Re: Synchronize two servers (warm backup)
hiya
On Thu, 23 Dec 2004, Carl Fink wrote:
>
> What I'm looking to do, in more detail, is keep two Woody-based servers
> functionally identical by having the backup server periodically grab web,
> mailing list, and mail files from the primary server. I want the backup
> system to be in full readiness to take over, so all I have to do is throw a
> DNS "switch" to have it become the server.
"warm backups" is good ....
"(manually?) throw the dns switch" is good ...
- usually with things that go bad...
- you notice AFTER its gone bad ...
- you may or may not know PRECISELY why,how,when,who,what went bad
- using rsync is bad because:
- if main disk goes bonkers, you'd be rsync'ing suspect bad disk
to the presumed good backup disks
- someone else wanted "incremental backups" ...
- good idea ...
- once an hour or once a day ... all changes are saved to the
backup, in addition to the "main rsync'd copy"
main:/home/httpd ---> backup:/home/httpd AND
---> backup:/home/incremental/httpd
- someone else asked about raid1
- raid1 is only good on the same server
- if the powersupply dies or cpu fan dies, both raid1 disks
are toast
- if you're willing to gamble on network raid, or iscsi,
or iata or ?? ... than "data" integretity testing is part
of the "backup syncing strategy"
- major problem with raid1 as sync/backups ...
- rm -f anyfile .... and in a few seconds,
the data is gone from both disk
- why is that considered a "backup" ?
- if you made a mistake in deleting or upgrading,
than you can not count on the mirror to recover from
- when using backups ...
- if a cracker or in house newbie breaks into www,
you'd want www.backup to be more SECURE and more uptodate
- you do NOT want the cracker to be able to exploit the same
hole to erase your backups
( same hole could be as simple as "passwordless login"
- gazillion ways to use backups
- different possible exploits on different machines
is probably a good thing, but it makes for a major
headache for maintenance, but minor/trivial if done "right"
across any linux distro
- any pre-made scripts ... probably a whole shitload of um
- does it do "ALL" of what you want ? probably not ..
- does it worry about potential problems that it will
avoid for you or does it do a blind/dumb copy
- gazillion reasons why "manual switch" of dns is good
- probably any laptop or palmtop sync mechanism will
work ...
- i like the following
development machine updates production machine
and at the same time, it also updates the backup machine
AND it keeps a copy of ALL incremental changes
- this assumes a full backup can be recreated
3 different ways, just in case one full backup fails
- warm backups for web servers are trivial
warm backups for mta are trivial ( use MX )
warm backups for pop servers are little tricky, in how to
delete emails that were already read, from all the other
backup pop server
- if one uses a backup server, that is a single point
of failure ... which does not solve the "warm backup"
problem
warm backup of backup end data ... tricky but fun ...
- ie ... you have you play back the transaction logs
and NOT just copy the db files around with say rsync
c ya
alvin
Reply to: