Ubuntu 20.04.2 LTS
ccrssaa opened this issue · 4 comments
Hi, nice tool, thanks a lot
tried it in Ubuntu 20.04.2 LTS
- apparmor issues - libvirtd not allowed to create sockets in /var/tmp
2021-04-20 17:38:50 INFO common - printVersion: Version: 0.17 Arguments: /usr/local/bin/virtnbdbackup -d vm-template -l full -o /mnt/backup/vm-template
2021-04-20 17:38:50 INFO virtnbdbackup - main: Domain has 1 disks attached which support changed block tracking.
2021-04-20 17:38:50 INFO virtnbdbackup - main: Looking for checkpoints
2021-04-20 17:38:50 INFO virtnbdbackup - main: Using checkpoint name: virtnbdbackup
2021-04-20 17:38:50 INFO virtnbdbackup - main: Temporary scratch file target directory: /var/tmp
2021-04-20 17:38:50 INFO virtnbdbackup - main: Starting backup job.
2021-04-20 17:38:50 WARNING libvirthelper - startBackup: Guest agent is not responding: QEMU guest agent is not connected
2021-04-20 17:38:50 ERROR virtnbdbackup - main: internal error: unable to execute QEMU command 'nbd-server-start': Failed to bind socket to /var/tmp/virtnbdbackup.868194: Permission denied
obvious workaround is to disable apparmor
extenthandler.py:
def _setRequestAligment(self):
align = self._nbdFh.get_block_size(0)
if align == 0:
align = self._align
return self._maxRequestBlock - align + 1
Ubuntu has libnbd 1.2.2 with missing get_block_size()
is it safe to skip get_block_size() and use self._align if no get_block_size() available ?
hi,
tried it in Ubuntu 20.04.2 LTS
2021-04-20 17:38:50 ERROR virtnbdbackup - main: internal error: unable to execute QEMU command 'nbd-server-start': Failed to bind socket to /var/tmp/virtnbdbackup.868194: Permission deniedobvious workaround is to disable apparmor
nice catch, i will add it to the FAQ.
extenthandler.py:
def _setRequestAligment(self):
align = self._nbdFh.get_block_size(0)
if align == 0:
align = self._align
return self._maxRequestBlock - align + 1Ubuntu has libnbd 1.2.2 with missing get_block_size()
is it safe to skip get_block_size() and use self._align if no get_block_size() available ?
i think it is. I cant recall completely the usage here, i think it has to do with a NDB Server can deny
requests from a client if not both client and server are using the same block aligment.
From the Description of get_block_size():
If non-zero, this will be a power of 2 between 1 and 64k; any client
request that is not aligned in length or offset to this size is likely
to fail with C<EINVAL>. The image size will generally also be a
multiple of this value (if not, the final few bytes are inaccessible
while obeying alignment constraints). If zero, it is safest to
assume a minimum block size of 512,
so i think it would be save to assume 512 like it does if the function is missing entirely.
I have however not tested any older libnbd version, so there might be other issues or incompatibilities too.
@abbbi seems it should be enough to add /var/tmp/virtnbdbackup.* rw, to the end of /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper config to get rid of Failed to bind socket [. . .] Permission denied error instead of disabling apparmor with aa-teardown completely
testing on Ubuntu 20.04
@abbbi I'm back with details after the thorough testing
To get rid of Failed to bind socket [. . .] Permission denied error error, one should put 2 following lines
/var/tmp/virtnbdbackup.* rw,
/var/tmp/backup.* rw,
to 3 config files /etc/apparmor.d/local/abstractions/libvirt-qemu, /etc/apparmor.d/local/usr.sbin.libvirtd and /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper (these files are empty by default)
Also I've designed and tested the bash bootstrap /usr/bin/kvmbackup to implement non-interactive backup operations cycle for active kvm machines with your virtnbdbackup tool
The first backup of every vm on every new month is forced to be full size, the rest backups on the month are incremental. Every backup is processed with lz4 compression 'cause this feature really saves the host drive space a lot. The bootstrap keeps reporting the flow logs on stdout if one runs it from console, in crontab these reports can be silenced in standard way
1 2 * * * root bash /usr/bin/kvmbackup >/dev/null 2>&1
I've uploaded the sources to review on my gist
Please feel free to utilize the above info and the bootstrap in your next releases, and thank you for the great simple tool for kvm backups!
Please feel free to utilize the above info and the bootstrap in your next releases, and thank you for the great simple tool for kvm backups!
thanks for your feedback! i will have a look and update the README accordingly!