Backup and Recovery
Self-hosted server backups for the paranoid
Using Borg, SSH, Python and FreeNAS to securely backup Linux servers
Quarkslab is a French company specializing in information security R&D, consulting and software development.
Due to strong data security constraints imposing self-hosted solutions coupled with limited resources in a fast-growth environment, data safety has been a pain point in our infrastructure.
After our backup server failed, we decided to recreate a new backup system from scratch, adapted to our needs and using technologies we were familiar with, to backup 30
Linux servers.
In this talk, we will present how our old backup system failed, the key requirements we learned from this failure, and how we designed and implemented a new backup system based on Borg Backup, borgmatic, SSH, Python and FreeNAS to solve those requirements.
We will conclude by listing the shortcomings and improvement points of our approach, as well as comparing our solution to seven important properties every backup system should have.
Some interesting features of our new backup solution are strong data safety and security, fully self-hosted, using only open-source tools, simple to set up and easy to understand.
One specific requirement we solved was for the sysadmin team to be blind to the data they backup, managing only the process itself.
This lets people working on confidential project on dedicated and access-restricted servers to still use a centralized and resilient backup system without compromising data and server security.
We will open-source our Ansible roles and Python scripts on Github before FOSDEM.
Additional information
| Type | devroom |
|---|
More sessions
| 2/1/20 |
Brief introduction to DRLM project, it's features and news in the 2.3.x release and the presentation of the new DRLM version 3 architecture and its development state.
|
| 2/1/20 |
Introducing Relax-and-Recover (ReaR) for the novice users. What is it and what can it mean for you? Is Disaster Recovery useful to consider it or not? How can ReaR assist you with DR? ReaR can store the details about your systems on disks (NAS, USB, SAN,...) or network (PXE, NFS, CIFS,...) including the complete backup. It also creates a bootable image which you need to recreate your system from scratch. Furthermore, thanks to the modular concept, ReaR integrates perfectly with external backup ...
|
| 2/1/20 |
Installing and configuring ReaR on thousands of Linux systems might become a nightmare to keep track what/where was done with success. Luckily using configuration management software we can do this quite easily. In this talk we will guide you through a recipe on how we have done this for a multi-national company.
|
| 2/1/20 |
This talk will give quick overview of Bareos and the new features in Bareos 19.2.
|
| 2/1/20 |
Backing up virtual machines in larger environments is usually not a simple task. With the new oVirt-Plugin for Bareos you can now easily backup and restore your oVirt virtual machines. This talk will give a short introduction how Bareos backs up oVirt virtual machines.
|
| 2/1/20 |
Stateful applications like databases needs to preserve their state as they need to save client data of one session for use in next session in persistent storage. Managing state in Kubernetes is difficult because the system’s dynamism is too chaotic for most databases to handle. So backup of data is very important especially in case of node failures, disk failures etc. Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources ...
|
| 2/1/20 |
A brief overview of the current state of the backup tool, architecture, MySQL 8.0 support, new cloud native features, and the roadmap.
|
