The Silence of the Logs
It is 3:00 AM on a Tuesday. Your monitoring dashboard just lit up like a Christmas tree. SSH times out. The HTTP health check returns a 502 Bad Gateway. Your hosting provider's status page says "All Systems Operational," which you know is a lie because your dedicated server in Oslo just vanished from the internet.
I have been there. In 2016, I watched a RAID controller die on a legacy bare-metal server hosting a high-traffic Magento storefront. The backup? It was on the same physical array. We lost 14 hours of transactional data. The client didn't care about the "unexpected hardware failure." They cared about the €40,000 in lost sales.
In November 2018, with GDPR in full swing and Datatilsynet (The Norwegian Data Protection Authority) watching, losing data isn't just an operational failure; it is a legal liability. Article 32 of the GDPR explicitly mandates the "ability to restore the availability and access to personal data in a timely manner."
If your Disaster Recovery (DR) plan is "I'll rsync it manually if it breaks," you are already negligent. Let's build a real architecture.
1. The Cold Hard Truth About Hardware
Hardware fails. SSDs wear out. Power supplies blow capacitors. If you are running your production workload on a single VPS or dedicated server without a hot standby or a tested restoration pipeline, you are gambling with your company's existence.
This is where the infrastructure choice matters. We prefer KVM (Kernel-based Virtual Machine) over OpenVZ/LXC for production workloads. Why? Kernel isolation.
Pro Tip: Container-based virtualization (OpenVZ) shares the host kernel. If a kernel panic occurs on the host, every container dies. On CoolVDS, we use KVM. Each instance has its own kernel. If your neighbor crashes their OS, your uptime is unaffected.
2. The "3-2-1" Rule is Not Optional
You know the drill, yet I see `crontab` entries that just copy `/var/www` to `/tmp`. Stop it.
- 3 copies of your data.
- 2 different media types (e.g., local NVMe and remote Object Storage).
- 1 copy offsite (different data center).
For a Norwegian business, that "offsite" copy needs to respect data sovereignty. Storing backups in a US-based bucket might violate Schrems rulings or local compliance depending on the data sensitivity. Keep your primary in Oslo and your secondary in a GDPR-compliant facility in Frankfurt or Stockholm.
3. Automating Database Consistency
Filesystem snapshots are great, but if you snapshot a running MySQL server without flushing tables, you are restoring corrupted data. You need application-consistent backups.
Here is a standard, robust snippet for backing up MySQL 5.7/8.0 without locking the database for read/writes (using single-transaction):
#!/bin/bash
# /usr/local/bin/db-backup.sh
BACKUP_DIR="/backup/mysql"
DATE=$(date +%F_%H-%M)
DB_USER="backup_user"
DB_PASS="secure_password_here"
mkdir -p $BACKUP_DIR
# Dump all databases with consistent snapshot
mysqldump -u$DB_USER -p$DB_PASS \
--all-databases \
--single-transaction \
--quick \
--lock-tables=false > "$BACKUP_DIR/full_dump_$DATE.sql"
# Compress immediately to save IOPS later
gzip "$BACKUP_DIR/full_dump_$DATE.sql"
# Rotate locally: delete older than 7 days
find $BACKUP_DIR -type f -name "*.sql.gz" -mtime +7 -deleteRun this via cron. But local backups are useless if the node catches fire. You need to ship it.
4. The Transport Layer: RTO and Bandwidth
Transferring gigabytes of data takes time. In a disaster, Time is the enemy. This is why we obsess over NVMe storage at CoolVDS. Restoring 50GB of data on a standard SATA SSD (reading at ~500MB/s) vs an NVMe drive (reading at ~3000MB/s) is the difference between being down for 20 minutes or 2 minutes.
For the transport, `rsync` is still king in 2018, but let's make it secure.
rsync -avz -e "ssh -p 2222 -i /root/.ssh/id_rsa_backup" \
/backup/mysql/ \
user@remote-storage.coolvds.net:/home/user/offsite_backups/Advanced: Encrypted Deduplicated Backups with Borg
If you aren't using BorgBackup yet, start now. It offers encryption, compression, and deduplication. It saves massive amounts of space and bandwidth, making offsite transfers faster.
# Initialize the repo (do this once)
borg init --encryption=repokey user@backup-server:backup.borg
# The daily backup script
borg create --stats --progress \
user@backup-server:backup.borg::'{now:%Y-%m-%d_%H:%M}' \
/var/www/html \
/etc/nginx \
/backup/mysql
# Prune old backups automatically
borg prune -v --list --keep-daily=7 --keep-weekly=4 user@backup-server:backup.borg5. Infrastructure as Code: The Recovery Playbook
The biggest mistake in DR is manually reinstalling packages. "What version of PHP was I running? Was it 7.1 or 7.2? Did I install the `gd` library?"
In 2018, you should be using Ansible. Even a simple playbook ensures that a fresh CoolVDS instance can become your production server in minutes.
---
- hosts: recovery_node
become: yes
vars:
http_port: 80
server_name: www.example.no
tasks:
- name: Install Nginx and PHP-FPM
apt:
name: ["nginx", "php-fpm", "php-mysql", "unzip"]
state: present
update_cache: yes
- name: Configure Nginx VHost
template:
src: templates/nginx.conf.j2
dest: /etc/nginx/sites-available/default
notify: Restart Nginx
- name: Ensure Web Root Exists
file:
path: /var/www/html
state: directory
owner: www-data
mode: '0755'
handlers:
- name: Restart Nginx
service:
name: nginx
state: restarted6. The "Sorry" Server Pattern
While you are restoring data, users shouldn't see a connection timeout. They should see a branded maintenance page. Keep a tiny, low-resource VPS (like the CoolVDS Entry tier) running Nginx with a static HTML page.
If your main load balancer or IP fails, you flip the DNS (low TTL is crucial here!) to this static IP. It is better to apologize than to disappear.
| Method | Cost | RTO (Recovery Time) | RPO (Data Loss) |
|---|---|---|---|
| Manual File Copy | Low | Hours/Days | High (Last copy) |
| Snapshot Restoration | Medium | Minutes | Medium (Last snapshot) |
| Active-Passive (CoolVDS) | Medium | Seconds (DNS Prop) | Near Zero (Replication) |
Conclusion: Test or Fail
A disaster recovery plan that hasn't been tested is just a theoretical document. It will fail you. Schedule a "Game Day." deliberately take down your primary interface locally and try to restore it from your backups to a fresh CoolVDS instance.
When you are staring at a blank terminal, needing to restore 200GB of customer data, you will not regret paying for NVMe storage and a solid KVM foundation. You will regret saving $5 on cheap, oversold shared hosting.
Don't let slow I/O kill your recovery time. Deploy a high-performance NVMe KVM instance on CoolVDS today and build a safety net that actually holds.