]> git.proxmox.com Git - pve-container.git/blob - src/PVE/VZDump/LXC.pm
bump version to 5.1.11
[pve-container.git] / src / PVE / VZDump / LXC.pm
1 package PVE::VZDump::LXC;
2
3 use strict;
4 use warnings;
5
6 use File::Basename;
7 use File::Path;
8 use POSIX qw(strftime);
9
10 use PVE::Cluster qw(cfs_read_file);
11 use PVE::GuestHelpers;
12 use PVE::INotify;
13 use PVE::LXC::Config;
14 use PVE::LXC;
15 use PVE::Storage;
16 use PVE::Tools;
17 use PVE::VZDump;
18
19 use base qw (PVE::VZDump::Plugin);
20
21 my $default_mount_point = "/mnt/vzsnap0";
22
23 my $rsync_vm = sub {
24 my ($self, $task, $to, $text) = @_;
25
26 my $disks = $task->{disks};
27 my $from = $disks->[0]->{dir};
28 $self->loginfo ("starting $text sync $from to $to");
29
30 my $opts = $self->{vzdump}->{opts};
31
32 my @xattr = $task->{no_xattrs} ? () : ('-X', '-A');
33
34 my $rsync = ['rsync', '--stats', '-h', @xattr, '--numeric-ids',
35 '-aH', '--delete', '--no-whole-file',
36 '--sparse', '--one-file-system', '--relative'];
37 push @$rsync, "--bwlimit=$opts->{bwlimit}" if $opts->{bwlimit};
38 push @$rsync, map { "--exclude=$_" } @{$self->{vzdump}->{findexcl}};
39 push @$rsync, map { "--exclude=$_" } @{$task->{exclude_dirs}};
40
41 # See the rsync(1) manpage for --relative in conjunction with /./ in paths.
42 # This is the only way to have exclude-dirs work together with the
43 # --one-file-system option.
44 # This way we can pass multiple source paths and tell rsync which directory
45 # they're supposed to be relative to.
46 # Otherwise with eg. using multiple rsync commands means the --exclude
47 # directives need to be modified for every command as they are meant to be
48 # relative to the rootdir, while rsync treats them as relative to the
49 # source dir.
50 foreach my $disk (@$disks) {
51 push @$rsync, "$from/.$disk->{mp}";
52 }
53
54 my $transferred = '';
55 my $logfunc = sub {
56 return if $_[0] !~ /^Total transferred file size: (.+)$/;
57 $transferred = $1;
58 };
59
60 my $starttime = time();
61 PVE::Tools::run_command([@$rsync, $to], logfunc => $logfunc);
62 my $delay = time () - $starttime;
63
64 $self->loginfo ("$text sync finished - transferred $transferred in ${delay}s");
65 };
66
67 sub new {
68 my ($class, $vzdump) = @_;
69
70 PVE::VZDump::check_bin('lxc-stop');
71 PVE::VZDump::check_bin('lxc-start');
72
73 my $self = bless {}, $class;
74
75 $self->{vzdump} = $vzdump;
76 $self->{storecfg} = PVE::Storage::config();
77
78 $self->{vmlist} = PVE::LXC::config_list();
79
80 return $self;
81 }
82
83 sub type {
84 return 'lxc';
85 }
86
87 sub vm_status {
88 my ($self, $vmid) = @_;
89
90 my $running = PVE::LXC::check_running($vmid) ? 1 : 0;
91
92 return wantarray ? ($running, $running ? 'running' : 'stopped') : $running;
93 }
94
95 my $check_mountpoint_empty = sub {
96 my ($mountpoint) = @_;
97
98 die "mount point '$mountpoint' is not a directory\n" if ! -d $mountpoint;
99
100 PVE::Tools::dir_glob_foreach($mountpoint, qr/.*/, sub {
101 my $entry = shift;
102 return if $entry eq '.' || $entry eq '..';
103 die "mount point '$mountpoint' not empty\n";
104 });
105 };
106
107 sub prepare {
108 my ($self, $task, $vmid, $mode) = @_;
109
110 my $conf = $self->{vmlist}->{$vmid} = PVE::LXC::Config->load_config($vmid);
111 my $storage_cfg = $self->{storecfg};
112
113 $self->loginfo("CT Name: $conf->{hostname}")
114 if defined($conf->{hostname});
115
116 my $running = PVE::LXC::check_running($vmid);
117
118 my $disks = $task->{disks} = [];
119 my $exclude_dirs = $task->{exclude_dirs} = [];
120
121 $task->{hostname} = $conf->{'hostname'} || "CT$vmid";
122
123 my ($id_map, $root_uid, $root_gid) = PVE::LXC::parse_id_maps($conf);
124 $task->{userns_cmd} = PVE::LXC::userns_command($id_map);
125 $task->{root_uid} = $root_uid;
126 $task->{root_gid} = $root_gid;
127
128 my $volids = $task->{volids} = [];
129
130 my $backup_volumes = PVE::LXC::Config->get_backup_volumes($conf);
131
132 for my $volume (@{$backup_volumes}) {
133 my $name = $volume->{key};
134 my $included = $volume->{included};
135 my $volume_config = $volume->{volume_config};
136
137 my $volid = $volume_config->{volume};
138 my $mount = $volume_config->{mp};
139
140 next if !$volid || !$mount;
141
142 if (!$included) {
143 my $type = $volume_config->{type};
144 push @$exclude_dirs, $mount;
145 $self->loginfo("excluding $type mount point $name ('$mount') from backup ($volume->{reason})");
146 next;
147 }
148
149 $volume_config->{name} = $name;
150
151 # immutable raw base images need RO mount
152 if ($conf->{template} && !defined($volume_config->{ro})) {
153 $volume_config->{ro} = 1;
154 }
155
156 $self->loginfo("including mount point $name ('$mount') in backup");
157 push @$disks, $volume_config;
158 push @$volids, $volid if $included;
159 }
160
161 if ($mode eq 'snapshot') {
162 if (!PVE::LXC::Config->has_feature('snapshot', $conf, $storage_cfg, undef, undef, 1)) {
163 die "mode failure - some volumes do not support snapshots\n";
164 }
165
166
167 if ($conf->{snapshots} && $conf->{snapshots}->{vzdump}) {
168 $self->loginfo("found old vzdump snapshot (force removal)");
169 PVE::LXC::Config->lock_config($vmid, sub {
170 $self->unlock_vm($vmid);
171 PVE::LXC::Config->snapshot_delete($vmid, 'vzdump', 1);
172 $self->lock_vm($vmid);
173 });
174 }
175
176 my $rootdir = $default_mount_point;
177 mkpath $rootdir;
178 &$check_mountpoint_empty($rootdir);
179
180 # set snapshot_count (freezes CT if snapshot_count > 1)
181 $task->{snapshot_count} = scalar(@$volids);
182 } elsif ($mode eq 'stop') {
183 my $rootdir = $default_mount_point;
184 mkpath $rootdir;
185 &$check_mountpoint_empty($rootdir);
186 } elsif ($mode eq 'suspend') {
187 my $pid = PVE::LXC::find_lxc_pid($vmid);
188 foreach my $disk (@$disks) {
189 $disk->{dir} = "/proc/$pid/root$disk->{mp}";
190 }
191 $task->{snapdir} = $task->{tmpdir};
192 } else {
193 unlock_vm($self, $vmid);
194 die "unknown mode '$mode'\n"; # should not happen
195 }
196
197 if ($mode ne 'suspend') {
198 # If we perform mount operations, let's unshare the mount namespace
199 # to not influence the running host.
200 PVE::Tools::unshare(PVE::Tools::CLONE_NEWNS);
201 PVE::Tools::run_command(['mount', '--make-rslave', '/']);
202 }
203 }
204
205 sub lock_vm {
206 my ($self, $vmid) = @_;
207
208 PVE::LXC::Config->set_lock($vmid, 'backup');
209 }
210
211 sub unlock_vm {
212 my ($self, $vmid) = @_;
213
214 PVE::LXC::Config->remove_lock($vmid, 'backup')
215 }
216
217 sub snapshot {
218 my ($self, $task, $vmid) = @_;
219
220 $self->loginfo("create storage snapshot 'vzdump'");
221
222 # todo: freeze/unfreeze if we have more than one volid
223 PVE::LXC::Config->lock_config($vmid, sub {
224 $self->unlock_vm($vmid);
225 PVE::LXC::Config->snapshot_create($vmid, 'vzdump', 0, "vzdump backup snapshot");
226 $self->lock_vm($vmid);
227 });
228 $task->{cleanup}->{remove_snapshot} = 1;
229
230 # reload config
231 my $conf = $self->{vmlist}->{$vmid} = PVE::LXC::Config->load_config($vmid);
232 die "unable to read vzdump snapshot config - internal error"
233 if !($conf->{snapshots} && $conf->{snapshots}->{vzdump});
234
235 my $disks = $task->{disks};
236 my $volids = $task->{volids};
237
238 my $rootdir = $default_mount_point;
239 my $storage_cfg = $self->{storecfg};
240
241 PVE::Storage::activate_volumes($storage_cfg, $volids, 'vzdump');
242 foreach my $disk (@$disks) {
243 $disk->{dir} = "${rootdir}$disk->{mp}";
244 PVE::LXC::mountpoint_mount($disk, $rootdir, $storage_cfg, 'vzdump', $task->{root_uid}, $task->{root_gid});
245 }
246
247 $task->{snapdir} = $rootdir;
248 }
249
250 sub copy_data_phase1 {
251 my ($self, $task) = @_;
252
253 if (my $mntinfo = PVE::VZDump::get_mount_info($task->{snapdir})) {
254 if ($mntinfo->{fstype} =~ /^nfs4?/) {
255 $self->loginfo(
256 "temporary directory is on NFS, disabling xattr and acl"
257 ." support, consider configuring a local tmpdir via"
258 ." /etc/vzdump.conf\n");
259 $task->{no_xattrs} = 1;
260 }
261 }
262
263 $self->$rsync_vm($task, $task->{snapdir}, "first");
264 }
265
266 sub copy_data_phase2 {
267 my ($self, $task) = @_;
268
269 $self->$rsync_vm($task, $task->{snapdir}, "final");
270 }
271
272 sub stop_vm {
273 my ($self, $task, $vmid) = @_;
274
275 my $opts = $self->{vzdump}->{opts};
276 my $timeout = $opts->{stopwait} * 60;
277
278 PVE::LXC::vm_stop($vmid, 0, $timeout);
279 }
280
281 sub start_vm {
282 my ($self, $task, $vmid) = @_;
283
284 my $conf = PVE::LXC::Config->load_config($vmid);
285 PVE::LXC::vm_start($vmid, $conf);
286 }
287
288 sub suspend_vm {
289 my ($self, $task, $vmid) = @_;
290
291 PVE::LXC::freeze($vmid);
292 }
293
294 sub resume_vm {
295 my ($self, $task, $vmid) = @_;
296
297 PVE::LXC::thaw($vmid);
298 }
299
300 sub assemble {
301 my ($self, $task, $vmid) = @_;
302
303 my $opts = $self->{vzdump}->{opts};
304
305 my $conf = PVE::LXC::Config->load_config($vmid);
306 delete $conf->{lock};
307 delete $conf->{snapshots};
308 delete $conf->{parent};
309 delete $conf->{pending};
310
311 my $tmpdir = $task->{tmpdir};
312
313 mkpath "$tmpdir/etc/vzdump/";
314
315 PVE::Tools::file_set_contents("$tmpdir/etc/vzdump/pct.conf", PVE::LXC::Config::write_pct_config("/lxc/$vmid.conf", $conf));
316
317 my $firewall ="/etc/pve/firewall/$vmid.fw";
318 my $fwconftmp = "$tmpdir/etc/vzdump/pct.fw";
319
320 if ($self->{vzdump}->{opts}->{pbs}) {
321 # fixme: do not store pct.conf and fw.conf into $tmpdir
322 if (-e $firewall) {
323 PVE::Tools::file_copy($firewall, $fwconftmp);
324 }
325 } else {
326 if (-e $firewall) {
327 PVE::Tools::file_copy($firewall, $fwconftmp);
328 } else {
329 PVE::Tools::file_set_contents($fwconftmp, '');
330 }
331 $task->{fw} = 1;
332 }
333 }
334
335 sub archive {
336 my ($self, $task, $vmid, $filename, $comp) = @_;
337
338 my $disks = $task->{disks};
339 my @sources;
340
341 if ($task->{mode} eq 'stop') {
342 my $storage_cfg = $self->{storecfg};
343
344 PVE::Storage::activate_volumes($storage_cfg, $task->{volids});
345
346 my $rootdir = $default_mount_point;
347 foreach my $disk (@$disks) {
348 $disk->{dir} = "${rootdir}$disk->{mp}";
349 PVE::LXC::mountpoint_mount($disk, $rootdir, $storage_cfg, undef, $task->{root_uid}, $task->{root_gid});
350 # add every enabled mountpoint (since we use --one-file-system)
351 # mp already starts with a / so we only need to add the dot
352 push @sources, ".$disk->{mp}";
353 }
354 $task->{snapdir} = $rootdir;
355 } elsif ($task->{mode} eq 'snapshot') {
356 # mounting the vzdump snapshots and setting $snapdir is already done,
357 # but we need to include all mountpoints here!
358 foreach my $disk (@$disks) {
359 push @sources, ".$disk->{mp}";
360 }
361 } else {
362 # the data was rsynced to a temporary location, only use '.' to avoid
363 # having mountpoints duplicated
364 push @sources, '.';
365 }
366
367 my $opts = $self->{vzdump}->{opts};
368 my $snapdir = $task->{snapdir};
369 my $tmpdir = $task->{tmpdir};
370
371 my $userns_cmd = $task->{userns_cmd};
372 my $findexcl = $self->{vzdump}->{findexcl};
373
374 if ($self->{vzdump}->{opts}->{pbs}) {
375
376 my $param = [];
377 push @$param, "pct.conf:$tmpdir/etc/vzdump/pct.conf";
378
379 my $fw_conf = "$tmpdir/etc/vzdump/pct.fw";
380 if (-f $fw_conf) {
381 push @$param, "fw.conf:$fw_conf";
382 }
383
384 my $rootdir = $snapdir;
385 push @$param, "root.pxar:$rootdir";
386
387 foreach my $disk (@sources) {
388 push @$param, '--include-dev', "$snapdir/$disk";
389 }
390
391 push @$param, '--skip-lost-and-found' if $userns_cmd;
392 push @$param, map { "--exclude=$_" } @$findexcl;
393
394 push @$param, '--backup-type', 'ct';
395 push @$param, '--backup-id', $vmid;
396 push @$param, '--backup-time', $task->{backup_time};
397 push @$param, '--change-detection-mode', $opts->{"pbs-change-detection-mode"}
398 if $opts->{"pbs-change-detection-mode"};
399
400 if (my $entries_max = $opts->{"performance"}->{"pbs-entries-max"}) {
401 push $param->@*, '--entries-max', $entries_max;
402 $self->loginfo(
403 "set max number of entries in memory for file-based backups to $entries_max");
404 }
405
406 my @storage = ($opts->{scfg}, $opts->{storage});
407
408 my $logfunc = sub { my $line = shift; $self->loginfo($line) };
409 PVE::Storage::PBSPlugin::run_raw_client_cmd(@storage, 'backup', $param,
410 logfunc => $logfunc, userns_cmd => $userns_cmd);
411
412 # FIXME: move to a pve-common helper, storage has a similar one
413 my $time_iso8601 = strftime('%FT%TZ', gmtime($task->{backup_time}));
414 my $snapshot_id = "ct/$vmid/$time_iso8601";
415 my $res = eval { PVE::Storage::PBSPlugin::run_client_cmd(@storage, 'files', [$snapshot_id]) } // [];
416 $task->{size} = 0;
417 $task->{size} += $_->{size} for @$res;
418
419 } else {
420
421 my $tar = [@$userns_cmd, 'tar', 'cpf', '-', '--totals',
422 @PVE::Storage::Plugin::COMMON_TAR_FLAGS,
423 '--one-file-system', '--warning=no-file-ignored'];
424
425 # note: --remove-files does not work because we do not
426 # backup all files (filters). tar complains:
427 # Cannot rmdir: Directory not empty
428 # we disable this optimization for now
429 #if ($snapdir eq $task->{tmpdir} && $snapdir =~ m|^$opts->{dumpdir}/|) {
430 # push @$tar, "--remove-files"; # try to save space
431 #}
432
433 # The directory parameter can give an alternative directory as source.
434 # the second parameter gives the structure in the tar.
435 push @$tar, "--directory=$tmpdir", './etc/vzdump/pct.conf';
436 push @$tar, "./etc/vzdump/pct.fw" if $task->{fw};
437 push @$tar, "--directory=$snapdir";
438
439 my @findexcl_no_anchored = ();
440 my @findexcl_anchored = ();
441 foreach my $pattern (@{$findexcl}) {
442 if ($pattern !~ m|^/|) {
443 push @findexcl_no_anchored, $pattern;
444 } else {
445 push @findexcl_anchored, $pattern;
446 }
447 }
448
449 push @$tar, '--no-anchored';
450 push @$tar, '--exclude=lost+found' if $userns_cmd;
451 push @$tar, map { "--exclude=$_" } @findexcl_no_anchored;
452
453 push @$tar, '--anchored';
454 push @$tar, map { "--exclude=.$_" } @findexcl_anchored;
455
456 push @$tar, @sources;
457
458 my $cmd = [ $tar ];
459
460 my $bwl = $opts->{bwlimit}*1024; # bandwidth limit for cstream
461 push @$cmd, [ 'cstream', '-t', $bwl ] if $opts->{bwlimit};
462 push @$cmd, [ split(/\s+/, $comp) ] if $comp;
463
464 if ($opts->{stdout}) {
465 $self->cmd($cmd, output => ">&" . fileno($opts->{stdout}));
466 } else {
467 push @{$cmd->[-1]}, \(">" . PVE::Tools::shellquote($filename));
468 $self->cmd($cmd);
469 }
470 }
471 }
472
473 sub cleanup {
474 my ($self, $task, $vmid) = @_;
475
476 my $conf = PVE::LXC::Config->load_config($vmid);
477
478 if ($task->{mode} ne 'suspend') {
479 my $rootdir = $default_mount_point;
480 my $disks = $task->{disks};
481 foreach my $disk (reverse @$disks) {
482 PVE::Tools::run_command(['umount', '-l', '-d', $disk->{dir}]) if $disk->{dir};
483 }
484 }
485
486 if ($task->{cleanup}->{remove_snapshot}) {
487 my $lock_obtained;
488 my $do_delete = sub {
489 $lock_obtained = 1;
490 $self->loginfo("cleanup temporary 'vzdump' snapshot");
491 PVE::LXC::Config->snapshot_delete($vmid, 'vzdump', 0);
492 };
493
494 eval {
495 eval { PVE::GuestHelpers::guest_migration_lock($vmid, 1, $do_delete); };
496 if (my $err = $@) {
497 die $err if $lock_obtained;
498
499 $self->loginfo("waiting for active replication or other operation..");
500 PVE::GuestHelpers::guest_migration_lock($vmid, 600, $do_delete);
501 }
502 };
503 # will be cleaned up by next backup run anyway
504 warn "snapshot 'vzdump' was not (fully) removed - $@" if $@;
505 }
506 }
507
508 1;