|
Agreed. Most people seem to take a very cavalier approach to backups, for example, or using risky Ceph/ZFS setups without understanding the consequences. In the absolute worst-case scenario for me, barring a lightning strike that fried my UPS and entire rack, I would lose a day’s worth of changes, as my backup node kicks on daily to ingest snapshots. Downtime would probably be 15 minutes or so - boot up backup, change target IP address on other nodes to access it. I’m only running RAIDZ1, so I’d have to lose two disks in a VDEV for this to occur. I understand and accept the risks, but were I hosting anything of import, I’d probably accept the additional power draw of keeping the backup server on 24/7 and stream snapshots to it continuously. Also, of course, I’d be streaming those snapshots off-site. Currently I do so for things like photos and documents. If I lost 2/3 of my compute nodes, I’d be down for a bit longer, as I’d have to shift workloads to the backup server (which is a dual socket with enough RAM to handle it), and currently it doesn’t run K8s. I can shift things to Docker Compose easily enough, or I suppose I could register it as a worker node that’s just tainted most of the time. |