Eli nqaku ligqibezela umjikelo malunga ne-backup. Iza kuxubusha intlangano enengqiqo yomncedisi ozinikeleyo (okanye i-VPS), ilungele ukugcinwa kwe-backup, kwaye iya kunika inketho yokubuyisela ngokukhawuleza umncedisi kwi-backup ngaphandle kokuchitha ixesha elininzi xa kwenzeka intlekele.
Idatha yemvelaphi
Umncedisi ozinikeleyo udla ngokuba needrive ezimbini ezinzima ezisebenza ukucwangcisa uluhlu lokuqala lweRAID (isibuko). Oku kuyimfuneko ukuze ukwazi ukuqhubeka nokusebenza umncedisi ukuba idiski enye iyasilela. Ukuba lo ngumncedisi ozinikeleyo oqhelekileyo, kunokubakho umlawuli we-RAID we-hardware ohlukeneyo kunye neteknoloji ye-caching esebenzayo kwi-SSD, ukwenzela ukuba ukongeza kwii-hard drives eziqhelekileyo, enye okanye ngaphezulu kwe-SSD inokudityaniswa. Ngamanye amaxesha iiseva ezinikezelweyo zinikezelwa, apho iidiski zendawo zineSATADOM kuphela (iidiski ezincinci, ngokwesakhiwo i-flash drive eqhagamshelwe kwizibuko le-SATA), okanye i-flash drive encinci eqhelekileyo (8-16GB) eqhagamshelwe kwizibuko elikhethekileyo langaphakathi, idatha ithathwa kwinkqubo yokugcina , ixhunywe ngenethiwekhi yokugcina ezinikeleyo (Ethernet 10G, FC, njl.), kwaye kukho iiseva ezinikezelweyo ezilayishwe ngokuthe ngqo kwinkqubo yokugcina. Andizi kuqwalasela ukhetho olunjalo, kuba kwiimeko ezinjalo umsebenzi wokuxhasa umncedisi udlula ngokutyibilikayo kwingcali egcina inkqubo yokugcina; ngokuqhelekileyo kukho itekhnoloji eyahluka-hlukeneyo yokudala izifinyezo, ukudityaniswa okwakhelwe ngaphakathi kunye nolunye ulonwabo lomlawuli wenkqubo. , exutyushwe kwiinxalenye ezingaphambili zolu ngcelele. Umthamo woluhlu lwediski yomncedisi ozinikeleyo unokufikelela kumashumi aliqela eerabhayithi, ngokuxhomekeke kwinani kunye nobukhulu beediski eziqhagamshelwe kumncedisi. Kwimeko ye-VPS, imiqulu ithobeke ngakumbi: ngokuqhelekileyo ayikho ngaphezu kwe-100GB (kodwa kukho kwakhona ngaphezulu), kwaye iintlawulo ze-VPS ezinjalo zinokubiza ngokulula kuneeseva ezizinikezele ngexabiso eliphantsi ukusuka kwi-hoster efanayo. I-VPS idla ngokuba nediski enye, kuba kuya kubakho inkqubo yokugcina (okanye into eguquguqukayo) ngaphantsi kwayo. Ngamanye amaxesha iVPS ineediski ezininzi ezineempawu ezahlukeneyo, ngeenjongo ezahlukeneyo:
- inkqubo encinci - yokufakela inkqubo yokusebenza;
- enkulu -ukugcina idatha yomsebenzisi.
Xa uphinda ufaka inkqubo usebenzisa iphaneli yokulawula, idiski enedatha yomsebenzisi ayibhalwanga ngaphezulu, kodwa inkqubo yediski izaliswe ngokupheleleyo. Kwakhona, kwimeko yeVPS, umgcini-mgcini unokunika iqhosha elithatha i-snapshot yesimo se-VPS (okanye idiski), kodwa ukuba ufaka inkqubo yakho yokusebenza okanye ulibale ukwenza inkonzo efunekayo ngaphakathi kweVPS, abanye yedatha isenokulahleka. Ukongeza kwiqhosha, inkonzo yokugcina idatha idla ngokunikezelwa, ngokuqhelekileyo ilinganiselwe kakhulu. Oku kuqhelekile ukuba yi-akhawunti enofikelelo nge-FTP okanye nge-SFTP, ngamanye amaxesha kunye ne-SSH, eneqokobhe elihlutyiweyo (umzekelo, i-rbash), okanye uthintelo ekusebenzeni kwemiyalelo ngokusebenzisa authorized_keys (ngeForcedCommand).
Umncedisi ozinikeleyo uqhagamshelwe kwinethiwekhi ngamachweba amabini anesantya se-1 Gbps, ngamanye amaxesha ezi zingamakhadi anesantya se-10 Gbps. I-VPS idla ngokuba nojongano lwenethiwekhi enye. Amaxesha amaninzi, amaziko edatha awasithinteli isantya senethiwekhi phakathi kweziko ledatha, kodwa anciphisa isantya sokufikelela kwi-Intanethi.
Umthwalo oqhelekileyo womncedisi onjalo ozinikeleyo okanye i-VPS yiseva yewebhu, i-database, kunye neseva yesicelo. Ngamanye amaxesha iinkonzo ezongezelelweyo ezongezelelweyo zinokufakelwa, kubandakanywa iseva yewebhu okanye isiseko sedatha: injini yokukhangela, inkqubo yeposi, njl.
Iseva elungiselelwe ngokukodwa isebenza njengesithuba sokugcina iikopi zogcino; siya kubhala ngayo ngokweenkcukacha ngakumbi kamva.
Umbutho osengqiqweni wenkqubo yediski
Ukuba unomlawuli we-RAID, okanye i-VPS enediski enye, kwaye akukho zikhetho ezikhethekileyo ekusebenzeni kwenkqubo ephantsi yedisk (umzekelo, idisk ekhawulezayo eyahlukileyo yesiseko sedatha), yonke indawo ekhululekile yahlulwe ngolu hlobo lulandelayo: ulwahlulo olunye. yenziwe, kwaye iqela levolumu ye-LVM lenziwe ngaphezulu kwayo, imiqulu emininzi yenziwe kuyo: 2 amancinci alinganayo, asetyenziswa njengenkqubo yefayile yeengcambu (itshintshiwe enye ngexesha lohlaziyo ukuze kubuyiselwe umva ngokukhawuleza, Uluvo lwacholwa kwi Bala unikezelo lwe Linux), enye yeyolwahlulo lotshintshiselwano, enye indawo ekhululekileyo yahlulahlulwe yaba imithamo emincinci, isetyenziswa njengenkqubo yefayile yengcambu yezikhongozeli ezizeleyo, iidiski zoomatshini abanenyani, ifayile. iinkqubo zeakhawunti kwi/kwikhaya (i-akhawunti nganye inesixokelelwano sayo sefayile), iinkqubo zefayile kwizikhongozeli zesicelo.
Inqaku elibalulekileyo: imiqulu kufuneka izimele ngokupheleleyo, okt. ayinakuxhomekeka kwenye okanye kwindlela yefayile yengcambu. Kwimeko yoomatshini okanye izikhongozeli ezibonakalayo, le ngongoma ijongwa ngokuzenzekelayo. Ukuba ezi zizikhongozeli zesicelo okanye abalawuli basekhaya, kufuneka ucinge malunga nokwahlula iifayile zoqwalaselo zomncedisi wewebhu kunye nezinye iinkonzo ngendlela yokuphelisa ukuxhomekeka phakathi komthamo kangangoko kunokwenzeka. Ngokomzekelo, indawo nganye iqhuba kumsebenzisi wayo, iifayile zokucwangciswa kwesayithi zikwincwadi yasekhaya yomsebenzisi, kwiisethingi zeseva yewebhu, iifayile zokucwangcisa indawo azibandakanyi nge /etc/nginx/conf.d/.conf, kwaye, umzekelo, /home//configs/nginx/*.conf
Ukuba kukho iidiski ezininzi, unokwenza uluhlu lwe-RAID yesoftware (kwaye uqwalasele i-caching yayo kwi-SSD, ukuba kukho imfuneko kunye nethuba), phezu kwayo unokwakha i-LVM ngokwemigaqo ecetywayo ngasentla. Kwakhona kulo mzekelo, ungasebenzisa i-ZFS okanye i-BtrFS, kodwa kufuneka ucinge kabini malunga noku: zombini zifuna indlela enzulu kakhulu kwizibonelelo, kwaye ngaphandle koko, i-ZFS ayiqukwanga kwi-Linux kernel.
Kungakhathaliseki ukuba isikimu esisetyenzisiweyo, kusoloko kufanelekile ukuqikelela kwangaphambili isantya esisondeleyo sokubhala utshintsho kwiidiski, kwaye emva koko ubala inani lendawo ekhululekile eya kugcinwa ekudaleni i-snapshots. Ngokomzekelo, ukuba umncedisi wethu ubhala idatha ngesantya se-megabytes ezili-10 ngomzuzwana, kwaye ubungakanani bedatha yonke i-10 terabytes - ixesha lokuvumelanisa linokufikelela ngosuku (iiyure ezingama-22 - oku kungakanani umthamo onjalo uya kudluliselwa. phezu kwenethiwekhi 1 Gbps) - kuyafaneleka ukugcinwa malunga ne-800 GB . Ngokwenyani, inani liya kuba lincinci; ungayahlula ngokukhuselekileyo ngenani lemiqulu esengqiqweni.
Ugcino lwesixhobo seseva yogcino
Umahluko ophambili phakathi komncedisi wokugcina iikopi zogcino zinkulu, zitshiphu kwaye zicotha iidiski. Ekubeni ii-HDD zanamhlanje sele ziwele ibha ye-10TB kwidiski enye, kuyimfuneko ukusebenzisa iinkqubo zefayile okanye i-RAID kunye ne-checksums, kuba ngexesha lokwakhiwa kwakhona kwenkqubo yefayile (iintsuku ezininzi!) ukwandisa umthwalo. Kwiidiski ezinomthamo ukuya kuthi ga kwi-1TB oku akuzange kube novakalelo kangako. Ukucacisa inkcazo, ndicinga ukuba isithuba sedisk sahlulwe saziindawo ezimbini ezimalunga nobukhulu obulinganayo (kwakhona, umzekelo, usebenzisa i-LVM):
- imiqulu ehambelana neeseva ezisetyenziselwa ukugcina idatha yomsebenzisi (ugcino lokugqibela olwenziweyo luya kuthunyelwa kubo ukuze luqinisekiswe);
- Imiqulu esetyenziswa njengeendawo zokugcina zeBorgBackup (idatha yogcino iya kuya ngqo apha).
Umgaqo wokusebenza kukuba imiqulu eyahlukeneyo yenzelwe umncedisi ngamnye kwii-repositories ze-BorgBackup, apho idatha evela kwiiseva zokulwa iya kuhamba. Iindawo zokugcina zisebenza kwimowudi yesihlomelo kuphela, ephelisa ukuba nokwenzeka kokucima idatha ngabom, kwaye ngenxa yokudityaniswa kunye nokucocwa kwamaxesha athile kwiindawo zokugcina izinto ezigcinwe kwii-backups ezindala (iikopi zonyaka zihlala, ngenyanga kunyaka ophelileyo, ngeveki kwinyanga ephelileyo, yonke imihla kwiveki ephelileyo, mhlawumbi kwiimeko ezikhethekileyo - ngeyure ngosuku lokugqibela: iyonke 24 + 7 + 4 + 12 + ngonyaka - malunga neekopi ezingama-50 kumncedisi ngamnye).
Iindawo zokugcina zeBorgBackup azenzi imowudi ye-append-kuphela, endaweni yoko, i-ForceCommand kwi-.ssh/authorized_keys isetyenziswe ngolu hlobo:
from="Π°Π΄ΡΠ΅Ρ ΡΠ΅ΡΠ²Π΅ΡΠ°",command="/usr/local/bin/borg serve --append-only --restrict-to-path /home/servername/borgbackup/",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc AAAAA.......Umendo okhankanyiweyo uqulathe iscript esisongayo phezu kweborg, leyo, ukongeza ekundululeni kokubini ngeparameters, ukongeza iqala inkqubo yokubuyisela ikopi yogcino emva kokuba idatha isusiwe. Ukwenza oku, iskripthi esongayo senza ifayile yethegi ecaleni kwendawo yokugcina ehambelanayo. I-backup yokugqibela eyenziwe ibuyiselwa ngokuzenzekelayo kwivolumu yengqiqo ehambelanayo emva kokuba inkqubo yokuzaliswa kwedatha igqityiwe.
Olu luyilo lukuvumela ukuba uhlambulule ii-backups ezingeyomfuneko ngamaxesha athile, kwaye ikwathintela iiseva zokulwa ekucimeni nantoni na kwiseva yokugcina i-backup.
Inkqubo yogcino
Umqalisi we-backup yi-server ezinikeleyo okanye i-VPS ngokwayo, ekubeni le nkqubo inika ulawulo olungakumbi kwinkqubo yogcino kwicala lalo mncedisi. Okokuqala, i-snapshot yesimo senkqubo yefayile yengcambu esebenzayo ithathwa, ephakanyisiwe kwaye ilayishwe usebenzisa i-BorgBackup kwi-server yokugcina yokugcina. Emva kokuba idatha igqityiwe, i-snapshot ithotywa kwaye icinywe.
Ukuba kukho i-database encinci (ukuya kwi-1 GB kwindawo nganye), ukulahlwa kwedatha kwenziwa, okugcinwe kumthamo ofanelekileyo wengqiqo, apho yonke idatha yendawo enye ikhona, kodwa ukwenzela ukuba ukulahla ayifikeleleki ngomncedisi wewebhu. Ukuba i-database inkulu, kufuneka uqwalasele ukususwa kwedatha "eshushu", umzekelo, usebenzisa i-xtrabackup ye-MySQL, okanye usebenze nge-WAL nge-archive_command kwi-PostgreSQL. Kule meko, i-database iya kubuyiselwa ngokwahlukileyo kwidatha yesayithi.
Ukuba izikhongozeli okanye oomatshini benyani basetyenziswa, kufuneka uqwalasele iqemu-yendwendwe-arhente, CRIU okanye obunye ubuchwephesha obuyimfuneko. Kwezinye iimeko, iisetingi ezongezelelweyo zihlala zingafuneki - senza ngokulula izifinyezo zemithamo ebhadlileyo, ethi ke iqwalaselwe ngendlela efanayo neyobume benkqubo yefayile yeengcambu. Emva kokuba idatha ithathiwe, imifanekiso iyacinywa.
Omnye umsebenzi uyenziwa kwiseva yokugcina i-backup:
- ugcino lokugqibela olwenziwe kwindawo yokugcina lujongiwe,
- ubukho befayile yamanqaku buyatshekishwa, nto leyo ebonisa ukuba inkqubo yokuqokelela idatha igqityiwe,
- idatha yandisiwe ukuya kumthamo wendawo ohambelanayo,
- ifayile yethegi iyacinywa
Inkqubo yokubuyisela iseva
Ukuba umncedisi oyintloko uyafa, kuqaliswe umncedisi ofanayo ozinikeleyo, osuka kumfanekiso oqhelekileyo. Okunokwenzeka ukuba ukhuphelo lwenzeka kuthungelwano, kodwa igcisa leziko ledatha limisela umncedisi unokukhuphela ngoko nangoko lo mfanekiso usemgangathweni kwenye yeediski. Ukukhuphela kwenzeka kwi-RAM, emva koko inkqubo yokubuyisela iqala:
- Isicelo senziwe sokuncamathelisa isixhobo sebhloko nge-iscsinbd okanye enye iprotocol efanayo kumthamo onengqiqo equlethe inkqubo yefayile yengcambu yomncedisi oswelekileyo; Ekubeni inkqubo yefayile yeengcambu kufuneka ibe yincinci, eli nyathelo kufuneka ligqitywe kwimizuzu embalwa. I-bootloader nayo ibuyiselwe;
- ulwakhiwo lwemithamo yengqiqo yendawo iphinda yenziwe, imithamo enengqiqo idityaniswe kwiseva yogcino kusetyenziswa imodyuli ye-kernel ye-dm_clone: ββukubuyisela idatha kuqala, kwaye utshintsho lubhalwa ngokukhawuleza kwiidiski zendawo.
- i-container iqaliswe kunye nazo zonke iidiski eziphathekayo ezikhoyo - umsebenzi womncedisi ubuyiselwe ngokupheleleyo, kodwa ngokunciphisa ukusebenza;
- emva kokuba ulungelelwaniso lwedatha lugqityiwe, imiqulu enengqiqo esuka kwiseva yogcino iyanqanyulwa, isikhongozeli sicinyiwe, kwaye umncedisi uqalwa ngokutsha;
Emva kokuqaliswa kwakhona, umncedisi uya kuba nayo yonke idatha eyayikho ngexesha lokugcinwa kwe-backup, kwaye iya kubandakanya zonke iinguqu ezenziwe ngexesha lokubuyisela.
Amanye amanqaku kolu ngcelele
Ugcino lweCandelo 7: Izigqibo
Ndiyakumema ukuba uxoxe ngokhetho olucetywayo kumazwana, enkosi ngokuqwalasela kwakho!
umthombo: www.habr.com