offsite backup solution

R

raj

Renowned Member
Sep 17, 2011
219
4
83
www.businessparksolutions.com
Hi Team,

I am looking for an offsite backup solution, either tape or external HDDs.

Is there something that works with proxmox itself or anyone has done anything like that pls?

Cheers,

raj
 
I use hot swap SATA disks for off site backups. Most motherboard SATA ports will hot swap just fine when set to AHCI mode.

The disks use LUKS encryption on the removable disks to ensure data is secure in transit. We have four sets of disks that we rotate once a week. Having some offline backups are very important. Lightening and hackers like to delete your online backups.

A vzdump hook script takes care of mounting the encrypted disk before the backup and dismounting it after the backup.

You can find a zillion how to articles on using cryptsetup to create LUKS encrypted disks. Making the hook script is rather simple, I *think* I have posted an example here somewhere.

This solution does not scale well, once you get over a dozen disks they get rather heavy. If you think 2TB disks would work OK, get 4TB disks. The extra space will be helpful when you create more VMs and you can keep multiple backups of each VM.

Most importantly make sure you test your backups periodically. Its the only way to be 100% sure things are working as expected. Nothing worse than finding out your backups are no good on the day you need them.
 
Here is my hook script code to mount/dismount the LUKS encrypted disk:

Code: 
#!/bin/bash


if [ "$1" == "job-start" ]
then
        #echo "INFO: Calling cryptsetup"
        cryptsetup luksOpen /dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0-part1 backup --key-file=/path/to/backup.key

        mount -o barrier=1,noatime,data=ordered /dev/mapper/backup /backup

fi

if [[ "$1" == "job-end" || "$1" == "job-abort" ]]
then
        #echo "Closing access to disk"
        sync
        umount /backup

        #close encryption
        cryptsetup luksClose backup
fi

In /etc/vzdump.conf add a line like this:
Code: 
script: /path/to/vzdump-hook.sh
 
You must log in or register to reply here.
Top Bottom