2.10. Managing Virtual Machine and Container Backups

Backing up your virtual machines and containers on a regular basis is essential for system reliability. Virtuozzo allows you to back up and restore virtual machines and containers on the local server with the prlctl and prlsrvctl utilities.

2.10.1. Creating Virtual Machine and Container Backups

You can create backups of virtual machines and containers with the prlctl backup command. The command is executed on the local server where the virtual machines or containers are located. The resulting backups can be stored on either the same local server or a remote server (e.g., a dedicated backup server).

By default, an incremental backup is created that contains only the files changed since the previous full or incremental backup. If no previous backups exist, a full backup is created. (You can also create a full backup with the -f option.)

Note

For increased security during backup operations, Virtuozzo provides connection tunneling between the local server and remote backup server. Tunneling increases backup time, so if you want to speed up the process and do not need a secure tunnel between servers, you can disable connection tunneling with the --no-tunnel option. To use it, configure the firewall of the destination server to allow incoming connections on any port on the corresponding network interface.

To create a backup of the virtual machine MyVM and store it on the local server, run the following command:

# prlctl backup MyVM
...
The VM has been successfully backed up with \
backup id {746dba2a-3b10-4ced-9dd6-76a2blcl4a69}

The backup UUID, like the one shown above, will be required to manage the backup in the future.

If you want to create a backup of the virtual machine MyVM and store said backup on a remote server, specify the remote server’s IP address or hostname with the -s option, for example:

# prlctl backup MyVM -s 192.168.0.10

The root account is used to log in to the remote server by default, so you will be asked for the root password. You can also provide different credentials (and port) in the format [<user>[:<passwd>]@]<server>[:<port>]].

By default, backups are placed in the /vz/vmprivate/backups directory. To set a different default backup directory, use the prlsrvctl set --backup-path <path> command.

Note

  1. You can back up both running and stopped virtual machines and containers.
  2. Creating a consistent backup of a running virtual machine requires the Virtuozzo guest tools to be installed in said virtual machine.
  3. You cannot back up virtual machines with attached physical HDDs, mounted ISO or floppy disk images, etc.

2.10.2. Listing Virtual Machine and Container Backups

You can list backups on the server with the prlctl backup-list command. For example:

# prlctl backup-list
           ID  Backup_ID      Node      Date                 Type  Size
{c1dee22f...}  {209d54a0...}  test.com  2011-05-30 10:19:32  f     411566405
[The ID and Backup ID are reduced for better readability.]

The command output shows that currently only one backup with the ID of 209d54a0-e3b8-4a03-9ca8-d4cc7a2a27ca exists on the server. The information on the backup is presented in the following table:

Column Description
ID Virtual machine or container UUID.
Backup_ID Backup UUID. You need to specify this ID when performing any backup-related operations.
Node The hostname of the physical server storing the backup archive.
Date The date and time when the backup archive was created.
Type

The backup type. Currently, you can create two types of backups:

  • full, f,
  • incremental, i, with only the files changed since the previous full or incremental backup. This is the default backup type.
Size The size of the backup image, in bytes.

If required, you can filter the backup list with the --vmtype ct|cm|all option that only shows backups of containers, virtual machines, or both. To list only backups created on the local server, use the --localvms option.

2.10.3. Restoring Virtual Machines and Containers from Backups

Local or remote backups of virtual machines and containers can be restored with the prlctl restore command.

Note

For increased security during restore operations, Virtuozzo provides connection tunneling between the backup and destination servers. Tunneling increases restore time, so if you want to speed up the process and do not need a secure tunnel between servers, you can disable connection tunneling with the --no-tunnel option. To use it, configure the firewall of the destination server to allow incoming connections on any port on the corresponding network interface.

The following rules and considerations apply:

  • Restore commands are run on the destination server (to which the backups will be restored).

  • Only stopped virtual machines and containers can be restored from backup.

  • Virtuozzo 6 backups can be restored to Virtuozzo 7 servers (with conversion to Virtuozzo 7 format).

    • Backups of virtual machines and containers with guests unsupported in Virtuozzo 7 may not be restored correctly (see Supported Guest Operating Systems).
    • VZFS-based containers must be converted to ploop format and backed up again before they can be restored to Virtuozzo 7.

    Note

    If conversion of the restored VM fails, the restored VM is deleted from the destination server and you can try again. If the second attempt also fails, you need to enable a legacy VM debug mode on the destination Virtuozzo 7 server (see Enabling Legacy VM Debug Mode), make another restore attempt, send the problem report, and contact the technical support team. With the debug mode enabled, the migrated VM will not be deleted from the destination Virtuozzo 7 server after conversion failure. It will remain stopped or running with disabled network to let the technical support team study the memory dump and find out the reason for failure.

To restore a backup of the virtual machine MyVM with the UUID a53f1184-333e-41cf-b410-2ec8ffea67d4, run

# prlctl restore MyVM

or

# prlctl restore a53f1184-333e-41cf-b410-2ec8ffea67d4

If multiple backups of a virtual machine exist, the latest one is restored. To restore a particular backup, specify its ID with the -t option. For example:

# prlctl restore -t 24a3011c-8667-4870-9e11-278f1398eab0

If backups are stored on a remote server and the VM or container to be restored does not exist on the destination server, you can restore it by specifying the VM or container’s UUID or the backup UUID with the -t option and that server’s IP address or hostname with the -s option. For example:

# prlctl restore -t 24a3011c-8667-4870-9e11-278f1398eab0 -s 192.168.0.10

If the VM or container already exists on the destination server (e.g., has been restored from a remote backup once), you can also restore its latest backup by specifying the VM or container’s name.

If necessary, you can transfer remotely stored backups to the local server and restore them locally. To do this:

  1. Find out the default backup directories on the source and destination servers by running prlsrvctl info | grep "Backup path" on each.
  2. Copy backups to the default backup directory on the destination server. Or, if you keep backups on a network storage, attach said network storage to the default backup directory on the destination server.
  3. Restore the backup with the prlctl restore -t command as shown in the example above.

2.10.4. Deleting Virtual Machine and Container Backups

You can delete backups with the prlctl backup-delete command.

To remove a specific VM or container backup, provide the VM or container name or UUID as well as the backup ID (you can find out these IDs with the prlctl backup-list command). For example:

# prlctl backup-list
           ID  Backup_ID      Node      Date                 Type  Size
{c1dee22f...}  {209d54a0...}  test.com  2011-05-30 10:19:32  f     411566405
[The ID and Backup ID are reduced for better readability.]
# prlctl backup-delete MyVM -t 209d54a0-e3b8-4a03-9ca8-d4cc7a2a27ca --keep-chain

With the --keep-chain option specified, the remaining backup chain will be preserved after specific backups are deleted from it.

To delete all backups of a VM or container, specify only the VM or container name or UUID:

# prlctl backup-delete MyVM

2.10.5. Backing Up Entire Servers

In addition to backing up single virtual machines and containers, you can create backups of all virtual environments on the server with the prlsrvctl backup command. For example:

# prlsrvctl backup -f
Backing up the CT MyCT
...
The CT has been successfully backed up with backup id {b14ec76d-c0e2-432f-859a- \
4727c0042065}
Backing up the VM MyVM
...
The VM has been successfully backed up with backup id {746dba2a-3b10-4ced-9dd6- \
76a2blcl4a69}.

Note

  1. You can back up both running and stopped virtual machines and containers.
  2. Creating consistent backups of running virtual machines requires the Virtuozzo guest tools to be installed in said virtual machines.
  3. You cannot back up virtual machines with attached physical HDDs, mounted ISO or floppy disk images, etc.

2.10.6. Attaching Backups to Virtual Machines and Containers

To read the contents of a virtual machine or container backup, you can attach it to a virtual machine or container as a virtual hard disk.

Note

  1. Only local backups can be attached.
  2. The attached backup is writable so that the filesystem can process its journal on mount. However, all changes will be discarded when the backup is detached. The amount of data that can be written to the attached backup is limited to 256MB.
  3. Attached backups are not preserved during clone, backup, and snapshot operations.

2.10.6.1. Attaching Backups to Linux Virtual Machines

  1. Make sure that the prl_backup and kpartx utilities are installed in the virtual machine the backup will be attached to. The prl_backup utility is provided by Virtuozzo guest tools.

  2. Obtain the ID and file name of the backup to attach. You can do this with the prlctl backup-list command. For example:

    # prlctl backup-list vm2 -f
    ...
    Backup_ID: {0fcd6696-c9dc-4827-9fbd-6ee3abe017fa}
    ...
    Name: harddisk.hdd.qcow2c
    
  3. Attach the backup as an HDD to the Linux VM you will access the backup from. You can do this with the prlctl set --backup-add command. For example:

    # prlctl set vm1 --backup-add {0fcd6696-c9dc-4827-9fbd-6ee3abe017fa} \
    --disk harddisk.hdd.qcow2c
    Creating hdd1 (+) sata:2 real='backup:///{0fcd6696-c9dc-4827-9fbd-6ee3abe017fa}/ \
    harddisk.hdd.qcow2c' backup='{0fcd6696-c9dc-4827-9fbd-6ee3abe017fa}' \
    disk='harddisk.hdd.qcow2c'
    

    If the backup contains multiple disks and you need to connect them all, omit the --disk parameter.

  4. Obtain the name of the newly attached device, which is disabled at the moment, using the prl_backup list command. For example:

    # prlctl exec vm1 prl_backup list
    ...
    List of disabled attached backups:
    [1] /dev/sdc
    
  5. Enable the backup with the prl_backup enable command. For example:

    # prlctl exec vm1 prl_backup enable /dev/sdc
    
  6. Optionally, make sure the backup is now enabled, using the prl_backup list -e command. For example:

    # prlctl exec vm1 prl_backup list -e
    List of enabled attached backups:
    [1] /dev/sdc (/dev/mapper/backup1)
    NAME                TYPE  SIZE   FSTYPE   UUID
    MOUNTPOINT
    backup1 (dm-3)      dm    64G
    |-backup1p1 (dm-4)  part  500M   ext4     1ac82165-113d-40ee-8ae2-8a72f62d95bf
     -backup1p2 (dm-5)  part  63.5G  LVM2_mem Zw9QiY-BiU5-o8dn-ScTK-vOZx-KujW-wbgmS3
    

Now you can mount the required backup part as a filesystem.

Mounting the ext4 part requires no additional steps. For example:

# prlctl exec vm1 mount /dev/mapper/backup1p1 /mnt/backup1p1

You can now access the backup part contents at /mnt/backup1p1.

Mounting the LVM2_member part requires the following preparations:

  1. Assign the new volume group a new name so it can coexist with other volume groups. You can do this with the vgimportclone command. For example:

    # prlctl exec vm1 vgimportclone -n backup1p2 /dev/mapper/backup1p2
    ...
    Volume group "VolGroup" successfully renamed to "backup1p2"
    ...
    Found volume group "backup1p2" using metadata type lvm2
    ...
    
  2. Obtain the list of mountable logical volumes with the lvs command. For example:

    # prlctl exec vm1 lvs | grep backup1p2
    lv_home backup1p2 -wi-------11.54g
    lv_root backup1p2 -wi------- 50.00g
    lv_swap backup1p2 -wi-------1.97g
    
  3. Activate the required logical volume with the lvchange -ay command. For example:

    # prlctl exec vm1 lvchange -ay /dev/backup1p2/lv_root
    
  4. Mount the logical volume as a filesystem. For example:

    # prlctl exec vm1 mount /dev/backup1p2/lv_root /mnt/backup1p2
    

You can now access the backup part contents at /mnt/backup1p2.

2.10.6.2. Attaching Backups to Windows Virtual Machines

  1. Obtain the backup ID and file name. For example:

    # prlctl backup-list vm2 -f
    ...
    Backup_ID: {cff742a9-f942-41c5-9ac2-ace3b4eba783}
    ...
    Name: harddisk.hdd.qcow2c
    
  2. Attach the required backup as an HDD to the Windows virtual machine you will access the backup from. For example:

    # prlctl set vm1 --backup-add {cff742a9-f942-41c5-9ac2-ace3b4eba783} \
    --disk harddisk.hdd.qcow2c
    Creating hdd1 (+) sata:2 real='backup:///{cff742a9-f942-41c5-9ac2-ace3b4eba783}/ \
    harddisk.hdd.qcow2c' backup='{cff742a9-f942-41c5-9ac2-ace3b4eba783}' \
    disk='harddisk.hdd.qcow2c'
    

The attached backup will appear as a ready-to-use disk in the Windows virtual machine.

2.10.6.3. Attaching Backups to Linux Containers

  1. Obtain the backup ID and file name with the prlctl backup-list -f command. For example:

    # prlctl backup-list 102 -f
    ...
    Backup_ID: {d70441dd-f077-44a0-8191-27704d4d8fdb}
    ...
    Name: root.hdd.qcow2c
    ...
    
  2. Attach the backup as an HDD to the Linux container you will access the backup from. You can do this with the prlctl set --backup-add command. For example:

    # prlctl set MyCT --backup-add {d70441dd-f077-44a0-8191-27704d4d8fdb} \
    --disk root.hdd.qcow2c
    Creating hdd1 (+) sata:0 real='backup:///{d70441dd-f077-44a0-8191-27704d4d8fdb}/ \
    root.hdd.qcow2c' backup='{d70441dd-f077-44a0-8191-27704d4d8fdb}' \
    disk='root.hdd.qcow2c'
    
  3. Using the backup ID, identify the ploop device corresponding to the backup. For example:

    # ploop list | grep {d70441dd-f077-44a0-8191-27704d4d8fdb}
    ploop28261 /buse/{8417a267-0919-4c8f-a31d-68671358d6a8}_ \
    {d70441dd-f077-44a0-8191-27704d4d8fdb}_root.hdd.qcow2c/content
    
  4. Mount the logical volume as a filesystem. For example:

    # prlctl exec MyCT mount /dev/ploop28261p1 /mnt/backup1
    

You can now access the backup contents at /mnt/backup1.

2.10.7. Detaching Backups from Virtual Machines and Containers

Note

Before detaching a backup from a running virtual machine, do the following:

  1. (Linux VMs) Disable the backup device with the prl_backup disable command run in the guest OS.
  2. (Linux and Windows VMs) Disconnect the corresponding virtual disk by running prlctl set --device-set hdd<N> --disconnect command on the server.
  • To detach all virtual disks from all backups attached to a virtual machine or container, use the prlctl set --backup-del all command. For example:

    # prlctl set vm1 --backup-del all
    
  • To detach all virtual disks from a specific backup attached to a virtual machine or container, use the prlctl set --backup-del <backup_ID> command. For example:

    # prlctl set vm1 --backup-del {e13561bb-5676-49bd-a935-ae0145eb0229}
    
  • To detach a specific virtual disk from any of the backups attached to a virtual machine or container, delete said disk with the prlctl set --device-del hdd<N> command. For example:

    # prlctl set vm1 --device-del hdd1