From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <t.lamprecht@proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 7B93861CBE for <pve-user@lists.proxmox.com>; Fri, 10 Jul 2020 15:50:56 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 78EDD225A1 for <pve-user@lists.proxmox.com>; Fri, 10 Jul 2020 15:50:56 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id E9A6B22597 for <pve-user@lists.proxmox.com>; Fri, 10 Jul 2020 15:50:55 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id B6A3C42DEF; Fri, 10 Jul 2020 15:50:55 +0200 (CEST) To: Eneko Lacunza <elacunza@binovo.es>, Proxmox VE user list <pve-user@lists.proxmox.com> References: <c84ac772-d577-27fd-710c-293d8a4baffe@proxmox.com> <mailman.77.1594381090.12071.pve-user@lists.proxmox.com> <1723924288.458.1594381514035@webmail.proxmox.com> <a92c7f1d-f492-2d43-00b9-15bdb0e805ec@binovo.es> From: Thomas Lamprecht <t.lamprecht@proxmox.com> Message-ID: <f09427ca-73ef-8cc7-9154-ba1c33caf39c@proxmox.com> Date: Fri, 10 Jul 2020 15:50:55 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.0 MIME-Version: 1.0 In-Reply-To: <a92c7f1d-f492-2d43-00b9-15bdb0e805ec@binovo.es> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable X-SPAM-LEVEL: Spam detection results: 0 AWL 0.000 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [PVE-User] Proxmox Backup Server (beta) X-BeenThere: pve-user@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE user list <pve-user.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-user>, <mailto:pve-user-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pve-user/> List-Post: <mailto:pve-user@lists.proxmox.com> List-Help: <mailto:pve-user-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user>, <mailto:pve-user-request@lists.proxmox.com?subject=subscribe> X-List-Received-Date: Fri, 10 Jul 2020 13:50:56 -0000 Hi Eneko, On 10.07.20 13:56, Eneko Lacunza wrote: > El 10/7/20 a las 13:45, Dietmar Maurer escribi=C3=B3: >>> Given we usually perform PVE backups to a NFS server (in a PVE cluste= r >>> node or standalone NAS), do you think it would make sense to setup PB= S >>> in a VM, with storage on a NFS server? >> I guess you can do that, but you may not get maximal performance this = way. >> >> Especially if you put the data on NFS, you can end up sending >> everything twice over the network ... >> > That's a good point to consider, although reusing existing infrastructu= re and/or not needing a fourth server could outweight it for small cluste= rs, specially considering the bandwith savings due to incremental VM back= ups versus current PVE full backups. >=20 Note that it also supports remote sync, and that backups can be encrypted by the client, this opens a few possibilities. One could be having local "hyper-converged" backup servers in each small cluster, and one central (or depending on safety concerns, two) big serve= r to have a off-site copy of all the data in the case a cluster one fails. As = data can be encrypted by the client the backup server doesn't have to be fully= trusted. And as remote sync schedules are done efficiently (only the delt= a) one could have a remote over the WAN. This won't be the primary recommended setup, as a big (enough) local serv= er as primary backup is always faster and better than a hyper-converged one, bu= t should work for situations where one is limited by local available HW. cheers, Thomas