Red Hat SummitEste contenido no está disponible en el idioma seleccionado.
Chapter 3. Using the Block Storage backup service
This chapter explains how to use the Block Storage backup service to perform full or incremental backups, how to restore a backup to a volume, and basic troubleshooting tips.
3.1. Full backups
3.1.1. Creating a full volume backup
To back up a volume, use the cinder backup-create command. By default, this command creates a full backup of the volume. If the volume has existing backups, you can create an incremental backup instead. For information about creating an incremental backup, see Section 2.4.1.2, “Create an Incremental Volume Backup” in the Storage Guide.
You can create backups of volumes to which you have access. This means that users with administrative privileges can back up any volume, regardless of owner. For more information, see Section 3.1.2, “Creating a volume backup as an admin”.
Procedure
View the ID or Display Name of the volume you want to back up:
cinder list
# cinder listCopy to Clipboard Copied! Toggle word wrap Toggle overflow Back up the volume:
cinder backup-create --name <full_backup_name> _VOLUME_
# cinder backup-create --name <full_backup_name> _VOLUME_Copy to Clipboard Copied! Toggle word wrap Toggle overflow Replace VOLUME with the
IDorDisplay Nameof the volume you want to back up. For example:Copy to Clipboard Copied! Toggle word wrap Toggle overflow The
volume_idof the resulting backup is identical to the ID of the source volume.Verify that the volume backup is complete:
cinder backup-list
# cinder backup-listCopy to Clipboard Copied! Toggle word wrap Toggle overflow The volume backup is complete when the
Statusof the backup entry isavailable.
3.1.2. Creating a volume backup as an admin
Users with administrative privileges, such as the default admin account, can back up any volume managed by OpenStack. When an admin backs up a volume owned by a non-admin user, the backup is hidden from the volume owner by default.
Procedure
To back up a volume and make the backup available to a specific tenant:
cinder --os-tenant-name _TENANTNAME_ backup-create _VOLUME_
# cinder --os-tenant-name _TENANTNAME_ backup-create _VOLUME_Where:
- TENANTNAME is the name of the tenant where you want to make the backup available.
- VOLUME is the name or ID of the volume you want to back up.
When performing this operation, the size of the backup counts against the quota of TENANTNAME rather than the admin’s tenant.
3.1.3. Exporting backup metadata from a volume
You can export and store the backup metadata from a volume. Exporting and storing the backup metadata from a volume allows you to restore a volume even if the Block Storage database suffers a catastrophic loss. This is useful when you require full backups of only a small subset of volumes.
When you back up a volume and export its metadata, you can restore the volume on a different Block Storage database or cloud service. Volume encryption is retained in the backup metadata if you specify UUID encryption during volume creation. The restored, encrypted volume is then accessible with your credentials.
Procedure
Run the following command to export and store backup metadata:
cinder backup-export _BACKUPID_
# cinder backup-export _BACKUPID_Where BACKUPID is the ID or name of the volume backup. For example,
The volume backup metadata consists of the backup_service and backup_url values.
3.1.4. Backing up an in-use volume
You can use the cinder backup-create command to create a backup of an in-use volume by adding the --force option.
The --force option relies on Block Storage back end snapshot support and should be supported by most drivers. You can verify snapshot support by checking the documentation for the back end you are using.
By using the --force option, you acknowledge that you are not quiescing the drive before performing the backup. Using this method creates a crash-consistent, but not application-consistent, backup. In other words, the backup will not have an awareness of which applications were running when the backup was performed. However, the data will be intact.
Procedure
To create a backup of an in-use volume, run:
cinder backup-create _VOLUME_ --incremental --force
# cinder backup-create _VOLUME_ --incremental --force3.1.5. Backing up a snapshot
You can create a full backup from a snapshot by using the volume ID that is associated with the snapshot.
Procedure
Locate the snapshot ID of the snapshot to back up using
cinder snapshot list.cinder snapshot-list --volume-id _VOLUME_ID_
# cinder snapshot-list --volume-id _VOLUME_ID_Copy to Clipboard Copied! Toggle word wrap Toggle overflow If the snapshot is named, you can use this example to locate the
ID:cinder snapshot-show _SNAPSHOT_NAME_
# cinder snapshot-show _SNAPSHOT_NAME_Copy to Clipboard Copied! Toggle word wrap Toggle overflow Create the backup of a snapshot:
cinder backup-create _VOLUME_ --snapshot-id=_SNAPSHOT_ID_
# cinder backup-create _VOLUME_ --snapshot-id=_SNAPSHOT_ID_Copy to Clipboard Copied! Toggle word wrap Toggle overflow NoteSnapshot-based backups of NFS volumes fail when you use the
--snapshot-idoption. This is a known issue.
3.2. Incremental backups
The Block Storage backup service provides the option of performing incremental backups.
3.2.1. Performance considerations
Some backup features, such as incremental and data compression, may impact performance. Incremental backups have a performance impact because all of the data in a volume must be read and checksummed for both the full backup and each incremental backup.
Data compression can be used with non-Ceph backends. Enabling data compression requires additional CPU power but uses less network bandwidth and storage space overall.
Multipathing configuration also impacts performance. If multiple volumes are attached without multipathing enabled, you might not be able to connect to the volumes or experience full network capabilities, which impacts performance.
You can use the advanced configuration options (see Appendix A, Advanced Block Storage backup configuration options) to enable or disable compression, define the number of processes, and add additional CPU resources.
3.2.1.1. Backup from a snapshot impact
Some back ends support creating a backup from a snapshot. A driver that supports this feature can directly attach a snapshot to a volume, which is faster than cloning the snapshot into a volume. In general, this feature can affect performance because of the extra step of creating the volume from a snapshot.
3.2.2. Performing incremental backups
By default, the cinder backup-create command creates a full backup of a volume. However, if the volume has existing backups, you can choose to create an incremental backup.
Incremental backups are fully supported on NFS, Object Storage (swift), and Red Hat Ceph Storage backup repositories. Ceph backups currently ignore the --incremental option. Ceph backups attempt to perform incremental backups when the source is a Ceph volume, therefore it is not possible to perform multiple full backups.
Incremental Ceph backups cannot be performed for non-Ceph volumes.
An incremental backup captures any changes to the volume since the last backup (full or incremental). Performing numerous, regular, full backups of a volume can become resource-intensive as the volume’s size increases over time. Incremental backups allow you to capture periodic changes to volumes while minimizing resource usage.
Procedure
To create an incremental volume backup, use the --incremental option:
cinder backup-create --name <incremental_backup_name> --incremental _VOLUME_
# cinder backup-create --name <incremental_backup_name> --incremental _VOLUME_
Replace VOLUME with the ID or Display Name of the volume you want to back up.
You cannot delete a full backup if it already has an incremental backup. If a full backup has multiple incremental backups, you can only delete the latest one.
3.3. Canceling a backup
To cancel a backup, an admin must request a force delete on the backup:
cinder backup-delete --force BACKUP ID
# cinder backup-delete --force BACKUP IDEven if the backup is immediately deleted and no longer appears in the listings, the cancellation operation may still be running. Check the status of the source resource to verify when the status is no longer “backing-up”.
Before Red Hat OpenStack Platform version 12, the “backing-up” status was stored in the volume, even when backing up a snapshot. Therefore, when backing up a snapshot, any delete operation on the snapshot that followed a cancellation could result in an error if the snapshot was still mapped. In Red Hat OpenStack Platform version 13 and later, ongoing restoration operations can be canceled on any of the supported backup drivers.
3.4. Viewing and modifying the backup quota of a tenant
You can use the dashboard to modify tenant storage quotas, for example, the number of volumes, volume storage, snapshots, or other operational limits that a tenant can have. However, you cannot modify backup quotas through the dashboard.
You must use the command-line interface to modify backup quotas by using the cinder quota-update command.
Procedure
To view the storage quotas of a specific tenant (TENANT_ID), run:
cinder quota-show TENANT_ID
# cinder quota-show TENANT_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow To update the maximum number of backups (MAXNUM) that can be created in a specific tenant, run:
cinder quota-update --backups MAXNUM TENANT_ID
# cinder quota-update --backups MAXNUM TENANT_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow To update the maximum total size of all backups (MAXGB) within a specific tenant, run:
cinder quota-update --backup-gigabytes MAXGB TENANT_ID
# cinder quota-update --backup-gigabytes MAXGB TENANT_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow To view the storage quota usage of a specific tenant, run:
cinder quota-usage TENANT_ID
# cinder quota-usage TENANT_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow
3.5. Restoring from backups
3.5.1. Restoring a volume from a backup
These steps create a new volume from a backup.
Procedure
Find the ID of the volume backup you want to use:
cinder backup-list
# cinder backup-listCopy to Clipboard Copied! Toggle word wrap Toggle overflow The Volume ID must match the ID of the volume you want to restore.
Restore the volume backup:
cinder backup-restore _BACKUP_ID_
# cinder backup-restore _BACKUP_ID_Copy to Clipboard Copied! Toggle word wrap Toggle overflow Where BACKUP_ID is the ID of the volume backup you want to use.
If you no longer need the backup, delete it:
cinder backup-delete _BACKUP_ID_
# cinder backup-delete _BACKUP_ID_Copy to Clipboard Copied! Toggle word wrap Toggle overflow If you must restore a backed up volume to a volume of a particular type, use the
--volumeoption to restore a backup to a specific volume:cinder backup-restore _BACKUP_ID --volume VOLUME_ID_
# cinder backup-restore _BACKUP_ID --volume VOLUME_ID_Copy to Clipboard Copied! Toggle word wrap Toggle overflow NoteIf you restore a volume from an encrypted backup, then the destination volume type must also be encrypted.
3.5.2. Restoring a volume after a Block Storage database loss
Typically, a Block Storage database loss prevents you from restoring a volume backup. This is because the Block Storage database contains metadata required by the volume backup service openstack-cinder-backup. This metadata consists of backup_service and backup_url values, which you can export after creating the volume backup. For more information, see Section 3.1.1, “Creating a full volume backup”.
If you exported and stored this metadata, you can import it to a new Block Storage database, which enables you to restore the volume backup.
For incremental backups, you must import all exported data before you can restore one of the incremental backups.
Procedure
As a user with administrative privileges, run:
cinder backup-import _backup_service_ _backup_url_
# cinder backup-import _backup_service_ _backup_url_Copy to Clipboard Copied! Toggle word wrap Toggle overflow Where backup_service and backup_url are from the metadata you exported. For example, using the exported metadata from Section 3.1.1, “Creating a full volume backup”:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow - After the metadata is imported into the Block Storage service database, you can restore the volume as normal. For more information, see Section 3.5.1, “Restoring a volume from a backup”.
3.5.3. Canceling a restoration
Procedure
To cancel the restoration of a backup, alter its status to anything other than
restoring. You can use theerrorstate to minimize confusion regarding whether the restore was successful or not. Alternatively, you can change the value toavailable.openstack volume backup set --state error BACKUP_ID
$ openstack volume backup set --state error BACKUP_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Backup cancellation is an asynchronous action, because the backup driver must detect the status change before it cancels the backup. When the status changes to available in the destination volume, the cancellation is complete.
This feature is not currently available on RBD backups.
If a restore operation is canceled after it starts, the destination volume is useless, because there is no way of knowing how much data, if any, was actually restored.
3.6. Troubleshooting
You can diagnosed many issues by verifying that services are available and by looking in log files for error messages.
Two scenarios account for many issues with the backup service:
- When the cinder-backup service starts up, it connects to its configured back end and uses the back end as a target for backups. Problems with this connection can cause a service to be down.
- When backups are requested, the backup service connects to the volume service and attaches the requested volume. You will not notice connection problems until backup time.
In either case, review the logs for error messages.
For more information about log locations and troubleshooting suggestions, see Logging, Monitoring and Troubleshooting Guide. Log files and services are listed in the Log Files for OpenStack Services section.
3.6.1. Verifying services
Verify that the necessary services are available and check the logs for error messages. Section 1.2, “How do backups and restores work?” illustrates the key services and their interaction.
When troubleshooting an active/passive configuration, make sure to review the log files on the active controller node.
After you verify the status of the services, check the cinder-backup.log file. The Block Storage Backup service log is located in /var/log/containers/cinder/cinder-backup.log.
Procedure
Run
cinder showon the volume to see if the volume is stored by the host:cinder show
# cinder showCopy to Clipboard Copied! Toggle word wrap Toggle overflow Run
cinder service-listto view running services:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Run
pcs resourceto verify the controller on which the cinder backup resource is running:pcs resource
$ pcs resource openstack-cinder-volume (systemd:openstack-cinder-volume): Started controller-0Copy to Clipboard Copied! Toggle word wrap Toggle overflow
3.6.2. Troubleshooting tips
Backups are asynchronous. The Block Storage backup service performs a small number of static checks upon receiving an API request, such as checking for an invalid volume reference (missing) or a volume that is in-use or attached to an instance. The in-use case requires you to use the --force option.
Using the --force option means that I/O will not be quiesced and the resulting volume image may be corrupt.
If the API accepts the request, the backup occurs in the background. The CLI returns immediately, even if the backup has failed or is about to fail. The status of a backup can be queried using the cinder backup API. If an error occurs, review the logs for the cause.
3.6.3. Pacemaker
By default, the Block Storage backup service is deployed with Pacemaker in active/passive mode. By configuring virtual IP addresses, containers, services, and other features as resources in a cluster, Pacemaker ensures that the defined set of OpenStack cluster resources are running and available. When a service or an entire node in a cluster fails, Pacemaker can restart the resource, take the node out of the cluster, or reboot the node. Requests to most of those services are done through HAProxy.
For information on using Pacemaker for troubleshooting, refer to the Managing high availability services with Pacemaker of the High Availability Deployment and Usage guide.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}