Debian safe backup of server system drive?

Question

I would like to backup a Debian 9 server system drive, SAFELY, using cron (thus non-GUI solution is wanted) to a remote ISCSI drive through local network. Using EXT4 as system partition format.

By "SAFELY", I mean: the backup should be atomic, race condition free. Also it's a requirement, that the system restore should be relatively easy and fast from the remote ISCSI. Backups of data drives are done to remote ISCSI drive on local network.

Currently I use two kind of solutions, to be able to recover when system partition is lost, and have to recover from scratch:

Keep changes history of /etc directory using etckeeper (uses GIT internally)
Keep a copy of system partition files with rsnapshot (uses RSYNC internally)

However I think this system backup is not safe enough, as it is not atomic backup (while backup is done, there can be changes happen on the system drive).

Other solutions I might consider are:

Using LVM as system drive format, because LVM snapshots are atomic. Thus I can make snapshots before Debian upgrades or if I create backup of an LVM snapshot to remote ISCSI local network drive, I could restore it in case of system drive data loss.
Using Systemback (available as package in Ubuntu) - Systemback makes it easy to create backups of system and users configuration files. In case of problems you can easily restore the previous state of the system. There are extra features like system copying, system installation and Live system creation. Systemback seems to be safe as it creates system restore point, like a snapshot.
Using dd command through SSH to remote ISCSI local network drive. However this solution is not SAFE, is not atomic.
- Systemback: http://linoxide.com/linux-how-to/systemback-backup-system/
Using a Configuration Management tool (like Blueprint, CFEngine, Chef, Puppet, Ansible) to keep track of changes of the Debian system. Keep one complete bit to bit copy of a clean working Debian 8.7 system remotely, then restore only the changes tracked by Configuration Management tool.
- Blueprint: http://devstructure.com/blueprint/
- CFEngine: https://en.wikipedia.org/wiki/CFEngine
- Chef: https://en.wikipedia.org/wiki/Chef_(software)
- Puppet: https://en.wikipedia.org/wiki/Puppet_(software)
- Ansible: https://en.wikipedia.org/wiki/Ansible_(software)

Questions:

Do you have there any bad experience with one of these solutions?
Do you have any good experience with one of these solutions?
Which solution would you suggest?
Why?

I suppose the Configuration management tool would be useful, because it would make possible to make a byte to byte backup of an original distribution, then store all custom configuration changes using configuration management software.

I would like to shorten the restore time after a system crash & minimize the chance I lose any system configuration change compared to periodical (daily) backup. I suppose restoring system backup with dd, then using configuration management to restore the configuration settings of the Debian would be the quickest solution.

Is that right?

@tolsadus: unfortunately clonezilla is not usable for this. Read the clonezilla website: Online imaging/cloning is not implemented yet. The partition to be imaged or cloned has to be unmounted. — klor, Feb 25 '17 at 06:33

score 2 · Answer 1 · answered Feb 26 '17 at 16:48

To make an atomic system backup, you need some sort of snapshotting capabilities. These are generally achieved in some different ways:

use LVM volumes: this is the easiest, most supported configuration, so I strongly suggest you to use it (but be sure to understand how LVM snapshots works and their specific failure modes)
use a filesystem with integrated snapshots, as BTRFS or ZFS: as above, but you are snapshotting at the filesystem layer rather than at the block level;
if the above solutions are not possible (ie: to backup a current system which has no access to snapshots and you can't reinstall), you can try hcp (or hotcopy). Be aware that it is a 3rd party kernel modules, with all that this means.

After having access to snapshot capabilities, I would use rsnapshot and it's pre/post backup scripts to take/remove snapshots.

Thanks for your answer! It is same as my first thought. What do you think about Systemback or using a Configuration Management Tool? Configuration management tool would be useful, because it would make possible to make a byte to byte backup of an original distribution, and store all custom configuration changes using the configuration management. I would like to shorten the restore time after a system crash & minimize the chance I lose any system configuration change. Opinion? — klor, Feb 27 '17 at 11:52

score 0 · Answer 2 · answered Feb 10 '17 at 05:29

I personally use Borg Backup.

In short:

What is BorgBackup?

BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption.

The main goal of Borg is to provide an efficient and secure way to backup data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to not fully trusted targets.

It can ran as your regular user to maintain permission, it can prune very very easily backup older than X, can compress, use a remote mount, encrypt...and it ran flawlessly on Debian :)

Did you backup data or system drive? – klor Feb 10 '17 at 07:49 — klor, Feb 10 '17 at 07:49

Debian safe backup of server system drive?

2 Answers2