because that is only available at the raw disk
level, not at the mounted filesystem level. As such, the only way to
really ensure a good, full, bare metal backup is to boot from alternate
media and clone the disk off. That way, you can be assured that nothing
is touching the disk and messing things up.

Since VM servers emulate the underlying hardware, you can typically do
this from the hypervisor. I believe it accomplishes this by
checkpointing the state of the machine (which is a nearly instantaneous
operation), then backing up the state at that point in time. Since it is
outside the running guest OS, it can do this without issue.

The way I've solved this problem before is to have a triple RAID 1 setup
(3 way mirror) and for backups we remove one of the disks from the pool,
then image that disk. Since a single RAID item can be booted, we have a
"seed" disk to which we can add other disks which then sync with the
first. Once the backup is complete, the disk is added back to the pool,
where it resyncs. This scheme worked great until the resync time took so
long that it started bumping up against the next backup. After that, we
just went to redundant machines and only backed up the data. Since the
OS only takes an hour or so to install, and hardware is cheap, we'd just
spin up another machine as need be. As an optimization of the above, if
we had a pool of identical systems (say, like a webserver cluster), we
would make a "master" disk and just image new ones from that as needed.

Hope that helps.
Matthew Caron, Software Build Engineer
Sixnet, a Red Lion business |
+1 (518) 877-5173 x138 office


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442

[ reply ]
Re: OS Level Backup Solution Dec 19 2012 11:25AM
Jeffrey Walton (noloader gmail com)


Privacy Statement
Copyright 2010, SecurityFocus