About Backups

Assumptions

It is always necessary to make some basic assumptions about how any procedure will actually be implemented. In the case of backups of the CK:P machines the technical staff has made the following assumption:

Responsibility for backups and tape storage is site based.
User Administrators need a simple automated procedure.
User files, personal mail/configurations need to be backed up daily.
User devices (PCs and Macs) will not be backed up.
Providing a procedure based on ease-of-use outweighs the strictest security.
CK:P will provide the tapes, a backup procedure and support.

Backup Background

Considerations:

Backups of CK:P server and client machine data is the responsibility of the individual site. The User Administrator of each site, the CK:P System Administrator, and the CK:P Educational Staff have created a working backup procedure. This was created with the following general policies, considerations and procedures in mind.

Frequency: In the ideal case backups would be performed daily. In the worst case backups would only be performed on a weekly basis. For reasons of stability, a complete backup should be done before and after any major system change, including upgrading the OS, installing new equipment in the server, moving the server, and/or shutting the server down for an extended period of time. While this may take some time to perform its easier to restore a system to functionality from a backup than from scratch.
What data: The home directories of the users contain the most important data. This is because this information is usually very difficult, if not impossible, to recreate. Incoming and outgoing mail spools are also very important. However, being that they change constantly it is very difficult to maintain useful backup. As a general rule of thumb, backups of mail spools that are more than 24 hours old are useless. To avoid part of this problem users should move all mail out of the incoming mail spool and into their accounts as often as possible. Not only does it reduce the problem of lost mail, having a small incoming mail spool significantly increase the performance of many mail programs.
The OS and the files in /usr/local can be restored from other sites so they do not need to be backed up. However, /usr/local/depot/site and some files in /etc are specific to your site and should be backed up. Also, the kernel is probably worth backing up but it is not critical.

Also, each site will have specific directories such as /usr/local/www that will need to be backed up. These will vary from site to site so the administrator must be on top of this. Machines which are the supserver for their hardware/OS platform will need the master copies of their packages backed up. This is also true for the master servers of PC Remote Build and Mac Remote Build.

For many sites, it is simplest to backup all data. This is often easier than identifying local data and since most data does not change quickly incremental backups will still be small.
Backup hardware: This will widely vary from site to site. Most sites should have DAT tape drives, but some have 8mm (Exabyte) tape drives and some have QIC or TK50 tape drives. The type of backup equipment you use will greatly affect the nature and complexity of your backups. Generally speaking, each tape should be able to hold the largest partition on your system. With the decreasing costs of multi-gigabyte backup units this should not be a problem.
Location of backup hardware: Every site will have one backup unit, generally this will be a part of a Unix server. If there is more than one machine to be backed up at a site, other machines will be backed up over the network. Of course, Alpha and Beta sites may be exceptions to this rule, and a site that independently acquires a second backup unit may create their own policy regarding that unit.
Backup programs: When an entire partition is being backed up, the unix program, dump, should be used. This allows several levels of backup which makes daily backups much easier. When a small portion of a partition is backed up, the tar command may be faster and easier.
Backup operator: The User Administrator at each site is responsible for making sure the backups are completed in accordance with that sites procedure. The User Administrator is also responsible for restoring lost, erased or damaged files for the users. If the computer suffers a catastrophic failure, then the technical staff will be responsible for restoring the machine from the most recent backup available. The technical staff cannot be held responsible if User Administrator does not correct perform or maintain the backups. Backups are the sole responsibility of each site.
At some sites the user administrator may delegate the backup responsibility to another person or persons. This should be done with care, since in general anyone who can do backups can also read any confidential information on the system.
Security: Backup tapes must be kept secure. Anyone with minimal technical skill will be able to read any file on your system from those tapes. This includes all personal mail and the password file. Backup tapes should be kept in a secure location. The best location would be offsite in a fireproof safe.
It is strongly advised to keep at least a monthly full backup in an off-site location. This guards against complete loss of data in the event of theft, vandalism, fire or some other catastrophe.

Suggested Models:

Two backup models were considered for the PPS CK:P sites. A brief overview of the nature, advantages and disadvantages are present below.

Single-level Model -

In this model the entire server is fully backed up each day (a level 0 dump). There are a small number of tapes (3-7) used for this which are rotated. This scheme is good if a full dump will fit on a single tape.

Advantages: Very good redundancy. Very simple. Few tapes are needed.
Disadvantages: Slow; it usually takes hours for a complete dump. This may not be an issue if the dump can be performed at night.

Multi-level backups -

Each month a level 0 dump is done. Two sets of tapes should be rotated for this.
Each week a level 1 dump is done; five sets of tapes should be rotated for this.
Each day a level 2 dump is done; seven (or five) sets of tapes should be for this

This model contains three levels and is highly recommended by CK:P. If necessary the last level can be omitted and the second level can be extended if necessary, but this is not suggested.

Advantages: Daily/weekly dumps are fast (and should fit on a single tape).
Disadvantages: To fully restore a machine several tapes must be used. A single tape error may cause large problems. More tapes are needed.

After careful consideration of the needs of each site and the assumptions that had been made a modified multilevel backup plan was implemented. The procedural guidelines for this backup model can be found on the Backup Procedures page.

Installing CK:P Backup Software

Before backups can actually be performed at any site it is necessary to have the proper software installed on the unix server. The following is a quick step by step guide to determining if you have the software and how to get it if you don't.

First, make sure the ezdump software is on the server by looking for it. Type: ls /usr/local/sbin/ezdump.
If the system responds simply with /usr/local/sbin/ezdump, all is well -- go on to step 2. However, if it says something like: ls: /usr/local/sbin/ezdump: No such file or directory,
you'll need to fetch the software by typing sudo /usr/local/sbin/localupdate. This procedure can take some time. If after the localupdate finishes ezdump is still not installed, contact the CK:P Tech Staff for further assistance.
Create the /etc/dump.conf file. To do this:
1. Type cd /etc
2. Edit the dump.conf file -- sudo pico dump.conf.
3. Author the dump.conf file based on what you want to appear in it. If you need to know the format, take a look at the documentation for the file format.
4. Please note that the "tape" keyword in dump.conf will have different values depending on what type of machine the server is. If the server is a NetBSD server, the tape value should be nrst0. If it's an Alpha, it should be nrmt0h. here!
Type ezdump -t. If there are no error messages, continue on. If you see something that you think might be an error message, contact the appropriate help desk for assistance.
Now, you can proceed to actually doing the backups by hand, if you like. If you want to have the backup procedure run automatically every night, you can edit the /etc/crontab file. The format for this file can look intimidating at first, but it's pretty straightforward if you check the documentation If you're still feeling nervous, make a copy of the crontab, edit in your changes, and mail it to the tech staff and we can double-check it for you.