Backup & Recovery Strategies

Intermediate Linux Server
tarrsynccronddduplicati3-2-1 rule

Objective

Implement backup strategies using tar and rsync, automate backups with cron, test restores, and understand backup best practices.

Tools & Technologies

  • tar
  • rsync
  • cron
  • dd
  • duplicati
  • 3-2-1 rule

Key Commands

tar -czf backup.tar.gz /etc
rsync -avz --delete src/ dest/
dd if=/dev/sda of=disk.img bs=4M
crontab -e → 0 2 * * * /usr/local/bin/backup.sh

Architecture Overview

flowchart TD subgraph 3-2-1 Strategy DATA[Production Data] --> C1[Copy 1\nLocal Backup] DATA --> C2[Copy 2\nExternal Drive] DATA --> C3[Copy 3\nOffsite/Cloud] end subgraph Backup Types FULL[Full Backup\nAll data] INC[Incremental\nChanges since last] DIFF[Differential\nChanges since full] end style DATA fill:#1a1a2e,stroke:#00d4ff,color:#e0e0e0 style C3 fill:#1a1a2e,stroke:#00ff88,color:#e0e0e0

Step-by-Step Process

01
tar — Archive & Compress

tar creates archives. Combine with gzip (z) or bzip2 (j) for compression.

# Create compressed archive
tar -czf /backup/etc_$(date +%Y%m%d).tar.gz /etc

# Extract to specific directory
tar -xzf backup.tar.gz -C /restore/

# List contents without extracting
tar -tzf backup.tar.gz | head

# Create and verify
tar -czf backup.tar.gz /data && tar -tzf backup.tar.gz > /dev/null && echo 'OK'
02
rsync — Incremental Sync

rsync only transfers changed data, making it ideal for large directory trees.

# Sync with verbose progress
rsync -avz --progress /data/ /backup/data/

# Mirror: delete files removed from source
rsync -avz --delete /data/ /backup/data/

# Remote backup over SSH
rsync -avz --delete /data/ user@backup-server:/backup/data/

# Dry run to preview
rsync -avzn --delete /data/ /backup/data/
03
Automate with Cron

Schedule backups with cron. Redirect output to a log file.

# /usr/local/bin/backup.sh
#!/bin/bash
DATE=$(date +%Y-%m-%d)
LOG=/var/log/backup.log
echo "[$DATE] Starting backup" >> $LOG
rsync -avz --delete /data/ /backup/data/ >> $LOG 2>&1
echo "[$DATE] Done. Exit: $?" >> $LOG

# crontab -e
0 2 * * * /usr/local/bin/backup.sh
0 3 * * 0 tar -czf /backup/weekly_$(date +%Y%m%d).tar.gz /etc
04
Test Your Restores

A backup never tested is not a backup. Practice restoring to a different location.

# Restore single file
tar -xzf backup.tar.gz -C /tmp/restore/ etc/nginx/nginx.conf

# Verify restored file
diff /etc/nginx/nginx.conf /tmp/restore/etc/nginx/nginx.conf

# Full restore test
mkdir /tmp/restore_test
tar -xzf backup.tar.gz -C /tmp/restore_test/
ls -la /tmp/restore_test/

Challenges & Solutions

  • Backup without testing restore is useless — schedule restore drills quarterly
  • rsync --delete will delete destination files not in source — always dry-run first

Key Takeaways

  • 3-2-1 rule: 3 copies, 2 media types, 1 offsite
  • Log backup exit codes — silently failing backups are common