Domů Procházet Nápověda
Registrovat se Přihlásit se
andreagus
/
talk-backup
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: af4852ae7c
Větve Značky
talk-backup
/
source
/
talk.tex

talk.tex 13 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348 
  1. \documentclass{beamer}
    2. 

  2. %\setbeamercovered{transparent}
    3. 

  3. \usetheme{poul}
    4. 

  4. %\usetheme{Madrid}
    5. 

  5. \usepackage[utf8]{inputenc}
    6. 

  6. \usepackage[svgpath=images/]{svg}
    7. 

  7. \usepackage{graphicx}
    8. 

  8. \graphicspath{ {images/} }
    9. 

  9. \usepackage[hyphenbreaks]{breakurl}
    10. 

  10. \usepackage{hyperref}
    11. 

  11. \def\UrlBreaks{\do\/\do-}
    12. 

  12. 

  13. %Information to be included in the title page:
    14. 

  14. \title{Backup and (hopefully) Restore}
    15. 

  15. \author{Andrea Gussoni}
    16. 

  16. \institute{P.O.u.L.}
    17. 

  17. \date{23 Marzo 2017}
    18. 

  18. \titlegraphic{\includesvg[height=1.5cm]{logowhite}}
    19. 

  19. 

  20. 

  21. \begin{document}
    22. 

  22. 

  23. \frame{\titlepage}
    24. 

  24. 

  25. \begin{frame}
    26. 

  26.   \frametitle{Why do we need backups?}
    27. 

  27.   Bad things can happen and do happen:
    28. 

  28.   \begin{itemize}
    29. 

  29.     \item You may drop your computer accidentally.
    30. 

  30.     \item The disk may be damaged by vibrations during the daily commute.
    31. 

  31.     \item The computer where you keep the unique copy of your thesis
    32. 

  32.     may be stolen.
    33. 

  33.     \item After some time the disk may simply stop operating because of ageing.
    34. 

  34.     \item But often the principal cause of data loss is that thing that it is between the keyboard and the chair.
    35. 

  35.   \end{itemize}
    36. 

  36. \end{frame}
    37. 

  37. 

  38. \begin{frame}
    39. 

  39.   \frametitle{Why do we need backups?}
    40. 

  40.   \begin{center}
    41. 

  41.     \includegraphics[width=0.7\textwidth]{gitlab}
    42. 

  42.   \end{center}
    43. 

  43.   \footnotetext{\url{https://twitter.com/gitlabstatus/status/826591961444384768}}
    44. 

  44. \end{frame}
    45. 

  45. 

  46. \begin{frame}
    47. 

  47.   \frametitle{What are backups?}
    48. 

  48.   \begin{block}{Definition}
    49. 

  49.     The copying and archiving of computer data so that it may be
    50. 

  50.     used to restore the original after a data loss event.
    51. 

  51.   \end{block}
    52. 

  52. \end{frame}
    53. 

  53. 

  54. \begin{frame}
    55. 

  55.   \frametitle{What to backup?}
    56. 

  56.   It is important to distinguish what it is necessary to backup from what
    57. 

  57.   it is not.\\\pause
    58. 

  58.   Obviously this depends on the setup that you are using (native services, containers, VMs etc...)
    59. 

  59. \end{frame}
    60. 

  60. 

  61. \begin{frame}
    62. 

  62.   \frametitle{A general guideline}
    63. 

  63.   Must:
    64. 

  64.   \begin{itemize}
    65. 

  65.     \item /home
    66. 

  66.   \end{itemize}
    67. 

  67.   \vfill
    68. 

  68.   At your discretion:
    69. 

  69.   \begin{itemize}
    70. 

  70.     \item /etc
    71. 

  71.     \item /var
    72. 

  72.     \item /mnt /media
    73. 

  73.   \end{itemize}
    74. 

  74.   \vfill
    75. 

  75.   Not necessary\footnote{if these folders contain something important probably you are doing something wrong in your setup}:
    76. 

  76.   \begin{itemize}
    77. 

  77.     \item /proc /sys
    78. 

  78.     \item /dev /tmp
    79. 

  79.   \end{itemize}
    80. 

  80. \end{frame}
    81. 

  81. 

  82. \begin{frame}
    83. 

  83.   \frametitle{Backup types}
    84. 

  84.   Backups can be:
    85. 

  85.   \begin{itemize}
    86. 

  86.     \item \textbf{full}: a complete backup of a all files and folder starting from a root node.
    87. 

  87.     \item \textbf{incremental}: contains all the differences since the last incremental backup.
    88. 

  88.     \item \textbf{differential} contains the changes since the last full backup.
    89. 

  89.   \end{itemize}
    90. 

  90. \end{frame}
    91. 

  91. 

  92. \begin{frame}
    93. 

  93.   \frametitle{Backup Support}
    94. 

  94.   \begin{itemize}
    95. 

  95.     \item Hard disks (HDD).
    96. 

  96.     \item Solid-State drives (SSD).
    97. 

  97.     \item Optical supports: DVDs, Blu-ray.
    98. 

  98.     \item Flash Drives.
    99. 

  99.     \item Cloud\footnote{Remember that there is no cloud, just other people's computers.}.
    100. 

  100.   \end{itemize}
    101. 

  101. \end{frame}
    102. 

  102. 

  103. \begin{frame}
    104. 

  104.   \frametitle{dd}
    105. 

  105.   \textbf{dd} is a powerful tool that basically can copy everything that is a file or a block device. It is common to use it for disk cloning.\\
    106. 

  106.   Usage example:
    107. 

  107.   \begin{itemize}
    108. 

  108.     \item \textit{dd if=/dev/sdX of=/dev/sdY conv=fdatasync\footnote{useful to actually wait the end of data transfer and avoid corrupted copies}}
    109. 

  109.     \begin{itemize}
    110. 

  110.       \item \textbf{if:} input file/device
    111. 

  111.       \item \textbf{out:} output file/device
    112. 

  112.     \end{itemize}
    113. 

  113.   \end{itemize}
    114. 

  114.   \vfill\pause
    115. 

  115.   \begin{alertblock}{Caution}
    116. 

  116.     Since \textbf{dd} often requires \textit{sudo} privileges to run, if you mismatch the name of a device you can actually wipe the content of your primary hard disk, double check always the arguments before pressing enter.
    117. 

  117.   \end{alertblock}
    118. 

  118. \end{frame}
    119. 

  119. 

  120. \begin{frame}
    121. 

  121.   \frametitle{GNU ddrescue}
    122. 

  122.   gdrescue is an enhanced version of dd that tries to rescue good parts in case of read errors. It may be useful to recover data from a drive with some damaged sector.\\
    123. 

  123.   Usage Example:
    124. 

  124.   \begin{itemize}
    125. 

  125.     \item \textit{ddrescue [options] /dev/sdX outfile mapfile}
    126. 

  126.     \begin{itemize}
    127. 

  127.       \item \textbf{mapfile:} a human readable text file ddrescue uses to manage the copy
    128. 

  128.     \end{itemize}
    129. 

  129.   \end{itemize}\pause
    130. 

  130.   \begin{alertblock}{Caution}
    131. 

  131.     For the rescued data to be correct, both dd and gddrescue are best used on unmounted devices.
    132. 

  132.   \end{alertblock}\pause
    133. 

  133.   \begin{block}{Tip}
    134. 

  134.     gddrescue can also be useful when trying to reallocate sectors on a drive with a few sector unreadable. Doing a wipe of the drive with gddrescue should reallocate bad sectors.
    135. 

  135.   \end{block}
    136. 

  136. \end{frame}
    137. 

  137. 

  138. \begin{frame}
    139. 

  139.   \frametitle{rsync}
    140. 

  140.   Also known as an advanced version of cp
    141. 

  141.   \begin{exampleblock}{Pros}
    142. 

  142.     \begin{itemize}
    143. 

  143.       \item (unlike cp) preserves links, file permissions and ownerships, modification times, etc.
    144. 

  144.       \item designed to be network efficient because only transfers file changes.
    145. 

  145.       \item easy to use.
    146. 

  146.     \end{itemize}
    147. 

  147.   \end{exampleblock}
    148. 

  148.   \begin{alertblock}{Cons}
    149. 

  149.     \begin{itemize}
    150. 

  150.       \item no storage encryption.
    151. 

  151.     \end{itemize}
    152. 

  152.   \end{alertblock}
    153. 

  153. \end{frame}
    154. 

  154. 

  155. \begin{frame}
    156. 

  156.   \frametitle{rsync: usage}
    157. 

  157.   \begin{itemize}
    158. 

  158.     \item rsync -Pr source destination
    159. 

  159.     \begin{itemize}
    160. 

  160.       \item \textbf{P:} keep partially transferred files if the transfer is interrupted.
    161. 

  161.       \item \textbf{r:} recursive directory option.
    162. 

  162.       \item this do not preserve the attributes of the file.
    163. 

  163.     \end{itemize}
    164. 

  164.     \vfill
    165. 

  165.     \pause
    166. 

  166.     \item rsync source host:destination\footnote{But please don't do this \textit{rsync -av -{}-delete source host:$\sim$}}
    167. 

  167.     \begin{itemize}
    168. 

  168.       \item uses ssh by default, but can also be forced with the -e ssh option.
    169. 

  169.     \end{itemize}
    170. 

  170.     \vfill
    171. 

  171.     \pause
    172. 

  172.     \item rsync -aAXv -{}-exclude=\{...\} /* /backupfolder
    173. 

  173.     \begin{itemize}
    174. 

  174.       \item backup /* while following symlinks and preserving file properties.
    175. 

  175.     \end{itemize}
    176. 

  176.   \end{itemize}
    177. 

  177. \end{frame}
    178. 

  178. 

  179. \begin{frame}
    180. 

  180.   \frametitle{rsnapshot: rsync automated}
    181. 

  181.   rsnapshot produces automated, periodical system snapshots
    182. 

  182.   \vfill
    183. 

  183.   \begin{exampleblock}{Pros}
    184. 

  184.     \begin{itemize}
    185. 

  185.       \item preserves links, file permissions and ownership, modification times, etc.
    186. 

  186.       \item network efficient.
    187. 

  187.       \item each snapshot contains a full system backup.
    188. 

  188.       \item easy to use.
    189. 

  189.     \end{itemize}
    190. 

  190.   \end{exampleblock}
    191. 

  191.   \vfill
    192. 

  192.   \begin{alertblock}{Cons}
    193. 

  193.     \begin{itemize}
    194. 

  194.       \item no storage encryption.
    195. 

  195.     \end{itemize}
    196. 

  196.   \end{alertblock}
    197. 

  197. \end{frame}
    198. 

  198. 

  199. \begin{frame}
    200. 

  200.   \frametitle{duplicity}
    201. 

  201.   duplicity produces encrypted, incremental backups in tar format.
    202. 

  202.   \begin{exampleblock}{Pros}
    203. 

  203.     \begin{itemize}
    204. 

  204.       \item preserves links, file permissions and ownership, modification times, etc.
    205. 

  205.       \item network efficient.
    206. 

  206.       \item incremental backups.
    207. 

  207.       \item supports storage encryption with gpg.
    208. 

  208.       \item easy to use.
    209. 

  209.     \end{itemize}
    210. 

  210.   \end{exampleblock}
    211. 

  211. \end{frame}
    212. 

  212. 

  213. \begin{frame}
    214. 

  214.   \frametitle{duplicity: usage}
    215. 

  215.   \begin{itemize}
    216. 

  216.     \item duplicity /home/user scp::/user@host//backup/directory
    217. 

  217.     \vfill\pause
    218. 

  218.     \item duplicity [restore] scp://user@host//backup/directory /home/user
    219. 

  219.     \vfill\pause
    220. 

  220.     \item duplicity full /home/user scp::/user@host//backup/directory
    221. 

  221.   \end{itemize}
    222. 

  222. \end{frame}
    223. 

  223. 

  224. \begin{frame}
    225. 

  225.   \frametitle{duplicity: usage}
    226. 

  226.   \begin{itemize}
    227. 

  227.     \item duplicity list-current-files scp::/user@host//backup/directory
    228. 

  228.     \begin{itemize}
    229. 

  229.       \item list the files contained in the backup.
    230. 

  230.     \end{itemize}
    231. 

  231.     \vfill\pause
    232. 

  232.     \item duplicity [restore] -t 3D scp://user@host//backup/directory /home/user
    233. 

  233.     \begin{itemize}
    234. 

  234.       \item specify the time from which to restore files.
    235. 

  235.     \end{itemize}
    236. 

  236.     \vfill\pause
    237. 

  237.     \item duplicity remove-older-than 30D scp::/user@host//backup/directory
    238. 

  238.     \begin{itemize}
    239. 

  239.       \item remove from the backup full backups older than the specified period.
    240. 

  240.     \end{itemize}
    241. 

  241.   \end{itemize}
    242. 

  242. \end{frame}
    243. 

  243. 

  244. \begin{frame}
    245. 

  245.     \frametitle{Demo}
    246. 

  246.     \begin{center}
    247. 

  247.         {\Huge Demo!}
    248. 

  248.     \end{center}
    249. 

  249. \end{frame}
    250. 

  250. 

  251. \begin{frame}
    252. 

  252.   \frametitle{Last but not Least}
    253. 

  253.   \begin{itemize}
    254. 

  254.     \item When you use duplicity with encryption enabled always remember to backup the gpg keys you use to encrypt and sign the backup.\\
    255. 

  255.     If you loose them you won't be able to restore the backup.\pause
    256. 

  256.     \item Always check that the backup is taking place, don't just assume that everything is working fine because you followed exactly the suggested guide.\pause
    257. 

  257.     \item Always try to test that the backup is really working by trying to restore the backup. You'll be surprised to know how many times the backup procedures are not really working, and unfortunately if you do not test them you'll notice it only when the files are gone.
    258. 

  258.   \end{itemize}
    259. 

  259. \end{frame}
    260. 

  260. 

  261. \begin{frame}
    262. 

  262.   \frametitle{Hi again GitLab}
    263. 

  263.   \begin{center}
    264. 

  264.     \includegraphics[width=0.9\textwidth,height=0.5\textheight]{gitlab2}
    265. 

  265.   \end{center}
    266. 

  266.   \footnotetext{\url{https://docs.google.com/document/d/1GCK53YDcBWQveod9kfzW-VCxIABGiryG7_z_6jHdVik/pub}}
    267. 

  267.   %\pause
    268. 

  268.   %\footnotesize{I don't want to put shame on GitLab for this incident, but only to use it as a case study.\\ In fact I think that the incident has been managed really well by the GitLab Team.\\
    269. 

  269.   %Instead of starting blaming each other and finding silly excuses as usually happens in cases like this, they have been really open from the beginning about the problem and put as a priority the restore of the functionality of the service.}
    270. 

  270. \end{frame}
    271. 

  271. 

  272. \begin{frame}
    273. 

  273.   \frametitle{Before the Backup}
    274. 

  274.   A different approach to data protection is to use RAID (\textit{Redundant Array of Independent Disks}).\\
    275. 

  275.   \pause
    276. 

  276.   In general what we try to obtain with RAID is:
    277. 

  277.   \begin{itemize}
    278. 

  278.     \item Survival of the system if a disk failure happen.
    279. 

  279.     \item In certain conditions we can achieve higher performances compared to the single disk case.
    280. 

  280.   \end{itemize}
    281. 

  281.   \footnotetext{For further informations you can visit \url{https://www.digitalocean.com/community/tutorials/an-introduction-to-raid-terminology-and-concepts}}
    282. 

  282. \end{frame}
    283. 

  283. 

  284. \begin{frame}
    285. 

  285.   \frametitle{RAID Configurations}
    286. 

  286.   \begin{figure}
    287. 

  287.     \centering
    288. 

  288.     \includesvg[width = 75pt]{RAID_0}
    289. 

  289.     \includesvg[width = 75pt]{RAID_1}\\
    290. 

  290.     \includesvg[width = 150pt]{RAID_5}
    291. 

  291.   \end{figure}
    292. 

  292. \end{frame}
    293. 

  293. 

  294. \begin{frame}
    295. 

  295.   \frametitle{New generation filesystems}
    296. 

  296.   There are new kind of filesystems that try to resolve some problems that we usually have in data storage. The two main examples are ZFS and Btrfs\footnote{Please remind that Btrfs is still in heavy development, before using it in production check at \url{https://btrfs.wiki.kernel.org/index.php/Status} that the features you will need are considered stable.} Classical features that we can find in this kind of filesystems are:
    297. 

  297.   \begin{itemize}
    298. 

  298.       \item CopyOnWrite.
    299. 

  299.       \item Deduplication.
    300. 

  300.       \item Data \& Metadata checksums.
    301. 

  301.       \item Integrated RAID.
    302. 

  302.       \item Volume Management.
    303. 

  303.       \item Snapshots.
    304. 

  304.   \end{itemize}
    305. 

  305. \end{frame}
    306. 

  306. 

  307. \begin{frame}
    308. 

  308.   \frametitle{Snapshots}
    309. 

  309.   \begin{itemize}
    310. 

  310.     \item Snapshots can be particularly useful because they allow us to obtain an (almost) instant snapshot of a volume that we can restore later, archive somewhere etc.\\\pause
    311. 

  311.     \item So we can use them in order to do some potential risky modifications on a system and restore the previous state with a little effort.\\\pause
    312. 

  312.     \item Remember that having a separate \textit{classical} backup is always useful, in particular for important data of our applications.\pause
    313. 

  313.     \item RAID is not a backup.
    314. 

  314.   \end{itemize}
    315. 

  315. \end{frame}
    316. 

  316. 

  317. \begin{frame}
    318. 

  318.   \frametitle{References}
    319. 

  319.   \begin{itemize}
    320. 

  320.     \item \url{https://wiki.archlinux.org/index.php/Full_system_backup_with_rsync}
    321. 

  321.     \item \url{https://wiki.archlinux.org/index.php/Duplicity}
    322. 

  322.     \item \url{http://duplicity.nongnu.org/}
    323. 

  323.     \item \url{https://www.digitalocean.com/community/tutorials/how-to-use-duplicity-with-gpg-to-securely-automate-backups-on-ubuntu}
    324. 

  324.     \item \url{https://github.com/zertrin/duplicity-backup.sh}
    325. 

  325.     \item \url{https://wiki.archlinux.org/index.php/Rsnapshot}
    326. 

  326.     \item \url{https://slides.poul.org/2017/corsi-linux-avanzati/backup_handbook.pdf}
    327. 

  327.   \end{itemize}
    328. 

  328. \end{frame}
    329. 

  329. 

  330. \begin{frame}
    331. 

  331.   \frametitle{Special Thanks}
    332. 

  332.   I used as reference and starting point for this presentation the material of the previous editions of the course.\\
    333. 

  333.   Special thanks to \textit{Valeria Mazzola}\footnote{\url{https://slides.poul.org/2016/corsi-linux-avanzati/Backup_and_Restore.pdf}} and \textit{Federico Amedeo Izzo}\footnote{\url{https://filesystem.izzo.ovh/}} for the slides of the two previous edition of this talk.
    334. 

  334. 

  335. \end{frame}
    336. 

  336. 

  337. \begin{frame}
    338. 

  338.   \frametitle{License}
    339. 

  339.   \begin{center}
    340. 

  340.     {\Huge Thank you!}
    341. 

  341.     \vfill
    342. 

  342.     \includesvg[height=1.5cm]{by-sa}\\
    343. 

  343.     {\footnotesize These slides are published under a Creative Commons Attribution-ShareAlike 4.0 license.}
    344. 

  344.   \end{center}
    345. 

  345. \end{frame}
    346. 

  346. 

  347. \end{document}
    348. 

  348. \grid
    349.