[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] RFC backup API



23.03.2016 13:30, Daniel P. Berrange пишет:
On Tue, Mar 22, 2016 at 02:19:10PM +0300, Maxim Nestratov wrote:
21.03.2016 13:36, Daniel P. Berrange пишет:
On Mon, Mar 21, 2016 at 01:18:19PM +0300, Maxim Nestratov wrote:
Hi all,

It's been already quite a long time since qemu implemented QMP
"drive-backup" command to create block devices backups. Even more, since
qemu 2.4 there is a possibility to create incremental backups. Though it is
possible to backup all attached to a domain disk drives by combining them
into a single QMP transaction command, this way of creating them, not to
mention managing, remains inconvenient for an end user of libvirt. Moreover,
creating a single drive backup via QMP interface isn't handy either. That
said, it looks reasonable to introduce a *new backup API* based on QMP
"drive-backup" facilities.

Though we can start from a single simple function, allowing to create a disk
backup by means of QMP "drive-backup" command, I'd like to discuss here the
level of management libvirt could provide for backup operations. To begin
with, here is the preliminary list of possible functions that I think make
sense for libvirt API.

virDomainCreateBackup - which creates a backup full/incremental of
all/selected disks,
virListBackups - which lists all backups created for a particular
domain/target,
virRestoreBackup - which restores all/selected disks from a backup,
virDeleteBackup - which deletes all/selected disks from a backup.

It looks like backup management functions,  except create one, shouldn't be
or might not be bound to a particular domain and we could possibly leverage
storage pool API with some extension. Specifically, volume definition could
be extended with necessary meta data related to backups.

The *question* is: if the whole idea about this new API as described above
or something similar makes sense?
Well we certainly don't want applications going directly to the QMP
monitor command to achieve this. So given demand for this kind of
feature, some kind of facility will be needed in libvirt. The question
is just what any API would look like.

If yes, then let's find out requirements for it (if any) and I will try to
prepare a patch set with the first RFC implementation to discuss the API in
more details. Looking forward for your opinions on the matter.
Have you researched what VMWare/Hyper-V/VirtualBox APIs support in this
area ? If they have any existing models, it'd be desirable to look at
them to align our APIs where appropriate.
As far as I know VirtualBox doesn't have any backup API, at least there is
no reference to it at [1].
What I know about VMWare is that they use an approach that involves
temporary snapshot creation, providing an access to quiesced disk data and
then deleting this temporary snapshot [2]. Thus, their approach is close to
what libvirt can have with 3d party managed backups, i.e. setup an NBD
server on qemu side and let 3d party backup software access it from outside.

[1] http://download.virtualbox.org/virtualbox/SDKRef.pdf
[2] http://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vddk.pg.doc/vddkBkupVadp.9.2.html?path=7_5_0_6_0_0#1014219

Also how does this fit in with recent discussions on QEMU mailing list
about enabling 3rd party vendor backup software by having QEMU expose an
NBD server to do efficient sparse backups. That suggested a very different
kind of API where libvirt would not manage the backups, but just provide
an API to allow an NBD target to be enabled for the 3rd party to manage.
If you mean this thread [3] then as far as I understand, there is an
agreement that NDB protocol gets extended a bit in such a way that external
clients are able to get dirty block bitmap and this shouldn't be exposed in
libvirt API.

For such scenarios libvirt can have the following calls:

virDomainStartBackup,
virDomainFinishBackup

When an external backup is started, qemu starts NBD server, allocates CBT
(changed block tracking) bitmap and returns allocated NBD port to the
caller. After that 3d party backup software is responcible for reading
appropriate portion of data according to requested CBT bitmap.

[3] http://lists.nongnu.org/archive/html/qemu-devel/2016-03/msg03075.html
Yes, that is the thread I was referring to.

Thus, we have two ways of creating backups. The first is external (3d party
managed), which is backed by QMP "blockdev-backup" command, which doesn't
need from my point of view more than two calls mentioned above. The second
is a another one, which is backed by QMP "drive-backup" command. My first
letter covered only the latter case and I believe that this backup
management API will be very useful. What is unclear still is: if there
should be disk backup facilities only or whole VM backup as well, should
libvirt be able to restore deleted VMs, should it be able to list created
backups and so on. As for me, using storage pools with some extensions of
storage pool API could perfectly solve this task. What do you think?
Ok, yes, there is clearly two completely separate modes of dealing with
backups, externally managed and internally (to libvirt) managed. I can
understand the desire to support both modes of operating backups.

I was wondering what the difference is between doing a backup of the VM
vs taking a snapshot of the VM. At a high level they feel pretty much
the same, just no memory is snapshot for backups. IIUC though at the disk
level, they pretty much inverted, a snapshot switches the running qcow2
file for the VM to point to a new qcow2 overlay, while a backup never
touchs the VM disk, always using separate qcow2 images. So I can see
why we'd want explicit backup support separately from snapshot support.

Yeah, although they feel like the same, they are not. Backups are separate from VMs' disks and should be stored separately from the storage a VM runs from.


At an API level it feels like the design of our snapshot APIs would map
fairly naturally onto the new backups APIs, so getting consistency
between the two is desirable IMHO.

Ok, I'll take it into account.


In particular the snapshot API for creating a snapshot allows an XML
document to be fed in which describes how each disk is to be snapshot.
I think we would need the same kind of flexibility for backups, to
avoid having to hardcode the fact that backups always use qcow2. ie
if a VM is using RBD, we want mgmt apps to be able to indicate that
the backup should use a particular RBD volume too. Of course it
should also be possible for an RBD backed guest to be able to save
its backups to local raw/qcow2 files. We should also be able to
indicate that some disks should be skipped for pupose of backups.
So backup creation clearly needs a high level of configurability in
general.  We don't have to implement the full support matrix but
the API design should allow for it in the future.

There's a question as to whether should have allow for some default
backup location if none is specified. eg perhaps we should always
just store backups in /var/spool/backups/libvirt/qemu by default if
the user/app didn't provide an explicit list of target volumes to
hold the backup. This would allow the backup API to have better
ease of use in the simple case

I agree. It perfectly makes sense. Also we can have a new libvirtd.conf parameter for this purpose.

Regards,
Daniel

To sum up the above, I'll start designing this new API paying attention to mentioned conserns and will get back to the thread with the first RFC version or additional questions, whichever comes earlier.

Best,
Maxim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]