Local Backup NS8

Hi,

i miss a local Backup direct to the local file system.
Backup to local disk, to USB, to FTP, to samba share.
(Without the way over MinIO - S3 compatibility.)
Will it be possible in the future?
Or is it already possible an i overlook it?

Regards

2 Likes

I don’t think so.
As current product architecture, FTP, USB or SAMBA implies the backup subject (the module/container) can mount the remote device as filesystem. Which as security standpoint is not the best practice, for a rootless container (mounting requires root privileges or tweaked-reduce security settings).
Using network (already available) and APIs (can be added as client to the container software set) for access some diskspace.

Which is the difference? Is not a file transfer while a content transfer through API and not filesystem/underlying OS.
Yes, it’s an overhead. But encrypted comunication as default and with security requirements as defaults enhances since the start the overall securty environment.

  • works for local, not so local and remote networks
  • API endpoint (S3) can be installed on the same “container host” of the container, or another “local” container, into another specific and guarded backup container host (with specific host/key/token limitations for connection, not only mere firewall/timed firewall rules) or even offsite container host/system, adding only… a specific schedule/rule/instruction/setting for another backup task
  • less software to mantain which lead to less security issues due to less possible packages with issues.

It’s the perfect solution and can fit all the scenarios? IMVHO no.
NS8 as my opinion is dropping the “S” of SME due to increased complexity. On the other hand, Scalability, transportability and expandability is way more powerful compared to the current generation of product.
This also ad to another level of (probably) unecessary complexity in restore granularity.

1 Like

Hi @pike ,

thanks for your answer and your explanation.

Regards

A post was split to a new topic: Migrate NS8 applications to other platforms

As Pike pointed out, for now the S3 protocol is the way to go for local backups, too.

I don’t know if this path is sustainable, because it requires other LAN backup devices to provide S3 support. For this reason I would not completely exclude an affordable (and debatable) locally mounted filesystem as backup destination.

There is nothing planned for now, but things can change!

Feature hint: S3 endpoint for the host, while installing the Container Orchestrator. So the local USB devices (if bare metal) can be made available for containers/guests.

1 Like

…or add FUSE support to NS8 MinIO module! :person_shrugging:

Dumb/lack of knowledge mode on.
That FUSE support needs different backup procedure?

My dumb thinking was that on the orchestrator, it’s simply a different S3 endpoint to configure among other possibilities like LAN trans-LAN WAN and… “locally made available from the… docker” (i think that is more proper than host for this architecture).

How the FUSE support could ease the backup?

Also: if S3 is not fully deliberated/approved as backup option… it’s a simple placeholder for early adopters peace of mind?

As you previously pointed out, mounting kernel filesystem requires special rights, so FUSE is just a dumb idea to (partially) work around them… I don’t really know if it can work!!! For instance, if the MinIO module mounts a FUSE/SMB filesystem, the final effect is to have SMB as backup destination.

So FUSE could ease the backup in the sense that it can extend the MinIO module (not the NS8 Core) capabilities.

About S3 protocol, it is widespread among cloud providers and also applications (like MinIO). And, most important, it is supported by Restic which is the NS8 Core backup engine.

@davidep

It’s also practically non-existant in the SME environment. File System support via NAS, File Servers are still the standard there!

That means any SME newbie wouldn have to learn the basics of Restic, the basics of setting up and maintaining a S3 compatible storage, besides having possible certificate issues to deal with!

Not very ideal!

Besides, there are SME companies using cloud, but it’s still far from the norm!

So the server can handle SME, but is more suited for cloud environments, as the backup requires a “cloud-like” environment, which most SMEs don’t want or use. (Additional overhead, know-how needed…).

Also less than ideal…

SMB backups are still by far the most available standard for SMEs, what’s wrong with that?


I’m not a programmer as such, but there are reliable wasy of pipelining / cascading the backup, eg:

The host actually manages the backup, and mounting of the storage, eg for the NS8 core module and makes the storage space available there.
→ More or less the same way a Hypervisor handles disk redundancys (RAID) in virtualized environments, and passes on a “redundant” disk to the VM,. which does not need to care about disk redundancy any more.

The core module could collect the different backups, and put together a compressed file, eg like Duplicity did.

Then any simple rsync can handle the backup!

And then any standard Linux Tools can take it apart and move the data (databases) to whatever new system is intended to replace NS8, if that is needed…


I also admit not being a great fan of Restic, as it can’t use a standard SFTP or Rsync share, it needs special permissions (incl. execute, AFAIK?)…

Duplicity worked well enough for me on NS7.


My 2 cents
Andy

4 Likes

Which means not only FUSE but also a SMB option for the backup procedure. Two software pieces.
Docker S3 implementation is more complex than that?

@pike

Samba (SMB) has been used by SME for over 20 years, that’s something familiar, and usually already available.

S3 is - for SME companies - is not familiar, nor available.

My 2 cents
Andy

2 Likes

10 days ago we had a total power loss for 2 days. No power no internet. Last week the ISP (Vodafone) located a possible dead part. Unfortunately they need to dig up the road. Don’t know how long it’ll take to fix.

Under no circumstances we’ll store anything in a cloud. At least a backup. Never ever. We keep backups in different places. On harddrives. Under our physical control.

Easy and fast backup and restore is essential IMVHO in any IT. Rsync and restic will do the job.

2 Likes

Why?

I will not go with that. No benefit to see, no improvement compared to SME standards, as Andy already pointed out. Only more overhead. This is no good. Way too complicated. I want to keep my backups and restores easy. And btw I don’t like amazon trying to set standards in the IT world. At least with with my backups. I’m sorry.

IMO you’re walking far away from SME straight in direction cloud. This is not meant for SME customers and users.

2 Likes

Indeed MinIO is powered by kubernetes, MinIO delivers scalable, secure, S3 compatible object storage to every public cloud. And in a way it’s logical, that NS8 needs such tools.

AFAIK AWS S3 protocol is not open source. Nobody, except amazon, knows anything, It’s all reverse engineering. You don’t see any risks, do you? If I’m wrong, please correct.

For sure until now it is not widespread among SME admins/users. I will not use this for backups.

3 Likes

Yes it will, as Restic can write to SMB2/3 shares with Rclone


Filed in Trello

3 Likes

Two new backends are coming!

  • SMB2/3 ideal to write backups on a LAN NAS device. I tested it over a NS8 File server
  • Local storage, to write backups on a cluster node, possibly after mounting a disk with instructions like those for MinIO
11 Likes

Great, simply great…

2 Likes

Great!
Very nice.
Many Thanks.

1 Like

Great!!

Good Job.