Content.id – Cara Membuat Offsite Backup Encrypted di Centos 7. Bagi pemilik VPS yang sudah produktif misalnya VPS yang digunakan untuk webserver, backup merupakan hal yang penting dalam menjalankan VPS-nya.
Offsite backup sangat penting karena jika terjadi sesuatu dengan VPS box yang Anda miliki apalagi sudah produktif. Kemungkinan fail server, di hack, atau kemungkinan saja tidak sengaja menghapus atau menginstall ulang VPS yang anda miliki.
Offsite backup adalah backup yang dilakukan diluar VPS produktif anda. Intinya, backup di tempatkan di VPS lain. Dan usahakan agar VPS box yang dijadikan untuk offsite backup tempatnya berbeda dangan VPS produktif anda. Misalnya VPS produktif Anda terletak di Digital Ocean atau di Vultr, ada baiknya VPS backup anda terletak di tempat lain misalnya di OVH kimsufi. Lebih baik lagi jika VPS backup anda terletak di negara yang berbeda dengan VPS produktif anda.
Prerequirments:
- VPS Produktif. Jika belum memiliki VPS produktif bacac cara Mendapatkan Balance $100 Digital Ocean dan Cara Mendapatkan Balance $50 dari Vultr dan Buat VPS Anda Selama 10 Bulan
- VPS Backup. Jika belum memiliki, baca Storage VPS Murah dari AlphaVPS untuk Backup 3.5EUR/m atau beli di buyvm.net
- Putty untuk akses VPS
Cara Membuat Offsite Backup Encrypted di Centos 7
VPS Backup
1. Login ke VPS yang ingin dijadikan backup.
2. Buat file img dengan perintah dd if=/dev/zero of=/zero.img bs=1G seek=10 count=0
Besar file yang ingin dijadikan backup tergantung kapasitas hdd yang ada di VPS Backup. Ganti besaran seek sesuai dengan yang anda inginkan. Jika ingin besar file img 30 GB, ganti 10 menjadi 30.
[[email protected] ~]# dd if=/dev/zero of=/zero.img bs=1G seek=400 count=0 0+0 records in 0+0 records out 0 bytes (0 B) copied, 7.9328e-05 s, 0.0 kB/s [[email protected] ~]# ls -al /zero.img -rw-r--r-- 1 root root 962072674304 Mar 21 01:43 /zero.img
Karena AlphaVPS memberikan space hdd 512GB maka besar file img yang content.id buat 400GB
3. Persiapan di VPS Backup telah selesai.
VPS Produktif
Step 1. Login ke VPS Produktif anda.
Step 2. Install SSHFS dengan perintah yum -y install sshfs
yum -y install sshfs Loaded plugins: fastestmirror Determining fastest mirrors epel/x86_64/metalink | 27 kB 00:00:00 * base: ftp.upcnet.ro * epel: mirror.layeronline.com * extras: ftp.ines.lug.ro * updates: ftp.upcnet.ro base | 3.6 kB 00:00:00 ................... | 1.0 MB 00:00:02 Resolving Dependencies --> Running transaction check ---> Package fuse-sshfs.x86_64 0:2.10-1.el7 will be installed --> Processing Dependency: fuse >= 2.2 for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.2)(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.4)(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.5)(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.6)(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.7)(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Processing Dependency: libfuse.so.2()(64bit) for package: fuse-sshfs-2.10-1.el7.x86_64 --> Running transaction check ---> Package fuse.x86_64 0:2.9.2-11.el7 will be installed ---> Package fuse-libs.x86_64 0:2.9.2-11.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================================================================================================= Installing: fuse-sshfs x86_64 2.10-1.el7 epel 50 k Installing for dependencies: fuse x86_64 2.9.2-11.el7 base 86 k fuse-libs x86_64 2.9.2-11.el7 base 93 k Transaction Summary ============================================================================================================================================================================================================================================= Install 1 Package (+2 Dependent packages) Total download size: 229 k Installed size: 613 k Downloading packages: (1/3): fuse-2.9.2-11.el7.x86_64.rpm | 86 kB 00:00:00 (2/3): fuse-libs-2.9.2-11.el7.x86_64.rpm | 93 kB 00:00:00 (3/3): fuse-sshfs-2.10-1.el7.x86_64.rpm | 50 kB 00:00:00 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 297 kB/s | 229 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : fuse-2.9.2-11.el7.x86_64 1/3 Installing : fuse-libs-2.9.2-11.el7.x86_64 2/3 Installing : fuse-sshfs-2.10-1.el7.x86_64 3/3 Verifying : fuse-sshfs-2.10-1.el7.x86_64 1/3 Verifying : fuse-libs-2.9.2-11.el7.x86_64 2/3 Verifying : fuse-2.9.2-11.el7.x86_64 3/3 Installed: fuse-sshfs.x86_64 0:2.10-1.el7 Dependency Installed: fuse.x86_64 0:2.9.2-11.el7 fuse-libs.x86_64 0:2.9.2-11.el7 Complete!
Step 3. Install LUKS Package untuk enkripsi file dengan perintah: yum install -y cryptsetup
yum install -y cryptsetup Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile epel/x86_64/metalink | 7.9 kB 00:00 * base: mirror-hk.koddos.net * epel: sg.fedora.ipserverone.com * extras: mirror-hk.koddos.net * updates: mirror-hk.koddos.net base | 3.6 kB 00:00 epel | 4.7 kB 00:00 extras | 3.4 kB 00:00 litespeed-mirror | 3.6 kB 00:00 litespeed-update-mirror | 3.6 kB 00:00 mariadb-mirror | 2.9 kB 00:00 powerdns-mirror | 2.9 kB 00:00 updates | 3.4 kB 00:00 powerdns-mirror/primary_db | 11 kB 00:00 12 packages excluded due to repository priority protections Resolving Dependencies --> Running transaction check ---> Package cryptsetup.x86_64 0:2.0.3-3.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: cryptsetup x86_64 2.0.3-3.el7 base 154 k Transaction Summary ================================================================================ Install 1 Package Total download size: 154 k Installed size: 354 k Downloading packages: cryptsetup-2.0.3-3.el7.x86_64.rpm | 154 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : cryptsetup-2.0.3-3.el7.x86_64 1/1 Verifying : cryptsetup-2.0.3-3.el7.x86_64 1/1 Installed: cryptsetup.x86_64 0:2.0.3-3.el7 Complete!
Step 4. Create folder untuk tempat mount remote fs dengan perintah mkdir /mnt/openvz
mkdir /mnt/openvz
Step 5. Mount remote server folder dengan perintah sshfs -o allow_other [email protected] vpsbackup:/ /mnt/openvz
sshfs -o allow_other [email protected]:/ /mnt/openvz
Step 6. Edit /etc/fstab agar folder sshfs dapat terload secara otomatis setelah reboot
sshfs#[email protected]:/ /mnt/openvz fuse port=2809,defaults,allow_other,nonempty 0 0
Step 7. Aktifkan LUKS Module dengan perintah modprobe dm_crypt
[[email protected] ~]# modprobe dm_crypt
Step 8. Encrypt file zero.img agar aman dengan perintah cryptsetup -y luksFormat /mnt/openvz/zero.img
cryptsetup -y luksFormat /mnt/openvz/zero.img WARNING! ======== This will overwrite data on /mnt/openvz/zero.img irrevocably. Are you sure? (Type uppercase yes): YES Enter passphrase for /mnt/openvz/zero.img: Verify passphrase:
Step 9. Buka decrypt file zero.img dan map menjadi drive dengan perintah cryptsetup luksOpen /mnt/openvz/zero.img zeromapper
cryptsetup luksOpen /mnt/openvz/zero.img zeromapper Enter passphrase for /mnt/openvz/zero.img:
Step 10. Check apakah zeromapper sudah berhasil dengan perintah ls -al /dev/mapper/
ls -al /dev/mapper/ total 0 drwxr-xr-x. 2 root root 140 Mar 20 22:05 . drwxr-xr-x. 20 root root 3160 Mar 20 22:05 .. lrwxrwxrwx. 1 root root 7 Mar 17 13:57 centos_radha-home -> ../dm-2 lrwxrwxrwx. 1 root root 7 Mar 17 13:57 centos_radha-root -> ../dm-0 lrwxrwxrwx. 1 root root 7 Mar 17 13:57 centos_radha-swap -> ../dm-1 crw-------. 1 root root 10, 236 Mar 17 13:57 control lrwxrwxrwx. 1 root root 7 Mar 20 22:05 zeromapper -> ../dm-3
Step 11. Format drive zeromapper dan buat format ext4 file system dengan perintah mkfs.ext4 /dev/mapper/zeromapper
mkfs.ext4 /dev/mapper/zeromapper
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
58720256 inodes, 234880512 blocks
11744025 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=2382364672
7168 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
102400000, 214990848
Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
Step 12. Buat folder untuk mount drive mapper misalnya /backup dengan perintah mkdir /backup
mkdir /backup
Step 13. Mount Drive Mapper /dev/mapper/zeromapper ke folder /backup dengan perintah mount /dev/mapper/zeromapper /backup
mount /dev/mapper/zeromapper /backup
Step 14. Check folder /backup apakah sudah termount dengan benar dengan perintah ls -al /backup
ls /backup lost+found
Step 15. Offsite VPS Backup telah menjadi drive di VPS Produktif. Silahkan copy file backup anda ke folder /backup.
Step 16. Proses copy backupan ke folder /backup mungkin akan memakan waktu tergantung dari kecepatan write disk dan kecepatan koneksi dari VPS Produktif ke VPS Backup
Test Copy file dengan perintah dd dengan besar file 537 MB
dd if=/dev/zero of=/backup/testing bs=512 count=1024k 1048576+0 records in 1048576+0 records out 536870912 bytes (537 MB) copied, 126.844 s, 4.2 MB/s
Network speed pada VPS Produktif pada saat test copy file
vnstat -l -i eth2 Monitoring eth2... (press CTRL-C to stop) rx: 1.88 Mbit/s 405 p/s tx: 4.75 Mbit/s 447 p/s
Network speed pada VPS Backup pada saat test copy file
vnstat -l -i venet0 Monitoring venet0... (press CTRL-C to stop) rx: 7.60 Mbit/s 775 p/s tx: 3.15 Mbit/s 494 p/s
dd if=/dev/zero of=/backup/testing bs=512 count=1024k 1048576+0 records in 1048576+0 records out 536870912 bytes (537 MB) copied, 126.844 s, 4.2 MB/s
Hasil test copy file testing
ls -al /backup total 588352 drwxr-xr-x. 4 root root 4096 Mar 21 00:17 . dr-xr-xr-x. 19 root root 4096 Mar 20 21:54 .. drwx------. 2 root root 16384 Mar 20 22:06 lost+found -rw-r--r--. 1 root root 536870912 Mar 21 00:19 testing
Penutup
Nah itu Cara Membuat Offsite Backup Encrypted di Centos 7 untuk distro lain seperti Ubuntu atau Debian sesuaikan perintah dengan distro masing-masing.
Dengan memiliki file backup, Anda tidak akan khawatir lagi dengan VPS Produktif anda jika suatu saat terjadi sesuatu hal yang tidak di inginkan seperti hardisk failure atau yang lainnya.
(Content.id)
Salam
