Context

  • I have a FreeNAS setup
  • I want a cheap offsite backup solution
  • Backblaze only offer S3 storage solution
  • I have virtual machines on zvol to backup (not just files)
  • ZFS send/receive is very convenient if you have another zfs system in other
    location

I choose zfsbackup-go, this tool use zfs send/receive to generate archives on S3 storage space. This software is not ready for very critical use, still in « beta » missing some features like deletation on remote location from the command line.

Advantages

  • Can backup zvol as well as dataset
  • Differential backups based on snapshots
  • Encrypted backups
  • Compressed backups
  • Compatible with all S3 solutions

Drawbacks

  • You can’t use backups without re-import in a ZFS pool (so real backups
    not a archives solution)
  • Still in beta

How to

  1. (Optional) Build zfsbackup-go for freebsd with crosscompile from a linux
    1. You need GO
    2. git clone git@github.com:someone1/zfsbackup-go.git
    3. GOOS=freebsd GOARCH=amd64 go build -o zfsbackup main.go
  2. Generate a gpg key gpg --full-generate-key

    Learn gpg getting started

  3. Export the private/public gpg keys

    1. gpg --list-keys
    2. gpg --export-secret-keys -a keyid
    3. gpg --export -a keyid

    How to export keys

  4. Create the S3 credentials you need
    I use BackBlaze because it’s the cheapper one, but you can use every S3 storage service or implementation you want.

  5. Configure periodic snapshot in FreeNas
    Freenas Periodical Snapshot

  6. Configure zfsbackup cron task
    Crontask FreeNas

    • You need to ensure the schedule is after the snapshot
    • I have develop a very little script to have a more simpler crontask because zfsbackup only support one Dataset at a time
    • Command DATASETS="Tank/Dataset1 Tank/Group/Data1" /root/zfsbackup.sh
    #!/bin/bash
    export B2_ACCOUNT_ID=
    export B2_ACCOUNT_KEY=
    export PGP_PASSPHRASE=
    PGP_EMAIL=
    PGP_PUBLIC_RING=
    PGP_PRIVATE_RING=
    S3_DEST=
    for dataset in $DATASETS
    do
      /root/zfsbackup send --encryptTo $PGP_EMAIL --signFrom $PGP_EMAIL --publicKeyRingPath $PGP_PUBLIC_RING --secretKeyRingPath $PGP_PRIVATE_RING --fullIfOlderThan 2160h $dataset $S3_DEST
    done
    

Conclusion

  • This solution offer very good performance like 15MB/s during backup operation with only 10% cpu usage on Xeon D1521. My Orange ISP uplink is the limitation here.
  • With incremental snapshot, BackBlaze is a very effective solution at low cost like less than 60€ a year for a 100GB on disk backuped VM.
  • DO BACKUPS
  • DO BACKUPS
  • DO BACKUPS

1 commentaire

Rudi Pittman · 30 mai 2020 à 21 h 25 min

I think I posted my question to another article by accident. Is there a way to transfer the configured containers from the old rancheros image to the new one?

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *