Advice for a RAID backup strategy

[kathayes]

I use an iMac and docking station with several bare bones drives that I access from drive cases as needed.

The drives that I use most frequently are as follows:
- Photos/Videos 6TB
- Time Machine Backup 4TB (I plug this in every few days to do an automated backup of the internal 512SSD)
- a 6TB drive that I use to manually drag all the files from the Photos/Videos drive to (I do this about once every 6 months to back the Photos/Videos drive)

I'd like to come up with a new configuration that would allow me to always keep the Photos/Videos drive connected, and also have it backed up automatically somehow.

1. Can I do this with a 2 drive RAID OR do I need a 4 drive one?
2. What RAID configuration would allow me to do what I described?

Thanks.

 

[Solandri]

1. RAID is not a backup. RAID is for reducing downtime. If you are running a company which would lose millions of dollars an hour if your file server went down, you want RAID. RAID would allow the file server to stay online and functional even if a drive dies (or drives for RAID 6 or 10). For home use, unless you're relying on these files for a home business, RAID is usually unnecessary.

2. You want your backups to be offline. If your backups are constantly connected, ransomware which encrypts your files will also encrypt your backups. So in general this means you shouldn't be using "automatic" local backups. (There are ways to make local backups secure from ransomware, but they are not trivial to set up.)

3. Because of this, automatic backups are usually best done to cloud services which will keep around old copies of your files. So if a file changes (is encrypted by ransomware), the new backup doesn't erase or overwrite the old backup. Unfortunately, cloud backups mean you have the whole privacy issue to deal with.

4a. If most of your files (by size) are photos, do you have an Amazon Prime account? A Prime account gives you unlimited free cloud storage of photos.
https://www.amazon.com/clouddrive/primephotos

4b. Google Drive gives you 15GB free, but unlimited storage of photos downsized to 2048x2048 resolution (which is why Prime is better for photos). They used to give you unlimited storage of videos up to 15 minutes. I don't know (and can't find) what the current restrictions are for video. I know you have to pay for videos over 1080p, but they may still give you unlimited video storage of 1080p videos less than 15 minutes.

5. Time Machine is really good for local backups. It's pretty close to the best way I can think of to make a backup program, while keeping it simple to use. Most of the other backup programs I've used don't let you easily browse previous versions like Time Machine does. You have to load a new backup set from a different date, then find the file you want again.

 

[Rookie_MIB]

You could do what I do for my system - I have a 10TB NAS which I back up to a 12TB NAS. Since you're using an Apple system, you probably have the cron and rsync tools (which are similar to the Linux tools) to automate the backups/syncs. As for the Time Machine backups, I'm not sure how those work so you may be on your own there.

For the two 6TB drives, you could go out to a USB hub, have both drives plugged into the hub and out of the way.

Open a terminal, use 'crontab -e' as root to edit the cron file, this allows you to schedule commands to be run at a variety of times. Format of a cron entry is 'x x x x x commmand to be run; command to be run; ' where the x's are assorted minutes/hours/days-of-month/month/days-of-week which if matched, will cause the command set to be run.

So - for example, putting the cron line:

* * * * * /run/this/script;

Would run the script every minute, of every day, of every year.

30 12 * * * /run/this/script;

would run the script every day, at 12:30am.

There are lots of examples for cron out on the web for every 5 minutes, odd days of the week, etc.

For rsync, the basics of it are:

'rsync -(options) /source/of/files /destination/of/files'

You'd need to look up the options, there are quite a few, and source can be local, or a remote computer, destination can be the same way. A good example is my sync for my NAS

'rsync -rav --delete /usr/mnt/MyMovies/ root@192.168.254.25:/usr/mnt/MyMovies'

-rav options -r = recurse directories (grab all subdirectories) -a archive -v verbose (gives detail)
--delete if file doesn't exist in source, but does exists in destination - remove it. You probably don't want that.
root@192.168.254.25 - that means you'll connect to a remote computer (in my case) using that username.

One thing that you can do is find some pre-build scripts to wrap around rsync which are helpful. Again, google is your friend...

**** edit ****

As mentioned, there are possibilities of ransomware whacking your files if the drives are mounted. That is a legitimate concern, which is why you can always add this command in your scripts:

mount -options /dev/backupdrive /path/to/mount
rsync - blah blah blah
umount /path/to/mount

What this does is keep your secondary backup drive offline (unmounted). Then, when it's time to back it up, it mounts the drives (connects it), runs rsync, then disconnects it. Hopefully, if you got infected you'd notice you couldn't access your files, especially if you do a backup weekly. Then you could clean the ransomware out, restore your backups, and be back in business.

 

[kathayes]

Thanks for the replies!

I didn’t realize that ransome ware was such a serious concern….I know next to nothing about it. I do not want to rely on cloud services for my backups (I use it to store files for convenience and to share files only). I also do not trust any cloud services with my media for anything, other than simply sharing of photos/videos.

Based on the feedback I received here, it sounds like my current system of backups is currently pretty secure from ransomware by always keeping my backups offline. I also have other drives that I keep in cases for documents, work files, etc. this just is not convenient because I always have to take a drive off a shelf, take it out of the case, put it in the dock, undock it when done, put it back in the case, etc.

Using one of these RAID enclosures in a JBOD configuration, could I just keep my drives (not the backups) in the enclosure (always physically protected) and just eject them from my desktop when I am not using them. If so, how do you remount the drives when needed with the drives being in the enclosure and already unmounted?

Thanks!

 

[Rookie_MIB]

Well, you actually wouldn't want to raid them in a JBOD - that still creates a volume which, if you remove a drive will render the entire array inaccessible (this also applies to a drive FAILURE). A better way to do it is you could put all of the drives in an enclosure, but you'll create a separate share for each single drive.

Then, you can manually connect to the drives when you need to across the network by accessing the individual shares, instead of creating a single massive drive, and to protect it from malware, don't MAP to the drives, just access the shared device.

 

[kathayes]

My plan is to get an enclosure that will work as JBOD and have either 2 or 4 drives in it.

1. On a Mac, when the individual drives are unmounted, how would I mount one of the drives when needed?
2. What did you mean by " don't MAP to the drives, just access the shared device?"

Thanks

 

[Rookie_MIB]

My plan is to get an enclosure that will work as JBOD and have either 2 or 4 drives in it.

1. On a Mac, when the individual drives are unmounted, how would I mount one of the drives when needed?
2. What did you mean by " don't MAP to the drives, just access the shared device?"

Thanks

Well, for mounting - that would specific to mac, and your particular setup. Generally you can mount and unmount drives via the command line. Open up a terminal and type 'man mount' - this will give you a lot of the nitty gritty options.

As for why you don't want to permanently map (ie mount and leave mounted) the drives, it's to avoid the malware problem. Many times these days the malware will scan windows system for all drives that have a drive letter (ie: mapped) and encrypt them. Meanwhile if it's just accessible via the network it might not. So you don't want to leave it mounted - this way any malware can't attack the files.

So to do the backups, you'd mount the drive, do the work/backup, then unmount it. This way it's not visible to the OS and it can't be attacked.