The majority of the time small and medium size business use the single dedicated Linux/*BSD box for hosing web site, database server, mail server. These servers are so busy round the clock (yes we do have lots of such client, they have dual XEON/AMD or P4 with 4-8 GIG RAM). Since backup is such critical procedure, we have an automated snapshot (hourly, nightly, and full monthly backup facility) procedure for all dedicated UNIX/ Linux/Windows boxes.
Snapshot Backups provide a convenient, automatic way to save copies of data/website/ftp/mysql data/site/files without using valuable disk space. Backup software (or Linux scripts) stores a copy, or takes a “snapshot,” of customers dedicated box every 2 hours, nightly, weekly etc. These snapshots are saved and dated for customer by our software and can be restore directly from clients control panel, in the event that any of files are accidentally deleted or changed.
Although this facility is ultra cool, it has its own disadvantage too on clients’ dedicated Linux box. On any busy server things started to get worst because of hourly hot snapshot backup. Our customer started to report us that while backup is in progress ftp/www site becomes slow. We quickly realize that single NIC is the problem, so we have upgraded all old servers to dual NICs. Therefore, backup data is piped through a second NIC, isolating the process from frontend traffic.
Linux eth0 --> Public interface for ftp/http/mysql traffic Box eth1 --> Private interface for backup
eth1 IP(s) only accessible in our data center, all outside access to eth1 IP is blocked at enterprise IDC firewall. This is done for security reason.
We have products from NetApp for central storage and snapshot facility (in case if you are wondering what we are using for central storage). You can find information about NetApp here.
Result was neat and now no more complaints from customer. We use same solution for shared hosting customer too. However if your IDC is small then you can use any (netapp products are expensive) other Linux/UNIX box and couple of ftp script could do the same backup trick and make sure you use second NIC to pump backup data. Here is sample diagram that will help you to grasp the concept
- All eth0 connects to Internet
- All eth1 connects to Private switch inside IDC
- Linux based backup server should not be accessible outside your network
- You need to create perl/shell script to automate backup procedure
|Category||List of Unix and Linux commands|
|Firewall||Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04|
|Network Utilities||dig • host • ip • nmap|
|OpenVPN||CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04|
|Package Manager||apk • apt|
|Processes Management||bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time|
|Searching||grep • whereis • which|
|User Information||groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w|
|WireGuard VPN||Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04|