The primary goal of backup on the SSRL cluster is disaster recovery. If the RAID array is corrupted or initialized in error, we must be able to recover from a recent backup. (User data is stored using host-based volume-shadowing to two different disk arrays, one of which offers a disk image that's actually a RAID-5 redundant stripeset, which in theory should keep it undamaged and on-line even if one disk drive goes out of service.)
In keeping with this goal, all user data on SSRL is backed up weekly to tape (using image backups of the disk drives). A cumulative incremental backup - that is, of files changed or added since the Saturday-night full backup - is made each night. If something goes wrong with the disk array, users should lose no more than one day of mail, uploaded data files, etc. A magazine of 26 cartridges is used, and each night of the week uses a different tape, so disk snapshots for the past several days are available. (A different set of tapes is used for each Saturday night backup, and the incrementals are overwritten; this Monday's backup writes over last Monday's incremental, since the incremental data should have been captured in the Saturday night full.)
If you create a file and delete it on the same day, it will never have been backed up and we will be unable to recover it for you. If you create a file and delete it the next day, it will have been backed up on the incremental, but if you don't notice that this happened until the next week, that incremental tape will have been overwritten.
A secondary goal is retrospective recovery - the ability to recover files or directories deleted in error at some time in the past. To accomplish this goal, we have instituted a program of keeping six month's worth of the weekly full backups. These tapes are placed in a fireproof safe.
We retain each set of full backups for six months, then one a month for a year, and one per quarter indefinitely.
If you created a file and deleted it between monthly backups, that file won't have been backed up and won't be recoverable. This will, however, enable us to construct snapshots of user files as they were each month.
If you have comments or suggestions about this backup policy, please email me, which you can do by clicking on the "Page Owner" name below.
Alan Winston, SSRL Cluster Manager
|
|
|
|
|
| Last Updated: | 26 June 2007 | |
| Content Owner: | Alan Winston | |
| Page Editor: | Alan Winston |