tr0910 Posted March 11, 2011 Share Posted March 11, 2011 This is a journey to create a mission critical unraid as a photo repository for a growing photo studio. Originally I looked at crashplan, but you pointed me to rsync, which looks promising so far. Prior to doing this, I have a number of Win64 and Win7 workstations with replicator software that once per day, backs their contents onto Linkstation1. Linkstation2 is a backup of Linkstation1 and kept offsite. Linkstation1 & Linkstation2 will be replaced with unraid1, and unraid2 and I want to have unraid1 poll the workstations several times per day for new data and manage the entire backup process getting rid of the once per day workstation backups. I still want a second level backup in unraid2, which will be carryable offsite. OK, I have gotten to here: 1. Have rsync working -whew 2. Connected successfully to 2nd unraid and transferred some files -neat more work to do here but it works.... 3. Modified the unraid GO script to add some things, and wanted to set up for rsync mounting a Win64 share -works from command line only "mkdir /mnt/cs5" "mount -t smbfs //cs5/Pix2011 /mnt/cs5" But this last mount doesn't complete. When I run it manually from the terminal it asks for a password, and since there are no user securities in place I just hit enter and it connects fine, but how do I do this in the GO file? (now I have the mkdir working, but I have to mount from the command line before I can rsync) 3. Connected successfully to Win64 workstation and backed up some files -awesome but.. mkdir /mnt/cs5 mount -t smbfs //cs5/Pix2011 /mnt/cs5 rsync -av --stats --progress /mnt/cs5 /mnt/disk3 When it saves the files on my unraid, it places them in a dir on disk3 called cs5. Where does this come from? Quote Link to comment
tr0910 Posted March 11, 2011 Author Share Posted March 11, 2011 3. Connected successfully to Win64 workstation and backed up some files -awesome but.. mkdir /mnt/cs5 mount -t smbfs //cs5/Pix2011 /mnt/cs5 rsync -av --stats --progress /mnt/cs5 /mnt/disk3 When it saves the files on my unraid, it places them in a dir on disk3 called cs5. Where does this come from? 3. is fixed, just add a / to the end of the source like this. rsync -av --stats --progress /mnt/cs5/ /mnt/disk3/Pix2011 Now only the login issue to resolve.... I promise to post my final configuration for anyone else wanting to create a multi-level backup with unraid and rsync.... Quote Link to comment
Spectrum Posted March 12, 2011 Share Posted March 12, 2011 I started to post on this earlier and got side tracked. I don't think what you are doing is overly complicated and can be automated via scripting relatively easy. That said I have 2 points. One about security and one about architecture. And you are apparently getting the sysadmin (former occupation) and photographer (current hobby) versions melded into one <puts on tinfoil hat> Security: You stated that you aren't using passwords for your network connections to your mission critical (your words) and most important (my words) data, ie your pictures. You mentioned this is for a photo studio which I'm assuming means a business, not pics of your kids, fam vacation, etc. IMHO this is a very bad idea. You may trust the folks working with you (or for whom you are setting this up) but what happens when Sally, brings over Billy, who wants to get on wifi with his laptop to get on facebook then starts poking around your network. Your mission critical and most important data is exposed. Any script kiddie with nmap can find a Samba share in a lot less time than it takes to type this reply and they could do irrevocable damage just horsing around. It may never happen, but an ounce of prevention really is worth a pound of cure. The other argument here for some security precautions is privacy. It really doesn't matter what kind of photography you or your client are engaged in, your/their clients expect some modicum of protection. Would you want your wedding pictures, your wife's buodoir photo-shoot, or daughter's senior pictures on an unsecured network? I realize we aren't discussing state secrets or SSNs and credit card data, but I would like to think that If I go to a photo studio for pictures, they are protecting me. <takes off tinfoil hat> Sorry for the repressed sysadmin coming out, but think it through. Adding a few small, non-intrusive security measures could save your butt! Architecture: Are you backing up processed files (touch ups, sharpening, etc) to the unRAID box for cold storage or are these active projects that someone may be working on in the next day/week? I haven't tried using Lightroom/Photoshop (my workflow) across the network to an unRAID box but I can't imagine it would be pretty. I would try to keep current projects local to the workstation where they are being used (keeping an original raw on the unRAID box) then cold store them on the unRAID box(es) once the project is wrapped up. Of course they can still be part of your catalog (lightroom workflow) but they would be there more for archival purposes and if anyone needed to do any heavy editing (rework for a mag cover) they could transfer to a local machine for editing then send back to cold storage once the project is wrapped up again and the check is in the mail from that cover Think about organization now while you have a chance to build a good workflow structure and (more importantly) good habits. Architecture 2: Why do you want to have one box (Tower1) go fetch data from all the workstations? What happens if the workstation is off? How are you going to handle missed backups, etc? The more traditional approach would be to have each workstation backup to the 1st tier server (Tower 1) at whatever increment you feel is necessary (daily?) then have the 1st tier server replicate to the 2nd tier server (Tower2). Also I'm a little unclear, on Tower2's function. Does it just sit onsite until someone decides something bad might happen tomorrow then they power it down and take it home? It would make more sense (to me) to have it live permanently offsite and replicate to it via a VPN. Having 2 copies of your data is great for parts failures but does nothing againts fire, flood, earthquakes, and theft if both copies are in the same building. Now with ALL of that long windedness out of the way: To solve your mount problem. mount -t cifs //cs5/Pix2011 /mnt/cs5 -o password= smbfs has been deprecated by cifs although smbfs mounts may actually use cifs. I'm not sure. I'll also go ahead and plug the DAM Book it's a really good resource. No affiliation, I don't get anything if you go to the website or if you buy it; I just think it's a good book! Welcome to unRAID and if you have any questions, I'll be happy to help where I can. Quote Link to comment
tr0910 Posted March 12, 2011 Author Share Posted March 12, 2011 <puts on tinfoil hat> You stated that you aren't using passwords for your network connections to your mission critical (your words) and most important (my words) data, ie your pictures. You mentioned this is for a photo studio which I'm assuming means a business, not pics of your kids, fam vacation, etc. IMHO this is a very bad idea. You may trust the folks working with you (or for whom you are setting this up) but what happens when Sally, brings over Billy, who wants to get on wifi with his laptop to get on facebook then starts poking around your network. Your You are correct, this is for my wifes portrait studio. I will be protecting sensitive data with several layers of security, but 99% of the data will be jpg, tif and raw image files which I must make widely available. Our artists seem to love it most when a tif is over 1gb. The financial and other sensitive data won't be on here. We don't do boudoir, and every image we take, we have client releases giving us publishing rights. Here people are simply dying to see their images put into print. This is not NYC. Our wireless is split into 2 with the half that we make available to Billy only connected to VOIP, so no worries there. The issue we have is a 6 fold increase in business this year after a 5 fold increase last year. This drives the need for unraid. Where 2010 we consumed 1TB in image storage, this year I expect to consume 6TB. Passwords will be implemented, before anybody comes near this system. Are you backing up processed files (touch ups, sharpening, etc) to the unRAID box for cold storage or are these active projects that someone may be working on in the next day/week? I haven't tried using Lightroom/Photoshop (my workflow) across the network to an unRAID box but I can't imagine it would be pretty. I would try to keep current projects local to the workstation where they are being used (keeping an original raw on the unRAID box) then cold store them on the unRAID box(es) once the project is wrapped up. Yes, this is the workflow we use. Lightroom doesn't support sharing the catalog so each workstation handles a % of the total volume. Unraid only is used for near line and cold storage. Why do you want to have one box (Tower1) go fetch data from all the workstations? What happens if the workstation is off? How are you going to handle missed backups, etc? The more traditional approach would be to have each workstation backup to the 1st tier server (Tower 1) at whatever increment you feel is necessary (daily?) then have the 1st tier server replicate to the 2nd tier server (Tower2). This is what we have now, but artists are not reliable backup administrators. If possible I want to centralize the backups on the unraid server and I am surprised at how easy it looks to be. Error handling and reporting regarding the backup success or failure will have to be reviewed to see if they are feasible. I still can be convinced either way on this. Syncback, Syncrify, Deltacopy also being explored. re Tower2's function. It would make more sense (to me) to have it live permanently offsite and replicate to it via a VPN. Tower2 is to protect against fire, flood, earthquakes, and theft. It would be nice to have the pipes that support replicating via VPN, but with the amount of data that will be moving, I don't think this is possible in addition to everything else this internet pipe must support. The best I expect to be able to do, is make it semi-remote and locked and shut down most of the time to protect against as much as possible. Now with ALL of that long windedness out of the way: To solve your mount problem. mount -t cifs //cs5/Pix2011 /mnt/cs5 -o password= smbfs has been deprecated by cifs although smbfs mounts may actually use cifs. I'm not sure. This was the ticket. Its working fine now. One more thing I find is that once rsync backs up the workstations, the files are not visible from the Windows workstations until the server is reboot. Tom references it as a SAMBA ownership issue here: http://lime-technology.com/forum/index.php?topic=4776.msg43822#msg43822 You can also fix it with a: chmod -R 700 * Don't really want to have to add this in each script though. Supposedly this will be different in 5.0?? Quote Link to comment
Spectrum Posted March 12, 2011 Share Posted March 12, 2011 Yes, this is the workflow we use. Lightroom doesn't support sharing the catalog so each workstation handles a % of the total volume. Unraid only is used for near line and cold storage. True, Lightroom only allows 1 user per catalog. It's a pity Adobe won't allow catalog sharing and just put locks on the images being edited, but would probably make Lightroom be considered an "enterprise level" application and increase the price 5x. This is what we have now, but artists are not reliable backup administrators. If possible I want to centralize the backups on the unraid server and I am surprised at how easy it looks to be. Error handling and reporting regarding the backup success or failure will have to be reviewed to see if they are feasible. I still can be convinced either way on this. Syncback, Syncrify, Deltacopy also being explored. Hah! Never, ever, leave backup to the end user. They won't take care of it and when something goes wrong guess who's fault it is What I meant here was rather than sharing out the local storage on each machine, and having the unraid box connect to it to handle the backup, have each machine process it's own backups and just send data to Tower1. I guess if you have an OS diverse (mac/win) environment it may be easier to just administer the backup scripts from one environment on the unRAID box. Just make sure you have proper error handling, and reporting built into your scripts. You don't want the backup to fail on workstation1 and cause workstations2-5 to not get backed up. Tower2 is to protect against fire, flood, earthquakes, and theft. It would be nice to have the pipes that support replicating via VPN, but with the amount of data that will be moving, I don't think this is possible in addition to everything else this internet pipe must support. The best I expect to be able to do, is make it semi-remote and locked and shut down most of the time to protect against as much as possible. For protection against nature, theft, etc. you're really rolling the dice having it at the same physical location, even if it's locked in a plastic box in the basement and you only take it out once a week for a sync. I don't know what kind of restrictions you have on your internet connection, but if you can get a solid 5Mbps upstream connection you can theoretically transfer ~260GB in a 12 hour period assuming I did the math right. I doubt you'll be generating too much data for an overnight WAN sync between boxes if you can get a decent broadband connection. Especially since you could seed Tower2 with the current data via LAN then take it to a remote home and let it process nightly updates. In the end you have to live within your constraints, just think long and hard about what a total loss of all image data could do to the business. Cameras and lighting rigs are easily replaced, the magic they produce are not. This was the ticket. Its working fine now. One more thing I find is that once rsync backs up the workstations, the files are not visible from the Windows workstations until the server is reboot. Tom references it as a SAMBA ownership issue here: http://lime-technology.com/forum/index.php?topic=4776.msg43822#msg43822 You can also fix it with a: chmod -R 700 * Don't really want to have to add this in each script though. Supposedly this will be different in 5.0?? Cross pollination of file perms can be a royal PITA. Do an rsync on some test data then look at the files you copied over with ls -l. ie ls -l /mnt/user/backup/test-data those are lower case L's (elles) not 1's (ones) and take a look at the permissions of the files. If the world execute bit is set -rwx------ 1 root root 13213880172 Aug 22 2010 file1* -rwx-----x 1 root root 13213880172 Aug 22 2010 file2* ^-that is the world execute bit then it's a permissions issue and yes you need to address it or files will show as hidden to a windows box. I'm not sure what changes have been made for V5, I haven't payed attention to that aspect of the V5 conversations Quote Link to comment
lqqkout Posted July 15, 2011 Share Posted July 15, 2011 @TR0910 - This is a great thread and I'm looking to do something similar with personal images and LR catalogs. Now that it's been a few months, would you mind sharing any gotcha's, pro's/con's, or other lessons about your configuration? Thank you! Quote Link to comment
spants Posted July 17, 2011 Share Posted July 17, 2011 I really dont understand why you dont use crashplan as all your systems are supported? I have several systems, local and remote, that backup automatically to my Tower. I can set schedules and bandwidth and it will carry on in the background sending updates and keep versioning. My Tower backs up critical stuff by encrypting it with my password and storing it offsite at my friends server. He cannot access those files. Likewise his files get transfered to my system with the same security. For the initial backups, crashplan supports loading a backup from an external drive to avoid the first big backup!. External drives are supported too for backups if you want to carrying one about. It even emails me confirmation of the backup status (weekly?) and any backup issues when they happen. All of this is free of charge and just works!. It supports a number of different OS, loads of destinations for multiple backup repositories. If you pay a small amount, you can even backup to their cloud servers. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.