Hetzner - DokuWiki

Backup/en
K (hat „Backup english“ nach „Backup/en“ verschoben)
(11 dazwischenliegende Versionen von 5 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
= Applying for backup =
+
{{Languages|Backup}}
  
In addition to your dedicated root server you will receive 100GB backup
+
== Applying for backup space ==
space which you can apply for cost-free via Robot. First of all click on
+
the link "Servers" in the menu and then select your server. You can
+
apply for your backup account by using the "Backup" tab. Please note
+
that the backup space can only be used from your dedicated root server
+
as access is only permitted from Hetzner network.
+
  
= Functions in Robot =
+
In addition to your dedicated/virtual server you can acquire a backup space to use for your own backups. This backup space can be ordered via Robot. To do so, click on the Server menu on the left, select your server and then go to the "Backup" tab. Here you can order different sizes of backup space, as well as up/downgrading your current backup space. The available backup space options can be found in the table below (all prices include 19% VAT):
  
In Robot (under the "Backup" tab) you can generate a new password for
+
{| cellspacing="1" cellpadding="1" border="1" style="width: 490px; height: 66px;"
your backup account and also erase the content of the backup account.
+
|-
Furthermore, you can have your current usage displayed graphically. The
+
!
data for this display is updated every 10 minutes.
+
! Monthly
 +
! Setup
 +
|-
 +
| 100 GB [[#free|[*]]]
 +
| 4.90 € [[#free|[*]]]
 +
| 4.90 € [[#free|[*]]]
 +
|-
 +
| 500 GB
 +
| 9.90 €
 +
| 9.90 €
 +
|-
 +
| 2,000 GB
 +
| 19.90 €
 +
| 19.90 €
 +
|-
 +
| 5,000 GB
 +
| 44.90 €
 +
| 44.90 €
 +
|-
 +
| 10,000 GB
 +
| 79.90 €
 +
| 79.90 €
 +
|}
 +
<br><span id="free">* Clients with EQ, EX or XS servers can get the 100 GB backup space for free.</span>
  
= Useful software =
+
Please note that the backup space can only be used from your server as access is only permitted from within the Hetzner network.
 +
 
 +
== Functions in Robot ==
 +
 
 +
In Robot (under the "Backup" tab) you can generate a new password for your backup space and also erase the content of the backup space.
 +
Furthermore, you can have your current backup usage displayed graphically. The data for this display is updated every 10 minutes.
 +
 
 +
== Useful software ==
  
 
*Backup with [http://wertarbyte.de/tartarus.shtml '''Tartarus''']
 
*Backup with [http://wertarbyte.de/tartarus.shtml '''Tartarus''']
Zeile 27: Zeile 52:
 
**Removal of old security measures from the FTP server using the charon tool
 
**Removal of old security measures from the FTP server using the charon tool
 
**[[http://wiki.hetzner.de/index.php/Tartarus_Backup-Konfiguration Tartarus backup configuration]] with examples and instructions
 
**[[http://wiki.hetzner.de/index.php/Tartarus_Backup-Konfiguration Tartarus backup configuration]] with examples and instructions
 
 
*Backup with '''[[Backup2l]]'''/gpg/ftp
 
*Backup with '''[[Backup2l]]'''/gpg/ftp
*[http://duplicity.nongnu.org/ '''Duplicity'''] – GPG encrypted, compressed, incremental backup from untrustworthy media or unencrypted protocols such as the FTP offered exclusively by Hetzner to the backup server. Can also rsync and ssh. In Debian (4.0) it should not be installed with <code>apt-get install [http://packages.debian.org/duplicity duplicity]</code> because the old version in Debian (0.4.2) can cause problems with servers (Error 226: Transfer complete). Instead the current version (tested with 0.4.9) from [http://download.savannah.gnu.org/releases/duplicity/ http://download.savannah.gnu.org/releases/duplicity/] should be used. For details see the [http://forum.hetzner.de/wbb2/thread.php?threadid=10316 Hetzner forum].
+
*[http://duplicity.nongnu.org/ '''Duplicity'''] – GPG encrypted, compressed, incremental backup from untrustworthy media or unencrypted protocols such as the FTP offered exclusively by Hetzner to the backup server. Also works with rsync and ssh.
 
**A [[Duplicity Script]]
 
**A [[Duplicity Script]]
  
= General tips =
+
== General tips ==
  
Please note that the speed of the backup is dependant on how many other
+
Please note that the speed of backup is dependant on how many other clients are simultaneously accessing the backup server. Consider running your backups at another time if you experience performance problems.
clients are simultaneously accessing the backup server. Consider running
+
your backups at another time if you experience performance problems.
+
  
It is also important to use the DNS names assigned to you
+
It is also important to use the DNS names assigned to you (&lt;username&gt;.your-backup.de; only affects new backup space accounts) in place of the underlying IP address as the IP address can change.
(&lt;username&gt;.your-backup.de; only affects new backup accounts) in place
+
of the underlying IP address as the IP address can change.
+
  
= FTP/SFTP/SCP =
+
== FTP/SFTP/SCP ==
  
 
You can access your backup space by means of FTP, SFTP and SCP.
 
You can access your backup space by means of FTP, SFTP and SCP.
Zeile 48: Zeile 68:
 
well as your username and password.
 
well as your username and password.
  
For SFTP/SCP it is possible to authenticate yourself with a Public Key.
+
For SFTP/SCP it is possible to authenticate yourself with a Public Key. You can provide a Public Key in RFC4716 format in the file '''.ssh/authorized_keys''' on your backup space. You can convert your Public Key into FTC4716 format with the “ssh-keygen” program with the parameters “-e” and “-f &lt;input pubkey&gt;”. It is important that the automatically inserted comment line be erased. You need to manually create the .ssh directory if required.
You can provide a Public Key in RFC4716 format in the file
+
.ssh/authorized keys on your backup space. You can convert your Public
+
Key in FTC4716 format with the programme “ssh-keygen” with the
+
parameters “-e” and “-f &lt;input pubkey&gt;”. It is important that the
+
automatically inserted comment line be erased. You need to manually
+
create the .ssh directory if required.
+
  
 
For example:
 
For example:
Zeile 102: Zeile 116:
 
u15000@u15000.your-backup.de 's password:
 
u15000@u15000.your-backup.de 's password:
 
sftp&gt; mkdir .ssh
 
sftp&gt; mkdir .ssh
 
  
 
server# scp backup_authorized_keys u15000@u15000.your-backup.de:.ssh/authorized_keys
 
server# scp backup_authorized_keys u15000@u15000.your-backup.de:.ssh/authorized_keys
Zeile 113: Zeile 126:
 
sftp&gt; exit
 
sftp&gt; exit
 
server#
 
server#
 
 
</pre>
 
</pre>
  
 
''Note:'' When uploading the Public Key you cannot use ssh-copy-id.
 
''Note:'' When uploading the Public Key you cannot use ssh-copy-id.
  
= SAMBA/CIFS =
+
== SAMBA/CIFS ==
  
 
You have the option of integrating your backup space with Samba/Cifs.
 
You have the option of integrating your backup space with Samba/Cifs.
 
You can use the following UNC path:
 
You can use the following UNC path:
<pre>\\&lt;username&gt;.your-backup.de\backup</pre>
+
<pre>
 +
\\&lt;username&gt;.your-backup.de\backup
 +
mount.cifs -o user=USERNAME,pass=PASSWORD //USERNAME.your-backup.de/backup /PATH/FOLDER
 +
</pre>
 +
 
 +
== RSYNC ==
 +
 
 +
The direct use of rsync is not possible. The backup space can however be locally mounted using smbfs, sshfs or ftpfs, allowing a limited use of rsync. To take full advantage of rsync (such as incremental backups using hardlinks) an image file must be created, which should be mounted via loopback. In addition to this it is also possible to add encryption via encfs (Encrypted File System) to protect the data.
  
= IPv6 =
+
== IPv6 ==
  
You can also access your backup space via IPv6. For this there is a
+
You can also access your backup space via IPv6. A DNS entry in the format "ipv6.<username>.your-backup.de" type AAAA is required. To get the IPv6 address you can for example use the following command:
DNS entry in the format "ipv6.<username>.your-backup.de" type AAAA. To
+
get the IPv6 address you can for example use the following command:
+
 
<pre>
 
<pre>
 
dig AAAA ipv6.<username>.your-backup.de
 
dig AAAA ipv6.<username>.your-backup.de
 
</pre>
 
</pre>
  
= Determining memory usage =
+
== Determining memory usage ==
  
To find out how much free space you have (be it backup scripts or status
+
To find out how much free space you have (be it via backup scripts or status
emails) you can use the 'lftp' programme:
+
emails) you can use the 'lftp' program:
  
  # apt-get install lftp
+
# apt-get install lftp
  
 
Determining memory usage:
 
Determining memory usage:
  
  # echo du -s .  \
+
# echo du -s .  \
  | lftp -u USERNAME,PASSWORT BACKUPSERVER
+
| lftp -u USERNAME,PASSWORD BACKUPSERVER
  
Readable with the parameter -h:
+
This is more readable with the parameter -h:
  
  # echo du -hs .  \
+
# echo du -hs .  \
  | lftp -u USERNAME,PASSWORT BACKUPSERVER
+
| lftp -u USERNAME,PASSWORD BACKUPSERVER
  
The command allows you to use a Hook to link with Tartarus, by inserting
+
The following command allows you to use a hook to link with Tartarus, by inserting the following lines in the Tartarus configuration:
the following lines in the Tartarus configuration:
+
  
 
  TARTARUS_POST_PROCESS_HOOK() {
 
  TARTARUS_POST_PROCESS_HOOK() {
Zeile 157: Zeile 173:
 
  }
 
  }
  
[[Kategorie:Dedizierte Server]] [[Category:Dedi-Überwachung, Sicherung und Wartung]]
+
[[Kategorie:Dedizierte Server]]
 +
[[Kategorie:Dedi-Überwachung, Sicherung und Wartung]]
 +
[[Kategorie:Dedi-Optionale Features]]
 +
[[Kategorie:Robot]]

Version vom 23. Februar 2012, 14:54 Uhr

Inhaltsverzeichnis

Applying for backup space

In addition to your dedicated/virtual server you can acquire a backup space to use for your own backups. This backup space can be ordered via Robot. To do so, click on the Server menu on the left, select your server and then go to the "Backup" tab. Here you can order different sizes of backup space, as well as up/downgrading your current backup space. The available backup space options can be found in the table below (all prices include 19% VAT):

Monthly Setup
100 GB [*] 4.90 € [*] 4.90 € [*]
500 GB 9.90 € 9.90 €
2,000 GB 19.90 € 19.90 €
5,000 GB 44.90 € 44.90 €
10,000 GB 79.90 € 79.90 €


* Clients with EQ, EX or XS servers can get the 100 GB backup space for free.

Please note that the backup space can only be used from your server as access is only permitted from within the Hetzner network.

Functions in Robot

In Robot (under the "Backup" tab) you can generate a new password for your backup space and also erase the content of the backup space. Furthermore, you can have your current backup usage displayed graphically. The data for this display is updated every 10 minutes.

Useful software

  • Backup with Tartarus
    • "On-the-fly” backup on FTP server
    • Support of LVM snapshots
    • Encryption (symmetrical or asymmetrical by key or password)
    • Incremental security measures
    • Based on prevalent Unix tools, enabling easy recovery from the rescue system (tar, bzip2, etc.)
    • Profile configuration files
    • Integrated "Hooks" make it suitable for special cases
    • Removal of old security measures from the FTP server using the charon tool
    • [Tartarus backup configuration] with examples and instructions
  • Backup with Backup2l/gpg/ftp
  • Duplicity – GPG encrypted, compressed, incremental backup from untrustworthy media or unencrypted protocols such as the FTP offered exclusively by Hetzner to the backup server. Also works with rsync and ssh.

General tips

Please note that the speed of backup is dependant on how many other clients are simultaneously accessing the backup server. Consider running your backups at another time if you experience performance problems.

It is also important to use the DNS names assigned to you (<username>.your-backup.de; only affects new backup space accounts) in place of the underlying IP address as the IP address can change.

FTP/SFTP/SCP

You can access your backup space by means of FTP, SFTP and SCP. Please use the host names assigned to you (<username>.your-backup.de) as well as your username and password.

For SFTP/SCP it is possible to authenticate yourself with a Public Key. You can provide a Public Key in RFC4716 format in the file .ssh/authorized_keys on your backup space. You can convert your Public Key into FTC4716 format with the “ssh-keygen” program with the parameters “-e” and “-f <input pubkey>”. It is important that the automatically inserted comment line be erased. You need to manually create the .ssh directory if required.

For example:

server# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
cb:3c:a0:39:69:39:ec:35:d5:66:f3:c5:92:99:2f:e1 root@server
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|         .   =   |
|      . S = * o  |
|   . = = + + =   |
|    X o =   E .  |
|   o + . .   .   |
|    .            |
+-----------------+

server# ssh-keygen -e -f .ssh/id_rsa.pub | grep -v "Comment:" > .ssh/id_rsa_rfc.pub

server# cat .ssh/id_rsa_rfc.pub
---- BEGIN SSH2 PUBLIC KEY ----
AAAAB3NzaC1yc2EAAAABIwAAAQEAz+fh731CVfH3FPM0vK5hX7NT5HogdBEQ4ryGJIeVMv
mCQJWwrFtdWh1pXMyXsYzXq1xbjILgCZGn+H0qUBKopJaa/Pzsw5U0UyRgiFhU2k0eiHUq
pkiixTbHcLsCj3kjAv5i07wZJ/ot246hLQD1PtSQtcX7nHvhdhenOTGO+ccpM2KEdX1E64
eaTtO9Bf7X4OTXnRxS7tjYH9sls5DOunpvoIZLvbmcVw1+wMdJBXOAU6/tnkN5N3mYE4Hu
JjnRtBAI9MS9Tt3DNAp1K/udUHA6hfYf08fxYs9uwsCM793b7FczmVvHEIwIKszG7Jwiwo
Dqit4EExR8bNNCeD6D3Q==
---- END SSH2 PUBLIC KEY ----

server# cat .ssh/id_rsa_rfc.pub >> backup_authorized_keys

server# echo mkdir .ssh | sftp u15000@u15000.your-backup.de
Connecting to u15000.your-backup.de...
The authenticity of host 'u15000.your-backup.de (78.46.10.232)' can't be established.
RSA key fingerprint is 3d:7b:6f:99:5f:68:53:21:73:15:f9:2e:6b:3a:9f:e3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'u15000.your-backup.de ,78.46.10.232' (RSA) to the list of known hosts.
u15000@u15000.your-backup.de 's password:
sftp> mkdir .ssh

server# scp backup_authorized_keys u15000@u15000.your-backup.de:.ssh/authorized_keys
u15000@u15000.your-backup.de's password:
backup_authorized_keys                                        100%  406     0.4KB/s

server# sftp u15000@u15000.your-backup.de
Connecting to u15000.your-backup.de...
sftp> ls
sftp> exit
server#

Note: When uploading the Public Key you cannot use ssh-copy-id.

SAMBA/CIFS

You have the option of integrating your backup space with Samba/Cifs. You can use the following UNC path:

\\<username>.your-backup.de\backup
mount.cifs -o user=USERNAME,pass=PASSWORD //USERNAME.your-backup.de/backup /PATH/FOLDER

RSYNC

The direct use of rsync is not possible. The backup space can however be locally mounted using smbfs, sshfs or ftpfs, allowing a limited use of rsync. To take full advantage of rsync (such as incremental backups using hardlinks) an image file must be created, which should be mounted via loopback. In addition to this it is also possible to add encryption via encfs (Encrypted File System) to protect the data.

IPv6

You can also access your backup space via IPv6. A DNS entry in the format "ipv6.<username>.your-backup.de" type AAAA is required. To get the IPv6 address you can for example use the following command:

dig AAAA ipv6.<username>.your-backup.de

Determining memory usage

To find out how much free space you have (be it via backup scripts or status emails) you can use the 'lftp' program:

# apt-get install lftp

Determining memory usage:

# echo du -s .  \
| lftp -u USERNAME,PASSWORD BACKUPSERVER

This is more readable with the parameter -h:

# echo du -hs .  \
| lftp -u USERNAME,PASSWORD BACKUPSERVER

The following command allows you to use a hook to link with Tartarus, by inserting the following lines in the Tartarus configuration:

TARTARUS_POST_PROCESS_HOOK() {
echo "du" | /usr/bin/lftp -u "$STORAGE_FTP_USER,$STORAGE_FTP_PASSWORD" "$STORAGE_FTP_SERVER" | awk -v LIMIT=100 '$2=="." {print ((LIMIT*1024*1024)-$1)/1024 " MiB backup space remaining"}'
}


© 2014. Hetzner Online AG. Alle Rechte vorbehalten.