Backup Strategies Guide

This guide covers comprehensive backup strategies to ensure data protection and quick recovery capabilities for your Linux systems.

Backup Strategy Basics

Core Concepts

1. Backup Types

   • Full Backups
   • Incremental Backups
   • Differential Backups
   • Snapshot Backups

2. Retention Policies

   • Short-term Retention
   • Long-term Retention
   • Archival Storage
   • Compliance Requirements

3. Recovery Methods

   • Point-in-Time Recovery
   • Bare Metal Recovery
   • Selective Recovery
   • Verification Procedures

Backup Configuration

Basic Setup

# Initialize backup system
./backup-setup.sh --init \
  --storage-type s3 \
  --retention "30d" \
  --compression enabled

# Configure backup schedule
./backup-setup.sh --schedule \
  --full "0 0 * * 0" \
  --incremental "0 0 * * 1-6" \
  --verify-after-backup

Advanced Setup

# Configure advanced features
./backup-setup.sh --advanced \
  --encryption aes-256 \
  --deduplication \
  --multi-threading \
  --bandwidth-limit "50MB/s"

# Set up monitoring
./backup-setup.sh --monitoring \
  --metrics all \
  --alerts enabled \
  --notification-channels "slack,email"

Configuration Files

Basic Backup Configuration

# /etc/lambdasoftworks/backup/config.yml
backup:
  name: "production-backup"
  version: "1.0"
  
  storage:
    type: "s3"
    bucket: "company-backups"
    region: "us-east-1"
    path: "/backups/%Y/%m/%d"
    
  schedule:
    full:
      cron: "0 0 * * 0"
      retention: "30d"
      verify: true
      
    incremental:
      cron: "0 0 * * 1-6"
      retention: "7d"
      verify: true
      
  compression:
    enabled: true
    algorithm: "zstd"
    level: 3
    
  encryption:
    enabled: true
    algorithm: "aes-256-gcm"
    key_management: "kms"
    
  notifications:
    success:
      channels: ["slack"]
    failure:
      channels: ["slack", "email"]
    warning:
      channels: ["slack"]

Advanced Backup Configuration

# /etc/lambdasoftworks/backup/advanced-config.yml
backup:
  name: "enterprise-backup"
  
  strategies:
    database:
      type: "online"
      method: "snapshot"
      consistency: "transaction"
      pre_script: "/scripts/pre-db-backup.sh"
      post_script: "/scripts/post-db-backup.sh"
      
    filesystem:
      type: "incremental"
      method: "rsync"
      exclude_patterns:
        - "*.tmp"
        - "*.log"
        - "/tmp/*"
      
    configuration:
      type: "full"
      method: "tar"
      critical: true
      
    applications:
      type: "differential"
      method: "custom"
      script: "/scripts/app-backup.sh"
  
  storage:
    primary:
      type: "s3"
      bucket: "primary-backups"
      class: "standard"
      lifecycle:
        transition_glacier: "90d"
        expire: "365d"
        
    secondary:
      type: "nfs"
      path: "/mnt/backup"
      retention: "30d"
      
    archive:
      type: "glacier"
      vault: "company-archive"
      retention: "7y"
  
  scheduling:
    timezones:
      - name: "US East"
        zone: "America/New_York"
        windows:
          - start: "01:00"
            end: "05:00"
            
      - name: "US West"
        zone: "America/Los_Angeles"
        windows:
          - start: "22:00"
            end: "02:00"
            
    priorities:
      - name: "critical"
        max_delay: "1h"
      - name: "standard"
        max_delay: "4h"
      - name: "low"
        max_delay: "12h"
  
  resources:
    cpu:
      limit: "4"
      nice: 19
    memory:
      limit: "8G"
    io:
      priority: 7
      bandwidth: "50MB/s"
    
  monitoring:
    metrics:
      collection_interval: "1m"
      retention: "90d"
      
    checks:
      - name: "backup_age"
        warning: "25h"
        critical: "49h"
      - name: "backup_size"
        warning: "90%"
        critical: "95%"
      - name: "restore_time"
        warning: "2h"
        critical: "4h"
        
    alerts:
      channels:
        - type: "slack"
          webhook: "https://hooks.slack.com/..."
          channels:
            - "#backup-alerts"
            - "#ops"
            
        - type: "email"
          recipients:
            - "backup-team@company.com"
            - "ops-team@company.com"
  
  verification:
    automated:
      schedule: "0 3 * * 1"  # Every Monday at 3 AM
      sample_size: "10%"
      tests:
        - type: "checksum"
        - type: "restore"
        - type: "integrity"
        
    manual:
      frequency: "monthly"
      coverage: "critical-systems"
      documentation: true

Backup Operations

Basic Operations

# Run manual backup
./backup.sh --run \
  --type full \
  --verify \
  --notify

# Restore from backup
./backup.sh --restore \
  --backup-id backup_123 \
  --target /restore \
  --verify

Advanced Operations

# Run differential backup
./backup.sh --differential \
  --source /data \
  --exclude "*.tmp" \
  --compression-level 5

# Verify backup integrity
./backup.sh --verify \
  --backup-id backup_123 \
  --checksum \
  --restore-test

Recovery Procedures

Basic Recovery

# Quick restore
./backup.sh --quick-restore \
  --latest \
  --service web \
  --verify

# Point-in-time recovery
./backup.sh --restore-point \
  --timestamp "2024-01-01 00:00:00" \
  --service db

Advanced Recovery

# Selective restore
./backup.sh --selective-restore \
  --backup-id backup_123 \
  --include "*.conf" \
  --exclude "*.log"

# Bare metal recovery
./backup.sh --bare-metal \
  --backup-id backup_123 \
  --target-system new-server

Monitoring and Reporting

Setup Monitoring

# Configure backup monitoring
./backup-monitor.sh --setup \
  --metrics all \
  --interval 5m \
  --retention 90d

# Configure reporting
./backup-monitor.sh --reports \
  --schedule daily \
  --format html \
  --recipients "admin@company.com"

Example Alert Rules

# /etc/lambdasoftworks/backup/alerts.yml
rules:
  - name: "Backup Failed"
    condition: "backup_status == 'failed'"
    severity: "critical"
    channels: ["slack", "email"]
    
  - name: "Backup Size Anomaly"
    condition: "backup_size < avg_size * 0.5"
    severity: "warning"
    channels: ["slack"]
    
  - name: "Storage Space Low"
    condition: "storage_free < 20%"
    severity: "warning"
    channels: ["email"]

Best Practices

Planning

1. Strategy Development

   • Identify critical data
   • Define RPO/RTO
   • Plan retention periods
   • Document procedures

2. Resource Management

   • Optimize storage usage
   • Manage bandwidth
   • Schedule during off-hours
   • Monitor resource usage

3. Security

   • Encrypt backups
   • Secure transmission
   • Access control
   • Key management

Implementation

1. Automation

   • Automate routine tasks
   • Schedule verification
   • Implement monitoring
   • Auto-scale resources

2. Testing

   • Regular restore tests
   • Verification procedures
   • Document results
   • Improve processes

3. Documentation

   • Maintain procedures
   • Track changes
   • Record incidents
   • Update regularly

Troubleshooting

Common Issues

1. Backup Failures

# Diagnose backup failure
./backup.sh --diagnose \
  --backup-id backup_123 \
  --verbose

# Retry failed backup
./backup.sh --retry \
  --backup-id backup_123 \
  --ignore-warnings

2. Restore Problems

# Verify backup integrity
./backup.sh --verify-integrity \
  --backup-id backup_123 \
  --full-check

# Test restore
./backup.sh --test-restore \
  --backup-id backup_123 \
  --to-location /tmp/test

Next Steps

• Disaster Recovery
• Security Hardening
• Data Lifecycle
• Compliance Guide