Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Brendan Hide]

On 2014/03/22 11:11 PM, Marc MERLIN wrote:

Please consider adding a blank line between quotes, it makes them just a bit
more readable :)


Np.


On Sat, Mar 22, 2014 at 11:02:24PM +0200, Brendan Hide wrote:

- it doesn't create writeable snapshots on the destination in case you want
to use the copy as a live filesystem

One of the issues with doing writeable snapshots by default is that the
backup is (ever so slightly) less safe from fat-finger syndrome. If I
want a writeable snapshot, I'll make it from the read-only snapshot,
thereby reducing the chances of accidentally tainting or deleting data
in the backup. I actually *did* accidentally delete my entire filesystem
(hence the paranoid umounts). But, of course, my script *first* created
read-only snapshots from which recovery took only a few minutes. ;)

The writeable snapshot I create is on top of the read only one used by btrfs
receive. So, I can play with it, but it won't upset/break anything for
the backup.

The historical snapshots I keep give me cheap backups to go back to do get a
file I may have deleted 3 days ago and want back now even though my btrfs
send/receive runs hourly.


Ah. In that case my comment is moot. I could add support for something 
like this but I'm unlikely to use it.



[snip]

- Your comments say shlock isn't safe and that's documented. I don't see
that in the man page
http://manpages.ubuntu.com/manpages/trusty/man1/shlock.1.html

That man page looks newer than the one I last looked at - specifically
the part saying improved by Berend Reitsma to solve a race condition.
The previous documentation on shlock indicated it was safe for hourly
crons - but not in the case where a cron might be executed twice
simultaneously. Shlock was recommended by a colleague until I realised
this potential issue, thus my template doesn't use it. I should update
the comment with some updated information.

It's not super important, it was more my curiosity.
If a simple lock program in C isn't atomic, what's the point of it?
I never looked at the source code, but maybe I should...


Likely the INN devs needed something outside of a shell environment. 
Based on the man page, shlock should be atomic now.



I'd love to have details on this if I shouldn't be using it
- Is set -o noclobber; echo $$  $lockfile really atomic and safer than
shlock? If so, great, although I would then wonder why shlock even exists
:)

The part that brings about an atomic lock is noclobber, which sets it
so that we are not allowed to clobber/overwrite an existing file.
Thus, if the file exists, the command fails. If it successfully creates
the new file, the command returns true.
  
I understand how it's supposed to work, I just wondered if it was really

atomic as it should be since there would be no reason for shlock to even
exist with that line of code you wrote.


When I originally came across the feature I wasn't sure it would work 
and did extensive testing: For example, spawn 30 000 processes, each of 
which tried to take the lock. After the machine became responsive again 
;) only 1 lock ever turned out to have succeeded.


Since then its been in production use across various scripts on hundreds 
of servers. My guess (see above) is that the INN devs couldn't or didn't 
want to use it.


The original page where I learned about noclobber: 
http://www.davidpashley.com/articles/writing-robust-shell-scripts/


Thanks for the info Marc 


No problem - and thanks. :)

--
__
Brendan Hide
http://swiftspirit.co.za/
http://www.webafrica.co.za/?AFF1E97

--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Brendan Hide]

On 2014/03/21 07:29 PM, Marc MERLIN wrote:

On Wed, Jan 08, 2014 at 12:02:06AM -0800, Marc MERLIN wrote:

On Tue, Jan 07, 2014 at 10:53:29AM +, Hugo Mills wrote:

You need to move /mnt/btrfs_pool2/tmp_read_only_new to a different
name as well. The send stream contains the name of the subvolume it
wants to create, so it's trying to create a subvolume called
tmp_read_only_new in /mnt/btrfs_pool2, and there's one there already.

Aaah, got it, thanks.

I'll contribute back a shell script that makes this much easier when I'm
done with it.

I've now spent enough time on this and have enough testing to release it.

http://marc.merlins.org/perso/btrfs/post_2014-03-22_Btrfs-Tips_-Doing-Fast-Incremental-Backups-With-Btrfs-Send-and-Receive.html
which points to
http://marc.merlins.org/linux/scripts/btrfs-subvolume-backup


Just for the archives, here is a working copy (the blog post above explains
why it keeps multiple snapshots after the fact, and creates writeable ones
on the destination, but basically this allows you to automatically boot from
the latest snapshot (a writeable snapshot copy pointed to by a symlink tha
tis kept up to date)):

#!/bin/bash

# By Marc MERLIN marc_s...@merlins.org
# License: GPL-2 or BSD at your choice.

# Source: http://marc.merlins.org/linux/scripts/
# $Id: btrfs-subvolume-backup 958 2014-03-16 00:23:28Z svnuser $

# cron jobs might not have /sbin in their path.
export PATH=$PATH:/sbin

set -o nounset
set -o errexit
set -o pipefail

# From https://btrfs.wiki.kernel.org/index.php/Incremental_Backup


# bash shortcut for `basename $0`
PROG=${0##*/}
lock=/var/run/$PROG

usage() {
 cat EOF
Usage:
cd /mnt/source_btrfs_pool
$PROG [--init] [--keep|-k num] [--dest hostname] volume_name 
/mnt/backup_btrfs_pool

Options:
 --init:  Print this help message and exit.
 --keep num:  Keep the last snapshots for local backups (5 by default)
 --dest hostname: If present, ssh to that machine to make the copy.

This will snapshot volume_name in a btrfs pool, and send the diff
between it and the previous snapshot (volume_name.last) to another btrfs
pool (on other drives)

If your backup destination is another machine, you'll need to add a few
ssh commands this script

The num sanpshots to keep is to give snapshots you can recover data from
and they get deleted after num runs. Set to 0 to disable (one snapshot will
be kept since it's required for the next diff to be computed).
EOF
 exit 0
}

die () {
 msg=${1:-}
 # don't loop on ERR
 trap '' ERR

 rm $lock

 echo $msg 2
 echo 2

 # This is a fancy shell core dumper
 if echo $msg | grep -q 'Error line .* with status'; then
line=`echo $msg | sed 's/.*Error line \(.*\) with status.*/\1/'`
echo  DIE: Code dump: 2
nl -ba $0 | grep -3 \b$line\b 2
 fi
 
 exit 1

}

# Trap errors for logging before we die (so that they can be picked up
# by the log checker)
trap 'die Error line $LINENO with status $?' ERR


init=
# Keep the last 5 snapshots by default
keep=5
TEMP=$(getopt --longoptions help,usage,init,keep:,dest: -o h,k:,d: -- $@) || 
usage
dest=localhost
ssh=

# getopt quotes arguments with ' We use eval to get rid of that
eval set -- $TEMP

while :
do
 case $1 in
 -h|--help|--usage)
 usage
 shift
 ;;

--keep|-k)
shift
keep=$1
shift
;;

--dest|-d)
shift
dest=$1
ssh=ssh $dest
shift
;;

--init)
init=1
shift
;;

--)
shift
break
;;

 *)
echo Internal error!
exit 1
;;
 esac
done
[[ $keep  1 ]]  die Must keep at least one snapshot for things to work ($keep 
given)

DATE=$(date '+%Y%m%d_%H:%M:%S')

[[ $# != 2 ]]  usage
vol=$1
dest_pool=$2

# shlock (from inn) does the right thing and grabs a lock for a dead process
# (it checks the PID in the lock file and if it's not there, it
# updates the PID with the value given to -p)
if ! shlock -p $$ -f $lock; then
 echo $lock held for $PROG, quitting 2
 exit
fi

if [[ -z $init ]]; then
 test -e ${vol}_last \
|| die Cannot sync $vol, ${vol}_last missing. Try --init?
 src_snap=$(readlink -e ${vol}_last)
fi
src_newsnap=${vol}_ro.$DATE
src_newsnaprw=${vol}_rw.$DATE

$ssh test -d $dest_pool/ || die ABORT: $dest_pool not a directory (on $dest)

btrfs subvolume snapshot -r $vol $src_newsnap

# There is currently an issue that the snapshots to be used with btrfs send
# must be physically on the disk, or you may receive a stale NFS file handle
# error. This is accomplished by sync after the snapshot
sync

if [[ -n $init ]]; then
 btrfs send $src_newsnap | $ssh btrfs receive $dest_pool/
else
 btrfs send -p $src_snap 

Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Brendan Hide]

On 2014/03/22 09:44 PM, Brendan Hide wrote:

On 2014/03/21 07:29 PM, Marc MERLIN wrote:




Hi, Marc

Feel free to use ideas from my own script. Some aspects in my script 
are more mature and others are frankly pathetic. ;)


There are also quite a lot of TODOs throughout my script that aren't 
likely to get the urgent attention they deserve. It has been slowly 
evolving over the last two weeks.


http://swiftspirit.co.za/scripts/btrfs-snd-rcv-backup


I forgot to include some notes:

The script depends on a config file at /etc/btrfs-backup/paths.conf 
which is supposed to contain the paths as well as some parameters. At 
present the file consists solely of the following paths as these are all 
separate subvolumes in my test system:

/
/home
/usr
/var


The snapshot names on source and backup are formatted as below. This 
way, daylight savings doesn't need any special treatment:

__2014-03-17-23h00m01s+0200
__2014-03-18-23h00m01s+0200
__2014-03-19-23h00m01s+0200
__2014-03-20-23h00m02s+0200
__2014-03-21-23h00m01s+0200
_home_2014-03-17-23h00m01s+0200
_home_2014-03-18-23h00m01s+0200
_home_2014-03-19-23h00m01s+0200
_home_2014-03-20-23h00m02s+0200
_home_2014-03-21-23h00m01s+0200
_usr_2014-03-17-23h00m01s+0200
_usr_2014-03-18-23h00m01s+0200
_usr_2014-03-19-23h00m01s+0200
_usr_2014-03-20-23h00m02s+0200
_usr_2014-03-21-23h00m01s+0200
_var_2014-03-17-23h00m01s+0200
_var_2014-03-18-23h00m01s+0200
_var_2014-03-19-23h00m01s+0200
_var_2014-03-20-23h00m02s+0200
_var_2014-03-21-23h00m01s+0200



--
__
Brendan Hide
http://swiftspirit.co.za/
http://www.webafrica.co.za/?AFF1E97

--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Marc MERLIN]

On Sat, Mar 22, 2014 at 09:44:05PM +0200, Brendan Hide wrote:
 Hi, Marc
 
 Feel free to use ideas from my own script. Some aspects in my script are 
 more mature and others are frankly pathetic. ;)
 
 There are also quite a lot of TODOs throughout my script that aren't 
 likely to get the urgent attention they deserve. It has been slowly 
 evolving over the last two weeks.
 
 http://swiftspirit.co.za/scripts/btrfs-snd-rcv-backup

I figured I likely wasn't the only one working on a script like this :)

From a quick read, it looks even more complex than mine :) but
- it doesn't do ssh to a destination for a remote backup
- it doesn't seem to keep a list of configurable snapshots not necessary for
send/restore but useful for getting historical data
- it doesn't seem to use a symlink to keep track of the last complete
snapshot on the source and destination, and does more work to compensate
when recovering from an incomplete backup/restore.
- it doesn't create writeable snapshots on the destination in case you want
to use the copy as a live filesystem

Things I noticed:
- I don't use ionice, maybe I should. Did you find that it actually made a
difference with send/receive?
- Your comments say shlock isn't safe and that's documented. I don't see
that in the man page
http://manpages.ubuntu.com/manpages/trusty/man1/shlock.1.html
I'd love to have details on this if I shouldn't be using it
- Is set -o noclobber; echo $$  $lockfile really atomic and safer than
shlock? If so, great, although I would then wonder why shlock even exists :)

Thanks,
Marc
-- 
A mouse is a device used to point at the xterm you want to type in - A.S.R.
Microsoft is to operating systems 
   what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/  
--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Brendan Hide]

On 2014/03/22 10:00 PM, Marc MERLIN wrote:

On Sat, Mar 22, 2014 at 09:44:05PM +0200, Brendan Hide wrote:

Hi, Marc

Feel free to use ideas from my own script. Some aspects in my script are
more mature and others are frankly pathetic. ;)

There are also quite a lot of TODOs throughout my script that aren't
likely to get the urgent attention they deserve. It has been slowly
evolving over the last two weeks.

http://swiftspirit.co.za/scripts/btrfs-snd-rcv-backup

I figured I likely wasn't the only one working on a script like this :)

 From a quick read, it looks even more complex than mine :) but
Well ... I did say some things are pathetic my side. ;) I also use a 
template (its about 3 years old now) when I make a new script, hence the 
options such as being able to ignore the mutex checks and also having a 
random delay at start. These obviously add some unnecessary complexity.

- it doesn't do ssh to a destination for a remote backup
There should be a TODO for this on my side. Presently in testing I'm 
only using it for device-local backup to a separate disk and not to a 
proper remote backup.

- it doesn't seem to keep a list of configurable snapshots not necessary for
send/restore but useful for getting historical data
I'm not sure what this is useful for. :-/ If related, I plan on creating 
a separate script to move snapshots around into _var_daily_$date, 
_var_weekly_$date, etc.

- it doesn't seem to use a symlink to keep track of the last complete
snapshot on the source and destination, and does more work to compensate
when recovering from an incomplete backup/restore.

Yes, a symlink would make this smoother.

- it doesn't create writeable snapshots on the destination in case you want
to use the copy as a live filesystem
One of the issues with doing writeable snapshots by default is that the 
backup is (ever so slightly) less safe from fat-finger syndrome. If I 
want a writeable snapshot, I'll make it from the read-only snapshot, 
thereby reducing the chances of accidentally tainting or deleting data 
in the backup. I actually *did* accidentally delete my entire filesystem 
(hence the paranoid umounts). But, of course, my script *first* created 
read-only snapshots from which recovery took only a few minutes. ;)

Things I noticed:
- I don't use ionice, maybe I should. Did you find that it actually made a
difference with send/receive?
This is just a habit I've developed over time in all my scripts. I 
figure that if I'm using the machine at the time and the snapshot has a 
large churn, I'd prefer the ionice. That said, the main test system is a 
desktop which is likely to have much less churn than a server. In the 
last two weeks the longest daily incremental backup took about 5 minutes 
to complete, while it typically takes about 30 seconds only.

- Your comments say shlock isn't safe and that's documented. I don't see
that in the man page
http://manpages.ubuntu.com/manpages/trusty/man1/shlock.1.html
That man page looks newer than the one I last looked at - specifically 
the part saying improved by Berend Reitsma to solve a race condition. 
The previous documentation on shlock indicated it was safe for hourly 
crons - but not in the case where a cron might be executed twice 
simultaneously. Shlock was recommended by a colleague until I realised 
this potential issue, thus my template doesn't use it. I should update 
the comment with some updated information.


My only two worries then would be a) if it is outdated on other distros 
and b) that it appears that it is not installed by default. On my Arch 
desktop it seems to be available with inn[1] (Usenet server and 
related software) and nowhere else. It seems the same on Ubuntu (Google 
pointed me to inn2-dev). Do you have INN installed? If not, where did 
you get shlock from?

I'd love to have details on this if I shouldn't be using it
- Is set -o noclobber; echo $$  $lockfile really atomic and safer than
shlock? If so, great, although I would then wonder why shlock even exists :)
The part that brings about an atomic lock is noclobber, which sets it 
so that we are not allowed to clobber/overwrite an existing file. 
Thus, if the file exists, the command fails. If it successfully creates 
the new file, the command returns true.


I'd consider changing this mostly for the fact that depending on INN is 
a very big dependency. There are other options as well, though I don't 
think they're as portable as noclobber.


Thanks,
Marc


Thanks for your input. It has already given me some direction. :)

[1] https://www.archlinux.org/packages/community/x86_64/inn/files/

--
__
Brendan Hide
http://swiftspirit.co.za/
http://www.webafrica.co.za/?AFF1E97

--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Send/Receive howto and script for others to use (was Re: Is anyone using btrfs send/receive)

[Marc MERLIN]

Please consider adding a blank line between quotes, it makes them just a bit
more readable :)

On Sat, Mar 22, 2014 at 11:02:24PM +0200, Brendan Hide wrote:
 - it doesn't create writeable snapshots on the destination in case you want
 to use the copy as a live filesystem
 One of the issues with doing writeable snapshots by default is that the 
 backup is (ever so slightly) less safe from fat-finger syndrome. If I 
 want a writeable snapshot, I'll make it from the read-only snapshot, 
 thereby reducing the chances of accidentally tainting or deleting data 
 in the backup. I actually *did* accidentally delete my entire filesystem 
 (hence the paranoid umounts). But, of course, my script *first* created 
 read-only snapshots from which recovery took only a few minutes. ;)

The writeable snapshot I create is on top of the read only one used by btrfs
receive. So, I can play with it, but it won't upset/break anything for
the backup.

The historical snapshots I keep give me cheap backups to go back to do get a
file I may have deleted 3 days ago and want back now even though my btrfs
send/receive runs hourly.

 Things I noticed:
 - I don't use ionice, maybe I should. Did you find that it actually made a
 difference with send/receive?
 
 This is just a habit I've developed over time in all my scripts. I 
 figure that if I'm using the machine at the time and the snapshot has a 
 large churn, I'd prefer the ionice. That said, the main test system is a 
 desktop which is likely to have much less churn than a server. In the 
 last two weeks the longest daily incremental backup took about 5 minutes 
 to complete, while it typically takes about 30 seconds only.

I'll consider that if I see too much load without ionice, thanks.

 - Your comments say shlock isn't safe and that's documented. I don't see
 that in the man page
 http://manpages.ubuntu.com/manpages/trusty/man1/shlock.1.html
 That man page looks newer than the one I last looked at - specifically 
 the part saying improved by Berend Reitsma to solve a race condition. 
 The previous documentation on shlock indicated it was safe for hourly 
 crons - but not in the case where a cron might be executed twice 
 simultaneously. Shlock was recommended by a colleague until I realised 
 this potential issue, thus my template doesn't use it. I should update 
 the comment with some updated information.

It's not super important, it was more my curiosity.
If a simple lock program in C isn't atomic, what's the point of it?
I never looked at the source code, but maybe I should...

 I'd love to have details on this if I shouldn't be using it
 - Is set -o noclobber; echo $$  $lockfile really atomic and safer than
 shlock? If so, great, although I would then wonder why shlock even exists 
 :)
 The part that brings about an atomic lock is noclobber, which sets it 
 so that we are not allowed to clobber/overwrite an existing file. 
 Thus, if the file exists, the command fails. If it successfully creates 
 the new file, the command returns true.
 
I understand how it's supposed to work, I just wondered if it was really
atomic as it should be since there would be no reason for shlock to even
exist with that line of code you wrote.

 I'd consider changing this mostly for the fact that depending on INN is 
 a very big dependency. There are other options as well, though I don't 
 think they're as portable as noclobber.

I totally agree, bringing INN to get shlock sucks a bit. I have shlock
stashed in /usr/local/bin so that I don't have to :)

Thanks for the info
Marc
-- 
A mouse is a device used to point at the xterm you want to type in - A.S.R.
Microsoft is to operating systems 
   what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/  
--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html