[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: [cobalt-security] RAQ & rsync

Subject: [cobalt-users] Re: [cobalt-security] RAQ & rsync
From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
Date: Thu Feb 13 17:02:56 2003
Organization: Befriend Internet Services LLC
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

"OpenAccess System Security" <security@xxxxxxxxxxxxxx> wrote:
> We were thinking more about the mirror/backup system thread being posted
> earlier.  It occurred to me, wouldn't it be possible to use rsync to
mirror
> an entire Cobalt system to another one?

Yes.  But don't mistake mirroring for a backup/recovery system.  It'll
handle certain scenarios you want to protect against, but it won't handle
others.  You may know this already, you may not.  I want to make sure
everyone else knows.  Since Bruce cross-posted his reply to this thread to
cobalt-users and now there will be people on that list who won't see the
reply I already posted to cobalt-security I'm pasting it in below.

"OpenAccess System Security" <security@xxxxxxxxxxxxxx> wrote:
> If one of the product RAQ4 boxes fails, we...
>
> A) disable its physical port on the primary switch.
>
> B) rsync the appropriate file image from the backup server over to the
> warm spare.

rsync is an excellent program.  I do use it as part of a backup solution on
some servers, but I prefer to at least use CMU in some capacity for the RaQs
due to the flexibility it provides.  Before you select a backup and recovery
system, I suggest making a checklist of various situations you want it to
handle.  Then make sure you select a solution that handles them.  Test all
possible disasters.

With rsync, please be aware that unless you have a mechanism in place to
backup and archive files from either the source or destination server, you
may be left without good backups.  For example, if your source server is
hacked or files are accidentally deleted, modified or overwritten and it's
not discovered, reported and handled before the source server syncs with the
destination server, the destination server's files will be of little use.
The same applies to a similar program that someone else mentioned on this
list a couple of days ago.  It was a syncing program with a different name.

With CMU files are in a semi-portable format which allows them to be
imported on one or more RaQ models.  And imported quickly.  If you may need
to migrate an entire failed server's backups to another server, especially
to a different model RaQ or RaQ which already has sites and users installed
the CMU will save *a lot* of time.

The solution you have in mind is a very good one.  And it addresses many
possible situations properly.  Just make sure it address all of the
situations you want to be addressed.  And test the recovery process.  I know
I mentioned this before, but it's important so I'm repeating myself.

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/

Follow-Ups:
- Re: [cobalt-users] Re: [cobalt-security] RAQ & rsync
  - From: David Booth

Prev by Date: [cobalt-users] Re:perl 5.8 RAQ4
Next by Date: Re: [cobalt-users] [RaQ 4] Slow RAID rebuild after kernel 2.2.16C33III-1 update
Previous by thread: [cobalt-users] New RaQ 3 patches instal fine and seem to be running OK
Next by thread: Re: [cobalt-users] Re: [cobalt-security] RAQ & rsync

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index