How I do backups

Notes on my setup for handling backups of my servers.

The server, we'll call it BOB, has two disks of the same size, and each night one gets rsynced to the other. Its /etc/fstab looks like this: 

/dev/xvda       /       ext3    defaults                0 1
/dev/xvdb       none    swap    sw                      0 0
proc            /proc   proc    defaults                0 0
/dev/xvdc       /backup ext3    noauto                  0 0

The root crontab includes the lines: 

30 3 * * *  /root/nightly-rsync
12 4 * * *  /root/nightly-rdiff

With /root/nightly-rsync containing the following: 

mount -v /backup
/etc/init.d/apache2 stop
/etc/init.d/postgresql-8.3 stop
rsync -vaxE --del / /backup/ 
/etc/init.d/postgresql-8.3 start 
/etc/init.d/apache2 start 
umount -v /backup

Later in the night, the synced backup gets rdiff-backuped to another machine, which we'll call SUE. The /root/.ssh/config file on BOB contains the following:

host sue-bob hostname sue user bob identityfile /root/.ssh/backup_id_rsa compression yes protocol 2

A user "bob" has been created on SUE and ssh-keygen run to create a passwordless keypair for that user. The backup_id_rsa file on BOB is the created private key, with the public key added to the /home/bob/.ssh/authorized_keys file on SUE. The following lines are in /root/excluded-backup: 

/backup/backup
/backup/dev
/backup/mnt
/backup/proc
/backup/sys
/backup/tmp
/backup/var/tmp

/root/nightly-rdiff looks like this: 

mount -v /backup
rdiff-backup -v5 --exclude-globbing-filelist /root/excluded-backup /backup sue-bob::backup
umount -v /backup
rdiff-backup -v5 --remove-older-than 2M --force sue-bob::backup

An incremental backup of BOB going back 2 months will be in /home/bob/backup on SUE. Update 2009-05-05: Added --force to the remove-older-than line to remove multiple old backups when necessary.

Some final notes: Make sure to make nightly-rdiff and nightly-rsync executable. Also, both BOB and SUE must have rdiff-backup installed. Oh, and you'll want to ssh sue-bob once to add SUE's fingerprint to the known_hosts file. When I'm feeling fairly certain the backups are working, I'll lower the verbosity.

I was influenced on the rsync end by jwz's PSA on backups and on the rdiff-backup end by unattended rdiff.

keywords: tech, backups, rdiff-backup, rsync, linode created 2009-03-05 last modified 2009-05-05