Slashdot Mirror
Ask Slashdot: Open Source Back-Up Tool For Business?
New submitter xerkot writes: I am looking for a tool to make backups of PCs in a big company. We want to replace the one that we are using at this moment for this new one. The tool will be used to do backups of PCs (mainly Windows, and a few Linux), and we want to manage these backups centrally from a console, being able to automatize the backup process. The servers of the company are backed up with another tool, so they are out of scope. In the company we are being encouraged more and more to use open source software, so I would like to ask you, what are best open source tools to do backups of PCs? Are they mature enough for a big company?
What exactly are you backing up? Entire disk images? Or just user files?
If disk images, then something like clonezilla, perhaps set up to boot from a TFTP server. Boot the machine via WOL, kick off the TFTP, automatically dump the image out to a server using the machine name or MAC address or something as a unique identifier
For user files only (ie, My Documents or whatever) can you set up network based home directories ? And then just back up the server they live on.
Don't blame me, I voted for Kodos
Just look for the best tool for the job, and don't worry about whether it's open source or not.
SJW's don't eliminate discrimination. They just expropriate it for themselves.
you can use amanda in case you want to backup files. amanda is production grade and has clients for windows and linux and
possibly unix alike. -- mallah
I once was in a crossroads of choosing between stuff like Clonezilla and Bacula, for small business purposes. Bottom line is they add a lot of complexity for low to no flexibility. I ended up building my own tar/move/ script with cron triggers at after ours downtime, then I would simply move them around network locations for avoiding single points of failure messing up the backups. Adding your own exceptions for the backup is a plus. At the last point, I had something reliable, fast, and that would require the simple overhead of re-installing Debian before the actual restore, then an update-grub and a change in fstab for the new disk replacing the broken one's UUID (because you don't really do that many restores so it's a fair trade-off, while you do save time exponentially by not backing up the entire OS). A good starting point is http://www.aboutdebian.com/tar...
Backula I think would do it, but you have to pay for it. If you are looking for free, you will have to learn how to script your own agents. For a small business (25-50 PC+) Windows Server Essentials is Boss! It boots a tftp server for recovery and nicely manages all the machines it backs-up. Conversely, You should centralize user data, so if their PC goes down, they don't lose any work. Then just keep a windows PE custom install of the PC's when they are build fresh and you can just do an image restore on failure.
I use Bacula for my home computer; it feels powerful enough for a small office, and is very versatile.
It has three main components: a client daemon that you install on the computers you want to back up, a storage daemon that you install on the computer that will write the backup files and/or tapes, and a director daemon which controls the backups. The director and storage daemons only run on unix-like operating systems (BSD, Linux, Solaris) but the client daemon has also been built for MS-Windows.
http://blog.bacula.org/
I worked at a scientific institute, and they simply installed OwnCloud everywhere. It's got a client for most platforms, syncs to a server, and allows you to back up the server in the usual fashion.
It worked so well, that when I started doing consulting (at the client site), I got my own VPS with Debian, and installed OwnCloud server on that. Then installed the client on my private laptop and the laptop that I got from the client. Works beautifully, because communication is over HTTPS. Company firewalls don't block that. I tried other things like BitTorrent Sync, but these use special ports.
8 of 13 people found this answer helpful. Did you?
They use this around here, seem to like it. Seems apt to your situation.
http://backuppc.sourceforge.net/
I have been using Fog and OwnCloud.
Fog (Free open ghost) for desktop backup and reimaging and OwnCloud for data backup.
http://sourceforge.net/projects/freeghost/
FOG can back up disk images and do inventory and scheduled re-images and keep images for things like AV scan and whatnot.
We mostly just use it to wipe machines back to clean slates ourselves but it's supposed to have quite a rich feature set. It does also have some bugs though.
I set one up at my school that has re-imaged 1000+ student netbooks 7 at a time, the school district also has all of our images centrally located and available throughout the district for all models of laptops/desktops that we use and manages the images there. It uses iPXE/Partclone/TFTP and LAMP. The original .32 version has plugins that can do things like identify a machine based on its DMI info and pick a set of images based on that (Capone).
I've set them up on CentOS and Ubuntu. There are always quirks though, I suggest strong perusal of the wiki before deciding, and toy with it before putting in to production.
Use AMANDA to do the back-ups. Use Amazon's S3 to actually store the dumps compressed and encrypted at the source — AMANDA has had the S3 back-end for a while. No, you do not need "Amanda Enterprise".
Having set just such a thing up at my last job, I'd be happy to help you out for a regular consulting fee. Should not take more than a week or two even on a large organization.
In Soviet Washington the swamp drains you.
Set up home drives on file servers and back those up. Teach users that those are the only locations that are backed up. Set up the PCs to use that as the default home location. You can do this on Windows and Linux just fine. Invest in the server -- redundant power supplies, RAID arrays, failover, etc. You could even look at various open source NAS devices, or whatever works for your environment.
Why?
Backing up user PCs doesn't scale well and becomes a thankless task for some poor employee who has to keep up with broken backup clients. It's far easier to scale when you only have to keep up with the file servers. You have some number of clients saving to each server, but that's that number of backup clients you don't need to deal with. This frees up IT staff for other, more useful tasks.
It also allows you to replace end-user PCs with a simple re-image rather than trying to recover or fix anything. End-user calls and says their PC is going whacko, you pull a spare off the shelf and lay down a fresh install. Show up, take the malfunctioning equipment away and diagnose it on your time, while they get back to work. Since all the files are on the server they can just get back to it rather than waiting on you to try and fix whatever might be going wrong.
Can be used entirely for free and encrypted backups. The CrashPlan makes money with their cloud backup features. You can back machines up to a single machine or multiple machines on your network that have CrashPlan installed one them. You can run in a scheduled mode or do realtime (every 15 minutes?) backups.
As much as is feasible, store files on the servers you have already.
I realize this may not be feasible if your "daytime bandwidth" or latency makes it impossible, but do it if you can.
I'll leave it up to others who know more than I do to answer your original question about open-source, centrally-managed, business-grade (read: vendor-supported and hack-resistant) solutions.
Oh, one more thing: this is a business. Unless you are going to dedicate a programming team to bug-fixing this and a security team to regularly audit it, spend the money on buying software from a reputable vendor who will stay on top of security bugs. Don't make the mistake of thinking "open source means fee as in beer" - if you do, you and your company will pay for it big time with the first preventable security breach.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Anyway, I use BackupPC to backup user files from Windows machines on the company network. Works just fine. I tell my users it's "no guarantee", as they should store on the network shares any way.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Rsync is simple, lightweight, has been around forever, and gives you incredible power. Assuming by "manage centrally from a console" you mean that you have remote admin access to all the computers in the scope, it's as simple as a cron job running your Rsync script. You can trivially make several versions for different use cases (Linux vs. PC) and only have to configure the setup once in the cron job. After that, you only need to touch it if you make changes.
Rsync can push deltas to any remote server you have access to via a wide range of protocols. The rest of your IT team will appreciate that you're only sending deltas and not sending full copies every execution and hogging bandwidth.
Here's a link to get you started: https://wiki.archlinux.org/ind...
Good luck!
Seconding this. In the companies I work with, this is the solution we've put into place. Windows PCs use mapped network drives for personal folders and shared folders to a server. The server runs ZFS as its file system. Simple cron scripts on the server itself automate the process of creating snapshots and doing send/receive with other servers both inside and outside the building. These additional machines also store a certain number of snapshots, so we can recover previous versions of files easily. ZFS + Samba 4 also appears to Windows as "Volume Shadow Copy", so snapshots also become browsable directly by Windows clients for the more technical users who know how to work with it.
The great thing about this strategy is that 1) you're not installing a single thing on client machines, just an initial config for mapped network drives. 2) next to nothing to install on the server machine, just ZFS and Samba (which both come with FreeNAS if you want a very simple drop-in solution)
What about using ZFS and essentially foregoing traditional backups?
I know that is heresy to traditional data-management methodology; but with ZFS' resilvering and anti-bit-rot self-healing capabilities, it would seem that, other than a fire or tornado hitting the server closet, or outright theft, that ZFS totally answers the need for traditional backup. And if you combine that with incremental backup to an offsite data-store (also ZFS?), then how wonderful would that be?
I admit my interest in ZFS FAR outstrips my knowledge of same; but it seems that the OpenZFS community pretty much has their act together.So, are there any backup tools that can backup a ZFS Pool to another ZFS Pool, or a network-full of Mixed-Platform Servers to a ZFS Pool?
rsync and a few scripts. Perl scripts.
Religion is what happens when nature strikes and groupthink goes wrong.
Look, I know that "open source solution" is in the title. The low hanging fruit is already camping out in the thread - Bacula, Clonezilla, and script/cron/rsync are the major solutions there.
If the business is okay with "free, even for commercial use", Veeam Endpoint Backup is excellent. It will either back up to a Samba share or a Veeam B&R if you have one in the environment somewhere. It's legit freeware, and works very well.
Even if not for this particular case, it works well for laptops. It's the only free backup application i've seen that will back up to a USB drive, such that connecting the drive triggers a backup, rather than relying on a schedule. This is great for laptop users.
As usual.
My company uses Bacula for all our server backups, and it works pretty well, once you beat the configuration into doing what you want.
Some things about Bacula that I've noticed:
1) It's scheduling is more than little rigid. I'm not using it on desktop PCs for that reason (the PC pretty much needs to be there when Bacula wants it to be, or you miss that backup cycle. As near as I can tell, anyway).
2) Trying to configure the retention times for Bacula is NOT for the faint of heart. Get someone to help you. It's goofier than it should be.
3) Bacula thinks of all backup media as tapes. You can make it use disk (which is REALLY convenient for frequently accessed backups), but it still treats it like a bunch of tapes.
4) If I understand correctly, the Windows backup client software isn't free anymore.
For my PC backups both at home and at the office, I'm using Burp (http://burp.grke.org/) (I'm using the 1.4.40 stable version).
Burp is REALLY easy to configure, and when a backup is missed due to the PC being off at that moment, it just figures it out when the thing comes back on line.
It's capable of continuing an interrupted backup.
One possible downside, depending on your setup, is that Burp DOES NOT DO TAPE.
It does backups to disk. That's IT. If you need tapes, you need to go elsewhere.
I'm really fond of the easy-to-configure nature of Burp, but of course my needs match it's limited capabilities very well.
Both are in active development.
If you try to use Bacula, see if you can find someone experienced to help you. I don't know that I'd have ever gotten that thing working correctly on my own the first time.
A thousand pounds of wood moving at 300 feet per minute. Don't get in the way.
https://github.com/restic/rest...
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
I think it is about time they 'automatized' your job since it doesn't sound like you know what the fuck you are doing....
Why is this down-modded? It's exactly what I was going to say. If I ran a "big company" I wouldn't be expecting my IT people to be asking for advice on a public internet forum.
And "automatized" really isn't a word.
To have a right to do a thing is not at all the same as to be right in doing it
I'll just throw this out there: I was tasked with the same requirement of backing up people's desktops 6-7 years ago and the solution that I went with was some home-grown Powershell scripts and using the built-in VSS service on the workstations.
I grab the bare necessary files to rebuild a workstation and then dump the backups to the user's home directory on the server (which is then automatically backed up). Take a look at the scripts I wrote
Down-modded probably because it makes too many assumptions. The question may not even be asked by "IT people". Abusive too, so fair game for -1 IMHO
I used Bacula to back up a company of ~25 users. It doesn't have all the bells and whistles of TSM. Once you figure out how it works, it's nice (and it's free). I ran the Bacula server on GNU/Linux (Redhat I think). There are clients for GNU/Linux, Windows, and Mac. Backups can also be encrypted.
Highly recommend UrBackup. It can do both files backup and system image backup. The backup server can run in either Linux or Windows. Clients softwares for PC to be backup are also available for both Linux and Windows. For Windows clients, system image backup is made using Volume Shadow Copy function of Windows. Not sure if system image backup is available for Linux client or not. Overall it is a very powerful, yet easy to use, backup system, avaialble at http://www.urbackup.org/
The first thing I have to say to everyone who asks me to design a backup solution is "what's your recovery solution? what are your recovery needs?". Then design your backups around that. Don't back up anything that won't be restored. You have to protect against both disaster recovery (loss of total system) and operational recovery (file deletion, corruption, historical trails). DR for a PC is usually from a stock image; OR for a PC can be managed through much better methods than PC backup.
The only thing I do at work all day every day is backup. I'm certified on one of the major commercial backup applications, two purpose built backup appliances from different vendors, and have formal training in a few other commercial applications. We have a team of 6 that manage backup for the company's data internally, another team of 5 that manage backup for our IT customers, and a couple of part-time backup admins for rogue corporate business units. We have an offshore team of 12 that support backup & storage for both internal & external 24x7 (max 3 on shift at any time). Internally our biggest backup server runs 10,000jobs/day for 1300 hosts; across all internal servers it's something like 25,000 jobs on 4,000 host. I spent almost $1M in capital this year just to refresh EOSL backup infra, and have asked for $3.1M next year to get into the 21st century for all our backup storage. My colleagues have spent at least as much in growth this year. Across the enterprise we protect 12PB of front end data. Globally we are considered a small customer to our backup software/hardware vendors. We don't do endpoint protection because it's not worth the effort.
If you really are going ahead with what you've described (I suggest you don't), then my biggest worry would be software & config deployment during version upgrades, OS re-installs and infrastructure changes. If you add another backup server are you going to have touch every PC? If you upgrade your server to a version that drops support for a given client version and the user doesn't bother upgrading can you push it down? Can you make sure it gets pushed the next time he logs in?
If you have any remote users, use a tool that does client side deduplication and incremental forever with synthetic full backups being hydrated on the server. /cdrom? Set the users expectations appropriately and communicate with them what they can expect of you. Make sure everyone knows where their division of responsibility starts and ends, and make sure there's training material available that aligns with those divisions.
Know what your requirements are for portable media, and make sure the tool you use includes/excludes it as per corp policy. Will rsync of / pick up
That said, if you really are a big company, then forget the endpoints, put your user's data on LAN shares, SharePoint, Exchange, etc and protect their data using server backup. Encrypt the endpoints in case some PHB decides to not use the LAN shares and stores corp data locally, but if he didn't put it on the LAN as per corporate policy, then let him sweat it out for losing his data when the laptop gets stolen/dropped/dies/etc. I have no sympathy for anyone that doesn't follow documented policies & procedures. They all get the stock corporate image, which gives them a personal and a team share. I don't even cheat like some of my colleagues, my laptop is not backed up to our backup servers and I've had it replaced/reimaged every 2 years or so. I keep my historical PST files in two locations. Two hours of setting up my windows preferences or importing app settings from dumps I put on my home drive and I'm back in business. Data doesn't belong on PCs - I wish they were all dumb terminals and any machine you log in to mounts your home drive, runs apps off shares or in remote sessions, and your profile follows you around. Or follow the mainframe strategy and RDP into your desktop / use VDI.
Anything less than 20 endpoints I'd consider small, go ahead and use si