Before you decide how you want to backup your system(s), you need to ask yourself some basic questions: "What can I not afford to lose?" "How much money could it cost my company if this data was irretrievable?" "How long do I need to keep my data?" Only after considering questions like these can you start to look at your company's business and business data intelligently to address things such as the following:
Data to be backed up
Retention times
Tape rotation and off-site storage policy
Processes and policies surrounding backups
All of this is essential to ensure that the unspeakable partial or complete data loss never happens to you.
The following sections get directly into the technical details of what is generally important to backup on a Linux system, and what to do about things like databases, log files, e-mail, and other system content that is always in a state of flux or changing.
Your backup strategy needs to focus on what you want to back up, or in some cases, what not to back up.
As you can see in Table 5-3, some parts of the OS hard drive are important to back up, others are less important to backup on a regular basis, while still other directories don't need backup at all.
Definite, frequent backups required |
|
/etc/ |
System-wide OS/software/daemon config files |
/home/ |
User home directory space |
/var/ |
System variable files; logs, mail/printer queue, and so on |
/root/ |
Root's "home" directory |
/var/www/ |
web file system (servers only) on newer Linux |
/van/ftp/ |
FTP file system (servers only) on newer Linux |
Backup rarely or never |
|
/mnt/ |
File system mount points (floppy, CD-ROM, NFS, and so on) |
/proc/ |
Kernel/OS dynamically created information |
Backup less frequently or only if a full OS backup is desired |
|
/bin/ |
OS essential binaries |
/boot/ |
Boot files, kernel files, and so on |
/dev/ |
OS device files (hard drive, floppy, serial, and so on) |
/lib/ |
OS shared library (program) files, pam, and kernel modules |
/lost+found/ |
Corrupt and unlinked file storage directory for / filesystem |
/opt/ |
Third-party and FHS compliant software (such as Open Office) |
/sbin/ |
OS binaries (usually only run by root or system) |
/tmp/ |
Application, OS, and user temp file space |
/usr/ |
Distro installed/OS, binaries, docs, source, shared, X11, and so on |
If you have any valuable system configuration data, be sure to back up /etc/. This is the most common area for system-wide configuration data. Don't forget it.
Other directories you don't really need to back up unless you're doing a full backup. These include /opt/ (for third party and FHS based applications), /usr/local, /bin/, /boot/, /dev/, and the other directories in the last section of Table 5-3.
Note |
Some people do not back up /lost+found/ because this is where corrupted files end up being stored. However, in some gradual disk crash scenarios where you're slowing losing hard drive blocks over time, this type of directory could be useful for getting back those lost and partially corrupted files. Don't just discount it without considering such issues. |
For some directories you just do not want to back up, ever; of these, the two big ones that come to mind are /proc/ and /mnt/./proc/ is a special directory that does nothing more than give the kernel a place to mount itself so that user space apps can "talk" to it, look at, and in some cases change running kernel parameters on the fly. If you boot from a Linux boot floppy and take a look in your system's /proc/ directory on the hard drive, there's nothing in there. And if you try to back it up, you may run into problems.
The /mnt/ directory is kind of special. While the subdirectory names in this directory can be important, most of the important (system-wide ones) should be referenced in the /etc/fstab file and should be able to be restored fairly easily.
Caution |
If you know what you're doing with your specific backup suite, then you can back up the /mnt/ directory and its top-level directories, if you're careful. However, if you're not careful and you have things like CD-ROMs, floppies, NFS, and SAMBA/Windows drive mappings to this directory, you could quickly find yourself backing up your own removable media and the corporate file server! Just watch it with this directory. |
Why wouldn't you want to backup the whole OS on a server? The UNIX-/Linux-based file systems are clearly divided by function. So when doing a recovery, many people assume that they'll be doing an OS reinstall anyway-so they don't bother backing up the parts of the OS that never change after an install is complete. This stance varies depending on what you define as critical for your environment. If you lose the main and only drive in a server, do you think you'll just be getting a new drive, reinstalling, reconfiguring fresh, and then restoring the data? Or do you want to restore everything (including the OS) from tape? Most administrators don't bother with OS backups of their servers. They get the users, application configurations, and just apply those to a fresh OS install.
When might you want to backup the entire OS? If you have a highly specialized OS nonserver or workstation install with many customized user application and OS settings (such as a developer workstation or remote desktop terminal server) you probably want to get the whole OS and all of its installed and configured apps.
When might you want not to backup everything? A likely example would be on a single-purpose server such as a user home-dir fileserver, vanilla web server, BIND/DNS server, or the like. These types of application configurations can usually be quickly brought back up by an OS reinstall, then using up2date (for RPM systems) or apt-get (for Debian systems) to bring the system up to a fully patched state, and finally putting the backed up data back in place from tape.
For example, after a reinstall a BIND DNS server would simply need its DNS zone files put back into place in either /var/named/ or /var/named/chroot/var/named/ (for chroot'd systems) along with the main named config file /etc/named.conf. Restart the named service and you're back up and running. It's kind of a waste to back up the rest of the OS (several GB) every week when it is not really warranted.
Most home/desktop systems only require backup of user data in /home/ and /etc/ (configuration data), and possible /var/ if you store e-mail, web, and/or ftp data there. In such cases only /home/ should probably get backed up, since home Linux users tend to do a lot of OS switching anyway. In fact, one very convenient thing I have found is to just keep your /home/ files ystem on its own dedicated drive. This way when you go to reinstall a new Linux distribution on your system, you just unplug the /home/ drive, install the OS on your main drive, and then plug in and mount the old /home/ drive back into place. Be sure you get the new /home/username/ directories' content copied over into the old home drive. Many desktop apps and environments need their newer config directories in place and will balk if you try to forcefeed them the older counterpart's config directories and settings.
Even if you do a total system backup, there are some important configurational aspects of your system that you should backup, such as your hard drive's partition layout, your important /etc/ configuration files, and so on.
To make your Linux system back up its partition table(s) to a flat text file, you can use the following commands:
# mkdir /etc/config-data ; chmod 700 /etc/config-data ; chown root.root/etc/ config-data # fdisk -1/dev/hda > /etc/config-data/hda-fdisk.txt # dd if=/dev/hda of=/etc/config-data/hda-part-boot.img bs=512 count=1 1+0 records in 1+0 records out # fdisk -1 /dev/hdc > /etc/config-data/hdc-fdisk.txt # dd if=/dev/hdc of=/etc/config-data/hdc-part-boot.img bs=512 count=1 1+0 records in 1+0 records out
The first command sets up a /etc/config-data/ directory and root-restricted permissions. The next fdisk line grabs the human-readable partition table config from drive /dev/hda (IDE primary-master) and dumps it out to the flat text file /etc/config-data/hda-fdisk.txt. The third line then backs up the actual partition table and MBR out to the file /etc/config-data/ hda-part-boot.img. Likewise, the last two command lines do the same for the IDE secondary-master or hdc.
Doing this will ensure that you have backups of your drive partition layouts as well as your actual master boot record (MBR), which can be used in case someone ever corrupts and renders your system unbootable. And since you always backup /etc/ to tape, you should have these archived safely.
Backing up a database (or any other file that is in a state of change) is like photocopying a sheet of paper. If you wiggle it while copying it, then you get a corrupted copy. If you want a good backup of a database (or other such "wiggling" file), you need to choose one of the following options:
Backup directly with a backup agent-This is a special piece of backup software (usually added on in the form of a commercial backup module) that "talks" to both the database and to the backup software. The backup software starts copying the database and when the agent senses a change in the database, it finds out what that change was and communicates it back to the backup suite and so the uncorrupted change can be accounted for in the final backup. The database backup agents are not always available for all database systems or backup suites or may cost several hundred dollars, plus their use varies from vendor to vendor.
Stop, copy, and back up-You stop the database or service, quickly copy the related file(s) somewhere else, and then restart the service and get your backup. This technique is appropriate for backing up files like mySQL/database,sendmail, and syslog.
To use this method, see the Shutting off services section later in this chapter. Shutting off services is great for getting everything related to that service on tape. However, if you're on a production server, you may not be able to shut off mission-critical services such as web and databases.
Freeze, copy, and back up-This method is generally more difficult, but you can usually lock your databases using simple script-driven programs like mysqldump or mysqlhotcopy (more on these later). This method uses the same concept as the previous technique, but you don't stop the services; you just use these tools to "freeze" them (read-only) while you quickly copy them out, and then unfreeze them when you're done with your copy. See the rest of this section for more information on how this is done with MySQL.
The Backup Agent method may not always be available to you, depending on what type of database and backup suite you're using. Some Linux databases are starting to get third-party commercial backup agents that will talk to the database and the backup system to effectively back up a live, or hot, database. (A MySQL backup agent for ARCserve is available at www3.ca.com/Solutions/ProductOption.asp?ID=4691.) However, MySQL comes with a couple of utilities to help you use the Freeze and Copy method.
For the Freeze, Copy, and Backup database backup method, there are various options depending on what database you are using. Because MySQL is the most popular open source database, let's take a look at that. MySQL is good in that there are a few tools with which to get the job done. The first, older program is called mysqldump. It does not get binary log files (required in some cases), and it dumps to flat .sq1 files (which can take up more room than the actual data base files). If neither of these issues bothers you, then this mini-app might be just what the doctor ordered. mysqldump's general shell usage looks like this:
# mysqldump --opt --all-databases --user=root > /root/all-databases_$( date +%Y-%m-%d).sql
This will freeze and copy all of the databases out to a time-stamped flat file under /root/.
In newer MySQL database Freeze and Copy option is another included tool called mysqlhotcopy. This does a table level or all-database read-only lock effectively, clones everything in the mysql data directory (/var/lib/mysql/for most RPM-based systems) out to a directory of your liking, and then unlocks the databases when done. This is what the shell usage looks like:
# mysqlhotcopy --user=root --allowold --regexp=".*" /root/mysql-backup
Your regular system backups will now get the static database files in /root/mysql-backup/ and you'll be good to go.
mysqlhotcopy is great if you're running MyISAM storage engine table types. But if you're running innodb table tapes, you really do need to shut down the whole service and do a cp-a /var/lib/mysql/*/root/mysql-backup/, otherwise you will not get your innodb database content. If you're not sure which engine/table type you're running, then you're probably running the default MyISAM type and you have nothing to worry about.
For more info, do a mysqlhotcopy--h or perldoc/usr/bin/mysqlhotcopy.
Note |
As of the Fedora Core RPM of mysql-3.23.58-4, there is a known bug with Red Hat's copy of mysqlhotcopy that creates an error when trying to use the program. As this book goes to press, there seems to be a patch file for this on bugzilla that should be released in MySQL 3.23.58-8 along with Fedora Core 2. See Red Hat bugzilla and mysql for the latest info on this: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=112693. |
Commands from dump, restore, mt, and tar will all want to see the device file called /dev/ tape in place to backup and restore from. For example, mt rewind and mt-f /dev/st0 rewind should do the same thing if you have a symlink set up from /dev/tape to /dev/st0. But with some of these commands, if no device file is given /dev/tape is the default, so you should have this link set up. If you don't and you are using a SCSI tape drive (/dev/st0) set that up now, using the following commands:
# ln -s /dev/st0 /dev/tape # ls -la /dev/tape lrwxrwxrwx lroot root 8 Mar 14 15:17 /dev/tape->/dev/st0
As previously mentioned, you don't want to back up a system with a bunch of actively changing files on it. You get around this by shutting down these services or using the Stop and Copy method.
One of the most orderly ways of doing this is via runlevel 4. In most Linux distributions, runlevel 3 is the command line or headless mode in which you might run a web or e-mail server; you don't need a GUI/X11 display (as you would on a desktop). Desktops and workstations, on the other hand, need to run in a default runlevel of 5 (at least for Red Hat-based systems).
If you want good system backups, you will probably want to turn off your "disk chatty" services in runlevel 4, and then use this runlevel as your system backup runlevel to run your backups.
Here's a list of some services that you might want to shut down on a server for backups:
sendmail
mysqld
apache
vsftpd
syslog
lpd or CUPS (printing services)
rhnsd (Red Hat Network daemon)
autofs
sshd (to keep others off, but only if you're feeling confident in your backup's stability)
xinetd
You can quickly get a listing of your services running in runlevel 4 with the following command:
# chkconfig --list | grep -e 4:on -e on$
This will show you everything running in runlevel 4 plus the services running under xinetd. These problem services can be configured to be off in runlevel 4 individually with the command syntax:
# chkconfig --level 4 syslog off # chkconfig --level 4 sendmail off # chkconfig --level 4 xinetd off # chkconfig --level 4 mysqld off ...
Then runlevel 4 will be ready to be used as a backup runlevel that you toggle to just before backups, and back out of when they're complete.
Tip |
If you're not sure which services are which, or what each one in /etc/init.d/ actually does, then on Red Hat Fedora systems you can simple run the command ntsysv from the command line and flip through all the service names, hitting Fl for the ones that you would like a description of. |
The command runlevel will tell you what runlevel you are currently in, and the init 4 command will put you in whatever runlevel you want to go to (runlevel 4 in this usage).
Caution |
Changing run levels affects the entire system. If you shut off most things (including ssh or networking) in runlevel 4, this can have drastic effects on other users and other services. Only change runlevels and services on a production server when you're mindfully thinking of who and what you may affect. If unsure, just do a chkconfig -list|grep -e 4 : on to see who and what you may affect on that runlevel. It is common for people to remotely change runlevels and by doing so effectively locking themselves off of the server. After an "oops!" like that, usually only a visit to the physical console can reestablish connectivity. |
After you have your services all figured out and shut off in runlevel 4, a simple script such as this one will be able to back up the majority of your system, using tar, to a local tape drive:
#!/bin/bash ## Do a MYSQL-HOT-COPY to /root/mysql-bak mysqlhotcopy --user=root --allowold --regexp=".*" /root/mysql-backup ## Rewind tape mt rewind ## Change Run levels to 4, backup, back to 3 init 4 sleep 10 tar -czf /dev/tape /bin /boot /dev /etc /home /lib /lost+found /opt /root /sbin /tmp /usr /var > /dev/null 2>&1 echo -Backups complete... ## Eject tape... mt eject sleep 5 init 3 echo -Done
This script is more an example of using runlevels with backups than it is a hardened backup tool. Even though you can backup your system with tar, it's not something that I would recommend doing for all of your production servers. Lets take a look at some of the other options out there.