XenServer / XCP-ng Automated VM Backups with NAUBackup

XenServer or the full feature enabled version XCP-ng are powerful and free virtualization platforms. Now you want to do automated backups of your VM’s. Enter VmBackup.

The Zen of backing up XenServer

Backing up guests in XenServer according to Citrix documentation, should be done “in” the VM.  That is to say that your Windows guest should run its own backup software to handle backups just like bare metal installs. This sometimes is not ideal and that is where this article hopefully helps.

XenServer, and XCP-ng, Have the ability to perform snapshots, and once a snapshot is created that snapshot can be exported as a disk image, or archive. This image can then be imported to any XenServer or XCP-ng server to recover.

Back up from Dom0

First off it is not recommended to run additional programs in your Xen Dom0.  But for a single system this is often where things get run. In a future article I will explore the ability to run a docker to facilitate the backup from outside of dom0. For now however, we will need to login and install the backup tool.

Installing NAUBackup

Once you have gained ‘root’ access to your XenServer or XCP-ng system you will need to download the zip file from here.

https://github.com/NAUbackup/VmBackup

You can copy and paste the following code to download the current version

cd /opt
curl -sSkL https://github.com/NAUbackup/VmBackup/archive/master.zip -o vmbackup.zip
unzip vmbackup.zip

Now that you have the current version we need to setup the configuration file.

cd VmBackup-master
chmod +x VmBackup.py
cp example.cfg config.cfg

Next you will need to edit the newly created config.cfg with your specific details. The file is heavily commented and you should take a few minutes to read it. 

I want to backup ALL of the VM’s on the system, including newly added ones without having to edit the configuration again. Set the following configurations. Note, I added the status_log option as it does not appear in the configuration file setting it lets you store the status.log where you like.

pool_db_backup=0

max_backups=3

backup_dir=/snapshots/BACKUPS

status_log=/snapshots/status.log

vdi_export_format=raw

vm-export=.*

You may have noticed that we are storing the backups on /snapshots/BACKUPS. That directory should not exist. AND WE DO NOT WANT IT ON OUR dom0.  To work around this we mount a NFS share from an existing storage unit to this point. That way our backups, are stored off of the server.

The Password Storage

VmBackup needs a password of the XenServer to do its magic. In order to securely do this we need to create a password file. 

./VmBackup.py 'MyStrongPa$$word' create-password-file=passwd

Now when we execute the script we just specify the password file. Be sure to set permissions on the file to secure it from non authorized accounts.

Backing up VM’s

Make sure you created the correct directories in your mounted snapshots folder. mkdir -p /snapshots/BACKUPS should do the trick.

Next from test your backup:

./VmBackup.py password config.cfg

You should see an output similar to the following:

2018-09-13-(16:23:35) - VmBackup config loaded from: config.cfg
2018-09-13-(16:23:35) - VmBackup.py running with these settings:
2018-09-13-(16:23:35) -   backup_dir        = /snapshots/BACKUPS
2018-09-13-(16:23:35) -   status_log        = /snapshots/status.log
2018-09-13-(16:23:35) -   compress          = False
2018-09-13-(16:23:35) -   max_backups       = 3
2018-09-13-(16:23:35) -   vdi_export_format = raw
2018-09-13-(16:23:35) -   pool_db_backup    = 0
2018-09-13-(16:23:35) -   exclude (cnt)= 0
2018-09-13-(16:23:35) -   exclude:
2018-09-13-(16:23:35) -   vdi-export (cnt)= 0
2018-09-13-(16:23:35) -   vdi-export:
2018-09-13-(16:23:35) -   vm-export (cnt)= 1
2018-09-13-(16:23:35) -   vm-export: win10
2018-09-13-(16:23:35) - SUCCESS check of parameters
2018-09-13-(16:23:35) - ===========================
2018-09-13-(16:23:35) - VmBackup running on xcp-ng-kdxlxgzd ...
2018-09-13-(16:23:35) - ===========================
2018-09-13-(16:23:35) - Check if backup directory /snapshots/BACKUPS is writable ...
2018-09-13-(16:23:35) - /bin/touch "/snapshots/BACKUPS/00VMbackupWriteTest"
2018-09-13-(16:23:35) - Success: backup directory area is writable
2018-09-13-(16:23:35) - ===========================
2018-09-13-(16:23:35) - Space before backups: df -Th /snapshots/BACKUPS
2018-09-13-(16:23:35) - Filesystem                Type  Size  Used Avail Use% Mounted on
2018-09-13-(16:23:35) - 192.168.1.5:/XenBackups nfs   670G   17G  653G   3% /snapshots
2018-09-13-(16:23:35) - ************ vdi-export= ***************
2018-09-13-(16:23:35) - ************ vm-export= ***************
2018-09-13-(16:23:35) - *** vm-export begin win10
2018-09-13-(16:23:35) - vm-export - vm_name: win10 max_backups: 3
2018-09-13-(16:23:35) - new backup_dir: /snapshots/BACKUPS/win10/backup-2018-09-13-(16:23:35)
2018-09-13-(16:23:35) - Exporting VM metadata XML info
2018-09-13-(16:23:35) - *** vm-export metadata end
2018-09-13-(16:23:35) - Writing disk info
2018-09-13-(16:23:35) - vbd: OpaqueRef:c2e339c3-63be-4ab5-a714-911c7f7f2423
2018-09-13-(16:23:35) - vbd: OpaqueRef:a3373d7c-c155-4f9a-9a0c-824699137cda
2018-09-13-(16:23:35) - disk: win10 0 - begin
2018-09-13-(16:23:35) - Writing VIF info
2018-09-13-(16:23:35) - Writing VIF: 0
2018-09-13-(16:23:35) - Writing VIF: 1
2018-09-13-(16:23:35) - *** vm-export begin xe command sequence
2018-09-13-(16:23:35) - power-state ( RO)    : running
2018-09-13-(16:23:35) - vm is running
2018-09-13-(16:23:35) - check for prev-vm-snapshot: RESTORE_win10
2018-09-13-(16:23:35) - 1.cmd: /opt/xensource/bin/xe vm-snapshot vm=017126c8-dc39-7c10-f0f2-886a8267458c new-name-label="RESTORE_win10"
2018-09-13-(16:23:37) - snap-uuid: 9f25d247-7afc-e721-c5a6-922aea470868
2018-09-13-(16:23:37) - 2.cmd: /opt/xensource/bin/xe template-param-set is-a-template=false ha-always-run=false uuid=9f25d247-7afc-e721-c5a6-922aea470868
2018-09-13-(16:23:37) - 3.cmd: /opt/xensource/bin/xe vm-export uuid=9f25d247-7afc-e721-c5a6-922aea470868 filename="/snapshots/BACKUPS/win10/backup-2018-09-13-(16:23:35)/win10.xva"
2018-09-13-(16:43:19) - Export succeeded
2018-09-13-(16:43:19) - vm-export success
2018-09-13-(16:43:19) - 4.cmd: /opt/xensource/bin/xe vm-uninstall uuid=9f25d247-7afc-e721-c5a6-922aea470868 force=true
2018-09-13-(16:43:19) - The following items are about to be destroyed
2018-09-13-(16:43:19) - VM : 9f25d247-7afc-e721-c5a6-922aea470868 (RESTORE_win10)
2018-09-13-(16:43:19) - VDI: 05be36a9-7a5f-429e-a647-43a4711c9032 (win10 0)
2018-09-13-(16:43:19) - All objects destroyed
2018-09-13-(16:43:19) - *** vm-export end
2018-09-13-(16:43:19) - *** success: /snapshots/BACKUPS/win10/backup-2018-09-13-(16:23:35)/win10.xva : 48G
2018-09-13-(16:43:19) - VmBackup vm-export win10 - ***Success*** t:19
2018-09-13-(16:43:19) - ===========================
2018-09-13-(16:43:19) - Space status: df -Th /snapshots/BACKUPS
2018-09-13-(16:43:19) - Filesystem                Type  Size  Used Avail Use% Mounted on
2018-09-13-(16:43:19) - 192.168.1.5:/XenBackups nfs   670G   65G  605G  10% /snapshots
2018-09-13-(16:43:19) - VmBackup ended - Success - S:1 W:0 E:0

Automate “IT”

Backups are able to then be executed with simple cron-job 

5 1 * * * cd /opt/VmBackup; ./VmBackup.py passwd config.cfg >/dev/null 2>&1

Conclusion

Now that your backups can be handled automatically, you can worry about other important issues.  There stands room for improvement here, such as automatic notification of failures, verification of success. Perhaps even sending notifications to a monitoring service such as Zabbix. It is also considered bad practice to install software to dom0, so in the future we will look at what it takes to create a docker container, and run the backup from outside of the dom0.

You may also want to take special care in the event of a power failure to assure that VM Guests are properly shutdown.