https://wiki.stoney-cloud.org/w/api.php?action=feedcontributions&feedformat=atom&user=Patstoney-cloud.org - User contributions [en]2026-05-13T13:47:07ZUser contributionsMediaWiki 1.39.6https://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.xmi&diff=3782File:wrapper-interaction.xmi2014-06-27T12:59:04Z<p>Pat: Initial version</p>
<hr />
<div>Initial version</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3781stoney conductor: VM Backup2014-06-27T12:58:47Z<p>Pat: /* Current Implementation (Backup) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
You can modify/update this workflow by editing [[File:Daemon-communication.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the KVMBackupWrapper.pl script with the machines list as a parameter<br />
# Wait for the KVMBackupWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
You can modify/update this workflow by editing [[File:wrapper-interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
'''Attention:''' The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
'''Attention''': The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
<br />
<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#Current_Implementation_.28Backup.29]]), the restore process does not work when clicking the icon in the webinterface. <br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:Daemon-communication.xmi&diff=3780File:Daemon-communication.xmi2014-06-27T12:58:02Z<p>Pat: Pat uploaded a new version of &quot;File:Daemon-communication.xmi&quot;: Correct workflow</p>
<hr />
<div>Initial Version</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:Daemon-communication.xmi&diff=3779File:Daemon-communication.xmi2014-06-27T12:57:15Z<p>Pat: Initial Version</p>
<hr />
<div>Initial Version</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3778stoney conductor: VM Backup2014-06-27T12:55:51Z<p>Pat: /* Communication through backend */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
You can modify/update this workflow by editing [[File:Daemon-communication.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the KVMBackupWrapper.pl script with the machines list as a parameter<br />
# Wait for the KVMBackupWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
'''Attention:''' The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
'''Attention''': The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
<br />
<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#Current_Implementation_.28Backup.29]]), the restore process does not work when clicking the icon in the webinterface. <br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:node-integration.xmi&diff=3777File:node-integration.xmi2014-06-27T12:54:49Z<p>Pat: Initial version</p>
<hr />
<div>Initial version</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_cloud:_Multi-Node_Installation&diff=3776stoney cloud: Multi-Node Installation2014-06-27T12:54:34Z<p>Pat: /* Node Integration */</p>
<hr />
<div>== Overview ==<br />
The [http://www.stoney-cloud.org/ stoney cloud] builds upon various standard open source components and can be run on commodity hardware. The final Multi-Node Setup consists of the following components:<br />
* One [[Primary-Master-Node]] with an OpenLDAP Directory Server for the storage of the stoney cloud user and service related data with the web based management [[VM-Manager]] interface and the Linux kernel based virtualization technology.<br />
* One [[Secondary-Master-Node]] with the Linux kernel based virtualization technology.<br />
* Two [[Storage-Node | Storage-Nodes]] configured as a replicated and distributed data storage service based on [http://www.gluster.org/ GlusterFS].<br />
The components communicate with each other over a standard Ethernet based IPv4 network.<br />
<br />
=== Prerequisites ===<br />
The following items and conditions are required to be able to install and configure a stoney cloud environment:<br />
* Dedicated Hardware (4 Servers) which fulfil the following requirements: <br />
** 64-Bit Intel with VT-Technologie (AMD is not tested at the moment).<br />
** 8 Gigabyte Memory (more is better).<br />
** 147 Gigabyte up to 2 Terabyte disks.<br />
*** For all four Nodes ([[VM-Node | VM-Nodes]] and [[Storage-Node | Storage-Nodes]]) two 147 Gigabyte Disks, configured as RAID1, are enough for the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
*** Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
** Two physical Ethernet Interfaces, which support the same bandwidth (for example 1 Gigabit/s).<br />
* Two Gigabit layer-2 switches supporting [http://en.wikipedia.org/wiki/IEEE_802.3ad IEEE 802.3ad] (dynamic link aggregation), [http://en.wikipedia.org/wiki/IEEE_802.1Q IEEE 802.1Q] (VLAN tagging) and stacking (optional, but recommended).<br />
* Experience with Linux environments especially with [http://www.gentoo.org Gentoo Linux].<br />
* Good experience with IP networking, because the Switches need to be configured manually (dynamic link aggregation and VLAN tagging).<br />
<br />
=== Limitations ===<br />
During the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system, the first two physical Ethernet Interfaces are automatically configured as a logical interface (bond0) and the four tagged VLANs are set up. If more than two physical Ethernet Interfaces are to be included in to the logical interface (bond0) or the physical Ethernet Interfaces have different bandwidths (for example 1 Gigabit/s and 10 Gigabit/s), the final logical interface (bond0) needs to be configured manually after the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
Only the first two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] are set up automatically. More [[Storage-Node | Storage-Nodes]] need to be integrated manually.<br />
<br />
=== Network Overview ===<br />
As stated before, a minimal multi node stoney cloud environment consist of two VM- and Storage-Nodes.<br />
It is highly recommended to use IEEE 802.3ad link aggregation (bonding, trunking etc.) over two network cards and attach them as one logical link to the access switch.<br />
<br />
It is out of scope of this document on how to configure the switches for stacking, link aggregation and VLAN tagging, consult the respective user manual.<br />
<br />
There are two scenarios on how to connect the nodes to the network.<br />
<br />
==== Network Overview: Physical Layer Scenario 1 (recommended) ====<br />
The preferred solution is to use two switches which are stackable (supporting link aggregation over two switches). Connect the nodes and switches as illustrated below. Thus eliminating the single point of failure as presented in scenario 2.<br />
<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ <br />
bond0 | \ / | bond0<br />
| \ / |<br />
| \ / |<br />
| \/ | ___<br />
| /\ | ___( )___<br />
| / \ | __( )__<br />
| / \ | _( )_<br />
+-------------+ +-------------+ _( )_<br />
| switch-01 |===| switch-02 |-------------------(_ Corporate LAN/WAN _)<br />
+-------------+ +-------------+ (_ _)<br />
| \ / | (__ __)<br />
| \ / | (___ ___)<br />
| \ / | (___)<br />
| \/ |<br />
| /\ |<br />
| / \ |<br />
bond0 | / \ | bond0<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network Overview: Physical Layer Scenario 2 (use at your own risk) ====<br />
If theres only one switch available (or the switches aren't stackable) connect the nodes as illustrated below. As you can see, the switch is as a single point of failure.<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ ___<br />
bond0 \\ // bond0 ___( )___<br />
\\ // __( )__<br />
\\ // _( )_<br />
+-------------+ _( )_<br />
| switch-01 |-----------------------------(_ Corporate LAN/WAN _)<br />
+-------------+ (_ _)<br />
// \\ (__ __) <br />
// \\ (___ ___)<br />
bond0 // \\ bond0 (___)<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network overview: Logical layer ====<br />
The goal is to achieve the following configuration:<br />
<pre><br />
+----------------+----------------+----------------+----------------+<br />
| 10.1.110.1X | 10.1.120.1X | 10.1.130.1X | 192.168.140.1X |<br />
+----------------+----------------+----------------+----------------+<br />
| | | | vmbr0 |<br />
| vlan110 | vlan120 | vlan130 +----------------+<br />
| | | | vlan140 |<br />
+----------------+----------------+----------------+----------------+<br />
+-------------------------------------------------------------------+<br />
| bond0 (bonding.mode=802.3ad) |<br />
+-------------------------------------------------------------------+<br />
+----------------+ +----------------+<br />
| eth0 | | eth1 |<br />
+----------------+ +----------------+<br />
</pre><br />
<br />
The ideal stoney cloud environment is based on four logical separated VLANs (virtual LANs):<br />
* '''admin''': Administrative network, used for administration and monitoring purposes.<br />
* '''data''': Data network, used for GlusterFS traffic.<br />
* '''int''': Internal network, used for internal traffic such as LDAP, libvirt and more.<br />
* '''pub''': Public network, used for accessing the VM-Manager webinterface, Spice traffic and internet access.<br />
<br />
Each of the above VLANs hold dedicated services and separates them from each other. This documentation assumes, that the four VLANs are present and the following IP networks are available:<br />
<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100%<br />
!align="left"|VLAN name<br />
!align="left"|VLAN ID<br />
!align="left"|Network prefix<br />
!align="left"|Default Gateway address<br />
!align="left"|Broadcast address<br />
!align="left"|Domain name<br />
!align="left"|VIP<br />
|-<br />
<br />
|admin<br />
|110<br />
|10.1.110.0/24<br />
| -- <br />
|10.1.110.255<br />
|admin.example.com<br />
|<br />
|-<br />
<br />
|data<br />
|120<br />
|10.1.120.0/24<br />
| --<br />
|10.1.120.255<br />
|data.example.com<br />
|<br />
|-<br />
<br />
|int<br />
|130<br />
|10.1.130.0/24<br />
| --<br />
|10.1.130.255<br />
|int.example.com<br />
|10.1.130.10<br />
|-<br />
<br />
|pub<br />
|140<br />
|192.168.140.0/24<br />
|192.168.140.1<br />
|192.168.140.255<br />
|example.com<br />
|192.168.140.10<br />
|-<br />
<br />
|}<br />
<br />
The IP allocation of the nodes will be assumed as stated in the table below:<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100% <br />
!align="left"|Node name<br />
!align="left"|Admin address (VLAN 110)<br />
!align="left"|Data address (VLAN 120)<br />
!align="left"|Int address (VLAN 130)<br />
!align="left"|Pub address (VLAN 140)<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-01<br />
|10.1.110.11<br />
|10.1.120.11<br />
|10.1.130.11<br />
|192.168.140.11<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-02<br />
|10.1.110.12<br />
|10.1.120.12<br />
|10.1.130.12<br />
|192.168.140.12<br />
|-<br />
<br />
|-<br />
|vm-node-01<br />
|10.1.110.13<br />
|10.1.120.13<br />
|10.1.130.13<br />
|192.168.140.13<br />
|-<br />
<br />
|-<br />
|vm-node-02<br />
|10.1.110.14<br />
|10.1.120.14<br />
|10.1.130.14<br />
|192.168.140.14<br />
|-<br />
<br />
|}<br />
<br />
We'll also presume, we have the following Domain Name Servers:<br />
* Domain Name Server 1: '''192.168.140.1'''<br />
<br />
== Base Installation ==<br />
All nodes are based on the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
<br />
=== BIOS Set Up Checklist ===<br />
* Enable the "reboot-after-power-loss" option (if your BIOS supports it).<br />
* Make sure, that you have the newest BIOS (BMC and perhaps SCSI firmware) version.<br />
* Make sure, you've disabled halt on post errors (or similar) or enable keyboard-less operation (if your BIOS supports it).<br />
<br />
=== RAID Set Up ===<br />
Create a RAID1 volume. This RAID-Set is used for the Operating System. Please be aware, the the current stoney cloud only supports 147 Gigabyte up to 2 Terabyte disks for this first RAID-Set.<br />
<br />
Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
<br />
=== Node Installation ===<br />
The first step of Semi-Automatic Multi-Node Set Up is the same for all four Nodes. In this documentation we presume, that you stick to the naming convention mentioned above. After the Base Installation of the Nodes, the following daemons will be running:<br />
* '''crond''': Crond, to execute scheduled commands<br />
* '''ntpd''': Network Time Protocol daemon, keeps the time synced with the Time from Servers in the LAN or WAN.<br />
* '''sshd''': OpenSSH SSH daemon, used for remote access and remote administration.<br />
* '''syslogd''': System Logging, keeps track of messages from the System and the Applications.<br />
* '''udevd''': Linux dynamic device management, that manage events, symlinks and permissions of devices.<br />
<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions as follows (the bold values are examples can be set through the administrator and are variable, according to the local setup):<br />
## Global Section<br />
### Confirm that you want to start? '''yes'''<br />
### Choose a Node-Type: '''Storage-Node'''<br />
### Choose a Block-Device: '''sda'''<br />
### Confirm to erase all (from a previous installation): '''yes'''<br />
### Confirm to continue with the given the Partition-Scheme: '''yes'''<br />
### Choose the network interfaces to bond together.<br />
#### Device #0: '''eth0'''<br />
#### Device #1: '''eth1'''<br />
### Node-Name: '''tier1-storage-node-01'''<br />
## pub-VLAN Section<br />
### VLAN ID: '''140'''<br />
### Domain Name: '''example.com'''<br />
### IP Address: '''192.168.140.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''192.168.140.255'''<br />
### Confirm the pub-VLAN Section with '''yes'''<br />
## admin-VLAN Section<br />
### VLAN ID: '''110'''<br />
### Domain Name: '''admin.example.com'''<br />
### IP Address: '''10.1.110.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.110.255'''<br />
### Confirm the admin-VLAN Section with '''yes'''<br />
## data-VLAN Section<br />
### VLAN ID: '''120'''<br />
### Domain Name: '''data.example.com'''<br />
### IP Address: '''10.1.120.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.120.255'''<br />
### Confirm the data-VLAN Section with '''yes'''<br />
## int-VLAN Section<br />
### VLAN ID: '''130'''<br />
### Domain Name: '''int.example.com'''<br />
### IP Address: '''10.1.130.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.130.255'''<br />
### Confirm the int-VLAN Section with '''yes'''<br />
### Enter the default Gateway: '''192.168.140.1'''<br />
### Enter the primary DNS-Server: '''192.168.140.1'''<br />
### Omit configuring a second DNS-Server with '''no'''<br />
## Confirm the listed configuration with '''yes'''<br />
## Enter your very secret root password<br />
## Confirm to reboot with '''yes'''<br />
# Make sure, that you boot from the first harddisk and not from the installation medium again.<br />
# Continue with [[Multi-Node Installation#Specialized_Installation|specializing your Node]]<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
== Skipping Checks ==<br />
To skip checks, type '''no''' when asked:<br />
Do you want to start the installation?<br />
yes or no?: '''no'''<br />
<br />
Then manually restart the stoney cloud installer with the desired options. For example:<br />
/mnt/cdrom/foss-cloud-installer -c<br />
<br />
Options:<br />
-c: Skip CPU requirement checks<br />
-m: Skip memory requirement checks<br />
-s: Skip CPU and memory requirement checks<br />
<br />
== Specialized Installation ==<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the first [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the second [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[node-configuration]] script page.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the VM-Node]].<br />
<br />
Log into the [[Primary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
The stoney cloud uses virtual ip addresses (VIPs) for fail over purposes. Therefore you need to configure [http://www.pureftpd.org/project/ucarp ucarp].<br />
<br />
Confirm that you want to run the script.<br />
Do you really want to proceed with configuration of the primary-master-node?<br />
yes or no (default: no): '''yes'''<br />
<br />
Enter the VIP (virtual IP) for the public interface. The apache will listen on this VIP because it is listening on the public interface (if you followed this documentation the VIP for the public interface is 192.168.140.10).<br />
Please enter the VIP for the pub-interface (VLAN 140)<br />
(default: 192.168.140.10): '''192.168.140.10'''<br />
<br />
Enter the VIP (virtual IP) for the internal interace. The LDAP will listen on this VIP because it is listening on the internal interface (if you followed this documentation the VIP for the internal interface is 10.1.130.10).<br />
Please enter the VIP for the int-interface (VLAN 130)<br />
(default: 10.1.130.10): '''10.1.130.10'''<br />
<br />
Enter the RIP (real IP) for the secondary-master-node on the internal interface. The RIP is needed to keep the LDAP directories synchronized (if you followed this documentation the RIP for the secondary-master-node on the internal interface is 10.1.130.14)<br />
Please enter the IP for the int-interface (VLAN 130) of the<br />
secondary-master-node (default: 10.1.130.14): '''10.1.130.14'''<br />
<br />
The script now tests the network configuration and <br />
<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node. Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the primary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.11): '''10.1.110.11'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the secondary-storage-node. Enter the IP for the secondary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.12). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the secondary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.12): '''10.1.110.12'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
<br />
* Configure the LDAP directory: <br />
** Define the password for the LDAP-Superuser (cn=Manager,dc=stoney-cloud,dc=org)<br />
** Currently the user for the prov-backup-kvm daemon is the LDAP-Superuser so enter the same password again<br />
** Define the password for the LDAP-dhcp user (cn=dhcp,ou=services,ou=administration,dc=stoney-cloud,dc=org)<br />
** Enter all necessary information for the stoney cloud administrator (User1)<br />
*** Given name<br />
*** Surname<br />
*** Gender<br />
*** E-mail<br />
*** Language<br />
*** Password<br />
<br />
* Finally enter the domain name which will correspond to the public VIP (default is stoney-cloud.example.org)<br />
<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the Secondary-Master-Node]].<br />
<br />
Log into the [[Secondary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-master-node<br />
<br />
* In order to get the configuration from the primary-master-node, we need to access it via ssh<br />
** Enter the IP for the primary-master-node on the admin interface (if you followed this documentation it is 10.1.130.13)<br />
** Enter the username (if you followd the default setup it is root)<br />
** Enter the users password.<br />
<br />
* In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node, so enter the following information:<br />
** Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11)<br />
** Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root)<br />
** Enter the users password<br />
* Repeat the same procedure for the secondary-storage-node (if you followed this documentation the IP is 10.1.110.12)<br />
<br />
* Enter the LDAP-Superuser password you defined during the [[Multi-Node Installation#Primary-Master-Node (stoney-cloud-node-01)_2 | primary-master-node]] installation<br />
<br />
* Due tu [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
== Links ==<br />
= Node Integration =<br />
The following figure gives an overview what the node-integration script does for the different node types<br />
<br />
[[File:node-integration.png|500px|thumbnail|none|What does the node-integration script for the different node types]]<br />
<br />
<br />
You can modify/update these steps by editing [[File:node-integration.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
= Old Documentation =<br />
== Specialized Installation ==<br />
=== Primary-Master-Node (vm-node-01) ===<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to mount them now in the VM-Node.<br />
<br />
Log into the Primary-Master-Node and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
==== Manual Steps ====<br />
In order to be able to migrate a VM from a carrier, a special user called transfer will be created.<br />
<source lang="bash"><br />
lvcreate -L 60G -n transfer local0<br />
<br />
mkfs.xfs -L "OSBD_transfe" /dev/local0/transfer <br />
<br />
cat << EOF >> /etc/fstab<br />
<br />
LABEL=OSBD_transfe /home/transfer xfs noatime,nodev,nosuid,noexec 0 2<br />
EOF<br />
<br />
mount /home/transfer<br />
<br />
useradd --comment "User which is used for VM disk file transfer between carriers" \<br />
--create-home \<br />
--system \<br />
--user-group \<br />
transfer<br />
<br />
passwd transfer<br />
</source><br />
<br />
<br />
Allow password authentication for the transfer user:<br />
<source lang="bash"><br />
$EDITOR /etc/ssh/sshd_config<br />
</source><br />
<br />
<pre><br />
[...]<br />
<br />
Match User transfer<br />
PasswordAuthentication yes<br />
<br />
[...]<br />
</pre><br />
To apply the changes above, restart the SSH daemon:<br />
<source lang="bash"><br />
/etc/init.d/sshd restart<br />
</source><br />
<br />
[[Category:stoney cloud]][[Category:Installation]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:node-integration.png&diff=3775File:node-integration.png2014-06-27T12:53:09Z<p>Pat: Initial verison</p>
<hr />
<div>Initial verison</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_cloud:_Multi-Node_Installation&diff=3774stoney cloud: Multi-Node Installation2014-06-27T12:52:49Z<p>Pat: /* Node Integration */</p>
<hr />
<div>== Overview ==<br />
The [http://www.stoney-cloud.org/ stoney cloud] builds upon various standard open source components and can be run on commodity hardware. The final Multi-Node Setup consists of the following components:<br />
* One [[Primary-Master-Node]] with an OpenLDAP Directory Server for the storage of the stoney cloud user and service related data with the web based management [[VM-Manager]] interface and the Linux kernel based virtualization technology.<br />
* One [[Secondary-Master-Node]] with the Linux kernel based virtualization technology.<br />
* Two [[Storage-Node | Storage-Nodes]] configured as a replicated and distributed data storage service based on [http://www.gluster.org/ GlusterFS].<br />
The components communicate with each other over a standard Ethernet based IPv4 network.<br />
<br />
=== Prerequisites ===<br />
The following items and conditions are required to be able to install and configure a stoney cloud environment:<br />
* Dedicated Hardware (4 Servers) which fulfil the following requirements: <br />
** 64-Bit Intel with VT-Technologie (AMD is not tested at the moment).<br />
** 8 Gigabyte Memory (more is better).<br />
** 147 Gigabyte up to 2 Terabyte disks.<br />
*** For all four Nodes ([[VM-Node | VM-Nodes]] and [[Storage-Node | Storage-Nodes]]) two 147 Gigabyte Disks, configured as RAID1, are enough for the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
*** Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
** Two physical Ethernet Interfaces, which support the same bandwidth (for example 1 Gigabit/s).<br />
* Two Gigabit layer-2 switches supporting [http://en.wikipedia.org/wiki/IEEE_802.3ad IEEE 802.3ad] (dynamic link aggregation), [http://en.wikipedia.org/wiki/IEEE_802.1Q IEEE 802.1Q] (VLAN tagging) and stacking (optional, but recommended).<br />
* Experience with Linux environments especially with [http://www.gentoo.org Gentoo Linux].<br />
* Good experience with IP networking, because the Switches need to be configured manually (dynamic link aggregation and VLAN tagging).<br />
<br />
=== Limitations ===<br />
During the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system, the first two physical Ethernet Interfaces are automatically configured as a logical interface (bond0) and the four tagged VLANs are set up. If more than two physical Ethernet Interfaces are to be included in to the logical interface (bond0) or the physical Ethernet Interfaces have different bandwidths (for example 1 Gigabit/s and 10 Gigabit/s), the final logical interface (bond0) needs to be configured manually after the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
Only the first two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] are set up automatically. More [[Storage-Node | Storage-Nodes]] need to be integrated manually.<br />
<br />
=== Network Overview ===<br />
As stated before, a minimal multi node stoney cloud environment consist of two VM- and Storage-Nodes.<br />
It is highly recommended to use IEEE 802.3ad link aggregation (bonding, trunking etc.) over two network cards and attach them as one logical link to the access switch.<br />
<br />
It is out of scope of this document on how to configure the switches for stacking, link aggregation and VLAN tagging, consult the respective user manual.<br />
<br />
There are two scenarios on how to connect the nodes to the network.<br />
<br />
==== Network Overview: Physical Layer Scenario 1 (recommended) ====<br />
The preferred solution is to use two switches which are stackable (supporting link aggregation over two switches). Connect the nodes and switches as illustrated below. Thus eliminating the single point of failure as presented in scenario 2.<br />
<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ <br />
bond0 | \ / | bond0<br />
| \ / |<br />
| \ / |<br />
| \/ | ___<br />
| /\ | ___( )___<br />
| / \ | __( )__<br />
| / \ | _( )_<br />
+-------------+ +-------------+ _( )_<br />
| switch-01 |===| switch-02 |-------------------(_ Corporate LAN/WAN _)<br />
+-------------+ +-------------+ (_ _)<br />
| \ / | (__ __)<br />
| \ / | (___ ___)<br />
| \ / | (___)<br />
| \/ |<br />
| /\ |<br />
| / \ |<br />
bond0 | / \ | bond0<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network Overview: Physical Layer Scenario 2 (use at your own risk) ====<br />
If theres only one switch available (or the switches aren't stackable) connect the nodes as illustrated below. As you can see, the switch is as a single point of failure.<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ ___<br />
bond0 \\ // bond0 ___( )___<br />
\\ // __( )__<br />
\\ // _( )_<br />
+-------------+ _( )_<br />
| switch-01 |-----------------------------(_ Corporate LAN/WAN _)<br />
+-------------+ (_ _)<br />
// \\ (__ __) <br />
// \\ (___ ___)<br />
bond0 // \\ bond0 (___)<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network overview: Logical layer ====<br />
The goal is to achieve the following configuration:<br />
<pre><br />
+----------------+----------------+----------------+----------------+<br />
| 10.1.110.1X | 10.1.120.1X | 10.1.130.1X | 192.168.140.1X |<br />
+----------------+----------------+----------------+----------------+<br />
| | | | vmbr0 |<br />
| vlan110 | vlan120 | vlan130 +----------------+<br />
| | | | vlan140 |<br />
+----------------+----------------+----------------+----------------+<br />
+-------------------------------------------------------------------+<br />
| bond0 (bonding.mode=802.3ad) |<br />
+-------------------------------------------------------------------+<br />
+----------------+ +----------------+<br />
| eth0 | | eth1 |<br />
+----------------+ +----------------+<br />
</pre><br />
<br />
The ideal stoney cloud environment is based on four logical separated VLANs (virtual LANs):<br />
* '''admin''': Administrative network, used for administration and monitoring purposes.<br />
* '''data''': Data network, used for GlusterFS traffic.<br />
* '''int''': Internal network, used for internal traffic such as LDAP, libvirt and more.<br />
* '''pub''': Public network, used for accessing the VM-Manager webinterface, Spice traffic and internet access.<br />
<br />
Each of the above VLANs hold dedicated services and separates them from each other. This documentation assumes, that the four VLANs are present and the following IP networks are available:<br />
<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100%<br />
!align="left"|VLAN name<br />
!align="left"|VLAN ID<br />
!align="left"|Network prefix<br />
!align="left"|Default Gateway address<br />
!align="left"|Broadcast address<br />
!align="left"|Domain name<br />
!align="left"|VIP<br />
|-<br />
<br />
|admin<br />
|110<br />
|10.1.110.0/24<br />
| -- <br />
|10.1.110.255<br />
|admin.example.com<br />
|<br />
|-<br />
<br />
|data<br />
|120<br />
|10.1.120.0/24<br />
| --<br />
|10.1.120.255<br />
|data.example.com<br />
|<br />
|-<br />
<br />
|int<br />
|130<br />
|10.1.130.0/24<br />
| --<br />
|10.1.130.255<br />
|int.example.com<br />
|10.1.130.10<br />
|-<br />
<br />
|pub<br />
|140<br />
|192.168.140.0/24<br />
|192.168.140.1<br />
|192.168.140.255<br />
|example.com<br />
|192.168.140.10<br />
|-<br />
<br />
|}<br />
<br />
The IP allocation of the nodes will be assumed as stated in the table below:<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100% <br />
!align="left"|Node name<br />
!align="left"|Admin address (VLAN 110)<br />
!align="left"|Data address (VLAN 120)<br />
!align="left"|Int address (VLAN 130)<br />
!align="left"|Pub address (VLAN 140)<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-01<br />
|10.1.110.11<br />
|10.1.120.11<br />
|10.1.130.11<br />
|192.168.140.11<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-02<br />
|10.1.110.12<br />
|10.1.120.12<br />
|10.1.130.12<br />
|192.168.140.12<br />
|-<br />
<br />
|-<br />
|vm-node-01<br />
|10.1.110.13<br />
|10.1.120.13<br />
|10.1.130.13<br />
|192.168.140.13<br />
|-<br />
<br />
|-<br />
|vm-node-02<br />
|10.1.110.14<br />
|10.1.120.14<br />
|10.1.130.14<br />
|192.168.140.14<br />
|-<br />
<br />
|}<br />
<br />
We'll also presume, we have the following Domain Name Servers:<br />
* Domain Name Server 1: '''192.168.140.1'''<br />
<br />
== Base Installation ==<br />
All nodes are based on the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
<br />
=== BIOS Set Up Checklist ===<br />
* Enable the "reboot-after-power-loss" option (if your BIOS supports it).<br />
* Make sure, that you have the newest BIOS (BMC and perhaps SCSI firmware) version.<br />
* Make sure, you've disabled halt on post errors (or similar) or enable keyboard-less operation (if your BIOS supports it).<br />
<br />
=== RAID Set Up ===<br />
Create a RAID1 volume. This RAID-Set is used for the Operating System. Please be aware, the the current stoney cloud only supports 147 Gigabyte up to 2 Terabyte disks for this first RAID-Set.<br />
<br />
Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
<br />
=== Node Installation ===<br />
The first step of Semi-Automatic Multi-Node Set Up is the same for all four Nodes. In this documentation we presume, that you stick to the naming convention mentioned above. After the Base Installation of the Nodes, the following daemons will be running:<br />
* '''crond''': Crond, to execute scheduled commands<br />
* '''ntpd''': Network Time Protocol daemon, keeps the time synced with the Time from Servers in the LAN or WAN.<br />
* '''sshd''': OpenSSH SSH daemon, used for remote access and remote administration.<br />
* '''syslogd''': System Logging, keeps track of messages from the System and the Applications.<br />
* '''udevd''': Linux dynamic device management, that manage events, symlinks and permissions of devices.<br />
<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions as follows (the bold values are examples can be set through the administrator and are variable, according to the local setup):<br />
## Global Section<br />
### Confirm that you want to start? '''yes'''<br />
### Choose a Node-Type: '''Storage-Node'''<br />
### Choose a Block-Device: '''sda'''<br />
### Confirm to erase all (from a previous installation): '''yes'''<br />
### Confirm to continue with the given the Partition-Scheme: '''yes'''<br />
### Choose the network interfaces to bond together.<br />
#### Device #0: '''eth0'''<br />
#### Device #1: '''eth1'''<br />
### Node-Name: '''tier1-storage-node-01'''<br />
## pub-VLAN Section<br />
### VLAN ID: '''140'''<br />
### Domain Name: '''example.com'''<br />
### IP Address: '''192.168.140.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''192.168.140.255'''<br />
### Confirm the pub-VLAN Section with '''yes'''<br />
## admin-VLAN Section<br />
### VLAN ID: '''110'''<br />
### Domain Name: '''admin.example.com'''<br />
### IP Address: '''10.1.110.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.110.255'''<br />
### Confirm the admin-VLAN Section with '''yes'''<br />
## data-VLAN Section<br />
### VLAN ID: '''120'''<br />
### Domain Name: '''data.example.com'''<br />
### IP Address: '''10.1.120.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.120.255'''<br />
### Confirm the data-VLAN Section with '''yes'''<br />
## int-VLAN Section<br />
### VLAN ID: '''130'''<br />
### Domain Name: '''int.example.com'''<br />
### IP Address: '''10.1.130.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.130.255'''<br />
### Confirm the int-VLAN Section with '''yes'''<br />
### Enter the default Gateway: '''192.168.140.1'''<br />
### Enter the primary DNS-Server: '''192.168.140.1'''<br />
### Omit configuring a second DNS-Server with '''no'''<br />
## Confirm the listed configuration with '''yes'''<br />
## Enter your very secret root password<br />
## Confirm to reboot with '''yes'''<br />
# Make sure, that you boot from the first harddisk and not from the installation medium again.<br />
# Continue with [[Multi-Node Installation#Specialized_Installation|specializing your Node]]<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
== Skipping Checks ==<br />
To skip checks, type '''no''' when asked:<br />
Do you want to start the installation?<br />
yes or no?: '''no'''<br />
<br />
Then manually restart the stoney cloud installer with the desired options. For example:<br />
/mnt/cdrom/foss-cloud-installer -c<br />
<br />
Options:<br />
-c: Skip CPU requirement checks<br />
-m: Skip memory requirement checks<br />
-s: Skip CPU and memory requirement checks<br />
<br />
== Specialized Installation ==<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the first [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the second [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[node-configuration]] script page.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the VM-Node]].<br />
<br />
Log into the [[Primary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
The stoney cloud uses virtual ip addresses (VIPs) for fail over purposes. Therefore you need to configure [http://www.pureftpd.org/project/ucarp ucarp].<br />
<br />
Confirm that you want to run the script.<br />
Do you really want to proceed with configuration of the primary-master-node?<br />
yes or no (default: no): '''yes'''<br />
<br />
Enter the VIP (virtual IP) for the public interface. The apache will listen on this VIP because it is listening on the public interface (if you followed this documentation the VIP for the public interface is 192.168.140.10).<br />
Please enter the VIP for the pub-interface (VLAN 140)<br />
(default: 192.168.140.10): '''192.168.140.10'''<br />
<br />
Enter the VIP (virtual IP) for the internal interace. The LDAP will listen on this VIP because it is listening on the internal interface (if you followed this documentation the VIP for the internal interface is 10.1.130.10).<br />
Please enter the VIP for the int-interface (VLAN 130)<br />
(default: 10.1.130.10): '''10.1.130.10'''<br />
<br />
Enter the RIP (real IP) for the secondary-master-node on the internal interface. The RIP is needed to keep the LDAP directories synchronized (if you followed this documentation the RIP for the secondary-master-node on the internal interface is 10.1.130.14)<br />
Please enter the IP for the int-interface (VLAN 130) of the<br />
secondary-master-node (default: 10.1.130.14): '''10.1.130.14'''<br />
<br />
The script now tests the network configuration and <br />
<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node. Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the primary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.11): '''10.1.110.11'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the secondary-storage-node. Enter the IP for the secondary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.12). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the secondary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.12): '''10.1.110.12'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
<br />
* Configure the LDAP directory: <br />
** Define the password for the LDAP-Superuser (cn=Manager,dc=stoney-cloud,dc=org)<br />
** Currently the user for the prov-backup-kvm daemon is the LDAP-Superuser so enter the same password again<br />
** Define the password for the LDAP-dhcp user (cn=dhcp,ou=services,ou=administration,dc=stoney-cloud,dc=org)<br />
** Enter all necessary information for the stoney cloud administrator (User1)<br />
*** Given name<br />
*** Surname<br />
*** Gender<br />
*** E-mail<br />
*** Language<br />
*** Password<br />
<br />
* Finally enter the domain name which will correspond to the public VIP (default is stoney-cloud.example.org)<br />
<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the Secondary-Master-Node]].<br />
<br />
Log into the [[Secondary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-master-node<br />
<br />
* In order to get the configuration from the primary-master-node, we need to access it via ssh<br />
** Enter the IP for the primary-master-node on the admin interface (if you followed this documentation it is 10.1.130.13)<br />
** Enter the username (if you followd the default setup it is root)<br />
** Enter the users password.<br />
<br />
* In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node, so enter the following information:<br />
** Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11)<br />
** Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root)<br />
** Enter the users password<br />
* Repeat the same procedure for the secondary-storage-node (if you followed this documentation the IP is 10.1.110.12)<br />
<br />
* Enter the LDAP-Superuser password you defined during the [[Multi-Node Installation#Primary-Master-Node (stoney-cloud-node-01)_2 | primary-master-node]] installation<br />
<br />
* Due tu [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
== Links ==<br />
= Node Integration =<br />
The following figure gives an overview what the node-integration script does for the different node types<br />
<br />
[[File:node-integration.png|500px|thumbnail|none|What does the node-integration script for the different node types]]<br />
<br />
= Old Documentation =<br />
== Specialized Installation ==<br />
=== Primary-Master-Node (vm-node-01) ===<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to mount them now in the VM-Node.<br />
<br />
Log into the Primary-Master-Node and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
==== Manual Steps ====<br />
In order to be able to migrate a VM from a carrier, a special user called transfer will be created.<br />
<source lang="bash"><br />
lvcreate -L 60G -n transfer local0<br />
<br />
mkfs.xfs -L "OSBD_transfe" /dev/local0/transfer <br />
<br />
cat << EOF >> /etc/fstab<br />
<br />
LABEL=OSBD_transfe /home/transfer xfs noatime,nodev,nosuid,noexec 0 2<br />
EOF<br />
<br />
mount /home/transfer<br />
<br />
useradd --comment "User which is used for VM disk file transfer between carriers" \<br />
--create-home \<br />
--system \<br />
--user-group \<br />
transfer<br />
<br />
passwd transfer<br />
</source><br />
<br />
<br />
Allow password authentication for the transfer user:<br />
<source lang="bash"><br />
$EDITOR /etc/ssh/sshd_config<br />
</source><br />
<br />
<pre><br />
[...]<br />
<br />
Match User transfer<br />
PasswordAuthentication yes<br />
<br />
[...]<br />
</pre><br />
To apply the changes above, restart the SSH daemon:<br />
<source lang="bash"><br />
/etc/init.d/sshd restart<br />
</source><br />
<br />
[[Category:stoney cloud]][[Category:Installation]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_cloud:_Multi-Node_Installation&diff=3773stoney cloud: Multi-Node Installation2014-06-27T12:51:33Z<p>Pat: /* Node Integration */</p>
<hr />
<div>== Overview ==<br />
The [http://www.stoney-cloud.org/ stoney cloud] builds upon various standard open source components and can be run on commodity hardware. The final Multi-Node Setup consists of the following components:<br />
* One [[Primary-Master-Node]] with an OpenLDAP Directory Server for the storage of the stoney cloud user and service related data with the web based management [[VM-Manager]] interface and the Linux kernel based virtualization technology.<br />
* One [[Secondary-Master-Node]] with the Linux kernel based virtualization technology.<br />
* Two [[Storage-Node | Storage-Nodes]] configured as a replicated and distributed data storage service based on [http://www.gluster.org/ GlusterFS].<br />
The components communicate with each other over a standard Ethernet based IPv4 network.<br />
<br />
=== Prerequisites ===<br />
The following items and conditions are required to be able to install and configure a stoney cloud environment:<br />
* Dedicated Hardware (4 Servers) which fulfil the following requirements: <br />
** 64-Bit Intel with VT-Technologie (AMD is not tested at the moment).<br />
** 8 Gigabyte Memory (more is better).<br />
** 147 Gigabyte up to 2 Terabyte disks.<br />
*** For all four Nodes ([[VM-Node | VM-Nodes]] and [[Storage-Node | Storage-Nodes]]) two 147 Gigabyte Disks, configured as RAID1, are enough for the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
*** Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
** Two physical Ethernet Interfaces, which support the same bandwidth (for example 1 Gigabit/s).<br />
* Two Gigabit layer-2 switches supporting [http://en.wikipedia.org/wiki/IEEE_802.3ad IEEE 802.3ad] (dynamic link aggregation), [http://en.wikipedia.org/wiki/IEEE_802.1Q IEEE 802.1Q] (VLAN tagging) and stacking (optional, but recommended).<br />
* Experience with Linux environments especially with [http://www.gentoo.org Gentoo Linux].<br />
* Good experience with IP networking, because the Switches need to be configured manually (dynamic link aggregation and VLAN tagging).<br />
<br />
=== Limitations ===<br />
During the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system, the first two physical Ethernet Interfaces are automatically configured as a logical interface (bond0) and the four tagged VLANs are set up. If more than two physical Ethernet Interfaces are to be included in to the logical interface (bond0) or the physical Ethernet Interfaces have different bandwidths (for example 1 Gigabit/s and 10 Gigabit/s), the final logical interface (bond0) needs to be configured manually after the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
Only the first two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] are set up automatically. More [[Storage-Node | Storage-Nodes]] need to be integrated manually.<br />
<br />
=== Network Overview ===<br />
As stated before, a minimal multi node stoney cloud environment consist of two VM- and Storage-Nodes.<br />
It is highly recommended to use IEEE 802.3ad link aggregation (bonding, trunking etc.) over two network cards and attach them as one logical link to the access switch.<br />
<br />
It is out of scope of this document on how to configure the switches for stacking, link aggregation and VLAN tagging, consult the respective user manual.<br />
<br />
There are two scenarios on how to connect the nodes to the network.<br />
<br />
==== Network Overview: Physical Layer Scenario 1 (recommended) ====<br />
The preferred solution is to use two switches which are stackable (supporting link aggregation over two switches). Connect the nodes and switches as illustrated below. Thus eliminating the single point of failure as presented in scenario 2.<br />
<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ <br />
bond0 | \ / | bond0<br />
| \ / |<br />
| \ / |<br />
| \/ | ___<br />
| /\ | ___( )___<br />
| / \ | __( )__<br />
| / \ | _( )_<br />
+-------------+ +-------------+ _( )_<br />
| switch-01 |===| switch-02 |-------------------(_ Corporate LAN/WAN _)<br />
+-------------+ +-------------+ (_ _)<br />
| \ / | (__ __)<br />
| \ / | (___ ___)<br />
| \ / | (___)<br />
| \/ |<br />
| /\ |<br />
| / \ |<br />
bond0 | / \ | bond0<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network Overview: Physical Layer Scenario 2 (use at your own risk) ====<br />
If theres only one switch available (or the switches aren't stackable) connect the nodes as illustrated below. As you can see, the switch is as a single point of failure.<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ ___<br />
bond0 \\ // bond0 ___( )___<br />
\\ // __( )__<br />
\\ // _( )_<br />
+-------------+ _( )_<br />
| switch-01 |-----------------------------(_ Corporate LAN/WAN _)<br />
+-------------+ (_ _)<br />
// \\ (__ __) <br />
// \\ (___ ___)<br />
bond0 // \\ bond0 (___)<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network overview: Logical layer ====<br />
The goal is to achieve the following configuration:<br />
<pre><br />
+----------------+----------------+----------------+----------------+<br />
| 10.1.110.1X | 10.1.120.1X | 10.1.130.1X | 192.168.140.1X |<br />
+----------------+----------------+----------------+----------------+<br />
| | | | vmbr0 |<br />
| vlan110 | vlan120 | vlan130 +----------------+<br />
| | | | vlan140 |<br />
+----------------+----------------+----------------+----------------+<br />
+-------------------------------------------------------------------+<br />
| bond0 (bonding.mode=802.3ad) |<br />
+-------------------------------------------------------------------+<br />
+----------------+ +----------------+<br />
| eth0 | | eth1 |<br />
+----------------+ +----------------+<br />
</pre><br />
<br />
The ideal stoney cloud environment is based on four logical separated VLANs (virtual LANs):<br />
* '''admin''': Administrative network, used for administration and monitoring purposes.<br />
* '''data''': Data network, used for GlusterFS traffic.<br />
* '''int''': Internal network, used for internal traffic such as LDAP, libvirt and more.<br />
* '''pub''': Public network, used for accessing the VM-Manager webinterface, Spice traffic and internet access.<br />
<br />
Each of the above VLANs hold dedicated services and separates them from each other. This documentation assumes, that the four VLANs are present and the following IP networks are available:<br />
<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100%<br />
!align="left"|VLAN name<br />
!align="left"|VLAN ID<br />
!align="left"|Network prefix<br />
!align="left"|Default Gateway address<br />
!align="left"|Broadcast address<br />
!align="left"|Domain name<br />
!align="left"|VIP<br />
|-<br />
<br />
|admin<br />
|110<br />
|10.1.110.0/24<br />
| -- <br />
|10.1.110.255<br />
|admin.example.com<br />
|<br />
|-<br />
<br />
|data<br />
|120<br />
|10.1.120.0/24<br />
| --<br />
|10.1.120.255<br />
|data.example.com<br />
|<br />
|-<br />
<br />
|int<br />
|130<br />
|10.1.130.0/24<br />
| --<br />
|10.1.130.255<br />
|int.example.com<br />
|10.1.130.10<br />
|-<br />
<br />
|pub<br />
|140<br />
|192.168.140.0/24<br />
|192.168.140.1<br />
|192.168.140.255<br />
|example.com<br />
|192.168.140.10<br />
|-<br />
<br />
|}<br />
<br />
The IP allocation of the nodes will be assumed as stated in the table below:<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100% <br />
!align="left"|Node name<br />
!align="left"|Admin address (VLAN 110)<br />
!align="left"|Data address (VLAN 120)<br />
!align="left"|Int address (VLAN 130)<br />
!align="left"|Pub address (VLAN 140)<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-01<br />
|10.1.110.11<br />
|10.1.120.11<br />
|10.1.130.11<br />
|192.168.140.11<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-02<br />
|10.1.110.12<br />
|10.1.120.12<br />
|10.1.130.12<br />
|192.168.140.12<br />
|-<br />
<br />
|-<br />
|vm-node-01<br />
|10.1.110.13<br />
|10.1.120.13<br />
|10.1.130.13<br />
|192.168.140.13<br />
|-<br />
<br />
|-<br />
|vm-node-02<br />
|10.1.110.14<br />
|10.1.120.14<br />
|10.1.130.14<br />
|192.168.140.14<br />
|-<br />
<br />
|}<br />
<br />
We'll also presume, we have the following Domain Name Servers:<br />
* Domain Name Server 1: '''192.168.140.1'''<br />
<br />
== Base Installation ==<br />
All nodes are based on the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
<br />
=== BIOS Set Up Checklist ===<br />
* Enable the "reboot-after-power-loss" option (if your BIOS supports it).<br />
* Make sure, that you have the newest BIOS (BMC and perhaps SCSI firmware) version.<br />
* Make sure, you've disabled halt on post errors (or similar) or enable keyboard-less operation (if your BIOS supports it).<br />
<br />
=== RAID Set Up ===<br />
Create a RAID1 volume. This RAID-Set is used for the Operating System. Please be aware, the the current stoney cloud only supports 147 Gigabyte up to 2 Terabyte disks for this first RAID-Set.<br />
<br />
Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
<br />
=== Node Installation ===<br />
The first step of Semi-Automatic Multi-Node Set Up is the same for all four Nodes. In this documentation we presume, that you stick to the naming convention mentioned above. After the Base Installation of the Nodes, the following daemons will be running:<br />
* '''crond''': Crond, to execute scheduled commands<br />
* '''ntpd''': Network Time Protocol daemon, keeps the time synced with the Time from Servers in the LAN or WAN.<br />
* '''sshd''': OpenSSH SSH daemon, used for remote access and remote administration.<br />
* '''syslogd''': System Logging, keeps track of messages from the System and the Applications.<br />
* '''udevd''': Linux dynamic device management, that manage events, symlinks and permissions of devices.<br />
<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions as follows (the bold values are examples can be set through the administrator and are variable, according to the local setup):<br />
## Global Section<br />
### Confirm that you want to start? '''yes'''<br />
### Choose a Node-Type: '''Storage-Node'''<br />
### Choose a Block-Device: '''sda'''<br />
### Confirm to erase all (from a previous installation): '''yes'''<br />
### Confirm to continue with the given the Partition-Scheme: '''yes'''<br />
### Choose the network interfaces to bond together.<br />
#### Device #0: '''eth0'''<br />
#### Device #1: '''eth1'''<br />
### Node-Name: '''tier1-storage-node-01'''<br />
## pub-VLAN Section<br />
### VLAN ID: '''140'''<br />
### Domain Name: '''example.com'''<br />
### IP Address: '''192.168.140.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''192.168.140.255'''<br />
### Confirm the pub-VLAN Section with '''yes'''<br />
## admin-VLAN Section<br />
### VLAN ID: '''110'''<br />
### Domain Name: '''admin.example.com'''<br />
### IP Address: '''10.1.110.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.110.255'''<br />
### Confirm the admin-VLAN Section with '''yes'''<br />
## data-VLAN Section<br />
### VLAN ID: '''120'''<br />
### Domain Name: '''data.example.com'''<br />
### IP Address: '''10.1.120.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.120.255'''<br />
### Confirm the data-VLAN Section with '''yes'''<br />
## int-VLAN Section<br />
### VLAN ID: '''130'''<br />
### Domain Name: '''int.example.com'''<br />
### IP Address: '''10.1.130.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.130.255'''<br />
### Confirm the int-VLAN Section with '''yes'''<br />
### Enter the default Gateway: '''192.168.140.1'''<br />
### Enter the primary DNS-Server: '''192.168.140.1'''<br />
### Omit configuring a second DNS-Server with '''no'''<br />
## Confirm the listed configuration with '''yes'''<br />
## Enter your very secret root password<br />
## Confirm to reboot with '''yes'''<br />
# Make sure, that you boot from the first harddisk and not from the installation medium again.<br />
# Continue with [[Multi-Node Installation#Specialized_Installation|specializing your Node]]<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
== Skipping Checks ==<br />
To skip checks, type '''no''' when asked:<br />
Do you want to start the installation?<br />
yes or no?: '''no'''<br />
<br />
Then manually restart the stoney cloud installer with the desired options. For example:<br />
/mnt/cdrom/foss-cloud-installer -c<br />
<br />
Options:<br />
-c: Skip CPU requirement checks<br />
-m: Skip memory requirement checks<br />
-s: Skip CPU and memory requirement checks<br />
<br />
== Specialized Installation ==<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the first [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the second [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[node-configuration]] script page.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the VM-Node]].<br />
<br />
Log into the [[Primary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
The stoney cloud uses virtual ip addresses (VIPs) for fail over purposes. Therefore you need to configure [http://www.pureftpd.org/project/ucarp ucarp].<br />
<br />
Confirm that you want to run the script.<br />
Do you really want to proceed with configuration of the primary-master-node?<br />
yes or no (default: no): '''yes'''<br />
<br />
Enter the VIP (virtual IP) for the public interface. The apache will listen on this VIP because it is listening on the public interface (if you followed this documentation the VIP for the public interface is 192.168.140.10).<br />
Please enter the VIP for the pub-interface (VLAN 140)<br />
(default: 192.168.140.10): '''192.168.140.10'''<br />
<br />
Enter the VIP (virtual IP) for the internal interace. The LDAP will listen on this VIP because it is listening on the internal interface (if you followed this documentation the VIP for the internal interface is 10.1.130.10).<br />
Please enter the VIP for the int-interface (VLAN 130)<br />
(default: 10.1.130.10): '''10.1.130.10'''<br />
<br />
Enter the RIP (real IP) for the secondary-master-node on the internal interface. The RIP is needed to keep the LDAP directories synchronized (if you followed this documentation the RIP for the secondary-master-node on the internal interface is 10.1.130.14)<br />
Please enter the IP for the int-interface (VLAN 130) of the<br />
secondary-master-node (default: 10.1.130.14): '''10.1.130.14'''<br />
<br />
The script now tests the network configuration and <br />
<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node. Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the primary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.11): '''10.1.110.11'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the secondary-storage-node. Enter the IP for the secondary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.12). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the secondary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.12): '''10.1.110.12'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
<br />
* Configure the LDAP directory: <br />
** Define the password for the LDAP-Superuser (cn=Manager,dc=stoney-cloud,dc=org)<br />
** Currently the user for the prov-backup-kvm daemon is the LDAP-Superuser so enter the same password again<br />
** Define the password for the LDAP-dhcp user (cn=dhcp,ou=services,ou=administration,dc=stoney-cloud,dc=org)<br />
** Enter all necessary information for the stoney cloud administrator (User1)<br />
*** Given name<br />
*** Surname<br />
*** Gender<br />
*** E-mail<br />
*** Language<br />
*** Password<br />
<br />
* Finally enter the domain name which will correspond to the public VIP (default is stoney-cloud.example.org)<br />
<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the Secondary-Master-Node]].<br />
<br />
Log into the [[Secondary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-master-node<br />
<br />
* In order to get the configuration from the primary-master-node, we need to access it via ssh<br />
** Enter the IP for the primary-master-node on the admin interface (if you followed this documentation it is 10.1.130.13)<br />
** Enter the username (if you followd the default setup it is root)<br />
** Enter the users password.<br />
<br />
* In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node, so enter the following information:<br />
** Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11)<br />
** Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root)<br />
** Enter the users password<br />
* Repeat the same procedure for the secondary-storage-node (if you followed this documentation the IP is 10.1.110.12)<br />
<br />
* Enter the LDAP-Superuser password you defined during the [[Multi-Node Installation#Primary-Master-Node (stoney-cloud-node-01)_2 | primary-master-node]] installation<br />
<br />
* Due tu [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
== Links ==<br />
= Node Integration =<br />
The following figure gives an overview what the node-integration script does for the different node types<br />
<br />
[[File:node-integration.png | thumb | 500 px]]<br />
<br />
= Old Documentation =<br />
== Specialized Installation ==<br />
=== Primary-Master-Node (vm-node-01) ===<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to mount them now in the VM-Node.<br />
<br />
Log into the Primary-Master-Node and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
==== Manual Steps ====<br />
In order to be able to migrate a VM from a carrier, a special user called transfer will be created.<br />
<source lang="bash"><br />
lvcreate -L 60G -n transfer local0<br />
<br />
mkfs.xfs -L "OSBD_transfe" /dev/local0/transfer <br />
<br />
cat << EOF >> /etc/fstab<br />
<br />
LABEL=OSBD_transfe /home/transfer xfs noatime,nodev,nosuid,noexec 0 2<br />
EOF<br />
<br />
mount /home/transfer<br />
<br />
useradd --comment "User which is used for VM disk file transfer between carriers" \<br />
--create-home \<br />
--system \<br />
--user-group \<br />
transfer<br />
<br />
passwd transfer<br />
</source><br />
<br />
<br />
Allow password authentication for the transfer user:<br />
<source lang="bash"><br />
$EDITOR /etc/ssh/sshd_config<br />
</source><br />
<br />
<pre><br />
[...]<br />
<br />
Match User transfer<br />
PasswordAuthentication yes<br />
<br />
[...]<br />
</pre><br />
To apply the changes above, restart the SSH daemon:<br />
<source lang="bash"><br />
/etc/init.d/sshd restart<br />
</source><br />
<br />
[[Category:stoney cloud]][[Category:Installation]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_cloud:_Multi-Node_Installation&diff=3772stoney cloud: Multi-Node Installation2014-06-27T12:05:08Z<p>Pat: /* Links */</p>
<hr />
<div>== Overview ==<br />
The [http://www.stoney-cloud.org/ stoney cloud] builds upon various standard open source components and can be run on commodity hardware. The final Multi-Node Setup consists of the following components:<br />
* One [[Primary-Master-Node]] with an OpenLDAP Directory Server for the storage of the stoney cloud user and service related data with the web based management [[VM-Manager]] interface and the Linux kernel based virtualization technology.<br />
* One [[Secondary-Master-Node]] with the Linux kernel based virtualization technology.<br />
* Two [[Storage-Node | Storage-Nodes]] configured as a replicated and distributed data storage service based on [http://www.gluster.org/ GlusterFS].<br />
The components communicate with each other over a standard Ethernet based IPv4 network.<br />
<br />
=== Prerequisites ===<br />
The following items and conditions are required to be able to install and configure a stoney cloud environment:<br />
* Dedicated Hardware (4 Servers) which fulfil the following requirements: <br />
** 64-Bit Intel with VT-Technologie (AMD is not tested at the moment).<br />
** 8 Gigabyte Memory (more is better).<br />
** 147 Gigabyte up to 2 Terabyte disks.<br />
*** For all four Nodes ([[VM-Node | VM-Nodes]] and [[Storage-Node | Storage-Nodes]]) two 147 Gigabyte Disks, configured as RAID1, are enough for the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
*** Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
** Two physical Ethernet Interfaces, which support the same bandwidth (for example 1 Gigabit/s).<br />
* Two Gigabit layer-2 switches supporting [http://en.wikipedia.org/wiki/IEEE_802.3ad IEEE 802.3ad] (dynamic link aggregation), [http://en.wikipedia.org/wiki/IEEE_802.1Q IEEE 802.1Q] (VLAN tagging) and stacking (optional, but recommended).<br />
* Experience with Linux environments especially with [http://www.gentoo.org Gentoo Linux].<br />
* Good experience with IP networking, because the Switches need to be configured manually (dynamic link aggregation and VLAN tagging).<br />
<br />
=== Limitations ===<br />
During the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system, the first two physical Ethernet Interfaces are automatically configured as a logical interface (bond0) and the four tagged VLANs are set up. If more than two physical Ethernet Interfaces are to be included in to the logical interface (bond0) or the physical Ethernet Interfaces have different bandwidths (for example 1 Gigabit/s and 10 Gigabit/s), the final logical interface (bond0) needs to be configured manually after the installation of the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
Only the first two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] are set up automatically. More [[Storage-Node | Storage-Nodes]] need to be integrated manually.<br />
<br />
=== Network Overview ===<br />
As stated before, a minimal multi node stoney cloud environment consist of two VM- and Storage-Nodes.<br />
It is highly recommended to use IEEE 802.3ad link aggregation (bonding, trunking etc.) over two network cards and attach them as one logical link to the access switch.<br />
<br />
It is out of scope of this document on how to configure the switches for stacking, link aggregation and VLAN tagging, consult the respective user manual.<br />
<br />
There are two scenarios on how to connect the nodes to the network.<br />
<br />
==== Network Overview: Physical Layer Scenario 1 (recommended) ====<br />
The preferred solution is to use two switches which are stackable (supporting link aggregation over two switches). Connect the nodes and switches as illustrated below. Thus eliminating the single point of failure as presented in scenario 2.<br />
<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ <br />
bond0 | \ / | bond0<br />
| \ / |<br />
| \ / |<br />
| \/ | ___<br />
| /\ | ___( )___<br />
| / \ | __( )__<br />
| / \ | _( )_<br />
+-------------+ +-------------+ _( )_<br />
| switch-01 |===| switch-02 |-------------------(_ Corporate LAN/WAN _)<br />
+-------------+ +-------------+ (_ _)<br />
| \ / | (__ __)<br />
| \ / | (___ ___)<br />
| \ / | (___)<br />
| \/ |<br />
| /\ |<br />
| / \ |<br />
bond0 | / \ | bond0<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network Overview: Physical Layer Scenario 2 (use at your own risk) ====<br />
If theres only one switch available (or the switches aren't stackable) connect the nodes as illustrated below. As you can see, the switch is as a single point of failure.<br />
<pre><br />
+----------------------+ +----------------------+<br />
| | | |<br />
| vm-node-01 | | vm-node-02 |<br />
| | | |<br />
+----------------------+ +----------------------+ ___<br />
bond0 \\ // bond0 ___( )___<br />
\\ // __( )__<br />
\\ // _( )_<br />
+-------------+ _( )_<br />
| switch-01 |-----------------------------(_ Corporate LAN/WAN _)<br />
+-------------+ (_ _)<br />
// \\ (__ __) <br />
// \\ (___ ___)<br />
bond0 // \\ bond0 (___)<br />
+-----------------------+ +-----------------------+<br />
| | | |<br />
| tier1-storage-node-01 | | tier1-storage-node-02 |<br />
| | | |<br />
+-----------------------+ +-----------------------+<br />
</pre><br />
<br />
==== Network overview: Logical layer ====<br />
The goal is to achieve the following configuration:<br />
<pre><br />
+----------------+----------------+----------------+----------------+<br />
| 10.1.110.1X | 10.1.120.1X | 10.1.130.1X | 192.168.140.1X |<br />
+----------------+----------------+----------------+----------------+<br />
| | | | vmbr0 |<br />
| vlan110 | vlan120 | vlan130 +----------------+<br />
| | | | vlan140 |<br />
+----------------+----------------+----------------+----------------+<br />
+-------------------------------------------------------------------+<br />
| bond0 (bonding.mode=802.3ad) |<br />
+-------------------------------------------------------------------+<br />
+----------------+ +----------------+<br />
| eth0 | | eth1 |<br />
+----------------+ +----------------+<br />
</pre><br />
<br />
The ideal stoney cloud environment is based on four logical separated VLANs (virtual LANs):<br />
* '''admin''': Administrative network, used for administration and monitoring purposes.<br />
* '''data''': Data network, used for GlusterFS traffic.<br />
* '''int''': Internal network, used for internal traffic such as LDAP, libvirt and more.<br />
* '''pub''': Public network, used for accessing the VM-Manager webinterface, Spice traffic and internet access.<br />
<br />
Each of the above VLANs hold dedicated services and separates them from each other. This documentation assumes, that the four VLANs are present and the following IP networks are available:<br />
<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100%<br />
!align="left"|VLAN name<br />
!align="left"|VLAN ID<br />
!align="left"|Network prefix<br />
!align="left"|Default Gateway address<br />
!align="left"|Broadcast address<br />
!align="left"|Domain name<br />
!align="left"|VIP<br />
|-<br />
<br />
|admin<br />
|110<br />
|10.1.110.0/24<br />
| -- <br />
|10.1.110.255<br />
|admin.example.com<br />
|<br />
|-<br />
<br />
|data<br />
|120<br />
|10.1.120.0/24<br />
| --<br />
|10.1.120.255<br />
|data.example.com<br />
|<br />
|-<br />
<br />
|int<br />
|130<br />
|10.1.130.0/24<br />
| --<br />
|10.1.130.255<br />
|int.example.com<br />
|10.1.130.10<br />
|-<br />
<br />
|pub<br />
|140<br />
|192.168.140.0/24<br />
|192.168.140.1<br />
|192.168.140.255<br />
|example.com<br />
|192.168.140.10<br />
|-<br />
<br />
|}<br />
<br />
The IP allocation of the nodes will be assumed as stated in the table below:<br />
{| border="1" style="border-collapse: collapse; font-size:100%;" width=100% <br />
!align="left"|Node name<br />
!align="left"|Admin address (VLAN 110)<br />
!align="left"|Data address (VLAN 120)<br />
!align="left"|Int address (VLAN 130)<br />
!align="left"|Pub address (VLAN 140)<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-01<br />
|10.1.110.11<br />
|10.1.120.11<br />
|10.1.130.11<br />
|192.168.140.11<br />
|-<br />
<br />
|-<br />
|tier1-storage-node-02<br />
|10.1.110.12<br />
|10.1.120.12<br />
|10.1.130.12<br />
|192.168.140.12<br />
|-<br />
<br />
|-<br />
|vm-node-01<br />
|10.1.110.13<br />
|10.1.120.13<br />
|10.1.130.13<br />
|192.168.140.13<br />
|-<br />
<br />
|-<br />
|vm-node-02<br />
|10.1.110.14<br />
|10.1.120.14<br />
|10.1.130.14<br />
|192.168.140.14<br />
|-<br />
<br />
|}<br />
<br />
We'll also presume, we have the following Domain Name Servers:<br />
* Domain Name Server 1: '''192.168.140.1'''<br />
<br />
== Base Installation ==<br />
All nodes are based on the [http://www.gentoo.org/ Gentoo Linux] operating system.<br />
<br />
=== BIOS Set Up Checklist ===<br />
* Enable the "reboot-after-power-loss" option (if your BIOS supports it).<br />
* Make sure, that you have the newest BIOS (BMC and perhaps SCSI firmware) version.<br />
* Make sure, you've disabled halt on post errors (or similar) or enable keyboard-less operation (if your BIOS supports it).<br />
<br />
=== RAID Set Up ===<br />
Create a RAID1 volume. This RAID-Set is used for the Operating System. Please be aware, the the current stoney cloud only supports 147 Gigabyte up to 2 Terabyte disks for this first RAID-Set.<br />
<br />
Optional: For the two [http://www.gluster.org/ GlusterFS] [[Storage-Node | Storage-Nodes]] we recommend a second RAID-Set configured as [http://en.wikipedia.org/wiki/RAID_6#RAID_6 RAID6]-Set with battery backup.<br />
<br />
=== Node Installation ===<br />
The first step of Semi-Automatic Multi-Node Set Up is the same for all four Nodes. In this documentation we presume, that you stick to the naming convention mentioned above. After the Base Installation of the Nodes, the following daemons will be running:<br />
* '''crond''': Crond, to execute scheduled commands<br />
* '''ntpd''': Network Time Protocol daemon, keeps the time synced with the Time from Servers in the LAN or WAN.<br />
* '''sshd''': OpenSSH SSH daemon, used for remote access and remote administration.<br />
* '''syslogd''': System Logging, keeps track of messages from the System and the Applications.<br />
* '''udevd''': Linux dynamic device management, that manage events, symlinks and permissions of devices.<br />
<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions as follows (the bold values are examples can be set through the administrator and are variable, according to the local setup):<br />
## Global Section<br />
### Confirm that you want to start? '''yes'''<br />
### Choose a Node-Type: '''Storage-Node'''<br />
### Choose a Block-Device: '''sda'''<br />
### Confirm to erase all (from a previous installation): '''yes'''<br />
### Confirm to continue with the given the Partition-Scheme: '''yes'''<br />
### Choose the network interfaces to bond together.<br />
#### Device #0: '''eth0'''<br />
#### Device #1: '''eth1'''<br />
### Node-Name: '''tier1-storage-node-01'''<br />
## pub-VLAN Section<br />
### VLAN ID: '''140'''<br />
### Domain Name: '''example.com'''<br />
### IP Address: '''192.168.140.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''192.168.140.255'''<br />
### Confirm the pub-VLAN Section with '''yes'''<br />
## admin-VLAN Section<br />
### VLAN ID: '''110'''<br />
### Domain Name: '''admin.example.com'''<br />
### IP Address: '''10.1.110.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.110.255'''<br />
### Confirm the admin-VLAN Section with '''yes'''<br />
## data-VLAN Section<br />
### VLAN ID: '''120'''<br />
### Domain Name: '''data.example.com'''<br />
### IP Address: '''10.1.120.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.120.255'''<br />
### Confirm the data-VLAN Section with '''yes'''<br />
## int-VLAN Section<br />
### VLAN ID: '''130'''<br />
### Domain Name: '''int.example.com'''<br />
### IP Address: '''10.1.130.11'''<br />
### Netmask: '''24'''<br />
### Broadcast: '''10.1.130.255'''<br />
### Confirm the int-VLAN Section with '''yes'''<br />
### Enter the default Gateway: '''192.168.140.1'''<br />
### Enter the primary DNS-Server: '''192.168.140.1'''<br />
### Omit configuring a second DNS-Server with '''no'''<br />
## Confirm the listed configuration with '''yes'''<br />
## Enter your very secret root password<br />
## Confirm to reboot with '''yes'''<br />
# Make sure, that you boot from the first harddisk and not from the installation medium again.<br />
# Continue with [[Multi-Node Installation#Specialized_Installation|specializing your Node]]<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
# Insert the stoney cloud CD and boot the server.<br />
# Answer the questions.<br />
# Reboot the Server and make sure, that you boot from the first harddisk.<br />
<br />
== Skipping Checks ==<br />
To skip checks, type '''no''' when asked:<br />
Do you want to start the installation?<br />
yes or no?: '''no'''<br />
<br />
Then manually restart the stoney cloud installer with the desired options. For example:<br />
/mnt/cdrom/foss-cloud-installer -c<br />
<br />
Options:<br />
-c: Skip CPU requirement checks<br />
-m: Skip memory requirement checks<br />
-s: Skip CPU and memory requirement checks<br />
<br />
== Specialized Installation ==<br />
==== First Storage-Node (tier1-storage-node-01) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the first [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Second Storage-Node (tier1-storage-node-02) ====<br />
Before running the node configuration script, you may want to create a [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#Before_node_configuration_script | additional Backup Volume on Storage Node]].<br />
<br />
Log into the second [[Storage-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-storage-node<br />
<br />
For more information about the script and what it does, please visit the [[node-configuration]] script page.<br />
<br />
==== Primary-Master-Node (vm-node-01) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the VM-Node]].<br />
<br />
Log into the [[Primary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
The stoney cloud uses virtual ip addresses (VIPs) for fail over purposes. Therefore you need to configure [http://www.pureftpd.org/project/ucarp ucarp].<br />
<br />
Confirm that you want to run the script.<br />
Do you really want to proceed with configuration of the primary-master-node?<br />
yes or no (default: no): '''yes'''<br />
<br />
Enter the VIP (virtual IP) for the public interface. The apache will listen on this VIP because it is listening on the public interface (if you followed this documentation the VIP for the public interface is 192.168.140.10).<br />
Please enter the VIP for the pub-interface (VLAN 140)<br />
(default: 192.168.140.10): '''192.168.140.10'''<br />
<br />
Enter the VIP (virtual IP) for the internal interace. The LDAP will listen on this VIP because it is listening on the internal interface (if you followed this documentation the VIP for the internal interface is 10.1.130.10).<br />
Please enter the VIP for the int-interface (VLAN 130)<br />
(default: 10.1.130.10): '''10.1.130.10'''<br />
<br />
Enter the RIP (real IP) for the secondary-master-node on the internal interface. The RIP is needed to keep the LDAP directories synchronized (if you followed this documentation the RIP for the secondary-master-node on the internal interface is 10.1.130.14)<br />
Please enter the IP for the int-interface (VLAN 130) of the<br />
secondary-master-node (default: 10.1.130.14): '''10.1.130.14'''<br />
<br />
The script now tests the network configuration and <br />
<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node. Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the primary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.11): '''10.1.110.11'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
In order to mount the gluster-filesystem, you need to connect via ssh to the secondary-storage-node. Enter the IP for the secondary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.12). Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root) and the corresponding password.<br />
Please enter the following information for the secondary Storage-Node with the OpenSSH daemon listening on the VLAN with the name 'admin' and with the VLAN ID '110':<br />
<br />
IP address (default: 10.1.110.12): '''10.1.110.12'''<br />
Username (default: root): '''root'''<br />
Password for root: '''**********'''<br />
<br />
<br />
* Configure the LDAP directory: <br />
** Define the password for the LDAP-Superuser (cn=Manager,dc=stoney-cloud,dc=org)<br />
** Currently the user for the prov-backup-kvm daemon is the LDAP-Superuser so enter the same password again<br />
** Define the password for the LDAP-dhcp user (cn=dhcp,ou=services,ou=administration,dc=stoney-cloud,dc=org)<br />
** Enter all necessary information for the stoney cloud administrator (User1)<br />
*** Given name<br />
*** Surname<br />
*** Gender<br />
*** E-mail<br />
*** Language<br />
*** Password<br />
<br />
* Finally enter the domain name which will correspond to the public VIP (default is stoney-cloud.example.org)<br />
<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
==== Secondary-Master-Node (vm-node-02) ====<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to [[Additional_Local_Backup_Volume_on_the_Storage-Nodes#On_the_VM-Nodes | mount them now in the Secondary-Master-Node]].<br />
<br />
Log into the [[Secondary-Master-Node]] and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type secondary-master-node<br />
<br />
* In order to get the configuration from the primary-master-node, we need to access it via ssh<br />
** Enter the IP for the primary-master-node on the admin interface (if you followed this documentation it is 10.1.130.13)<br />
** Enter the username (if you followd the default setup it is root)<br />
** Enter the users password.<br />
<br />
* In order to mount the gluster-filesystem, you need to connect via ssh to the primary-storage-node, so enter the following information:<br />
** Enter the IP for the primary-storage-node on the admin interface (if you followed this documentation the IP for the primary-storage-node on the admin interface is 10.1.110.11)<br />
** Enter the a valid username which exists on the primary-storage-node (if you followed this documentation it is root)<br />
** Enter the users password<br />
* Repeat the same procedure for the secondary-storage-node (if you followed this documentation the IP is 10.1.110.12)<br />
<br />
* Enter the LDAP-Superuser password you defined during the [[Multi-Node Installation#Primary-Master-Node (stoney-cloud-node-01)_2 | primary-master-node]] installation<br />
<br />
* Due tu [https://github.com/stepping-stone/node-integration/issues/9 bug #9], you need to manually finish the configuration of the libvirthook scripts:<br />
** You mainly have to fill in the following variables:<br />
*** '''libvirtHookFirewallSvnUser'''<br />
*** '''libvirtHookFirewallSvnPassword'''<br />
** See also [https://int.stepping-stone.ch/wiki/libvirt_Hooks#Config_for_test-environment this test configuration]<br />
* Due to [https://github.com/stepping-stone/node-integration/issues/12 bug #12], you need to manually configure the LDAPKVMWrapper.pl script:<br />
** Fill in the <code>/etc/Provisioning/Backup/LDAPKVMWrapper.conf</code> file<br />
** Create a cronjob entry which runs the script <code>/usr/bin/LDAPKVMWrapper.pl</code> once a day:<br />
*** <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
<br />
For more information about the script and what it does, please visit the [[fc-node-configuration]] script page.<br />
<br />
== Links ==<br />
= Node Integration =<br />
<br />
= Old Documentation =<br />
== Specialized Installation ==<br />
=== Primary-Master-Node (vm-node-01) ===<br />
If you configured a additional Backup Volume on the Storage Nodes, you want to mount them now in the VM-Node.<br />
<br />
Log into the Primary-Master-Node and execute the node-configuration script as follows:<br />
/usr/sbin/fc-node-configuration --node-type primary-master-node<br />
<br />
==== Manual Steps ====<br />
In order to be able to migrate a VM from a carrier, a special user called transfer will be created.<br />
<source lang="bash"><br />
lvcreate -L 60G -n transfer local0<br />
<br />
mkfs.xfs -L "OSBD_transfe" /dev/local0/transfer <br />
<br />
cat << EOF >> /etc/fstab<br />
<br />
LABEL=OSBD_transfe /home/transfer xfs noatime,nodev,nosuid,noexec 0 2<br />
EOF<br />
<br />
mount /home/transfer<br />
<br />
useradd --comment "User which is used for VM disk file transfer between carriers" \<br />
--create-home \<br />
--system \<br />
--user-group \<br />
transfer<br />
<br />
passwd transfer<br />
</source><br />
<br />
<br />
Allow password authentication for the transfer user:<br />
<source lang="bash"><br />
$EDITOR /etc/ssh/sshd_config<br />
</source><br />
<br />
<pre><br />
[...]<br />
<br />
Match User transfer<br />
PasswordAuthentication yes<br />
<br />
[...]<br />
</pre><br />
To apply the changes above, restart the SSH daemon:<br />
<source lang="bash"><br />
/etc/init.d/sshd restart<br />
</source><br />
<br />
[[Category:stoney cloud]][[Category:Installation]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_backup:_Server_set-up&diff=3771stoney backup: Server set-up2014-06-27T07:41:57Z<p>Pat: /* Provisioning global configuration */</p>
<hr />
<div>= Abstract =<br />
This document describes server setup for the stoney cloud (Online) Backup service, built upon the [http://www.gentoo.org/ Gentoo] Linux distribution.<br />
<br />
= Overview =<br />
After working through this documentation, you will be able to set up and configure your own (Online) Backup service server.<br />
<br />
= Software Installation =<br />
<br />
== Requirements ==<br />
A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
<br />
== Keywords & USE-Flags ==<br />
For a minimal OpenLDAP directory installation:<br />
echo "net-nds/openldap minimal sasl" >> /etc/portage/package.use<br />
echo "net-nds/openldap ~amd64" >> /etc/portage/package.keywords<br />
<br />
NSS and PAM modules for lookups using LDAP:<br />
echo "sys-auth/nss-pam-ldapd sasl" >> /etc/portage/package.use<br />
echo "sys-auth/nss-pam-ldapd ~amd64" >> /etc/portage/package.keywords<br />
echo "sys-fs/quota ldap" >> /etc/portage/package.use<br />
<br />
echo "=app-admin/jailkit-2.16 ~amd64" >> /etc/portage/package.keywords<br />
<br />
For the prov-backup-rsnapshot daemon:<br />
echo "dev-perl/Net-SMTPS ~amd64" >> /etc/portage/package.keywords<br />
echo "perl-core/Switch ~amd64" >> /etc/portage/package.keywords<br />
<br />
To build puttygen only without X11:<br />
echo "net-misc/putty ~amd64" >> /etc/portage/package.keywords<br />
echo "net-misc/putty -gtk" >> /etc/portage/package.use<br />
<br />
== Emerge ==<br />
emerge -va nss-pam-ldapd \<br />
quota \<br />
net-misc/putty \<br />
app-admin/jailkit \<br />
sys-apps/haveged \<br />
net-misc/putty \<br />
sys-apps/sst-backup-utils \<br />
sys-apps/sst-prov-backup-rsnapshot<br />
<br />
To list the dependencies of ebuilds, you can use <code>equery</code>:<br />
equery depgraph sst-backup-utils<br />
<pre><br />
* Searching for sst-backup-utils ...<br />
<br />
* dependency graph for sys-apps/sst-backup-utils-0.1.0<br />
`-- sys-apps/sst-backup-utils-0.1.0 amd64 <br />
`-- dev-perl/PerlUtil-0.1.0 (>=dev-perl/PerlUtil-0.1.0) amd64 <br />
`-- virtual/perl-Sys-Syslog-0.320.0 (virtual/perl-Sys-Syslog) amd64 <br />
`-- dev-perl/perl-ldap-0.530.0 (dev-perl/perl-ldap) amd64 <br />
`-- dev-perl/XML-Simple-2.200.0 (dev-perl/XML-Simple) amd64 <br />
`-- dev-perl/Config-IniFiles-2.780.0 (dev-perl/Config-IniFiles) amd64 <br />
`-- dev-perl/XML-Validator-Schema-1.100.0 (dev-perl/XML-Validator-Schema) amd64 <br />
`-- dev-perl/Date-Calc-6.300.0 (dev-perl/Date-Calc) amd64 <br />
`-- dev-perl/DateManip-6.310.0 (dev-perl/DateManip) amd64 <br />
`-- dev-perl/Schedule-Cron-Events-1.930.0 (dev-perl/Schedule-Cron-Events) amd64 <br />
`-- dev-perl/DateTime-Format-Strptime-1.520.0 (dev-perl/DateTime-Format-Strptime) amd64 <br />
`-- dev-perl/XML-SAX-0.990.0 (dev-perl/XML-SAX) amd64 <br />
`-- virtual/perl-MIME-Base64-3.130.0-r2 (virtual/perl-MIME-Base64) amd64 <br />
`-- dev-perl/Authen-SASL-2.160.0 (dev-perl/Authen-SASL) amd64 <br />
`-- dev-perl/Net-SMTPS-0.30.0 (dev-perl/Net-SMTPS) ~amd64 <br />
`-- dev-perl/text-template-1.450.0 (dev-perl/text-template) amd64 <br />
`-- virtual/perl-Getopt-Long-2.380.0-r2 (virtual/perl-Getopt-Long) amd64 <br />
`-- dev-perl/Parallel-ForkManager-1.20.0 (dev-perl/Parallel-ForkManager) amd64 <br />
`-- dev-perl/Time-Stopwatch-1.0.0 (dev-perl/Time-Stopwatch) amd64 <br />
`-- app-backup/rsnapshot-1.3.1-r1 (app-backup/rsnapshot) amd64 <br />
[ sys-apps/sst-backup-utils-0.1.0 stats: packages (20), max depth (1) ]<br />
</pre><br />
<br />
For more information, visit the [http://www.gentoo.org/doc/en/gentoolkit.xml Gentoolkit] page.<br />
<br />
= Base Server Software Configuration =<br />
== OpenSSH ==<br />
=== OpenSSH Configuration ===<br />
Configure the OpenSSH daemon:<br />
<source lang="bash"><br />
vi /etc/ssh/sshd_config<br />
</source><br />
<br />
Set following options:<br />
<source lang="bash"><br />
PubkeyAuthentication yes<br />
PasswordAuthentication yes<br />
UsePAM yes<br />
Subsystem sftp internal-sftp<br />
</source><br />
<br />
Make sure, that <code>Subsystem sftp internal-sftp</code> is the last line in the configuration file.<br />
<br />
We want to reduce the numbers of chroot environments in one folder. As the <code>ChrootDirectory</code> configuration option only allows <code>%h</code> (home directory of the user) and <code>%u</code> (username of the user), we need to create the necessary matching rules in the form of:<br />
<source lang="bash"><br />
Match User *000<br />
ChrootDirectory /var/backup/000/%u<br />
AuthorizedKeysFile /var/backup/000/%u/%h/.ssh/authorized_keys<br />
Match<br />
Match User *001<br />
ChrootDirectory /var/backup/001/%u<br />
AuthorizedKeysFile /var/backup/001/%u/%h/.ssh/authorized_keys<br />
Match<br />
...<br />
Match User *999<br />
ChrootDirectory /var/backup/999/%u<br />
AuthorizedKeysFile /var/backup/999/%u/%h/.ssh/authorized_keys<br />
Match<br />
</source><br />
<br />
The creation of the matching rules is done by executing the following bash commands:<br />
<source lang="bash"><br />
FILE=/etc/ssh/sshd_config;<br />
<br />
for x in {0..999} ; do \<br />
printf "Match User *%03d\n" $x >> ${FILE}; \<br />
printf " ChrootDirectory /var/backup/%03d/%%u\n" $x >> ${FILE}; \<br />
printf " AuthorizedKeysFile /var/backup/%03d/%%u/%%h/.ssh/authorized_keys\n" $x >> ${FILE}; \<br />
printf "Match\n" >> ${FILE}; \<br />
done<br />
</source><br />
<br />
Don't forget to restart the OpenSSH daemon:<br />
<source lang="bash"><br />
/etc/init.d/sshd restart<br />
</source><br />
<br />
=== OpenSSH Host Keys ===<br />
If you migrate from a existing backup server, you might want to copy the ssh host keys to the new server. If you do so clients want see a difference between the two hosts as the fingerprint remains the same. Copy the following files from the existing host to the new:<br />
* /etc/ssh/ssh_host_dsa_key<br />
* /etc/ssh/ssh_host_ecdsa_key<br />
* /etc/ssh/ssh_host_key<br />
* /etc/ssh/ssh_host_rsa_key<br />
* /etc/ssh/ssh_host_dsa_key.pub<br />
* /etc/ssh/ssh_host_ecdsa_key.pub<br />
* /etc/ssh/ssh_host_key.pub<br />
* /etc/ssh/ssh_host_rsa_key.pub<br />
<br />
Set the correct permissions on the new host:<br />
chmod 600 /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_key /etc/ssh/ssh_host_rsa_key<br />
chmod 644 /etc/ssh/*.pub<br />
<br />
And restart the ssh daemon. ''Caution'': do not close your existing ssh session as long as you are not sure the ssh daemon has restarted properly and you can login again.<br />
/etc/init.d/sshd restart<br />
<br />
== OpenLDAP ==<br />
=== /etc/hosts ===<br />
Update the <code>/etc/hosts</code> with the LDAP server:<br />
/etc/hosts<br />
<br />
# VIP of the LDAP Server<br />
31.216.40.4 ldapm.stoney-cloud.org<br />
<br />
=== Root CA Certificate Installation ===<br />
Install the root CA certificate into the OpenSSL default certificate storage directory:<br />
fqdn="cloud.stoney-cloud.org" # The fully qualified domain name of the server containing the root certificate.<br />
<br />
cd /etc/ssl/certs/<br />
wget --no-check-certificate https://${fqdn}/ca/FOSS-Cloud_CA.cert.pem<br />
chown root:root /etc/ssl/certs/FOSS-Cloud_CA.cert.pem<br />
chmod 444 /etc/ssl/certs/FOSS-Cloud_CA.cert.pem<br />
<br />
Rebuild the CA hashes<br />
c_rehash /etc/ssl/certs/<br />
<br />
=== /etc/openldap/ldap.conf ===<br />
Update the <code>/etc/openldap/ldap.conf</code>LDAP configuration file/environment variables:<br />
/etc/openldap/ldap.conf<br />
<br />
<pre><br />
# Used to specify a size limit to use when performing searches. The number should be an<br />
# non-negative integer. SIZELIMIT of zero (0) specifies unlimited search size.<br />
SIZELIMIT 20000<br />
<br />
# Used to specify a time limit to use when performing searches. The number should be an<br />
# non-negative integer. TIMELIMIT of zero (0) specifies unlimited search time to be used.<br />
TIMELIMIT 45<br />
<br />
# Specify how aliases dereferencing is done. DEREF should be set to one of never, always, search,<br />
# or find to specify that aliases are never dereferenced, always dereferenced, dereferenced when<br />
# searching, or dereferenced only when locating the base object for the search. The default is to<br />
# never dereference aliases.<br />
DEREF never<br />
<br />
# Specifies the URI(s) of an LDAP server(s) to which the LDAP library should connect. The URI<br />
# scheme may be either ldapor ldaps which refer to LDAP over TCP and LDAP over SSL (TLS)<br />
# respectively. Each server's name can be specified as a domain- style name or an IP address<br />
# literal. Optionally, the server's name can followed by a ':' and the port number the LDAP<br />
# server is listening on. If no port number is provided, the default port for the scheme is<br />
# used (389 for ldap://, 636 for ldaps://). A space separated list of URIs may be provided.<br />
URI ldaps://ldapm.stoney-cloud.org<br />
<br />
# Used to specify the default base DN to use when performing ldap operations. The base must be<br />
# specified as a Distinguished Name in LDAP format.<br />
BASE dc=stoney-cloud,dc=org<br />
<br />
# This is a local copy of the certificate of the certificate authority<br />
# used to sign the server certificate for the LDAP server I am using<br />
TLS_CACERT /etc/ssl/certs/FOSS-Cloud_CA.cert.pem<br />
</pre><br />
<br />
Check you configuration by doing a search:<br />
ldapsearch -v -H "ldaps://ldapm.stoney-cloud.org" \<br />
-b "dc=stoney-cloud,dc=org" \<br />
-D "cn=Manager,dc=stoney-cloud,dc=org" \<br />
-s one "(objectClass=*)" \<br />
-LLL -W<br />
<br />
The result should look something like:<br />
ldap_initialize( ldaps://ldapm.stoney-cloud.org:636/??base )<br />
filter: (objectClass=*)<br />
requesting: All userApplication attributes<br />
dn: ou=administration,dc=stoney-cloud,dc=org<br />
objectClass: top<br />
objectClass: organizationalUnit<br />
ou: administration<br />
...<br />
<br />
== Random Number Generator (haveged) ==<br />
Tools like putty are dependent on random numbers to be able to create certificates.<br />
<br />
=== haveged - Generate random numbers and feed linux random device ===<br />
The haveged daemon doesn't need any special configuration, therefore you can start it from the command line interface:<br />
/etc/init.d/haveged start<br />
<br />
Check, if the start was successful:<br />
ps auxf | grep haveged<br />
<br />
root 18001 1.0 0.0 7420 3616 ? Ss 08:48 0:00 /usr/sbin/haveged -r 0 -w 1024 -v 1<br />
<br />
Add the haveged daemon to the default run level:<br />
rc-update add haveged default<br />
<br />
== nss-pam-ldapd ==<br />
=== nslcd.conf — configuration file for LDAP nameservice daemon ===<br />
/etc/nslcd.conf<br />
<br />
<pre><br />
# This is the configuration file for the LDAP nameservice<br />
# switch library's nslcd daemon. It configures the mapping<br />
# between NSS names (see /etc/nsswitch.conf) and LDAP<br />
# information in the directory.<br />
# See the manual page nslcd.conf(5) for more information.<br />
<br />
# The user and group nslcd should run as.<br />
uid nslcd<br />
gid nslcd<br />
<br />
# The uri pointing to the LDAP server to use for name lookups.<br />
# Multiple entries may be specified. The address that is used<br />
# here should be resolvable without using LDAP (obviously).<br />
#uri ldap://127.0.0.1/<br />
#uri ldaps://127.0.0.1/<br />
#uri ldapi://%2fvar%2frun%2fldapi_sock/<br />
# Note: %2f encodes the '/' used as directory separator<br />
uri ldaps://ldapm.tombstone.ch<br />
<br />
# The LDAP version to use (defaults to 3<br />
# if supported by client library)<br />
#ldap_version 3<br />
<br />
# The distinguished name of the search base.<br />
base dc=stoney-cloud,dc=org<br />
<br />
# The distinguished name to bind to the server with.<br />
# Optional: default is to bind anonymously.<br />
binddn cn=Manager,dc=stoney-cloud,dc=org<br />
<br />
# The credentials to bind with.<br />
# Optional: default is no credentials.<br />
# Note that if you set a bindpw you should check the permissions of this file.<br />
bindpw myverysecretpassword<br />
<br />
# The distinguished name to perform password modifications by root by.<br />
#rootpwmoddn cn=admin,dc=example,dc=com<br />
<br />
# The default search scope.<br />
#scope sub<br />
#scope one<br />
#scope base<br />
<br />
# Customize certain database lookups.<br />
#base group ou=Groups,dc=example,dc=com<br />
base group ou=groups,ou=backup,ou=services,dc=stoney-cloud,dc=org<br />
base passwd ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org<br />
base shadow ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org<br />
#scope group onelevel<br />
#scope hosts sub<br />
<br />
#filter group (&(objectClass=posixGroup)(sstIsActive=TRUE))<br />
filter passwd (&(objectClass=posixAccount)(sstIsActive=TRUE))<br />
filter shadow (&(objectClass=shadowAccount)(sstIsActive=TRUE))<br />
<br />
# Bind/connect timelimit.<br />
#bind_timelimit 30<br />
<br />
# Search timelimit.<br />
#timelimit 30<br />
<br />
# Idle timelimit. nslcd will close connections if the<br />
# server has not been contacted for the number of seconds.<br />
#idle_timelimit 3600<br />
<br />
# Use StartTLS without verifying the server certificate.<br />
#ssl start_tls<br />
tls_reqcert never<br />
<br />
# CA certificates for server certificate verification<br />
#tls_cacertdir /etc/ssl/certs<br />
#tls_cacertfile /etc/ssl/ca.cert<br />
<br />
# Seed the PRNG if /dev/urandom is not provided<br />
#tls_randfile /var/run/egd-pool<br />
<br />
# SSL cipher suite<br />
# See man ciphers for syntax<br />
#tls_ciphers TLSv1<br />
<br />
# Client certificate and key<br />
# Use these, if your server requires client authentication.<br />
#tls_cert<br />
#tls_key<br />
<br />
# Mappings for Services for UNIX 3.5<br />
#filter passwd (objectClass=User)<br />
#map passwd uid msSFU30Name<br />
#map passwd userPassword msSFU30Password<br />
#map passwd homeDirectory msSFU30HomeDirectory<br />
#map passwd homeDirectory msSFUHomeDirectory<br />
#filter shadow (objectClass=User)<br />
#map shadow uid msSFU30Name<br />
#map shadow userPassword msSFU30Password<br />
#filter group (objectClass=Group)<br />
#map group member msSFU30PosixMember<br />
<br />
# Mappings for Services for UNIX 2.0<br />
#filter passwd (objectClass=User)<br />
#map passwd uid msSFUName<br />
#map passwd userPassword msSFUPassword<br />
#map passwd homeDirectory msSFUHomeDirectory<br />
#map passwd gecos msSFUName<br />
#filter shadow (objectClass=User)<br />
#map shadow uid msSFUName<br />
#map shadow userPassword msSFUPassword<br />
#map shadow shadowLastChange pwdLastSet<br />
#filter group (objectClass=Group)<br />
#map group member posixMember<br />
<br />
# Mappings for Active Directory<br />
#pagesize 1000<br />
#referrals off<br />
#idle_timelimit 800<br />
#filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))<br />
#map passwd uid sAMAccountName<br />
#map passwd homeDirectory unixHomeDirectory<br />
#map passwd gecos displayName<br />
#filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))<br />
#map shadow uid sAMAccountName<br />
#map shadow shadowLastChange pwdLastSet<br />
#filter group (objectClass=group)<br />
<br />
# Alternative mappings for Active Directory<br />
# (replace the SIDs in the objectSid mappings with the value for your domain)<br />
#pagesize 1000<br />
#referrals off<br />
#idle_timelimit 800<br />
#filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))<br />
#map passwd uid cn<br />
#map passwd uidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820<br />
#map passwd gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820<br />
#map passwd homeDirectory "/home/$cn"<br />
#map passwd gecos displayName<br />
#map passwd loginShell "/bin/bash"<br />
#filter group (|(objectClass=group)(objectClass=person))<br />
#map group gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820<br />
<br />
# Mappings for AIX SecureWay<br />
#filter passwd (objectClass=aixAccount)<br />
#map passwd uid userName<br />
#map passwd userPassword passwordChar<br />
#map passwd uidNumber uid<br />
#map passwd gidNumber gid<br />
#filter group (objectClass=aixAccessGroup)<br />
#map group cn groupName<br />
#map group gidNumber gid<br />
</pre><br />
<br />
=== nsswitch.conf - Name Service Switch configuration file ===<br />
/etc/nsswitch.conf<br />
<br />
<pre><br />
passwd: files ldap<br />
shadow: files ldap<br />
group: files ldap<br />
<br />
# passwd: db files nis<br />
# shadow: db files nis<br />
# group: db files nis<br />
<br />
hosts: files dns<br />
networks: files dns<br />
<br />
services: db files<br />
protocols: db files<br />
rpc: db files<br />
ethers: db files<br />
netmasks: files<br />
netgroup: files<br />
bootparams: files<br />
<br />
automount: files<br />
aliases: files<br />
</pre><br />
<br />
=== system-auth ===<br />
vi /etc/pam.d/system-auth<br />
<br />
<pre><br />
auth required pam_env.so<br />
auth sufficient pam_unix.so try_first_pass likeauth nullok<br />
auth sufficient pam_ldap.so minimum_uid=1000 use_first_pass<br />
auth required pam_deny.so<br />
<br />
account required pam_unix.so<br />
account sufficient pam_ldap.so minimum_uid=1000 use_first_pass<br />
<br />
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3<br />
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow<br />
password sufficient pam_ldap.so minimum_uid=1000 use_first_pass<br />
password required pam_deny.so<br />
<br />
session required pam_limits.so<br />
session required pam_env.so<br />
session required pam_unix.so<br />
session sufficient pam_ldap.so minimum_uid=1000 use_first_pass<br />
</pre><br />
<br />
=== Test the Setup ===<br />
nslcd -d<br />
<br />
=== Update the Default Run Levels ===<br />
rc-update add nslcd default<br />
rc-update add nscd default<br />
<br />
=== Start the necessary Daemons ===<br />
/etc/init.d/nslcd start<br />
/etc/init.d/nscd start<br />
<br />
== Quota ==<br />
=== 32-bit Project Identifier Support ===<br />
We need to enable 32-bit project identifier support (PROJID32BIT feature) for our naming scheme (uid numbers larger than 65'536), which is already the default on the stepping stone virtual machines:<br />
mkfs.xfs '''-i projid32bit=1''' /dev/vg-local-01/var<br />
<br />
=== Update /etc/fstab and Mount ===<br />
Make sure, that you have user quota (uqota) and project quota (pquota) set as options on the chosen mount point in /etc/fstab. For example:<br />
LABEL=LV-VAR /var xfs noatime,discard,inode64,uquota,pquota 0 2<br />
<br />
reboot<br />
<br />
Check, if everything went ok:<br />
df -h | grep var<br />
<br />
/dev/mapper/vg--local--01-var 1023G 220G 804G 22% /var<br />
<br />
=== Verify ===<br />
Some important options for xfs_quota:<br />
* -x: Enable expert mode.<br />
* -c: Pass arguments on the command line. Multiple arguments may be given.<br />
<br />
Remount the file system /var and check, if /var has the desired values:<br />
xfs_quota -x -c state /var<br />
<br />
As you can see (items marked bold), we have achieved our goal:<br />
User quota state on /var (/dev/mapper/vg--local--01-var)<br />
Accounting: '''ON'''<br />
Enforcement: '''ON'''<br />
Inode: #131 (1 blocks, 1 extents)<br />
Group quota state on /var (/dev/mapper/vg--local--01-var)<br />
Accounting: OFF<br />
Enforcement: OFF<br />
Inode: #132 (1 blocks, 1 extents)<br />
Project quota state on /var (/dev/mapper/vg--local--01-var)<br />
Accounting: '''ON'''<br />
Enforcement: '''ON'''<br />
Inode: #132 (1 blocks, 1 extents)<br />
Blocks grace time: [7 days 00:00:30]<br />
Inodes grace time: [7 days 00:00:30]<br />
Realtime Blocks grace time: [7 days 00:00:30]<br />
<br />
=== User Quotas ===<br />
==== Adding a User Quota ====<br />
Set a quota of 1 Gigabyte for the user 4000187 (the values are in kilobytes, so 1048576 kilobyte are 1024 megabytes which corresponds to 1 gigabyte):<br />
xfs_quota -x -c 'limit bhard=1048576k 4000187' /var<br />
<br />
Or in bytes:<br />
xfs_quota -x -c 'limit bhard=1073741824 4000187' /var<br />
<br />
Read the quota information for the user 4000187:<br />
xfs_quota -x -c 'quota -v -N -u 4000187' /var<br />
<br />
/dev/mapper/vg--local--01-var 0 0 1048576 00 [--------] /var<br />
<br />
If the user has data in the project, that belongs to him, the result will change:<br />
/dev/mapper/vg--local--01-var 512000 0 1048576 00 [--------] /var<br />
<br />
==== Modifiying a User Quota ====<br />
To modify a users quota, you just set a new quota (limit):<br />
xfs_quota -x -c 'limit bhard=1048576k 4000187' /var<br />
<br />
Read the quota information for the user 4000187:<br />
xfs_quota -x -c 'quota -v -N -u 4000187' /var<br />
<br />
/dev/mapper/vg--local--01-var 0 0 1048576 00 [--------] /var<br />
<br />
If the user has data in the project, that belongs to him, the result will change:<br />
/dev/mapper/vg--local--01-var 512000 0 1048576 00 [--------] /var<br />
<br />
==== Removing a User Quota ====<br />
Removing a quota for a user:<br />
xfs_quota -x -c 'limit bhard=0 4000187' /var<br />
<br />
The following command should give you an empty result:<br />
xfs_quota -x -c 'quota -v -N -u 4000187' /var<br />
<br />
=== Project (Directory) Quotas ===<br />
==== Adding a Project (Directory) Quota ====<br />
The XFS file system additionally allows you to set quotas on individual directory hierarchies in the file system that are known as managed trees. Each managed tree is uniquely identified by a project ID and an optional project name. We'll use the following values in the examples:<br />
* project_ID: The uid of the online backup account (4000187).<br />
* project_name: The uid of the online backup account (4000187). This could be a human readable name.<br />
* mountpoint: The mountpoint of the xfs-filesystem (/var). See the <code>/etc/fstab</code> entry from above.<br />
* directory: The directory of the project (187/4000187), starting from the mountpoint of the xfs-filesystem (/var).<br />
<br />
Define a unique project ID for the directory hierarchy in the <code>/etc/projects</code> file (project_ID:mountpoint/directory):<br />
echo "4000187:/var/backup/187/4000187/home/4000187" >> /etc/projects<br />
<br />
Create an entry in the <code>/etc/projid</code> file that maps a project name to the project ID (project_name:project_ID):<br />
echo "4000187:4000187" >> /etc/projid<br />
<br />
Set Project:<br />
xfs_quota -x -c 'project -s -p /var/backup/187/4000187/home/4000187 4000187' /var<br />
<br />
Set Quota (limit) on Project:<br />
xfs_quota -x -c 'limit -p bhard=1048576k 4000187' /var<br />
<br />
Check your Quota (limit)<br />
xfs_quota -x -c 'quota -p 4000187' /var<br />
<br />
Check the Quota:<br />
* <code>-v</code>: increase verbosity in reporting (also dumps zero values).<br />
* <code>-N</code>: suppress the initial header.<br />
* <code>-p</code>: display project quota information.<br />
* <code>-h</code>: human readable format.<br />
xfs_quota -x -c 'quota -v -N -p 4000187' /var<br />
<br />
/dev/mapper/vg--local--01-var 0 0 1048576 00 [--------] /var<br />
<br />
If you copied data into the project, the output will look something like:<br />
/dev/mapper/vg--local--01-var 512000 0 1048576 00 [--------] /var<br />
<br />
To give you an overall view of the whole system:<br />
xfs_quota -x -c report /var<br />
<br />
<pre><br />
User quota on /var (/dev/mapper/vg--local--01-var)<br />
Blocks <br />
User ID Used Soft Hard Warn/Grace <br />
---------- -------------------------------------------------- <br />
root 1024000 0 0 00 [--------]<br />
4000187 0 0 1048576 00 [--------]<br />
<br />
Project quota on /var (/dev/mapper/vg--local--01-var)<br />
Blocks <br />
Project ID Used Soft Hard Warn/Grace <br />
---------- -------------------------------------------------- <br />
4000187 512000 0 1048576 00 [--------]<br />
</pre><br />
<br />
==== Modifying a Project (Directory) Quota ====<br />
To modify a project (directory) quota, you just set an new quota (limit) on the chosen project:<br />
xfs_quota -x -c 'limit -p bhard=1048576k 4000187' /var<br />
<br />
Check your quota (limit)<br />
xfs_quota -x -c 'quota -p 4000187' /var<br />
<br />
==== Removing a Project (Directory) Quota ====<br />
Removing a quota from a project:<br />
xfs_quota -x -c 'limit -p bhard=0 4000187' /var<br />
<br />
Chreck the results:<br />
xfs_quota -x -c report /var<br />
<br />
<pre><br />
User quota on /var (/dev/mapper/vg--local--01-var)<br />
Blocks <br />
User ID Used Soft Hard Warn/Grace <br />
---------- -------------------------------------------------- <br />
root 512000 0 0 00 [--------]<br />
4000187 0 0 1024 00 [--------]<br />
</pre><br />
<br />
As you can see, the line with the Project ID 4000187 has disappeared:<br />
4000187 512000 0 1048576 00 [--------]<br />
<br />
Don't forget to remove the project from <code>/etc/projects</code> and <code>/etc/projid</code>:<br />
sed -i -e '/4000187/d' /etc/projects<br />
sed -i -e '/4000187/d' /etc/projid<br />
<br />
=== Some important notes concerning XFS ===<br />
# The '''quotacheck''' command has no effect on XFS filesystems. The first time quota accounting is turned on (at mount time), XFS does an automatic quotacheck internally; afterwards, the quota system will always be completely consistent until quotas are manually turned off. <br />
# There is '''no need for quota file(s)''' in the root of the XFS filesystem.<br />
<br />
== prov-backup-rsnapshot ==<br />
Install the [[stoney_backup:_prov-backup-rsnapshot | prov-backup-rsnasphot ]] daemon script using the package manager:<br />
<pre><br />
emerge -va sys-apps/sst-prov-backup-rsnapshot<br />
</pre><br />
<br />
=== Configuration ===<br />
If it is the first provisioning module running on this server (very likely) you first have to configure the provisioning daemon (you can skip this step if you have already another provisioning module running on this server)<br />
<br />
==== Provisioning global configuration ====<br />
The global configuration for the provisioning daemon (which was installed with the first provisioning module and the <code>sys-apps/sst-provisioning</code> package) applies to all provisioning modules running on the server. This configuration therefore contains information about the provisioning daemon itself and no information at all about the specific modules. <br />
/etc/Provisioning/Global.conf<br />
<pre><br />
# Copyright (C) 2012 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 0<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
<br />
# The number of seconds to wait before retry contacting the backend server during startup.<br />
SLEEP = 10<br />
<br />
# Number of backend server connection retries during startup.<br />
ATTEMPTS = 3<br />
<br />
[Operation Mode]<br />
# The number of seconds to wait before retry contacting the backend server in case of a service interruptions.<br />
SLEEP = 30<br />
<br />
# Number of backend server connection retries in case of a service interruptions.<br />
ATTEMPTS = 3<br />
<br />
[Mail]<br />
# Error messages are sent to the mail configured below.<br />
SENDTO = <YOUR-MAIL-ADDRESS><br />
HOST = mail.stepping-stone.ch<br />
PORT = 587<br />
USERNAME = <YOUR-NOTIFICATION-EMAIL-ADDRESS><br />
PASSWORD = <PASSWORD><br />
FROMNAME = Provisioning daemon<br />
CA_DIR = /etc/ssl/certs<br />
SSL = starttls<br />
AUTH_METHOD = LOGIN<br />
<br />
# Additionally, you can be informed about creation, modification and deletion of services.<br />
WANTINFOMAIL = 1<br />
</pre><br />
<br />
==== Provisioning daemon prov-backup-rsnapshot module ====<br />
The module specific configuration is located in /etc/Provisioning/<Service>/<Type>.conf. In the case of the prov-backup-rsnapshot module this is <code>/etc/Provisioning/Backup/Rsnapshot.conf</code>. (Note: Comments starting with /* are not in the configuration file, they are only in the wiki to add some additional information)<br />
<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
/* If you want, you can override the log information from the global configuration file this might be useful for debugging */<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
/* Specify the hosts fully qualified domain name. This name will be used to perform some checks and also appear in the information and error mails */<br />
ENVIRONMENT = <FQDN><br />
<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = ldaps://ldapm.tombstone.org<br />
PORT = 636<br />
ADMIN_USER = cn=Manager,dc=stoney-cloud,dc=org<br />
ADMIN_PASSWORD = <PASSWORD><br />
SERVICE_SUBTREE = ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org<br />
COOKIE_FILE = /etc/Provisioning/Backup/rsnapshot.cookie<br />
DEFAULT_COOKIE = rid=001,csn=<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(sstProvisioningState=0))<br />
<br />
/* Specifies the service itself. As it is the prov-backup-rsnapshot module, the SERVICE is "Backup" and the TYPE is "Rsnapshot".<br />
* The MODUS is as usual selfcare and the TRANSPORTAPI is LocalCLI. This is because the daemon is running on the same host as the<br />
* backup accounts are provisioned and the commands can be executed on this host using the cli.<br />
* For more information about MODUS and TRANSPORTAPI see https://int.stepping-stone.ch/wiki/provisioning.pl#Service_Konfiguration<br />
*/<br />
[Service]<br />
MODUS = selfcare<br />
TRANSPORTAPI = LocalCLI<br />
SERVICE = Backup<br />
TYPE = Rsnapshot<br />
<br />
SYSLOG = prov-backup-rsnapshot<br />
<br />
/* For the TRANSPORTAPI LocalCLI there is no gateway required because there is no connection to establish. So set HOST, USER and<br />
* DSA_FILE to whatever you want. Don't leave it blank, otherwise the provisioning daemon would log some error messages saying<br />
* these attributes are empty <br />
*/<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
/* Information about the backup itself (how to setup everything). Note that the %uid% int the RSNAPSHOT_CONFIG_FILE parameter will<br />
* be replaced by the accounts UID. The script CREATE_CHROOT_CMD was installed with the prov-backup-rsnapshot module, so do not<br />
* change this parameter. The quota parameters (SET_QUOTA_CMD, MOUNTPOINT, QUOTA_FILE, PROJECTS_FILE and PROJID_FILE) represent <br />
* the quota setup as described on http://wiki.stoney-cloud.org/index.php/stoney_backup:_Server_set-up#Quota. If you followed this<br />
* manual, you can copy-paste them into your configuration file, otherwise adapt them according to your quota setup.<br />
*/<br />
[Backup]<br />
RSNAPSHOT_CONFIG_FILE = /etc/rsnapshot/rsnapshot.conf.%uid%<br />
SET_QUOTA_CMD = /usr/sbin/xfs_quota<br />
CREATE_CHROOT_CMD = /usr/libexec/createBackupDirectory.sh<br />
MOUNTPOINT = /var<br />
QUOTA_FILE = /etc/backupSize<br />
PROJECTS_FILE = /etc/projects<br />
PROJID_FILE = /etc/projid<br />
</pre><br />
<br />
== backup utils ==<br />
Install the backup utils (multiple scripts which help you to manage and monitor your backup server and backup accounts) using the package manager. For more information about the scripts please see the [[stoney_backup:_Service_Software | stoney backup Service Software]] page. <br />
<pre><br />
emerge -va sys-apps/sst-backup-utils<br />
</pre><br />
=== Configuration ===<br />
Please refer to the configuration sections for the different scripts in [[stoney_backup:_Service_Software | stoney backup Service Software]].<br />
<br />
= Links =<br />
* [http://www.openldap.org/ OpenLDAP], an open source implementation of the Lightweight Directory Access Protocol.<br />
* [http://arthurdejong.org/nss-pam-ldapd/ nss-pam-ldapd], a Name Service Switch (NSS) module that allows your LDAP server to provide user account, group, host name, alias, netgroup, and basically any other information that you would normally get from /etc flat files or NIS.<br />
* [http://www.gentoo.org/doc/de/ldap-howto.xml Gentoo Leitfaden zur OpenLDAP Authentifikation].<br />
* [http://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP Centralized authentication using OpenLDAP].<br />
* [https://code.google.com/p/openssh-lpk/source/browse/trunk/schemas/openssh-lpk_openldap.schema openssh-lpk_openldap.schema] OpenSSH LDAP Public Keys.<br />
* [http://sourceforge.net/projects/linuxquota/ linuxquota] Linux DiskQuota.<br />
* [http://www.rsnapshot.org/ rsnapshot], a remote filesystem snapshot utility, based on rsync.<br />
* [http://olivier.sessink.nl/jailkit/ Jailkit], set of utilities to limit user accounts to specific files using chroot() and or specific commands. Also includes a tool to build a chroot environment.<br />
* [http://www.busybox.net/ Busybox] BusyBox combines tiny versions of many common UNIX utilities into a single small executable. Useful to reduce the number of files (and thus the complexity) when building a chroot. <br />
<br />
[[Category:stoney backup]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3770stoney conductor: VM Backup2014-06-26T14:57:22Z<p>Pat: /* Restore */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the KVMBackupWrapper.pl script with the machines list as a parameter<br />
# Wait for the KVMBackupWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
'''Attention:''' The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
'''Attention''': The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
<br />
<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#Current_Implementation_.28Backup.29]]), the restore process does not work when clicking the icon in the webinterface. <br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3769stoney conductor: prov-backup-kvm2014-06-26T14:55:54Z<p>Pat: /* Backend */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
''' Restore is currently not implemented '''<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
''' Currently the backend configuration is not active. If it is active it will be (maybe some minor modifications) as the following: '''<br />
<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script:<br />
<pre><br />
use constant <br />
{<br />
SUCCESS_CODE => 0,<br />
ERROR_CODE => 1,<br />
<br />
TRUE => 1,<br />
FALSE => 0,<br />
<br />
# Specific error codes<br />
TEMPLATE_NOT_READABLE => 101,<br />
NO_MACHINE => 102,<br />
NO_XML_DESCRIPTION => 103,<br />
CANNOT_CREATE_SNAPSHOT => 104,<br />
NO_STATE_INFORMATION => 105,<br />
CANNOT_START_MACHINE => 106,<br />
NO_BACKUP_LOCATION => 107,<br />
UNCONSISTENT_BACKUP => 108,<br />
CANNOT_GET_SNAPSHOT => 109,<br />
CANNOT_DELETE_SNAPSHOT => 110,<br />
CANNOT_UPDATE_XML => 111,<br />
NO_SPACE_LEFT => 112,<br />
};<br />
</pre><br />
<br />
= Next steps =<br />
* Implement restore<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stoney-cloud/stoney-conductor/tree/master/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3768stoney conductor: prov-backup-kvm2014-06-26T14:54:39Z<p>Pat: /* Exit codes */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
''' Restore is currently not implemented '''<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script:<br />
<pre><br />
use constant <br />
{<br />
SUCCESS_CODE => 0,<br />
ERROR_CODE => 1,<br />
<br />
TRUE => 1,<br />
FALSE => 0,<br />
<br />
# Specific error codes<br />
TEMPLATE_NOT_READABLE => 101,<br />
NO_MACHINE => 102,<br />
NO_XML_DESCRIPTION => 103,<br />
CANNOT_CREATE_SNAPSHOT => 104,<br />
NO_STATE_INFORMATION => 105,<br />
CANNOT_START_MACHINE => 106,<br />
NO_BACKUP_LOCATION => 107,<br />
UNCONSISTENT_BACKUP => 108,<br />
CANNOT_GET_SNAPSHOT => 109,<br />
CANNOT_DELETE_SNAPSHOT => 110,<br />
CANNOT_UPDATE_XML => 111,<br />
NO_SPACE_LEFT => 112,<br />
};<br />
</pre><br />
<br />
= Next steps =<br />
* Implement restore<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stoney-cloud/stoney-conductor/tree/master/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3767stoney conductor: prov-backup-kvm2014-06-26T14:53:47Z<p>Pat: /* Source Code */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
''' Restore is currently not implemented '''<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Implement restore<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stoney-cloud/stoney-conductor/tree/master/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3766stoney conductor: prov-backup-kvm2014-06-26T14:53:00Z<p>Pat: /* Next steps */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
''' Restore is currently not implemented '''<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Implement restore<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3765stoney conductor: prov-backup-kvm2014-06-26T14:52:28Z<p>Pat: /* Restore */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
''' Restore is currently not implemented '''<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3764stoney conductor: prov-backup-kvm2014-06-26T14:52:00Z<p>Pat: /* commitSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the commitSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-Workflow-Retain.png&diff=3763File:KVM-Backup-Workflow-Retain.png2014-06-26T14:51:35Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-Workflow-Retain.png&quot;: New commit method for committing changes from overlay back to underlay image</p>
<hr />
<div>Detailed workflow for the retain process</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3762stoney conductor: prov-backup-kvm2014-06-26T14:50:52Z<p>Pat: /* createSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the createsSnaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3761stoney conductor: prov-backup-kvm2014-06-26T14:50:38Z<p>Pat: /* exportSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the exportSnapshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-Workflow-Merge.png&diff=3760File:KVM-Backup-Workflow-Merge.png2014-06-26T14:50:09Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-Workflow-Merge.png&quot;: New export method with only copy the live image away</p>
<hr />
<div>Detailed workflow for the merge process</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-Workflow-detailed.xmi&diff=3759File:KVM-Backup-Workflow-detailed.xmi2014-06-26T14:49:05Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-Workflow-detailed.xmi&quot;: The new backup process with disk only snapshot and committing changes back</p>
<hr />
<div>Detailed workflow for the three subprocesses (snapshot, merge and retain)</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-Workflow-Snapshot.png&diff=3758File:KVM-Backup-Workflow-Snapshot.png2014-06-26T14:48:22Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-Workflow-Snapshot.png&quot;: New createSnapshot method with disk only snapshots</p>
<hr />
<div>Detailed snapshot workflow</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-simple.xmi&diff=3757File:KVM-Backup-simple.xmi2014-06-26T14:01:37Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-simple.xmi&quot;</p>
<hr />
<div>Simplified prov-backup-kvm workflow</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:KVM-Backup-Workflow.png&diff=3756File:KVM-Backup-Workflow.png2014-06-26T14:01:09Z<p>Pat: Pat uploaded a new version of &quot;File:KVM-Backup-Workflow.png&quot;: Adapted to the new sub steps (create-, export- and commitSnapshots)</p>
<hr />
<div>Simplified prov-backup-kvm workflow</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3755stoney conductor: prov-backup-kvm2014-06-26T14:00:25Z<p>Pat: /* Backup */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (create-, export- and commitSnapshot) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the merge process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3754stoney conductor: VM Backup2014-06-26T13:58:20Z<p>Pat: /* Current Implementation (Restore) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the KVMBackupWrapper.pl script with the machines list as a parameter<br />
# Wait for the KVMBackupWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
'''Attention''': The restore process is not yet defined / nor implemented. The following documentation is about the old restore process. <br />
<br />
<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#Current_Implementation_.28Backup.29]]), the restore process does not work when clicking the icon in the webinterface. <br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3753stoney conductor: VM Backup2014-06-26T13:54:55Z<p>Pat: /* Current Implementation (Backup) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the KVMBackupWrapper.pl script with the machines list as a parameter<br />
# Wait for the KVMBackupWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3752stoney conductor: VM Backup2014-06-26T13:52:47Z<p>Pat: /* Backup a single machine */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (create-, export- and commitSnapshot) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3751stoney conductor: VM Backup2014-06-26T13:52:15Z<p>Pat: /* Step 12: Finalizing the Backup Process (Control instance daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''committed''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3750stoney conductor: VM Backup2014-06-26T13:51:56Z<p>Pat: /* Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commit command, it sets the '''sstProvisioningMode''' to '''comitted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the comitting of the changes from the overlay disk-images back to the underlying ones is done. <br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: comitted<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3749stoney conductor: VM Backup2014-06-26T13:50:47Z<p>Pat: /* Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the commit Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the commit command, it sets the '''sstProvisioningMode''' to '''comitting''' to tell the Control instance daemon and other interested parties, that it is committing changes from the overlay disk-images back to the underlying ones.<br />
<pre><br />
# The attribute sstProvisioningMode is set to comitting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: committing<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3748stoney conductor: VM Backup2014-06-26T13:49:35Z<p>Pat: /* Step 09: Start the commit Process (Control instance daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''commit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3747stoney conductor: VM Backup2014-06-26T13:49:24Z<p>Pat: /* Step 09: Start the Retain Process (Control instance daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the commit Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''copmmit''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to commit the changes from the overlay file to the underlying disk-image<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# commit (this way the Provisioning-Backup-VKM daemon knows, that it must start the commit process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: commit<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3746stoney conductor: VM Backup2014-06-26T13:48:23Z<p>Pat: /* Step 08: Finalizing the Merging Process (Provisioning-Backup-KVM daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the export command, it sets the '''sstProvisioningMode''' to '''exported''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the export of the virtual machine or virtual machine template disk-images is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exported<br />
</pre><br />
<br />
==== Step 09: Start the Retain Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''retain''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to retain (copy and then delete) all the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# retain (this way the Provisioning-Backup-VKM daemon knows, that it must start the retaining process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retain<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3745stoney conductor: VM Backup2014-06-26T13:47:31Z<p>Pat: /* Step 07: Starting the Merge Process (Provisioning-Backup-KVM daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the export Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the export command, it sets the '''sstProvisioningMode''' to '''exporting''' to tell the Control instance daemon and other interested parties, that it is exporting the virtual machine or virtual machine template disk images.<br />
<pre><br />
# The attribute sstProvisioningMode is set to exporting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: exporting<br />
</pre><br />
<br />
==== Step 08: Finalizing the Merging Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the merge command, it sets the '''sstProvisioningMode''' to '''merged''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the merging of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merged<br />
</pre><br />
<br />
==== Step 09: Start the Retain Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''retain''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to retain (copy and then delete) all the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# retain (this way the Provisioning-Backup-VKM daemon knows, that it must start the retaining process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retain<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3744stoney conductor: VM Backup2014-06-26T13:46:41Z<p>Pat: /* Step 06: Start the Merge Process (Control instance daemon) */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the export Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''export''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to export the disk image to the backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# export (this way the Provisioning-Backup-VKM daemon knows, that it must start the export process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: export<br />
</pre><br />
<br />
==== Step 07: Starting the Merge Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the merge command, it sets the '''sstProvisioningMode''' to '''merging''' to tell the Control instance daemon and other interested parties, that it is merging the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to merging by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merging<br />
</pre><br />
<br />
==== Step 08: Finalizing the Merging Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the merge command, it sets the '''sstProvisioningMode''' to '''merged''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the merging of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merged<br />
</pre><br />
<br />
==== Step 09: Start the Retain Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''retain''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to retain (copy and then delete) all the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# retain (this way the Provisioning-Backup-VKM daemon knows, that it must start the retaining process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retain<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.png&diff=3743File:wrapper-interaction.png2014-06-26T13:43:55Z<p>Pat: Pat uploaded a new version of &quot;File:wrapper-interaction.png&quot;: Adapted to the new sub steps (create-, export- and commitSnapshot)</p>
<hr />
<div>Shows how the two wrapper interact with the LDAP backend</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.png&diff=3742File:wrapper-interaction.png2014-06-26T13:43:32Z<p>Pat: Pat uploaded a new version of &quot;File:wrapper-interaction.png&quot;: Reverted to version as of 13:40, 26 June 2014</p>
<hr />
<div>Shows how the two wrapper interact with the LDAP backend</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.png&diff=3741File:wrapper-interaction.png2014-06-26T13:43:09Z<p>Pat: Pat uploaded a new version of &quot;File:wrapper-interaction.png&quot;: Adapted to the new sub steps (create-, export- and commitSnapshot)</p>
<hr />
<div>Shows how the two wrapper interact with the LDAP backend</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:Daemon-communication.png&diff=3740File:Daemon-communication.png2014-06-26T13:41:16Z<p>Pat: Pat uploaded a new version of &quot;File:Daemon-communication.png&quot;: Adapted to the new sub-steps (create-, export- and commitSnapshot)</p>
<hr />
<div>Communication between control instance and prov-backup-kvm daemon</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.png&diff=3739File:wrapper-interaction.png2014-06-26T13:40:48Z<p>Pat: Pat uploaded a new version of &quot;File:wrapper-interaction.png&quot;: Reverted to version as of 11:58, 23 October 2013</p>
<hr />
<div>Shows how the two wrapper interact with the LDAP backend</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=File:wrapper-interaction.png&diff=3738File:wrapper-interaction.png2014-06-26T13:37:56Z<p>Pat: Pat uploaded a new version of &quot;File:wrapper-interaction.png&quot;: Adapted to the new substeps (create-, export- and commitSnapshot)</p>
<hr />
<div>Shows how the two wrapper interact with the LDAP backend</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3737stoney conductor: prov-backup-kvm2014-06-26T13:25:28Z<p>Pat: /* commitSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (snapshot, merge and retain) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the merge process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#commitSnaphsot | commitSnapshot: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3736stoney conductor: prov-backup-kvm2014-06-26T13:25:06Z<p>Pat: /* exportSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (snapshot, merge and retain) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the merge process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#exportSnapshot | exportSnapshot: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#Retain | Retain: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3735stoney conductor: prov-backup-kvm2014-06-26T13:24:37Z<p>Pat: /* createSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (snapshot, merge and retain) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[stoney_conductor:_Backup#createSnapshot | createSnapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the merge process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#Merge | Merge: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#Retain | Retain: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_VM_Backup&diff=3734stoney conductor: VM Backup2014-06-26T13:24:07Z<p>Pat: /* Snapshot */</p>
<hr />
<div>= Overview =<br />
This page describes how the VMs and VM-Templates are backed-up and restored inside the [http://www.stoney-cloud.org stoney cloud].<br />
<br />
= Requirements =<br />
* sstBackupRootDirectory: file:///var/backup/virtualization<br />
** This directory might be a single partition which needs to have the same size as your partition for the live images (it's a "copy" of the live partition)<br />
* sstBackupRetainDirectory: file:///var/virtualization/retain<br />
** This directory must be on the same partition as your life images are<br />
* A working stoney cloud, installed according to [[stoney cloud: Single-Node Installation]] or [[stoney cloud: Multi-Node Installation]].<br />
* The backup configuration must be set: [[stoney_conductor:_OpenLDAP_directory_data_organisation#Backup | stoney conductor: OpenLDAP directory data organisation]].<br />
<br />
= Backup =<br />
== Basic idea ==<br />
The main idea to backup a VM or a VM-Template is, to divide the task into three subtasks: <br />
* createSnapshot: Create a disk only snapshot. A new overlay file is created, all write operations are performed to this file. The underlying disk-image is now read only.<br />
* exportSnapshot: Copy the read only disk-image to the backup location.<br />
* commitSnapshot: Commit the performed write operations from the overlay back to the underlying (original) disk image. Now the underlying image is read-write again and the overlay image can be deleted.<br />
A more detailed and technical description for these three sub-processes can be found [[#Sub-Processes | here]].<br />
<br />
Furthermore there is an control instance, which can independently call these three sub-processes for a given machine. Like that, the stoney cloud is able to handle different cases:<br />
=== Backup a single machine ===<br />
The procedure for backing up a single machine is very simple. Just call the three sub-processes (snapshot, merge and retain) one after the other. So the control instance would do some very basic stuff: <br />
<source lang="c"><br />
object machine = args[0];<br />
<br />
if( createSsnapshot( machine ) )<br />
{<br />
<br />
if ( exportSnapshot( machine ) )<br />
{<br />
<br />
if ( commitSnapshot( machine ) )<br />
{<br />
printf("Successfully backed up machine %s\n", machine);<br />
<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", machine, error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machine, error);<br />
}<br />
</source><br />
<br />
=== Backup multiple machines at the same time ===<br />
When backing up multiple machines at the same time, we need to make sure that the snapshots for the machines are as close together as possible. Therefore the control instance should call first the createSnapshot process for all machines. After every machine has been snapshotted, the control instance can call the exportSnapshot and commitSnapshot process for every machine. The most important part here is, that the control instance somehow remembers, if the snapshot for a given machine was successful or not. Because if the snapshot failed, it must not call the exportSnapshot and commitSnapshot process. So the control instance needs a little bit more logic: <br />
<br />
<source lang="c"><br />
object machines[] = args[0];<br />
object successful_snapshots[];<br />
<br />
# Snapshot all machines<br />
for( int i = 0; i < sizeof(machines) / sizeof(object) ; i++ )<br />
{<br />
# If the snapshot was successful, put the machine into the <br />
# successful_snapshots array<br />
if ( createSnapshot( machines[i] ) )<br />
{<br />
successful_snapshots[machines[i]];<br />
} else<br />
{<br />
printf("Error while snapshotting machine %s: %s\n", machines[i],error);<br />
}<br />
}<br />
<br />
# export and commit all successful_snapshot machines<br />
for ( int i = 0; i < sizeof(successful_snapshots) / sizeof(object) ; i++ ) )<br />
{<br />
# Check if the element at this position is not null, then the snapshot <br />
# for this machine was successful<br />
if ( successful_snapshots[i] )<br />
{<br />
if ( exportSnapshot( successful_snapshots[i] ) )<br />
{<br />
if ( commitSnapshot( successful_snapshots[i] ) )<br />
{<br />
printf("Successfully backed-up machine %s\n", successful_snapshots[i]);<br />
} else<br />
{<br />
printf("Error while committing snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
<br />
} else<br />
{<br />
printf("Error while exporting snapshot for machine %s: %s\n", successful_snapshots[i],error);<br />
}<br />
}<br />
}<br />
</source><br />
<br />
=== Sub-Processes ===<br />
See also [[Libvirt_external_snapshot_with_GlusterFS]]<br />
==== createSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Part_2:_Create_the_snapshot_using_virsh]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#createSnapshot]]<br />
<br />
==== exportSnapshot ====<br />
# Simply copy the underlying image to the backup location<br />
#* <source lang="bash">cp -p /<path>/<to>/<image>.qcow2 /<path>/<to>/<backup>/<location>/.</source><br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#exportSnapshot]]<br />
<br />
==== commitSnapshot ====<br />
For the commands see [[Libvirt_external_snapshot_with_GlusterFS#Cleanup.2FCommit_.28Online.29]]<br />
<br />
For the workflow see [[stoney_conductor:_prov-backup-kvm#commitSnapshot]]<br />
<br />
== Communication through backend ==<br />
Since the stoney cloud is (as the name says already) a cloud solution, it makes sense to have a backend (in our case openLDAP) involved in the whole process. Like that it is possible to run the backup jobs decentralized on every vm-node. The control instance can then modify the backend, and theses changes are seen by the diffenrent backup daemons on the vm-nodes. So the communication could look like shown in the following picture (Figure 1): <br />
<br />
[[File:Daemon-communication.png|800px|thumbnail|none|Figure 1: Communication between the control instance and the prov-backup-kvm daemon through the LDAP backend]]<br />
<br />
=== Control-Instance Daemon Interaction for creating a Backup with LDIF Examples ===<br />
The step numbers correspond with the graphical overview from above.<br />
<br />
==== Step 00: Backup Configuration for a virtual machine ====<br />
<pre><br />
# The following backup configuration says, that the backup should be done daily, at 03:00 hours (localtime).<br />
# * * * * * command to be executed<br />
# - - - - -<br />
# | | | | |<br />
# | | | | +----- day of week (0 - 6) (Sunday=0)<br />
# | | | +------- month (1 - 12)<br />
# | | +--------- day of month (1 - 31)<br />
# | +----------- hour (0 - 23)<br />
# +------------- min (0 - 59)<br />
# localtime in the crontab entry<br />
dn: ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
objectclass: sstCronObjectClass<br />
ou: backup<br />
description: This sub tree contains the backup plan for the virtual machine kvm-005.<br />
sstCronMinute: 0<br />
sstCronHour: 3<br />
sstCronDay: *<br />
sstCronMonth: *<br />
sstCronDayOfWeek: *<br />
sstCronActive: TRUE<br />
sstBackupRootDirectory: file:///var/backup/virtualization<br />
sstBackupRetainDirectory: file:///var/virtualization/retain<br />
sstBackupRamDiskLocation: file:///mnt/ramdisk-test<br />
sstVirtualizationDiskImageFormat: qcow2<br />
sstVirtualizationDiskImageOwner: root<br />
sstVirtualizationDiskImageGroup: vm-storage<br />
sstVirtualizationDiskImagePermission: 0660<br />
sstBackupNumberOfIterations: 1<br />
sstVirtualizationVirtualMachineForceStart: FALSE<br />
sstVirtualizationBandwidthMerge: 0<br />
</pre><br />
<br />
==== Step 01: Initialize Backup Sub Tree (Control instance daemon) ====<br />
The sub tree ''' ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch''' reflects the time, when the backup is planned (in the form of [YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]) and it should be written at the time, when the backup is planned and should be executed. The section '''20121002T010000Z''' means the following:<br />
* Year: 2012<br />
* Month: 10<br />
* Day of Month: 02<br />
* Hour of Day: 01<br />
* Minutes: 00<br />
* Seconds: 00<br />
Please be aware the the time is to be written in UTC (see also the comment in the LDIF example below).<br />
<pre><br />
# This entry is the place holder for the backup, which is to be executed at 03:00 hours (localtime with daylight-saving). This<br />
# leads to the 20121002T010000Z timestamp (which is written in UTC).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: sstProvisioning<br />
objectclass: organizationalUnit<br />
ou: 20121002T010000Z<br />
sstProvisioningExecutionDate: 0<br />
sstProvisioningMode: initialize<br />
sstProvisioningReturnValue: 0<br />
sstProvisioningState: 20121002T014513Z<br />
</pre><br />
<br />
==== Step 02: Finalize the Initialization (Control instance daemon) ====<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is modified.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: initialized<br />
</pre><br />
<br />
==== Step 03: Start the Snapshot Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''snapshot''', the actual backup process is kicked off by the Control instance daemon.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# snapshot (this way the Provisioning-Backup-VKM daemon knows, that it must start the snapshotting process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshot<br />
</pre><br />
<br />
==== Step 04: Starting the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotting''' to tell the Control instance daemon and other interested parties, that it is snapshotting the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to snapshotting by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotting<br />
</pre><br />
<br />
==== Step 05: Finalizing the Snapshot Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the snapshot command, it sets the '''sstProvisioningMode''' to '''snapshotted''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the snapshot of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010011Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: snapshotted<br />
</pre><br />
<br />
==== Step 06: Start the Merge Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''merge''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to merge the backing file disk image back into the current disk image.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# merge (this way the Provisioning-Backup-VKM daemon knows, that it must start the merging process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merge<br />
</pre><br />
<br />
==== Step 07: Starting the Merge Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the merge command, it sets the '''sstProvisioningMode''' to '''merging''' to tell the Control instance daemon and other interested parties, that it is merging the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to merging by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merging<br />
</pre><br />
<br />
==== Step 08: Finalizing the Merging Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the merge command, it sets the '''sstProvisioningMode''' to '''merged''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the merging of the virtual machine or virtual machine template is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T010500Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: merged<br />
</pre><br />
<br />
==== Step 09: Start the Retain Process (Control instance daemon) ====<br />
With the setting of the '''sstProvisioningMode''' to '''retain''', the Control instance daemon tells the Provisioning-Backup-KVM daemon to retain (copy and then delete) all the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the fc-brokerd, when sstProvisioningMode is modified to<br />
# retain (this way the Provisioning-Backup-VKM daemon knows, that it must start the retaining process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retain<br />
</pre><br />
<br />
==== Step 10: Starting the Retain Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the retain command, it sets the '''sstProvisioningMode''' to '''retaining''' to tell the Control instance daemon and other interested parties, that it is retaining the necessary files to the configured backup location.<br />
<pre><br />
# The attribute sstProvisioningMode is set to retaining by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retaining<br />
</pre><br />
<br />
==== Step 11: Finalizing the Retaing Process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the retain command, it sets the '''sstProvisioningMode''' to '''retained''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the retaining of all the necessary files to the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the fc-brokerd knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: retained<br />
</pre><br />
<br />
==== Step 12: Finalizing the Backup Process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''retained''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the fc-brokerd, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the backup process is finished, there for a new backup process could be started.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Backup) ==<br />
Since we do not have a working control instance, we need to have a workaround for backing up the machines: <br />
<br />
* We do already have a BackupKVMWrapper.pl script (File-Backend) which executes the three [[#Sub-Processes | sub-processes ]] in the correct order for a given list of machines (see [[#Backup multiple machines at the same_time]]).<br />
* We do already have the implementation for the whole backup with the LDAP-Backend (see [[ stoney conductor: prov backup kvm ]]).<br />
* We can now combine these two existing scripts and create a wrapper (lets call it LDAPKVMWrapper) which, in some way, adds some logic to the BackupKVMWrapper.pl. In fact the LDAPKVMWrapper wrapper will generate the list of machines which need a backup.<br />
<br />
The behaviour on our servers is as follows (c.f. Figure 2):<br />
# The (decentralized) LDAPKVMWrapper wrapper (which is executed everyday via cronjob) generates a list off all machines running on the current host.<br />
#* Currently on the hosts the cronjobs looks like: <code>00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
#* For each of these machines:<br />
#** Check if the machine is excluded from the backup, if yes, remove the machine from the list<br />
#** Check if the last backup was successful, if not, remove the machine from the list<br />
# Update the backup subtree for each machine in the list<br />
#* Remove the old backup leaf (the "yesterday-leaf"), and add a new one (the "today-leaf") <br />
#* After this step, the machines are ready to be backed up<br />
# Call the BackupKVMWrapper.pl script with the machines list as a parameter<br />
# Wait for the BackupKVMWrapper.pl script to finish<br />
# Go again through all machines and update the backup subtree a last time<br />
#* Check if the backup was successful, if yes, set sstProvisioningMode = finished (see also TBD)<br />
<br />
<br />
[[File:wrapper-interaction.png|500px|thumbnail|none|Figure 2: How the two wrapper interact with the LDAP backend]]<br />
<br />
* If for some reason something does not work at all, the whole backup process can be deactivated by simply disabling the LDAPKVMWrapper cronjob<br />
** <code>crontab -e</code><br />
** Comment the LDAPKVMWrapper cronjob line: <code>#00 01 * * * /usr/bin/LDAPKVMWrapper.pl | logger -t Backup-KVM</code><br />
=== How to exclude a machine from the backup ===<br />
Login to one of the [[VM-Node | vm-nodes]] and execute the following command<br />
<br />
If you want to exclude a machine from the backup run you simply need to add the following entry to your LDAP directory: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
objectclass: top<br />
objectclass: organizationalUnit<br />
objectclass: sstVirtualizationBackupObjectClass<br />
ou: backup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
If the backup subtree in the LDAP directory already exists, you need to add the sstbackupexcludefrombackup attribute: <br />
<source lang="bash"><br />
machineuuid="<UUID OF THE MACHINE-NAME>" # e.g.: b9d13dbc-9ab7-4948-9daa-a5709de83dc2<br />
cat << EOF | ldapadd -D cn=Manager,o=stepping-stone,c=ch -H ldaps://ldapm.stepping-stone.ch/ -W -x<br />
dn: ou=backup,sstVirtualMachine=${machineuuid},ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
add: objectClass<br />
objectClass: sstVirtualizationBackupObjectClass<br />
-<br />
add: sstbackupexcludefrombackup<br />
sstbackupexcludefrombackup: TRUE<br />
EOF<br />
</source><br />
<br />
==== Re-include the machine to the backup ====<br />
If you want to re include a machine, simply delete the machines whole backup subtree. It will be recreated during the next backup run.<br />
<br />
== Next steps ==<br />
<br />
= Restore =<br />
== Basic idea ==<br />
The restore process, similar to the backup process, can be divided into three sub-processes: <br />
* Unretain the small files: Copy the small files (backend entry, XML description) from the backup directory to the retain directory<br />
* Unretain the big files: Copy the big files (state file, disk image(s)) form the backup directory to the retain directory<br />
* Restore the machine: Replace the live disk image(s) by the one(s) from the backup and restore the machine from the state file<br />
<br />
Additionally the restore process can also be divided into two phases: <br />
* User-Interaction phase: After the "unretain small files" the user needs to decide two things:<br />
** On conflicts between the backend entry file and the XML description, the user need to decide how to resolve this conflict(s)<br />
** The user can also abort the restore process up to this point. After that the restore can not be aborted or undone! <br />
* Non-User-Interaction phase: The daemons communicate through the backend between each other and the restore process continues without further user input (c.f. [[#Communication_through_backend_2 | Communication through backend]])<br />
<br />
=== Sub Processes ===<br />
==== Unretain small files ====<br />
This workflow assumes that the backup directory is on the same physical server as the retain directory (protocol is file://)<br />
# Copy the backend-entry file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.backend /path/to/retain/vm-001.backend</source><br />
# Copy the XML description from the from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.xml /path/to/retain/vm-001.xml</source><br />
# Compare the backend-entry file (the one in the retain directory) with the live-backend entry<br />
#* Resolve all conflicts between these two backend entries<br />
#** Modify the backend entry at the retain location accordingly<br />
# Apply the same changes for the XML description at the retain location (backend entry and XML description need to be consistent).<br />
<br />
==== Unretain large files ====<br />
# Copy the state file from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.state /path/to/retain/vm-001.state</source><br />
# Copy the disk image(s) from the backup directory to the retain directory:<br />
#* <source lang="bash">cp -p /path/to/backup/vm-001.qcow2 /path/to/retain/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
<br />
==== Restore the VM ====<br />
# Shutdown the VM if it is running:<br />
#* <source lang="bash">virsh shutdown vm-001</source><br />
# Undefine the VM if it is still defined: <br />
#* <source lang="bash">virsh undefine vm-001</source><br />
# Overwrite the original disk image:<br />
#* <source lang="bash">mv /path/to/retain/vm-001.qcow2 /path/to/images/vm-001.qcow2</source><br />
#** '''Important:''' If a VM has more than just one disk image, repeat this step for every disk image<br />
# Restore the VMs backend entry: <br />
#* Write the backend entry from the retain location (<code>/path/to/retain/vm-001.backend</code>) to the backend<br />
# Overwrite the VMs XML description with the one from the retain location <br />
#* <source lang="bash">cp -p /path/to/retain/vm-001.xml /path/to/xmls/vm-001.xml</source><br />
# Restore the VM from the state file with the corrected XML<br />
#* <source lang="bash">virsh restore /path/to/retain/vm-001.state --xml /path/to/xmls/vm-001.xml</source><br />
<br />
== Communication through backend ==<br />
The actual KVM-Restore process is controlled completely by the Control instance daemon via the OpenLDAP directory. See [[#OpenLDAP Directory Integration|OpenLDAP Directory Integration]] the involved attributes and possible values.<br />
<br />
[[File:Daemon-interaction-restore.png|thumb|500px|none|Figure 3: Communication between all involved parties during the restore process]]<br />
<br />
You can modify/update these interactions by editing [[File:Restore-Interaction.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== Control instance Daemon Interaction for restoring a Backup with LDIF Examples ===<br />
==== Step 01: Start the unretainSmallFiles process (Control instance daemon) ====<br />
The first step of the restore process is to copy the small files (in this case the XML file and the LDIF) from the configured backup location to the configured retain location. <br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainSmallFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainSmallFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainSmallFiles<br />
</pre><br />
<br />
==== Step 02: Starting the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainingSmallFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the small files for the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingSmallFiles<br />
</pre><br />
<br />
==== Step 03: Finalizing the unretainSmallFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the small files, it sets the '''sstProvisioningMode''' to '''unretainedSmallFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the small files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedSmallFiles<br />
</pre><br />
<br />
==== Step 05: Start the unretainLargeFiles process (Control instance daemon) ====<br />
Next step in the restore process is to copy the large files (state file and disk images) from the configured backup directory to the configured retain directory.<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# unretainLargeFiles (this way the Provisioning-Backup-VKM daemon knows, that it must start the unretainLargeFiles process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainLargeFiles<br />
</pre><br />
<br />
==== Step 06: Starting the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the command to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainingLargeFiles''' to tell the Control instance daemon and other interested parties, that it is unretaining the large files for the virtual machine or virtual machine template.<br />
<br />
In the meantime the vm-manager merges the LDIF we have unretained in [[#Step_02:_Starting_the_unretainSmallFiles_process_.28Provisioning-Backup-KVM_daemon.29 | step 02]] with the one in the live directory to sort out possible differences in the configuration of the virtual machine. <br />
<pre><br />
# The attribute sstProvisioningMode is set to unretainingSmallFiles by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainingLargeFiles<br />
</pre><br />
<br />
==== Step 07: Finalizing the unretainLargeFiles process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the commands to unretain the large files, it sets the '''sstProvisioningMode''' to '''unretainedLargeFiles''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the unretaining of all the large files from the configured backup location is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: unretainedLargeFiles<br />
</pre><br />
<br />
==== Step 09: Start the restore process (Control instance daemon) ====<br />
Since we now have all necessary files in the configured retain location, the restore process can be started. There we simply copy the disk images back to their original location and restore the VM from the state file (which is also at the configured retain location)<br />
<br />
<pre><br />
# The attribute sstProvisioningState is set to zero by the Control instance daemon, when sstProvisioningMode is modified to <br />
# restore (this way the Provisioning-Backup-VKM daemon knows, that it must start the restore process).<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restore<br />
</pre><br />
<br />
==== Step 10: Starting the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon receives the restore command, it sets the '''sstProvisioningMode''' to '''restoring''' to tell the Control instance daemon and other interested parties, that it is restoring the virtual machine or virtual machine template.<br />
<pre><br />
# The attribute sstProvisioningMode is set to restoring by the Provisioning-Backup-VKM daemon.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restoring<br />
</pre><br />
<br />
==== Step 11: Finalizing the restore process (Provisioning-Backup-KVM daemon) ====<br />
As soon as the Provisioning-Backup-KVM daemon has executed the restore command, it sets the '''sstProvisioningMode''' to '''restored''', the '''sstProvisioningState''' to the current timestamp (UTC) and '''sstProvisioningReturnValue''' to zero to tell the Control instance daemon and other interested parties, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is set with the current timestamp by the Provisioning-Backup-VKM daemon, when<br />
# the attributes sstProvisioningReturnValue and sstProvisioningMode are set.<br />
# With this combination, the Control instance daemon knows, that it can proceed.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012000Z<br />
-<br />
replace: sstProvisioningReturnValue<br />
sstProvisioningReturnValue: 0<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: restored<br />
</pre><br />
<br />
==== Step 12: Finalizing the restore process (Control instance daemon) ====<br />
As soon as the Control instance daemon notices, that the attribute '''sstProvisioningMode''' ist set to '''restored''', it sets the '''sstProvisioningMode''' to '''finished''' and the '''sstProvisioningState''' to the current timestamp (UTC). All interested parties now know, that the restore process is finished.<br />
<pre><br />
# The attribute sstProvisioningState is updated with current time by the Control instance daemon, when sstProvisioningMode is<br />
# set to finished.<br />
# All interested parties now know, that the restore process is finished.<br />
dn: ou=20121002T010000Z,ou=backup,sstVirtualMachine=kvm-005,ou=virtual machines,ou=virtualization,ou=services,o=stepping-stone,c=ch<br />
changetype: modify<br />
replace: sstProvisioningState<br />
sstProvisioningState: 20121002T012001Z<br />
-<br />
replace: sstProvisioningMode<br />
sstProvisioningMode: finished<br />
</pre><br />
<br />
== Current Implementation (Restore) ==<br />
* Since the prov-backup-kvm daemon is not running on the vm-nodes (c.f. [[stoney_conductor:_Backup#State_of_the_art]]), the restore process does not work when clicking the icon in the webinterface. <br />
* Resolving the conflicts in the backend and XML description file is not yet done<br />
** Actually all steps not executed by prov-backup-kvm are not yet properly implemented (c.f. [[stoney_conductor:_prov_backup_kvm#Restore]])<br />
* The implementation is done, but the last step from the [[#Restore_2 | restore process ]] is different:<br />
** The <code>virsh restore</code> command is not executed with the <code>--xml</code> option, the XML from the state file is taken when restoring the machine. Therefore the conflicts are not properly resolved. <br />
*** --[[User:Pat|Pat]] ([[User talk:Pat|talk]]) 09:41, 29 October 2013 (CET): Currently the [http://search.cpan.org/~danberr/Sys-Virt-1.1.3/lib/Sys/Virt.pm Sys::Virt] library does not support the --xml parameter when restoring a domain<br />
<br />
=== How to manually restore a machine from backup ===<br />
'''Important''': Before you continue with this guide, make sure that you have no other possibility to restore the machine. It might be easier and safer to get lost files from the online backup if the machine has one set up.<br />
<br />
If you really have to restore the machine from the backup:<br />
# Stop the machine from via the [https://cloud.stepping-stone.ch/vm-manager/ web interface]<br />
# Login (as root) on the [[VM-Node]] the machine was running on<br />
<br />
As a first step, you would like to set some useful bash variables to be able to copy paste the following guide:<br />
<br />
'''Double check all variables you are setting here. If one is not correct, you will restore a running machine or overwrite a live-disk image!'''<br />
<source lang='bash'><br />
machinename="<MACHINE-NAME>" # For example: machinename="b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6"<br />
vmpool="<VM-POOL>" # For example vmpool="0f83f084-8080-413e-b558-b678e504836e"<br />
vmtype="<VM-TYPE>" # For example vmtype="vm-persistent"<br />
</source><br />
Change to the backup directory for the given machine and check the iterations:<br />
<source lang='bash'><br />
cd /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}<br />
ls -al<br />
</source><br />
Change into the most recent iteration<br />
<source lang='bash'><br />
cd 2014...<br />
ls -al<br />
</source><br />
In there you should have: <br />
* The state file <MACHINE-NAME>.state.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.state.20140109T134445Z)<br />
* The XML description <MACHINE-NAME>.xml.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.xml.20140109T134445Z)<br />
* The ldif file <MACHINE-NAME>.ldif.<BACKUP-DATE> (for example b6dc3d27-5981-4b18-8f3f-31ed3d21a3c6.ldif.20140109T134445Z)<br />
* And at least one disk image <DISK-IMAGE>.qcow2.<BACKUP-DATE> (for example 8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2.20140109T134445Z)<br />
Now you should save the backup date and the disk image(s) in a variable<br />
<source lang='bash'><br />
backupdate="<BACKUP-DATE>" # For example: backupdate="20140109T134445Z"<br />
diskimage1="<DISK-IMAGE-1>.qcow2" # For example: diskimage1="8798561b-d5de-471b-a6fc-ec2b4831ed12.qcow2"<br />
diskimage2="<DISK-IMAGE-2>.qcow2" # For example: diskimage2="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee.qcow2"<br />
...<br />
</source><br />
<br />
Have again a look at the different variables and '''double check them again'''<br />
<source lang='bash'><br />
echo "Machine Name = ${machinename}"<br />
echo "VM Pool = ${vmpool}"<br />
echo "VM Type = ${vmtype}"<br />
echo "Backup date = ${backupdate}"<br />
echo "Disk Image 1 = ${diskimage1}"<br />
echo "Disk Image 2 = ${diskimage2}"<br />
...<br />
</source><br />
<br />
Copy all these files to the retain location:<br />
<source lang='bash'><br />
currentdate=`date --utc +'%Y%m%dT%H%M%SZ'`<br />
mkdir -p /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.ldif.${backupdate} /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/<br />
</source><br />
<br />
<!--Check if there is a difference between the current XML file and the one from the backup<br />
<source lang='bash'><br />
diff -Naur /etc/libvirt/qemu/${machinename}.xml /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.xml.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.--><br />
<br />
''' Now you are entering the critical part. You won't be able to undo the following steps'''<br />
<br />
Check if there is a difference between the current LDAP entry and the one from the backup<br />
<source lang='bash'><br />
domain="<DOMAIN>" # For example domain="stoney-cloud.org"<br />
ldapbase="<LDAPBASE>" # For expample ldapbase="dc=stoney-cloud,dc=org"<br />
ldapsearch -H ldaps://ldapm.${domain} -b "sstVirtualMachine=${machinename},ou=virtual machines,ou=virtualization,ou=services,${ldapbase}" -s sub -x -LLL -o ldif-wrap=no -D "cn=Manager,${ldapbase}" -W "(objectclass=*)" > /tmp/${machinename}.ldif<br />
diff -Naur /tmp/${machinename}.ldif /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
and '''edit the file at the retain location''' according to your needs.<br />
<br />
If there are no differences (or the differences are not important) you can skip the following step. Otherwise use the [https://cloud.stepping-stone.ch/phpldapadmin PhpLdapAdmin] to delete the machine from the LDAP directory (do not forget to delete the dhcp entry <code>dn: cn=<MACHINE-NAME>,ou=virtual machines,cn=192.168.140.0,cn=config-01,ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=stoney-cloud,dc=org</code>). Then add the LDIF (the one you just edited) to the LDAP (first do some general replacement)<br />
<source lang='bash'><br />
sed -i\<br />
-e 's/snapshotting/finished/'\<br />
-e '/member.*/d'\<br />
/var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
<br />
/usr/bin/ldapadd -H "ldaps://ldapm.${domain}" -x -D "cn=Manager,${ldapbase}" -W -f /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}/${machinename}.ldif.${backupdate}<br />
</source><br />
<br />
Undefine the machine<br />
<source lang='bash'><br />
virsh undefine ${machinename}<br />
</source><br />
<br />
Copy all the disk images from the backup location back to their original location<br />
<source lang='bash'><br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage1}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage1}<br />
cp -p /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${diskimage2}.${backupdate} /var/virtualization/${vmtype}/${vmpool}/${diskimage2}<br />
...<br />
</source><br />
<br />
And restore the domain from the state file from the backup location with the XML from the retain location (the one you might have edited)<br />
<source lang='bash'><br />
virsh restore /var/backup/virtualization/${vmtype}/${vmpool}/${machinename}/${backupdate}/${machinename}.state.${backupdate}<br />
</source><br />
<br />
Now the machine should be up and running again. Continuing where it was stopped when taking the backup.<br />
<br />
If everything is OK, you can cleanup the created files and directories<br />
<source lang='bash'><br />
rm -rf /var/virtualization/retain/${vmtype}/${vmpool}/${machinename}/${currentdate}<br />
rm /tmp/${machinename}.ldif<br />
</source><br />
<br />
== Next steps ==<br />
<br />
<br />
[[Category: stoney conductor]]</div>Pathttps://wiki.stoney-cloud.org/w/index.php?title=stoney_conductor:_prov-backup-kvm&diff=3733stoney conductor: prov-backup-kvm2014-06-26T13:23:42Z<p>Pat: /* commitSnapshot */</p>
<hr />
<div>= Overview =<br />
The '''Provisioning-Backup-KVM Daemon''' is written in Perl and uses the mechanisms described under [[stoney core: OpenLDAP directory data organisation]].<br />
<br />
= Workflow =<br />
== Backup ==<br />
This is the simplified workflow for the Provisioning-Backup-KVM Daemon. The Subroutines (snapshot, merge and retain) are shown later.<br />
<br />
[[File:KVM-Backup-Workflow.png|thumb|none|400px|Figure 1: Simplified prov-backup-kvm workflow]]<br />
<br />
You can modify/update this workflow by editing [[File:KVM-Backup-simple.xmi]] (you may need [http://uml.sourceforge.net/ Umbrello UML Modeller] diagram programme for KDE to display the content properly).<br />
<br />
=== createSnapshot ===<br />
[[File:KVM-Backup-Workflow-Snapshot.png|thumb|none|500px|Figure 2: Detailed workflow for the snaphshot process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
<br />
<br />
See also: [[stoney_conductor:_Backup#Snapshot | Snapshot: Basic idea]]<br />
<br />
=== exportSnapshot ===<br />
[[File:KVM-Backup-Workflow-Merge.png|thumb|none|500px|Figure 2: Detailed workflow for the merge process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also: [[ stoney_conductor:_Backup#Merge | Merge: Basic idea]]<br />
<br />
=== commitSnapshot ===<br />
[[File:KVM-Backup-Workflow-Retain.png|thumb|none|500px|Figure 3: Detailed workflow for the retain process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-detailed.xmi]]<br />
<br />
See also [[stoney_conductor:_Backup#Retain | Retain: Basic idea]]<br />
<br />
== Restore ==<br />
* <span style="background:#00FF00">Task for the control-instance daemon</span><br />
* <span style="background:#FFFF00">Task for the prov-backup-kvm daemon</span><br />
* <span style="background:#FF8000">Task for the vm-manager</span><br />
[[File:KVM-Backup-Workflow-Restore.png|thumb|none|500px|Figure 4: Detailed workflow for the restore process]]<br />
<br />
You can edit this workflow with the following file (you may need umbrello to modify it): [[File:KVM-Backup-Workflow-restore.xmi]]<br />
<br />
<br />
<br />
See also [[stoney_conductor:_Backup#Basic_idea_2 | Restore: Basic idea]]<br />
<br />
= Configuration =<br />
== Global ==<br />
<pre><br />
# Copyright (C) 2013 stepping stone GmbH<br />
# Switzerland<br />
# http://www.stepping-stone.ch<br />
# support@stepping-stone.ch<br />
#<br />
# Authors:<br />
# Pat Kläy <pat.klaey@stepping-stone.ch><br />
# <br />
# Licensed under the EUPL, Version 1.1.<br />
#<br />
# You may not use this work except in compliance with the<br />
# Licence.<br />
# You may obtain a copy of the Licence at:<br />
#<br />
# http://www.osor.eu/eupl<br />
#<br />
# Unless required by applicable law or agreed to in<br />
# writing, software distributed under the Licence is<br />
# distributed on an "AS IS" basis,<br />
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either<br />
# express or implied.<br />
# See the Licence for the specific language governing<br />
# permissions and limitations under the Licence.<br />
#<br />
<br />
<br />
<br />
[Global]<br />
# If true the script logs every information to the log-file.<br />
LOG_DEBUG = 1<br />
<br />
# If true the script logs additional information to the log-file.<br />
LOG_INFO = 1<br />
<br />
#If true the script logs warnings to the log-file.<br />
LOG_WARNING = 1<br />
<br />
#If true the script logs errors to the log-file.<br />
LOG_ERR = 1<br />
<br />
# The environment indicates the hostname (fqdn) on which the prov-backup-kvm <br />
# daemon is running<br />
ENVIRONMENT = <STONEY-CLOUD-NODE-NAME><br />
<br />
# All information related to the database (backend) the daemon connects to<br />
[Database]<br />
BACKEND = LDAP<br />
SERVER = <STONEY-CLOUD-LDAP-SERVER><br />
PORT = <STONEY-CLOUD-LDAP-PORT><br />
ADMIN_USER = <STONEY-CLOUD-LDAP-BINDDN><br />
ADMIN_PASSWORD = <STONEY-CLOUD-LDAP-BIND-PASSWORD><br />
SERVICE_SUBTREE = <STONEY-CLOUD-LDAP-SERVICE-SUBTREE><br />
<br />
# A cookie file will be used to be able to restart the daemon without<br />
# processing every entry again (they appear as new if the daemon is started) <br />
COOKIE_FILE = <STONEY-CLOUD-LDAP-COOKIE-FILE><br />
<br />
# The default cookie just contains an empty CSN, in that way, all entries<br />
# are processed<br />
DEFAULT_COOKIE = rid=001,csn=<br />
<br />
# The search filter for the database. Only process entries found with this<br />
# filter<br />
SEARCH_FILTER = (&(entryCSN>=%entryCSN%)(objectClass=*))<br />
<br />
# Indicates the prov-backup-kvm configuration which applies for every<br />
# VM-Pool and every VM if not overwritten by a VM-Pool- or VM-specific <br />
# configuration<br />
STONEY_CLOUD_WIDE_CONFIGURATION = <STONEY-CLOUD-LDAP-PROV-BACKUP-KVM-DEFAULT-CONFIGURATION><br />
<br />
# Configuration concerining the provisioning module<br />
[Service]<br />
<br />
# The modus should always be selfcare<br />
MODUS = selfcare<br />
<br />
# Which TransportApi is used to execute the commands on the destination system<br />
# TransportApi can be "LocalCLI" or "CLISSH"<br />
TRANSPORTAPI = LocalCLI<br />
<br />
# The name of the provisioning service<br />
SERVICE = Backup<br />
<br />
# The name of the provisioning type<br />
TYPE = KVM<br />
<br />
# The syslog tag (normally service-type)<br />
SYSLOG = Backup-KVM<br />
<br />
# All information concerning the gateway (TransportApi)<br />
[Gateway]<br />
HOST = localhost<br />
USER = provisioning<br />
DSA_FILE = none<br />
<br />
# Service specific configuration which is not present in the backend<br />
[Backup]<br />
<br />
# Which command is used to export files<br />
EXPORT_COMMAND = cp -p<br />
</pre><br />
<br />
== Backend ==<br />
In the backend, you need to have at least one configuration which applies for the whole stoney cloud. This configuration is referenced in the [[#Global|global configuration]]. You are able to overwrite the stoney-cloud-wide configuration for<br />
* A VM-Pool<br />
* A single VM<br />
The configuration which applies for the VM is evaluated in the following way:<br />
# Check if the VM has a VM-specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# Check if the VM-Pool has a specific configuration<br />
#* If yes, this one applies<br />
#* If not, continue<br />
# The stoney-cloud-wide configuration applies<br />
<br />
=== Mandatory Configuration-Parameters ===<br />
* '''sstBackupNumberOfIterations''': An integer value how many backup iterations should be kept. Default is 1 (for disaster recovery).<br />
* '''sstBackupRootDirectory''': The path to the backup root directory where all iterations of disk-images and state files are stored. Default is file:///var/backup/virtualization.<br />
* '''sstBackupRetainDirectory''': The path to the local retain directory where the temporary snapshots (disk-image and state file) are stored. Default is file:///var/virtualization/retain.<br />
* '''sstRestoreVMWithoutState''': Boolean value which indicates whether or not to restore a virtual machine without the state. Default is FALSE (most often we want to restore the state together with the virtual machine).<br />
* '''sstBackupRamDiskLocation''': Path to the RAM-Disk. Default is /mnt/ramdisk. Because this attribute can be set for the whole FOSS-Cloud, for a specific VM-Pool, for a specific virtual machine or a specific virtual machine template, this attribute is independent from the VM-Nodes. There for no guarantee can be given, that this RAM-Disk exists on all the VM-Nodes. A check for its existence is mandatory!<br />
* '''sstVirtualizationVirtualMachineForceStart''': Force start VM in the case of not being able to restore the VM State during the backup process. TRUE or FALSE, default is FALSE. Attention: If set to TRUE, this could lead to file system inconsistencies in the virtual machine.<br />
* '''sstVirtualizationBandwidthMerge''': Bandwidth of the disk merging process (specifies the maximum I/O rate to allow in Megabyte/s). Default is 0 (unlimited). Integer Attribute, single value.<br />
* '''sstVirtualizationDiskImageFormat''': The format for the new disk image that is created during the backup process. Default is qcow2.<br />
* '''sstVirtualizationDiskImageOwner''': The owner for the new disk image that is created during the backup process. Default is root.<br />
* '''sstVirtualizationDiskImageGroup''' : The group for the new disk image that is created during the backup process. Default is vm-storage.<br />
* '''sstVirtualizationDiskImagePermission''': The permission (in octal representation) for the new disk image that is created during the backup process. Default is 660 (equivalent to 0660).<br />
* '''sstVirtualizationDiskImageDirectoryOwner''': The owner for the new directory where the disk image is located. Default is root.<br />
* '''sstVirtualizationDiskImageDirectoryGroup''': The group for the new directory where the disk image is located. Default is vm-storage.<br />
* '''sstVirtualizationDiskImageDirectoryPermission''': The permission (in octal representation) for the new directory where the disk image is located. Default is 770 (equivalent to 0770).<br />
<br />
=== Optional Configuration-Parameters ===<br />
* '''sstBackupExcludeFromBackup''': Do we want to exclude a virtual machine from the default backup plan? Default is FALSE.<br />
* '''sstVirtualizationVirtualMachineSequenceStop''': Multiple dependencies for the stopping order can be defined. Example: a web VM depends on the corresponding database VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be stopped in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID1<br />
** 1: UUID2<br />
** 2: UUID3<br />
* '''sstVirtualizationVirtualMachineSequenceStart''': Multiple dependencies for the starting order can be defined. Example: a database VM must be started before the corresponding web VM. IA5String, multi valued. This attribute must exist in all of the virtual machine entries, that are to be started in a certain order. Example (0,1,2, ... is the order, UUID1, UUID2, ... is the uuid of a virtual machine):<br />
** 0: UUID3<br />
** 1: UUID2<br />
** 2: UUID1<br />
<br />
= Exit codes =<br />
The following list defines the return codes and their meaning for the KVM-Backup script see also [https://github.com/stepping-stone/prov-backup-kvm/blob/master/lib/Provisioning/Backup/KVM/Constants.pm KVMConstants.pm]:<br />
<pre><br />
use constant SUCCESS_CODE => 0;<br />
<br />
### Error codes constants<br />
use constant UNDEFINED_ERROR => 1; # Always the first!<br />
use constant MISSING_PARAMETER_IN_CONFIG_FILE => 2;<br />
use constant CONFIGURED_RAM_DISK_IS_NOT_VALUD => 3;<br />
use constant NOT_ENOUGH_SPACE_ON_RAM_DISK => 4;<br />
use constant CANNOT_SAVE_MACHINE_STATE => 5;<br />
use constant CANNOT_WRITE_TO_BACKUP_LOCATION => 6;<br />
use constant CANNOT_COPY_FILE_TO_BACKUP_LOCATION => 7;<br />
use constant CANNOT_COPY_IMAGE_TO_BACKUP_LOCATION => 8;<br />
use constant CANNOT_COPY_XML_TO_BACKUP_LOCATION => 9;<br />
use constant CANNOT_COPY_BACKEND_FILE_TO_BACKUP_LOCATION=> 10;<br />
use constant CANNOT_MERGE_DISK_IMAGES => 11;<br />
use constant CANNOT_REMOVE_OLD_DISK_IMAGE => 12;<br />
use constant CANNOT_REMOVE_FILE => 13;<br />
use constant CANNOT_CREATE_EMPTY_DISK_IMAGE => 15;<br />
use constant CANNOT_RENAME_DISK_IMAGE => 16;<br />
use constant CANNOT_CONNECT_TO_BACKEND => 17;<br />
use constant WRONG_STATE_INFORMATION => 18;<br />
use constant CANNOT_SET_DISK_IMAGE_OWNERSHIP => 19;<br />
use constant CANNOT_SET_DISK_IMAGE_PERMISSION => 20;<br />
use constant CANNOT_RESTORE_MACHINE => 21;<br />
use constant CANNOT_LOCK_MACHINE => 22;<br />
use constant CANNOT_FIND_MACHINE => 23;<br />
use constant CANNOT_COPY_STATE_FILE_TO_RETAIN => 24;<br />
use constant RETAIN_ROOT_DIRECTORY_DOES_NOT_EXIST => 25;<br />
use constant BACKUP_ROOT_DIRECTORY_DOES_NOT_EXIST => 26;<br />
use constant CANNOT_CREATE_DIRECTORY => 27;<br />
use constant CANNOT_SAVE_XML => 28;<br />
use constant CANNOT_SAVE_BACKEND_ENTRY => 29;<br />
use constant CANNOT_SET_DIRECTORY_OWNERSHIP => 30;<br />
use constant CANNOT_SET_DIRECTORY_PERMISSION => 31;<br />
use constant CANNOT_FIND_CONFIGURATION_ENTRY => 32;<br />
use constant BACKEND_XML_UNCONSISTENCY => 33;<br />
use constant CANNOT_CREATE_TARBALL => 34;<br />
use constant UNSUPPORTED_FILE_TRANSFER_PROTOCOL => 35;<br />
use constant UNKNOWN_BACKEND_TYPE => 36;<br />
use constant MISSING_NECESSARY_FILES => 37;<br />
use constant CORRUPT_DISK_IMAGE_FOUND => 38;<br />
use constant UNSUPPORTED_CONFIGURATION_PARAMETER => 39;<br />
use constant CANNOT_MOVE_DISK_IMAGE_TO_ORIGINAL_LOCATION=> 40;<br />
use constant CANNOT_DEFINE_MACHINE => 41;<br />
use constant CANNOT_START_MACHINE => 42;<br />
use constant CANNOT_WORK_ON_UNDEFINED_OBJECT => 43;<br />
use constant CANNOT_READ_STATE_FILE => 44;<br />
use constant CANNOT_READ_XML_FILE => 45;<br />
use constant NOT_ALL_FILES_DELETED_FROM_RETAIN_LOCATION => 46;<br />
use constant NOT_ENOUGH_DISK_SPACE => 47;<br />
use constant NO_DISK_SPACE_INFORMATION => 48;<br />
</pre><br />
<br />
= Next steps =<br />
* Change the behaviour of the snapshot/merge process<br />
** No longer merge the original file into the new one but merge (commit) backing store file back into original one<br />
*** Like that we are able to reduce the backup (merge) time a lot.<br />
*** Needs different behaviour for save -> copy/move -> create new image -> restore -> merge<br />
<br />
= Source Code =<br />
The source code is located in our GitHub Repository:<br />
<br />
https://github.com/stepping-stone/prov-backup-kvm<br />
<br />
= Links =<br />
<br />
[[Category:stoney conductor]][[Category:Provisioning Modules]]</div>Pat