Backup Strategies?

Looks like the new M4 Mini is in my immediate future. I have always used CCC to create bootable copies along with their “Safety Net” which acts similarly to Time Machine. Now with current hardware/software it seems the fruit is closing off utility we used to have, i.e. can’t really create a bootable backup (I think there is a way, but it involves cloning everything every time, not incremental).

I know CCC has extra features, and I have a paid upgrade path, but what I want to know is why not use Time Machine? One of the “features” I use CCC for is it can wake the macin e up in the middle of the night, do an bootable incremental back-up then shut the machine down. With TM that really isn’t necessary.

Curious about restoring… I THINK (but need confirmation) one can “restore” from a TM backup as long as one first install MacOS. The issue there is anything that got installed in System or Library won’t come over… true?

1 Like

Several comments:

You’re right that making an incremental bootable backup is no longer possible. But there are alternatives, including:

  • Make a bootable backup using the provided mechanism, which will be a whole system backup (not incremental). Test it (since that mechanism isn’t always reliable). Then incrementally make backups of the Data volume over it.

    This will work fine until the next macOS update, since the signed system volume never changes. But when the SSV changes, you’ll be forced to pick one of three options:

    • Make another whole-system bootable backup, which will blow away all the snapshots from your prior incremental backups.
    • Boot the backup and run Software Update to upgrade the System volume, then go back to your normal system. The SSV should be the same as your system SSV.
    • Don’t bother backing up the system volume. Which might be fine for minor system updates, but clearly isn’t what you’ll want for major updates.
  • Make a backup of the Data volume only. Later, make it bootable by installing macOS over that backup.

    • Unfortunately, this also blows away snapshots, so its equivalent to a whole-system backup. But it may work more reliably than trying to make a bootable backup of your local system.
    • All of the above concerns still apply for incremental backups.
  • Even if you make a valid bootable backup, you can not clone that backup to your internal volume to restore it.

    • If you need to roll-back a macOS installation, you will need to boot into Recovery mode, wipe macOS, install the older version and then use Migration Assistant from your backup of the Data volume (or maybe just restore your Data volume from its backup, if the backup is from the same version of macOS that you just reinstalled.
    • In other words, unless you think you’re going to need to actually boot and work from that external volume, there’s not much reason for your backup to be bootable anymore.

For this reason, it is recommended that you just make backups of your Data volume. And if you need to wipe macOS, wipe the computer, reinstall from Recovery Mode and restore/migrate your data afterward.

As for why not just use Time Machine? It’s never a good idea to rely on only one backup mechanism. Time Machine is really useful and you can use Migration Assistant to restore from it, but it’s not without its own share of bugs. Having one or more clones made with a different app (like CCC or SuperDuper!) is a good idea, in case something glitches preventing you from restoring from the TM volume.

WRT content installed to /System or /Library, it should be restored. Note that the signed system volume is read-only, so literally nothing will be installed there. But the System and Data volumes are mounted in a way that makes them appear as one file system. So anything you write there will actually be on your Data volume, should get backed up, and should be restored by Migration Assistant.

See also:

9 Likes

Wow, I’ll have to carefully mull over what you said, there are things confusing me that maybe a more careful reading may fix. Trying to create a bootable volume sounds way to fraught with issues… I can give up that idea!

Not familiar with snapshots… define please.

Not sure exactly what a Data volume is.

WRT Content?

Am long retired so doing work work at home ain’t happening. As such, not so sure I need to worry about multiple backups. Pretty much everything will be ON my cMP even though it’s going to be a winblowzen box in the near term. When I get the PC for gaming, I’ll still have at least one HDD (my cMP has a PCI dual SSD raided for its single volume, but I do clone that to a single HHD) with everything as it was when I upgraded to the Mini.

I maintain backups using Time Machine and Carbon Copy Cloner, each on its own drive. The Time Machine drive is always connected. The CCC drive is disconnected most of the time. I do a CCC backup about once a week or before installing an OS update.

I do this for redundancy and to increase the chances of having a clean version of my entire setup in the event of a catastrophic failure or a security breach.

For backups, especially since macOS stopped supporting booting from clones some time ago, I use spinning platter HDs because I am not that concerned about I/O speeds, repeated reads and writes affect HDs less than SSDs, and the cost-per-megabyte is lower with HDs.

2 Likes

A snapshot is a feature of the APFS file system, which Apple uses for the System and Data volumes for all current versions of macOS.

A snapshot is a frozen point-in-time for an APFS volume. They can be created very quickly and efficiently. Any subsequent changes to that volume will not change the contents of the snapshot. An APFS volume can have many snapshots, and snapshots can be deleted after the fact.

Snapshots are the mechanism used to implement Time Machine on APFS volumes. macOS creates a snapshot, freezing the contents and then updates the contents. You can mount the snapshots as read-only volumes, which show the entire contents of that volume at the time the snapshot was made.

When Time Machine deletes backups (e.g. the hourly backups at the end of the day, the daily backups at the end of the week, and old backups when the volume fills up), it does it by deleting the corresponding snapshots.

Other apps can also make snapshots. For instance CCC uses them for implementing the safety net feature when the destination volume is APFS. It also creates them on the source volume while making a backup, to ensure that the data being backed up doesn’t change while the backup is in progress.

Back in the old days, macOS organized its files in a fairly straightforward way. You formatted a hard drive partition with a single (HFS+) volume, and the entire operating system, along with all your data, are just files in that volume.

Over the years, starting with macOS 10.15 (“Catalina”), Apple changed the organization. Instead of one volume, there are two. The partition contains an APFS container, which in turn contains two (actually a few more, but only two that I care about for this discussion) volumes. One is the System volume, which contains all the parts of macOS that should never change as the system is running, and the other is the Data volume, which has everything else, including every app you’ve installed, your documents, preferences, etc.

The System and Data volumes are bonded together in a way that makes the result appear to be one file system, but they are actually separate under the covers. The System volume is read-only and can therefore not be changed without jumping through several hoops.

In the next version of macOS, 11 (“Big Sur”), Apple took it a step further. The System volume is a “signed/sealed system volume”, aka SSV. The macOS installer makes a snapshot of the System volume, cryptographically signs it and when the system boots up, it boots from that snapshot. The System volume can not be changed through any means and if you somehow manage to do so, it will not change the snapshot that the system actually boots from. And you can’t re-create that snapshot in a way that will be bootable because the system authenticates the cryptographic signature at startup, and it will fail if you can’t sign it, and Apple doesn’t give you the necessary tools.

This is the way all subsequent releases of macOS are organized. There is a signed/sealed system volume and a Data volume. The SSV can only be created/modified by an Apple macOS installer. The Data volume can be written without issue (within the limits of permissions and System Integrity Protection (SIP)).

The upshot of all this is that you can’t make your own bootable macOS volume because macOS 11 and later will only boot from a signed system volume, and you can’t make your own. Only a macOS installer or Apple’s APFS Replicator (ASR) utility (used by CCC to make bootable backups) can do it. If you try to just copy all the files from the System volume somewhere else, the result won’t boot.

Sorry. “WRT” means “with respect to”. I’m talking about whatever you or applications may save to /System or /Library.

Most of the directories under /System will be read-only, since they’re part of the SSV. /Library is writable and contains all kinds of data installed by applications - anything that should be shared among all the users you may have created on your computer.

My point is that if you can write to a location, it will be stored on the Data volume and will therefore be backed up by any backup of the Data volume. And it will be restored by Migration Assistant.

See also:

8 Likes

Can’t thank you enough for your patient and complete explanations. Got a modern version of ResEdit {lol}?

4 Likes

Actually, yes.

Apple’s ResEdit tool is dead and gone, but there’s an open source equivalent you can download.

It’s not as nice as Apple’s tool, but it’s a good way to access data stored in resource forks, if you have any such files (e.g. fonts, bitmaps or sounds from old software).

2 Likes

How does an online backup service like Backblaze fit into an effective backup process? I’m using TimeMachine and testing Backblaze for “off site” backup. What are the concerns that I should think about?

Some things I would think about include:

  • What is my plan if the cloud storage provider goes out of business?
  • Is there any data on my computer I do not want to–or legally cannot– store in the cloud?
  • How fast is my Internet connection, both up (outgoing data) and down (incoming data)?
  • What is the annual cost versus HD/SSD storage at a location I consider to be secure?

I sort of had that happen when Crashplan ended their consumer backup offering. I was on a prepaid 4 year subscription so I had plenty of time to find something else.

As long as it’s adequately protected there’s little you can’t store in the cloud. Just turn encryption on for your device.

My main problem is an asymmetric internet connection. Gigabit down but 40mbps up. Initial backup can take some time. Also an issue is data caps imposed by some ISPs.

Some don’t have a convenient place to keep an offsite backup. It also adds a non-automatic step to the backup process which means it’s subject to being forgotten.

Multiple types of backups are a good idea.

Off-site backups are important for protecting against the worst disasters - fire, flood, hurricane, etc., where you can’t access your backup media. You can, in the worst case, buy a new computer and restore your content from some remote location.

The biggest concerns with a network backup solution are:

  • Price. How much can you store before you hit a limit or have to upgrade to a higher service tier?

  • Time. How long will it take to back-up or restore your data? Note that your Internet speed will be a factor in addition to the service’s speed. If you don’t have gigabit networking, you may find that it takes a very long time, even if the service is fast.

  • Physical media. Many network backup services have the capability to backup/restore via physical media. Mail them a storage device (HDD or SSD) with a clone of your system to make a full backup. Have them mail you a drive with your content to make a full restore.

    This can save a lot of time when making your initial backup and when you need to perform a full-system restore. The rest of the time (incremental backups, restoring specific files/folders), your normal Internet connection will probably be fast enough.

    This will probably cost extra, but you shouldn’t need to do it very often, and its a tremendous time saver when you need it (e.g. when restoring a full system after a disaster).

I won’t recommend any particular service because I haven’t actually used any of them.

I would not consider using an Internet backup service as my only backup system, but it’s a good idea to use in addition to various local backup solutions like Time Machine and local clones.

Another possible solution for off-site backup is to make clones on some schedule (maybe weekly) and store the media off-site in a secure location like a safe deposit box or with a trusted friend/relative. The downside to this is that you have make a point of doing it every week. And the location should be far enough away from home that a natural disaster (like a hurricane) won’t cut off access to your remote backup when you need it.

My standard joke when teaching my computer education classes to an elderly population is that there are two kinds of computer users. There are the kind of users that back up, and there are the kind that need to back up.

I have never trusted cloud backup (Backblaze, Crashplan) other than at the file level. Bandwidth limitations and random network dropouts, to say nothing of corporate disappearance, always prevent me from relying on this completely. I use OneDrive, iCloud Drive and occasionally Google Drive for individual files, especially if they’ll need to be shared at some point.

However, for real back ups, I rely on a multiple Time Machine strategy. I have a Mac mini that hosts a network Time Machine back up, my Asus wireless router has a USB drive connected that understands Time Machine and in addition all my devices have a physical hard drive connected for Time Machine.

And just to be completely paranoid I also make a Carbon Copy Cloner backup of every machine in my arsenal.

As others have pointed out, Carbon Copy Cloner is not as useful for restoring a dead machine as it used to be. I have found, though, that Time Machine is the way to go for migrating from an older platform to a newer piece of hardware.

Backblaze documents the 3-2-1 backup strategy:

  • 3 copies of your data
  • on at least 2 different devices or locations
  • with 1 offsite

I’d say that Time Machine should be the starting point. It works reasonably well, gives versioned history, and can be used to restore from when setting up a new or repaired computer.

But, what if your house burns down? That’s why you need a copy of your most important data offsite. Either backup to drives that you take out of the house, or use a cloud backup. (I do both!)

Note, though, that trying to do a full machine restore from a cloud backup is impractical.

Personally I also want to have a bootable backup. In fact, I’m running my iMac off of a bootable backup, after the iMac’s drive crashed a few weeks ago. You can use it as a migration or restore source. But working with bootable backups is not as simple as it used to be, so this could be considered an advanced strategy.

Another option is a data-only clone. It isn’t bootable but can be used as a source for migration or restore. The disadvantage over Time Machine is there’s no history, but the advantage is it is more space efficient, because it is just as of one point-in-time. And unlike Time Machine, it has every file on the data volume. This is especially useful if you’re needing to exclude files from Time Machine due to insufficient space, such as virtual machines.

Personally, I have many backups. One reason is I have the drives, so why not put them to use? Another is FoLD: Fear of Losing Data. So right now I have two Time Machines, (until recently) two bootable clones, cloud backup of the entire machine with versioned history going back 5 years, and rotation of two full data-only clones offsite, updated monthly. And that’s just for one of my two computers.

That’s enough redundancy that I don’t feel concerned with putting a bootable backup and Time Machine as partitions on the same physical drive.

As others have pointed out, Carbon Copy Cloner is not as useful for restoring a dead machine as it used to be. I have found, though, that Time Machine is the way to go for migrating from an older platform to a newer piece of hardware.

Hmmm, why that over using migration assistant?

You use Migration Assistant to copy the data from a Time Machine backup or a Carbon Copy Cloner one or similar.

1 Like

Why? I have both a CCC clone and a TM backup on my cMP… plan to use migration assistant from my boot drive to the new hardware.

You can use either one so that’s your choice.

But note that if you have an Apple Silicon Mac, and the internal SSD fails, you won’t be able to boot from external media. So that particular use case (to keep working when your internal storage completely fails) is not valid on modern equipment.

That having been said, it may be possible that your internal SSD has partly failed such that the pre-boot code still loads and runs, but its installed copy of macOS does not. You could boot from an external volume in that case, but this sounds like a very contrived example - if the internal SSD works well enough for the pre-boot to run, it will probably work well enough for you to reinstall macOS on it.

This depends on your choice of backup software and how you configure it. For example, CCC, when cloning to an APFS volume, has a feature where it will create a new snapshot before each clone. So you have the entire version history present, should you require it.

3 Likes

Sorry for pesky questions David, thanks for your patience. So I guess a bootable thumb drive ain’t happening. So let’s say one fine day you try and boot it, it goes though some of it then craps out. Good indicator of a failed OS… how does one recover from that?

Assuming I can somehow install a full OS… will that wipe all my data so I HAVE to restore from a TM backup? If it leaves my data alone, I think there are stuff installed in there… which most likely will get wiped out. SOOO if I try and restore from a TM backup will it ignore everything that is already there and only restore some files?

Another consideration in backup strategies is currency of the backup. How current the backup should be depends on the purpose of it.

If you’re using the backup for a migration or to restore a computer, you want the backup to be as current as possible. Otherwise you lose the most recent changes you’re made.

But what if you made some changes to a file and realize you need the previous version (and it isn’t in the file versions, which is another subject)? Or you permamently deleted a file and need it back? Or an app no longer works because of something in its settings and you want to roll it back? Or you upgraded an application and want to roll that back?

In all those cases you don’t want the backup to be current, because that would have the same problem as on your live drive. You need a backup that is older.

This is why versioned backups such as Time Machine are valuable; you get to have both a current backup and older history – as long as the history hasn’t been purged due to retention rules.

It is, however, a consideration when doing bootable clones or data clones without snapshots. For example: do you take the clone before upgrades so you can roll them back, or after the upgrade so you can restore to the current state? It is a dilemma.

you may notice I gave a solution to the dilemma in my previous post :-)