HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=19)
-   -   Total Desaster recovery (http://www.howtoforge.com/forums/showthread.php?t=10039)

Morons 23rd January 2007 16:26

Total Disaster recovery
 
Hi,
I had an recent experience that my RAID 10 set-up on an DELL server [4years old] crashed 2/4 hard drives simultainious due to heat.
I recovered fully except for the smtp auth login. I did however upgraded from Mandriva 2006->2007 and this sample is on the non-working server.
Code:

220 hera.domain.tld ESMTP Postfix (2.3.3) (Mandriva Linux)
ehlo localhost
250-hera.domain.tld
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH GSSAPI CRAM-MD5 LOGIN DIGEST-MD5 PLAIN
250-AUTH=GSSAPI CRAM-MD5 LOGIN DIGEST-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
anBi
334 UGFzc3dvcmQ6
Ymo3NzYtb3Jn
535 5.7.0 Error: authentication failed: authentication failure

On the other serve it works ! My question is the diffeence is in the lines 250-AUTH GSSAPI CRAM-MD5 LOGIN DIGEST-MD5 PLAIN vs 250-AUTH LOGIN PLAIN
Code:

telnet localhost 25
Trying 127.0.0.1...
Connected to beta.domain.tld (127.0.0.1).
Escape character is '^]'.
220 beta.domain.tld ESMTP Postfix (2.3.3) (Mandriva Linux)
ehlo localhost
250-beta.domain.tld
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
anBi
334 UGFzc3dvcmQ6
Ymo3NzYtb3Jn
235 2.0.0 Authentication successful

The beta server is an plain newly setup box same as above but it works! Can Someone tell me were to look and what files to be edited / compared?

Morons 23rd January 2007 16:57

The backup script I used
 
I make backup and overwrite the file-set once an week - thus having a file-set for monday thuesday etc
this is my script, I stole some mysql bits from people on this server - Thankx.

HOWTO setup the ssh to login using keys and not pawsswords. WARNING: It does mean that once an hacker get into one of your servers he can get to another witout passwords - therefore we will limit the auto auth to regular users and not root!
On server1.domain.tld
Code:

cd /root/.ssh
ssh-keygen -q -b 1024 -t rsa -f id_rsa  # create the files id_rsa and id_rsa.pub the .pub is the public key and can be distributed the other myst stay put and be kept safe!

on the server2
Code:

adduser backup
passwd backup
su backup
ssh server1.domain.tld  # this will create the .ssh folder with correct permissions and save the known_hosts information
exit # back to root
cd /home/backup/.ssh 
vi authorized_keys        # now copy the content of server1 authorized_keys in here.  One line per server.
                        # -rw-------    1 backup root          234 Nov 13 11:22 authorized_keys

The backup script for ISPConfig on server1 I called it /root/make-backup and chmod +x /root/make-backup wil make it work!
Code:

#!/bin/bash
find /root/ispconfig > /root/root-backup-files
find /home/admispconfig > /root/home-backup-files
find /etc/passwd > /root/etc-backup-files
find /etc/shadow >> /root/etc-backup-files
find /etc/group >> /root/etc-backup-files
find /etc/gshadow >> /root/etc-backup-files
find /etc/proftpd.conf >> /root/etc-backup-files
find /etc/proftpd_ispconfig.conf >> /root/etc-backup-files
find /etc/ssh >> /root/etc-backup-files
find /etc/postfix >> /root/etc-backup-files
find /var/www/ > /root/var-backup-files
DATE=`date +%Y-%A`
# For your own sanity replace "hera-" with your host name. Or even replace it with $HOSTNAME"-"
BACKUPNAME="hera-"$DATE
# echo $date
# echo $BACKUPNAME
USER=root
PASSWORD=yourmysqlrootpassword
HOST=localhost
DESTINATION=server2.domain.tld

for i in $(echo 'SHOW DATABASES;' | mysql -u$USER -p$PASSWORD -h$HOST|grep -v '^Database$'); do
                mysqldump \
                -u$USER -p$PASSWORD -h$HOST \
                -Q -c -C --add-drop-table --add-locks --quick --lock-tables \
                $i > /home/backup/$BACKUPNAME-$i.sql;
done;

tar cvzf /home/backup/$BACKUPNAME"-root-backup.tar.gz" --files-from=/root/root-backup-files --no-recursion
tar cvzf /home/backup/$BACKUPNAME"-home-backup.tar.gz" --files-from=/root/home-backup-files --no-recursion
tar cvzf /home/backup/$BACKUPNAME"-etc-backup.tar.gz" --files-from=/root/etc-backup-files --no-recursion
tar cvzf /home/backup/$BACKUPNAME"-var-backup.tar.gz" --files-from=/root/var-backup-files --no-recursion
/usr/bin/scp /home/backup/$BACKUPNAME* $DESTINATION:/home/backup/
rm /root/root-backup-files
rm /root/home-backup-files
rm /root/etc-backup-files
rm /root/var-backup-files

I would like comments if I left out something here, In my original backup I left out the group files and had to manually create some parts, ISPConfig actually fixed it for me after a while!

Add this to your crontab to run early morning so that the bandwidth is available to traqnsfer large files - WARNING this BACKUP is LARGE !
Code:

crontab -e
45 04 * * * /root/make-backup

-----------------------------------------------
This part was added by means of post editing! :cool:
-----------------------------------------------
Restore
Basically extract the needed user data files - carefull not to overwrite system config files IF you upgraded packages. [You are on your own here]
I restored the mysql database and the db_ispconfig, the latter might have a different name if you made that choice during the install.
Code:

mysql -u root -p -e "source /home/backup/hera-2007-Friday-mysql.sql" mysql
mysql -u root -p -e "source /home/backup/hera-2007-Friday-db_ispconfig.sql" db_ispconfig

NOTE: my script above makes these files and care should be taken around the "hera" read the comments in the script of how to customise this server name.

fbnewtz 29th July 2007 20:25

Thanks
 
Thanks for this script. Hopefully it works out. I am only going to run it and have it transfer the contents off the server once a week. Don't want to kill bandwidth.

Thanks,

Fred

jorizzzz 2nd August 2007 12:01

My backups are run using Dirvish. This is a very handy backup tool that uses rsync and ssh to transport the data. You can choose what to backup and how long a backup should be kept at the other server.

The great thing about dirvish, is that it is incremental. You don't need to copy all of the information every time, just the changed things!

m1_davidson 17th August 2007 21:46

Restore prod to virtual env
 
I ran the restore and it all looks good - but when I try to log in to webmail, it falls apart. Has any one successfully done a restore? Actually, all I'm trying to do is to move my production environment onto a virtual server.

mlz 17th August 2007 22:35

While what you have looks great, I've decided to use system imager and backup my servers (yes plural, only one web right now, but multiple stream servers). SI makes a fairly complete backup, and I provided the live disk to my colo operator. For remote it makes it easy, since if there were a need to reload, the system will contact my office and pull the server back up.

The nice part about it, I do a backup every 4 hours once the initial image is made, and we're considering doing it every hour. Not to mention, that if I should hose part of a system, I can use FTP and restore the old files in a heartbeat.

Big thanks to Falko for the idea, although I didn't use his howto (I really didn't need to, it's really well documented already) as I stubbornly refuse to use a deb system. :D

falko 18th August 2007 12:39

Quote:

Originally Posted by m1_davidson
I ran the restore and it all looks good - but when I try to log in to webmail, it falls apart. Has any one successfully done a restore? Actually, all I'm trying to do is to move my production environment onto a virtual server.

Does the webmail exist after the restore? What exactly is the problem?

m1_davidson 19th August 2007 09:57

Thanks Falko, Yes webmail exits after my restore in my virtual environment. When I try to authenticate - to get emails, I get the following error messages:

Warning: fsockopen() [function.fsockopen]: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php on line 66

Warning: fsockopen() [function.fsockopen]: unable to connect to localhost:110 (Unknown error) in /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php on line 66

Warning: Cannot modify header information - headers already sent by (output started at /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php:66) in /home/admispconfig/ispconfig/web/webmail/msglist.php on line 64

m1_davidson 19th August 2007 12:49

Quote:

Originally Posted by mlz
While what you have looks great, I've decided to use system imager and backup my servers (yes plural, only one web right now, but multiple stream servers). SI makes a fairly complete backup, and I provided the live disk to my colo operator. For remote it makes it easy, since if there were a need to reload, the system will contact my office and pull the server back up.

The nice part about it, I do a backup every 4 hours once the initial image is made, and we're considering doing it every hour. Not to mention, that if I should hose part of a system, I can use FTP and restore the old files in a heartbeat.

Big thanks to Falko for the idea, although I didn't use his howto (I really didn't need to, it's really well documented already) as I stubbornly refuse to use a deb system. :D


I get a lot of security warnings when installing systemimager. Also, systemimager has a number of quirks so I'd rather not go there. If I'm able to get my production environment into a virtual environment, I have a script that would shutdown the virtual server, copy all related files & start server up again. For me, this is as good as it gets.

falko 20th August 2007 18:19

Quote:

Originally Posted by m1_davidson
Thanks Falko, Yes webmail exits after my restore in my virtual environment. When I try to authenticate - to get emails, I get the following error messages:

Warning: fsockopen() [function.fsockopen]: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php on line 66

Warning: fsockopen() [function.fsockopen]: unable to connect to localhost:110 (Unknown error) in /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php on line 66

Warning: Cannot modify header information - headers already sent by (output started at /home/admispconfig/ispconfig/web/webmail/inc/class.uebimiau_mail.php:66) in /home/admispconfig/ispconfig/web/webmail/msglist.php on line 64

What's the output of
Code:

netstat -tap
, and what's in /etc/hosts?


All times are GMT +2. The time now is 16:57.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.