Re: Does anyone shut down for system disk backup any more?
From: Robert Deininger (rdeininger_at_mindspringdot.com)
Date: 11/05/03
- Next message: John Brandon: "Re: Does anyone shut down for system disk backup any more?"
- Previous message: Timothy Stark: "Re: TS10, still around?"
- In reply to: Scott Vieth: "Does anyone shut down for system disk backup any more?"
- Next in thread: JF Mezei: "Re: Does anyone shut down for system disk backup any more?"
- Reply: JF Mezei: "Re: Does anyone shut down for system disk backup any more?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 05 Nov 2003 02:18:42 GMT
In article <5a85bce2.0311040801.608c0d86@posting.google.com>,
svieth@wi.rr.com (Scott Vieth) wrote:
>Hi:
>
>We've got a "procedure" in place where the computer operators shut
>down our main VMS system once a month in the middle of the night to
>backup the system disk. They boot the Standalone Environment from
>another disk and then backup the real system disk.
>
>Does anyone still follow this procedure? Is there a *need* to shut
>down the system in order to get a good, clean backup of the system
>disk? Are there files (sysuaf?) that are open while the system is
>running and are difficult to backup unless the box is shutdown and
>booted from another disk?
>
>The system in question is running OpenVMS 7.3-1 and has an EVA under
>it for storage.
>
>Should I just skip the "shutdown" and use the EVA to make a snapshot
>of the system disk? Or just backup the system disk with
>"/IGNORE=INTERLOCK"?
>
>Thanks in advance for helpful tips and tricks.
Lots of folks will tell you not to bother with "standalone" backups. If
you understand the risk, and are willing to accept it, fine.
/IGNORE=INTERLOCK can easily lead to UNDETECTED, UNREPORTED bad copies of
files in your backup saveset.
If you use /IGNORE=INTERLOCK, BACKUP can't always tell if a file is
changed by another process while BACKUP is reading it.
Yes, it will usually "work". But by Murphy's law, the time it will fail
completely is when you REALLY, REALLY need a good backup to restore.
SHOW DEVICE/FILE will show you what's open on a disk (on the node
executing the command). That's a few hundred files on a typical system
disk. Do you know which of them are (might be) written by the OS or an
application, and when? Is it worth your time to figure it out, and track
all the changes as the OS evolves?
Are there additional files that don't show up in SHOW DEVICE/FILE, but
which are actually "open"?
Do you control your workload and users well enough to know the system is
absolutely "quiet" so you can attempt your on-line backup with a good
chance of success?
If you really know the system is "quiet", why not shut it all the way down
and do the BACKUP correctly? There's little additional impact to users.
How long are you willing to spend fixing the "minor" problems with a
restored disk if they happen (and if you notice them before putting the
disk into production>? When you restore backups, do you usually have
plenty of spare time, with no pressure to get it done immediately?
If you want trustworthy backups with minimum downtime and minimum work,
shadow your system disk(s). Dismount the disk from every node that can
dismount it. Shut down every node that booted from the disk. Reboot with
one less shadow member. Backup the "idle" shadow member to your medium of
choice, then add it back into your shadow set. This only takes as much
time as a reboot -- your system(s) don't need to stay down during the
whole backup/verify job.
(Dropping a member from an active shadow set leads to an offline disk
which is a perfect snapshot of the VMS volume. But that doesn't mean that
all the files are consistent. This is only marginally better than using
/IGNORE=INTERLOCK on a live disk.)
If shadowing is too costly (it often is), maintain two system disks "by
hand". Boot all the nodes off disk A, and mount disk B privately on the
live system to back it up. To back up disk A, boot all the nodes off disk
B and mount disk A privately. Again, reboot times can be very short. In
a cluster, with rolling reboots, you can keep many applications
continuously available.
Any strategy that supports "rolling backups" will pretty much support
"rolling upgrades" as well. Upgrades may be less of a concern because
they happen less often, but it's basically the same problem.
That's all pretty long-winded. Here's my short answer:
If you can afford having your system (cluster) unavailable for a while,
you have time to do backups right. If you can't afford having your system
(cluster) unavailable, why in hell would you take shortcuts on your backup
strategy?
-- Robert
- Next message: John Brandon: "Re: Does anyone shut down for system disk backup any more?"
- Previous message: Timothy Stark: "Re: TS10, still around?"
- In reply to: Scott Vieth: "Does anyone shut down for system disk backup any more?"
- Next in thread: JF Mezei: "Re: Does anyone shut down for system disk backup any more?"
- Reply: JF Mezei: "Re: Does anyone shut down for system disk backup any more?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
