[time-nuts] While we're discussing backups...

Chris Kuethe chris.kuethe at gmail.com
Mon Aug 25 22:53:00 UTC 2008


On Mon, Aug 25, 2008 at 3:30 PM, Mark Sims <holrum at hotmail.com> wrote:
>
> Any backup that is stored in the same city as the original (some would say within 100 miles of the city) is NOT a backup.  It is just a disk waiting for a (real) disaster.  No fire proof safe,  baggie,  etc is a substitute for physical distance.

wrong. or at least not a complete answer.

Any backup that is stored in the same
{state,country,continent,planet,...} as the original (some would say
within {100, 1000, 10000, 1000000, ...} miles of the city) is NOT a
backup.  It is just a disk waiting for a (real) disaster.  No fire
proof safe,  baggie,  etc is a substitute for physical distance. And a
copy in a different dimension where different physical laws apply. And
a time machine. And a few deities who owe you favors. ...

Nightly rsyncs of my home boxen to a network storage device offer
enough protection against my most common failure mode: crappy disks
and/or harsh environments. I've lost a half-dozen drives in my
thinkpad over the years, dumping the contents back from the backup is
sufficient. And what if your nightly snapshot is a hundred miles away?
It's still gonna take a few hours to get the image back on to
production hardware to start serving again. Nearby replication is also
critical. Fail over to one of the backup server, and rebuild the
primary at your leisure. Or fail over to the alternate data center.

A backup is something that reduces your chances of being unable to
recover from a set of failures to an acceptably low level. Spend some
time thinking "what could possibly go wrong?", and then decide what
you're going to do about it. Sometimes "ignore it" is an acceptable
answer. Sometimes the right answer is "spend $1B to build multiple
data centers with and have state-of-the-art replication, redundancy
and failover everywhere." It's a matter of what it'll cost you if
something happens vs. what it'll cost to mitigate that.

Also, verifying your backups regularly is important...

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?




More information about the Time-nuts_lists.febo.com mailing list