Difference between revisions of "Proposed changes to backup and archiving"

From CUC3
Jump to navigation Jump to search
import>Cen1001
 
import>Cen1001
Line 1: Line 1:
  +
==Background==
  +
 
We need more backup space as workstation disks are getting larger and we
  
We need more backup space as workstation disks are getting larger and we
 
have acquired several more clusters. We currently have about 3Tb split
 
have acquired several more clusters. We currently have about 3Tb split
 
over three servers. The current system only lets computer officers do
  
over three servers. The current system only lets computer officers do
restores; it would be good if people could access their own backups. It
 +
restores; it would be an improvement if people could access their own backups. It would also be very useful to be able to keep some backups for longer than the current two weeks.
  +
would also be good to be able to keep some backups for longer than the
  
  +
Our existing archive server is difficult to use and in any case is full.
current two weeks.
  
  +
  +
==New backup system==
   
 
I want to buy a new backup server with at least 6Tb of space, move the
  
I want to buy a new backup server with at least 6Tb of space, move the
Line 12: Line 16:
 
of those machines would be insecure. Eventually this problem will go away
  
of those machines would be insecure. Eventually this problem will go away
 
as machines are reinstalled.
  
as machines are reinstalled.
  +
 
There is one potential disadvantage to this proposal: having
 
user-restorable backups means that files which are 'world-readable' inUnix terms (ie readable by anyone with an account on the machine they are on) become readable by anyone in the entire sector. Anyone who doesn't want this can protect themselves by changing their file permissions to no
 
longer be world-readable, but IME people don't, even if warned, and are
 
often unpleasantly surprised when they discover others can read their
 
files.
  +
  +
  +
==New archive system==
   
 
The other two old backup servers would immediately be free for reuse. I
 
The other two old backup servers would immediately be free for reuse. I
Line 26: Line 39:
 
impossible for me to reliably warn the owner of the data because once
  
impossible for me to reliably warn the owner of the data because once
 
they've left they don't tell me about changes in their contact details.
  
they've left they don't tell me about changes in their contact details.
 
There is one potential disadvantage to this proposal: having
  
user-restorable backups means that files which are 'world-readable' inUnix terms (ie readable by anyone with an account on the machine they are
  
on) become readable by anyone in the entire sector. Anyone who doesn't
 
want this can protect themselves by changing their file permissions to no
  
longer be world-readable, but IME people don't, even if warned, and are
 
often unpleasantly surprised when they discover others can read their
  
files.
  

Revision as of 09:41, 29 June 2006

Background

We need more backup space as workstation disks are getting larger and we have acquired several more clusters. We currently have about 3Tb split over three servers. The current system only lets computer officers do restores; it would be an improvement if people could access their own backups. It would also be very useful to be able to keep some backups for longer than the current two weeks.

Our existing archive server is difficult to use and in any case is full.

New backup system

I want to buy a new backup server with at least 6Tb of space, move the backups onto that, and make them user-accessible. We would have to keep one of the old backup servers running for technical reasons: some of the older machines are configured in such a way that user accessible backups of those machines would be insecure. Eventually this problem will go away as machines are reinstalled.

There is one potential disadvantage to this proposal: having user-restorable backups means that files which are 'world-readable' inUnix terms (ie readable by anyone with an account on the machine they are on) become readable by anyone in the entire sector. Anyone who doesn't want this can protect themselves by changing their file permissions to no longer be world-readable, but IME people don't, even if warned, and are often unpleasantly surprised when they discover others can read their files.


New archive system

The other two old backup servers would immediately be free for reuse. I would make those into an improved and higher capacity archive system. This would let us clear old homespaces off clusters and workstations while keeping a read-only copy available. The data won't change so we don't need regular backups of it: the two servers would mirror each other and be sited a long way apart. There will have to be some sort of time limit on how long we keep the archive data. This will might vary from account to account. One way to do it would be to have a 'deletion date' for each account which could be extended if needed. I would then warn the leader of the group who produced the data when the date came round, before actually deleting things. It is impossible for me to reliably warn the owner of the data because once they've left they don't tell me about changes in their contact details.

Retrieved from "http://wikis.ch.cam.ac.uk/cuc3/wiki/index.php?title=Proposed_changes_to_backup_and_archiving&oldid=1498"