* [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores
@ 2025-06-16 14:21 Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 1/2] pbs-api-types: add types for S3 client configs and secrets Christian Ebner
` (42 more replies)
0 siblings, 43 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Disclaimer: These patches are still in an experimental state and not
intended for production use.
This patch series aims to add S3 compatible object stores as storage
backend for PBS datastores. A PBS local cache store using the regular
datastore layout is used for faster operation, bypassing requests to
the S3 api when possible. Further, the local cache store allows to
keep frequently used chunks and is used to avoid expensive metadata
updates on the object store, e.g. by using local marker file during
garbage collection.
Backups are created by upload chunks to the corresponding S3 bucket,
while keeping the index files in the local cache store, on backup
finish, the snapshot metadata are persisted to the S3 storage backend.
Snapshot restores read chunks preferably from the local cache store,
downloading and insterting them if not present from the S3 object
store. Listing and snapsoht metadata operation currently rely soly on
the local cache store.
Currently chunks use a 1:1 mapping to S3 objects. An advanced packing
mechanism for chunks to significantly reduce the number of api
requests and therefore be more cost effective will be implemented as
followup patches.
Note: These patches assume the javascript files to be pre-formatted
using proxmox-biome to apply cleanly (not part of this series).
Most notably changes since RFC version 2 of the patches (thanks
@Lukas for feedback):
- Extend S3 client implementation to also support path style bucket
addressing.
- Keep bucket name as config option for the datastore, allowing more
flexible reuse of a configured S3 client.
- Use the datastore name as additional object key prefix to allow for
multiple datastores on the same bucket.
- Allow bucket and region templating in S3 endpoint, making this more
flexible with respect to possible DNS records.
- Rework datastore create window to be less overloaded.
- Drop dead code in the S3 client implementation, since tagging and
object copying is currently not required.
- Fix missing locking when deleting chunks from s3 store during
garbage collection, avoiding possible chunk loss for concurrent
backups.
- Remove chunks from LRU cache when deleting chunks during garbage
collection, avoiding possible chunk loss for concurrent backups.
- Add dedicated types for object prefix and relative s3 key paths to
avoid misuse.
- Use more fitting icon for S3 client.
Link to the bugtracker issue:
https://bugzilla.proxmox.com/show_bug.cgi?id=2943
The previous RFC version 2 of the patch series can be found at:
https://lore.proxmox.com/pbs-devel/cae15312-019a-4a95-8f4c-88c9a25f6b54@proxmox.com/T/
Steps to setup a local S3 object store using RADOS gateway or MinIO
can be found at (internal only, external users might use the steps
outlined in the cover letter and comments of RFC version 2):
https://wiki.intra.proxmox.com/PBS_Setup_S3_Object_Store
proxmox:
Christian Ebner (2):
pbs-api-types: add types for S3 client configs and secrets
pbs-api-types: extend datastore config by backend config enum
pbs-api-types/src/datastore.rs | 100 ++++++++++++++++++++-
pbs-api-types/src/lib.rs | 3 +
pbs-api-types/src/s3.rs | 154 +++++++++++++++++++++++++++++++++
3 files changed, 256 insertions(+), 1 deletion(-)
create mode 100644 pbs-api-types/src/s3.rs
proxmox-backup:
Christian Ebner (41):
api: fix minor formatting issues
bin: sort submodules alphabetically
datastore: ignore missing owner file when removing group directory
verify: refactor verify related functions to be methods of worker
s3 client: add crate for AWS S3 compatible object store client
s3 client: implement AWS signature v4 request authentication
s3 client: add dedicated type for s3 object keys
s3 client: add type for last modified timestamp in responses
s3 client: add helper to parse http date headers
s3 client: implement methods to operate on s3 objects in bucket
config: introduce s3 object store client configuration
api: config: implement endpoints to manipulate and list s3 configs
api: datastore: check S3 backend bucket access on datastore create
api/bin: add endpoint and command to check s3 client connection
datastore: allow to get the backend for a datastore
api: backup: store datastore backend in runtime environment
api: backup: conditionally upload chunks to S3 object store backend
api: backup: conditionally upload blobs to S3 object store backend
api: backup: conditionally upload indices to S3 object store backend
api: backup: conditionally upload manifest to S3 object store backend
sync: pull: conditionally upload content to S3 backend
api: reader: fetch chunks based on datastore backend
datastore: local chunk reader: read chunks based on backend
verify worker: add datastore backed to verify worker
verify: implement chunk verification for stores with s3 backend
datastore: create namespace marker in S3 backend
datastore: create/delete protected marker file on S3 storage backend
datastore: prune groups/snapshots from S3 object store backend
datastore: get and set owner for S3 store backend
datastore: implement garbage collection for s3 backend
ui: add datastore type selector and reorganize component layout
ui: add S3 client edit window for configuration create/edit
ui: add S3 client view for configuration
ui: expose the S3 client view in the navigation tree
ui: add s3 client selector and bucket field for s3 backend setup
tools: lru cache: add removed callback for evicted cache nodes
tools: async lru cache: implement insert, remove and contains methods
datastore: add local datastore cache for network attached storages
api: backup: use local datastore cache on S3 backend chunk upload
api: reader: use local datastore cache on S3 backend chunk fetching
api: backup: add no-cache flag to bypass local datastore cache
Cargo.toml | 8 +
examples/upload-speed.rs | 1 +
pbs-client/src/backup_writer.rs | 4 +-
pbs-config/src/lib.rs | 1 +
pbs-config/src/s3.rs | 82 ++
pbs-datastore/Cargo.toml | 3 +
pbs-datastore/src/backup_info.rs | 61 +-
pbs-datastore/src/cached_chunk_reader.rs | 6 +-
pbs-datastore/src/chunk_store.rs | 4 +
pbs-datastore/src/datastore.rs | 465 ++++++++-
pbs-datastore/src/dynamic_index.rs | 1 +
pbs-datastore/src/lib.rs | 4 +
pbs-datastore/src/local_chunk_reader.rs | 37 +-
.../src/local_datastore_lru_cache.rs | 116 +++
pbs-s3-client/Cargo.toml | 31 +
pbs-s3-client/src/aws_sign_v4.rs | 140 +++
pbs-s3-client/src/client.rs | 560 +++++++++++
pbs-s3-client/src/lib.rs | 122 +++
pbs-s3-client/src/object_key.rs | 102 ++
pbs-s3-client/src/response_reader.rs | 343 +++++++
pbs-tools/src/async_lru_cache.rs | 46 +-
pbs-tools/src/lru_cache.rs | 42 +-
proxmox-backup-client/src/benchmark.rs | 1 +
proxmox-backup-client/src/main.rs | 8 +
src/api2/admin/datastore.rs | 52 +-
src/api2/admin/mod.rs | 2 +
src/api2/admin/s3.rs | 80 ++
src/api2/backup/environment.rs | 145 ++-
src/api2/backup/mod.rs | 107 +--
src/api2/backup/upload_chunk.rs | 93 +-
src/api2/config/datastore.rs | 49 +-
src/api2/config/mod.rs | 2 +
src/api2/config/s3.rs | 310 ++++++
src/api2/reader/environment.rs | 12 +-
src/api2/reader/mod.rs | 59 +-
src/backup/verify.rs | 879 +++++++++---------
src/bin/proxmox-backup-manager.rs | 1 +
src/bin/proxmox_backup_manager/mod.rs | 30 +-
src/bin/proxmox_backup_manager/s3.rs | 46 +
src/server/pull.rs | 62 +-
src/server/push.rs | 1 +
src/server/verify_job.rs | 12 +-
www/Makefile | 3 +
www/NavigationTree.js | 6 +
www/config/S3ClientView.js | 137 +++
www/form/S3ClientSelector.js | 33 +
www/window/DataStoreEdit.js | 110 ++-
www/window/S3ClientEdit.js | 144 +++
48 files changed, 3883 insertions(+), 680 deletions(-)
create mode 100644 pbs-config/src/s3.rs
create mode 100644 pbs-datastore/src/local_datastore_lru_cache.rs
create mode 100644 pbs-s3-client/Cargo.toml
create mode 100644 pbs-s3-client/src/aws_sign_v4.rs
create mode 100644 pbs-s3-client/src/client.rs
create mode 100644 pbs-s3-client/src/lib.rs
create mode 100644 pbs-s3-client/src/object_key.rs
create mode 100644 pbs-s3-client/src/response_reader.rs
create mode 100644 src/api2/admin/s3.rs
create mode 100644 src/api2/config/s3.rs
create mode 100644 src/bin/proxmox_backup_manager/s3.rs
create mode 100644 www/config/S3ClientView.js
create mode 100644 www/form/S3ClientSelector.js
create mode 100644 www/window/S3ClientEdit.js
Summary over all repositories:
51 files changed, 4139 insertions(+), 681 deletions(-)
--
Generated by git-murpp 0.8.1
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox v3 1/2] pbs-api-types: add types for S3 client configs and secrets
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 2/2] pbs-api-types: extend datastore config by backend config enum Christian Ebner
` (41 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the new config types `S3ClientConfig` and `S3ClientSecret` to
configure datastore backends using an S3 compatible object store.
Secrets are stored as different config to never be returned on api
calls, only allowing to set/update the values.
Use a different name (`secrets_id`) for the unique identifier in case
of the secrets type, although the same id should be used for storing
and lookup. By this, clashing of property names when using flattened
types as api parameters is avoided.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-api-types/src/lib.rs | 3 +
pbs-api-types/src/s3.rs | 154 +++++++++++++++++++++++++++++++++++++++
2 files changed, 157 insertions(+)
create mode 100644 pbs-api-types/src/s3.rs
diff --git a/pbs-api-types/src/lib.rs b/pbs-api-types/src/lib.rs
index 99ec7961..7a5ea11d 100644
--- a/pbs-api-types/src/lib.rs
+++ b/pbs-api-types/src/lib.rs
@@ -147,6 +147,9 @@ pub use remote::*;
mod pathpatterns;
pub use pathpatterns::*;
+mod s3;
+pub use s3::*;
+
mod tape;
pub use tape::*;
diff --git a/pbs-api-types/src/s3.rs b/pbs-api-types/src/s3.rs
new file mode 100644
index 00000000..effbe513
--- /dev/null
+++ b/pbs-api-types/src/s3.rs
@@ -0,0 +1,154 @@
+use anyhow::bail;
+use const_format::concatcp;
+use serde::{Deserialize, Serialize};
+
+use proxmox_schema::api_types::{
+ CERT_FINGERPRINT_SHA256_SCHEMA, DNS_LABEL_STR, IPRE_STR, SAFE_ID_FORMAT,
+};
+use proxmox_schema::{api, const_regex, ApiStringFormat, Schema, StringSchema, Updater};
+
+#[rustfmt::skip]
+pub const S3_ENDPOINT_NAME_STR: &str = concatcp!(
+ r"(?:(?:(", DNS_LABEL_STR, r"|\{\{bucket\}\}|\{\{region\}\})\.)*", DNS_LABEL_STR, ")"
+);
+#[rustfmt::skip]
+pub const S3_BUCKET_NAME_REGEX_STR: &str = r"^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$";
+
+const_regex! {
+ /// Regex to match S3 bucket names.
+ ///
+ /// Be as strict as possible following the rules as described here:
+ /// https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#general-purpose-bucket-names
+ pub S3_BUCKET_NAME_REGEX = r"^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$";
+ /// Regex to match S3 endpoints including template patterns.
+ pub S3_ENDPOINT_REGEX = concatcp!(r"^(?:", S3_ENDPOINT_NAME_STR, "|", IPRE_STR, r")$");
+ /// Regex to match S3 regions.
+ pub S3_REGION_REGEX = r"^[a-z]{2}\-[a-z]{4,}\-[0-9]$";
+}
+
+pub const S3_ENDPOINT_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&S3_ENDPOINT_REGEX);
+pub const S3_REGION_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&S3_REGION_REGEX);
+
+pub const S3_CLIENT_ID_SCHEMA: Schema =
+ StringSchema::new("Unique ID to identify s3 client config.")
+ .format(&SAFE_ID_FORMAT)
+ .min_length(3)
+ .max_length(32)
+ .schema();
+
+pub const S3_ENDPOINT_SCHEMA: Schema = StringSchema::new("Endpoint to access S3 object store.")
+ .format(&S3_ENDPOINT_FORMAT)
+ .schema();
+
+pub const S3_REGION_SCHEMA: Schema = StringSchema::new("Region to access S3 object store.")
+ .format(&S3_REGION_FORMAT)
+ .min_length(3)
+ .max_length(32)
+ .schema();
+
+pub const S3_BUCKET_NAME_SCHEMA: Schema = StringSchema::new("Bucket name for S3 object store.")
+ .format(&ApiStringFormat::VerifyFn(|bucket_name| {
+ if !(S3_BUCKET_NAME_REGEX.regex_obj)().is_match(bucket_name) {
+ bail!("Bucket name does not match the regex pattern");
+ }
+
+ // Exclude pre- and postfixes described here:
+ // https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#general-purpose-bucket-names
+ let forbidden_prefixes = ["xn--", "sthree-", "amzn-s3-demo-"];
+ for prefix in forbidden_prefixes {
+ if bucket_name.starts_with(prefix) {
+ bail!("Bucket name cannot start with '{prefix}'");
+ }
+ }
+
+ let forbidden_postfixes = ["--ol-s3", ".mrap", "--x-s3"];
+ for postfix in forbidden_postfixes {
+ if bucket_name.ends_with(postfix) {
+ bail!("Bucket name cannot end with '{postfix}'");
+ }
+ }
+
+ Ok(())
+ }))
+ .min_length(3)
+ .max_length(63)
+ .schema();
+
+#[api(
+ properties: {
+ id: {
+ schema: S3_CLIENT_ID_SCHEMA,
+ },
+ endpoint: {
+ schema: S3_ENDPOINT_SCHEMA,
+ },
+ port: {
+ type: u16,
+ description: "Port to access S3 object store.",
+ optional: true,
+ },
+ region: {
+ schema: S3_REGION_SCHEMA,
+ optional: true,
+ },
+ fingerprint: {
+ schema: CERT_FINGERPRINT_SHA256_SCHEMA,
+ optional: true,
+ },
+ "access-key": {
+ type: String,
+ description: "Access key for S3 object store.",
+ },
+ "path-style": {
+ type: bool,
+ optional: true,
+ default: false,
+ description: "Use path style bucket addressing over vhost style.",
+ },
+ }
+)]
+#[derive(Serialize, Deserialize, Updater, Clone, PartialEq)]
+#[serde(rename_all = "kebab-case")]
+/// S3 client configuration properties.
+pub struct S3ClientConfig {
+ #[updater(skip)]
+ pub id: String,
+ pub endpoint: String,
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub port: Option<u16>,
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub region: Option<String>,
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub fingerprint: Option<String>,
+ pub access_key: String,
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub path_style: Option<bool>,
+}
+
+impl S3ClientConfig {
+ pub fn acl_path(&self) -> Vec<&str> {
+ // Needs permissions on root path
+ Vec::new()
+ }
+}
+
+#[api(
+ properties: {
+ "secrets-id": {
+ type: String,
+ description: "Unique ID to identify s3 client secret config.",
+ },
+ "secret-key": {
+ type: String,
+ description: "Secret key for S3 object store.",
+ },
+ }
+)]
+#[derive(Serialize, Deserialize, Updater, Clone, PartialEq)]
+#[serde(rename_all = "kebab-case")]
+/// S3 client secrets configuration properties.
+pub struct S3ClientSecretsConfig {
+ #[updater(skip)]
+ pub secrets_id: String,
+ pub secret_key: String,
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox v3 2/2] pbs-api-types: extend datastore config by backend config enum
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 1/2] pbs-api-types: add types for S3 client configs and secrets Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 01/41] api: fix minor formatting issues Christian Ebner
` (40 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Allows to configure a backend config variant for a datastore on
creation. The current default `Filesystem` backend variant is
introduced to be compatible with existing storages. A new S3 backend
variant allows to create datastores backed by an S3 compatible object
store instead.
For S3 backends, the type, id of the corresponding S3 client
configuration as well as the bucket name are stored as property
string. A valid datastore backend configuration for S3 therefore
contains:
```
...
backend bucket=<BUCKET_NAME>,client=<S3_CONFIG_ID>,type=s3
...
```
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-api-types/src/datastore.rs | 100 ++++++++++++++++++++++++++++++++-
1 file changed, 99 insertions(+), 1 deletion(-)
diff --git a/pbs-api-types/src/datastore.rs b/pbs-api-types/src/datastore.rs
index 5bd953ac..9efec432 100644
--- a/pbs-api-types/src/datastore.rs
+++ b/pbs-api-types/src/datastore.rs
@@ -286,6 +286,94 @@ pub const DATASTORE_TUNING_STRING_SCHEMA: Schema = StringSchema::new("Datastore
))
.schema();
+#[api]
+#[derive(Copy, Clone, Default, Deserialize, Serialize, Updater, PartialEq)]
+#[serde(rename_all = "kebab-case")]
+/// Datastore backend type
+pub enum DatastoreBackendType {
+ /// Local filesystem
+ #[default]
+ Filesystem,
+ /// S3 object store
+ S3,
+}
+serde_plain::derive_display_from_serialize!(DatastoreBackendType);
+serde_plain::derive_fromstr_from_deserialize!(DatastoreBackendType);
+
+#[api(
+ properties: {
+ type: {
+ type: DatastoreBackendType,
+ optional: true,
+ },
+ client: {
+ schema: super::s3::S3_CLIENT_ID_SCHEMA,
+ optional: true,
+ },
+ bucket: {
+ schema: super::s3::S3_BUCKET_NAME_SCHEMA,
+ optional: true,
+ },
+ },
+ default_key: "type",
+)]
+#[derive(Default, Deserialize, Serialize)]
+#[serde(rename_all = "kebab-case")]
+/// Datastore backend config
+pub struct DatastoreBackendConfig {
+ /// backend type
+ #[serde(rename = "type")]
+ pub ty: Option<DatastoreBackendType>,
+ /// s3 client id
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub client: Option<String>,
+ /// s3 bucket name
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub bucket: Option<String>,
+}
+
+pub const DATASTORE_BACKEND_CONFIG_STRING_SCHEMA: Schema =
+ StringSchema::new("Datastore backend config")
+ .format(&ApiStringFormat::VerifyFn(verify_datastore_backend_config))
+ .type_text("<backend-config>")
+ .schema();
+
+fn verify_datastore_backend_config(input: &str) -> Result<(), Error> {
+ DatastoreBackendConfig::from_str(input).map(|_| ())
+}
+
+impl FromStr for DatastoreBackendConfig {
+ type Err = Error;
+
+ fn from_str(s: &str) -> Result<Self, Self::Err> {
+ let backend_config: DatastoreBackendConfig =
+ proxmox_schema::property_string::parse_with_schema(
+ s,
+ &DatastoreBackendConfig::API_SCHEMA,
+ )?;
+ let backend_type = backend_config.ty.unwrap_or_default();
+ match backend_type {
+ DatastoreBackendType::Filesystem => {
+ if backend_config.client.is_some() {
+ bail!("additional option client, not allowed for backend type filesystem");
+ }
+ if backend_config.bucket.is_some() {
+ bail!("additional option bucket, not allowed for backend type filesystem");
+ }
+ }
+ DatastoreBackendType::S3 => {
+ if backend_config.client.is_none() {
+ bail!("missing option client, required for backend type s3");
+ }
+ if backend_config.bucket.is_none() {
+ bail!("missing option bucket, required for backend type s3");
+ }
+ }
+ }
+ Ok(backend_config)
+ }
+}
+
#[api(
properties: {
name: {
@@ -336,7 +424,11 @@ pub const DATASTORE_TUNING_STRING_SCHEMA: Schema = StringSchema::new("Datastore
optional: true,
format: &proxmox_schema::api_types::UUID_FORMAT,
type: String,
- }
+ },
+ backend: {
+ schema: DATASTORE_BACKEND_CONFIG_STRING_SCHEMA,
+ optional: true,
+ },
}
)]
#[derive(Serialize, Deserialize, Updater, Clone, PartialEq)]
@@ -389,6 +481,11 @@ pub struct DataStoreConfig {
#[updater(skip)]
#[serde(skip_serializing_if = "Option::is_none")]
pub backing_device: Option<String>,
+
+ /// Backend configuration for datastore
+ #[updater(skip)]
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub backend: Option<String>,
}
#[api]
@@ -424,6 +521,7 @@ impl DataStoreConfig {
tuning: None,
maintenance_mode: None,
backing_device: None,
+ backend: None,
}
}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 01/41] api: fix minor formatting issues
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 1/2] pbs-api-types: add types for S3 client configs and secrets Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 2/2] pbs-api-types: extend datastore config by backend config enum Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 02/41] bin: sort submodules alphabetically Christian Ebner
` (39 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
These are currently not shown by a `cargo fmt --check`.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/mod.rs | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/api2/backup/mod.rs b/src/api2/backup/mod.rs
index 629df933e..567bca3ef 100644
--- a/src/api2/backup/mod.rs
+++ b/src/api2/backup/mod.rs
@@ -166,7 +166,7 @@ fn upgrade_to_backup_protocol(
Ok(None) => {
// no verify state found, treat as valid
Some(info)
- },
+ }
Err(err) => {
warn!("error parsing the snapshot manifest: {err:#}");
Some(info)
@@ -236,7 +236,8 @@ fn upgrade_to_backup_protocol(
.and_then(move |conn| {
env2.debug("protocol upgrade done");
- let mut http = hyper::server::conn::http2::Builder::new(ExecInheritLogContext);
+ let mut http =
+ hyper::server::conn::http2::Builder::new(ExecInheritLogContext);
// increase window size: todo - find optiomal size
let window_size = 32 * 1024 * 1024; // max = (1 << 31) - 2
http.initial_stream_window_size(window_size);
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 02/41] bin: sort submodules alphabetically
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (2 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 01/41] api: fix minor formatting issues Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 03/41] datastore: ignore missing owner file when removing group directory Christian Ebner
` (38 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Makes it easier to find existing entries or insert new modules.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/bin/proxmox_backup_manager/mod.rs | 28 +++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/src/bin/proxmox_backup_manager/mod.rs b/src/bin/proxmox_backup_manager/mod.rs
index 11fb6dd3b..9b5c73e9a 100644
--- a/src/bin/proxmox_backup_manager/mod.rs
+++ b/src/bin/proxmox_backup_manager/mod.rs
@@ -8,31 +8,31 @@ mod cert;
pub use cert::*;
mod datastore;
pub use datastore::*;
+mod disk;
+pub use disk::*;
mod dns;
pub use dns::*;
mod ldap;
pub use ldap::*;
mod network;
pub use network::*;
-mod prune;
-pub use prune::*;
-mod remote;
-pub use remote::*;
-mod sync;
-pub use sync::*;
-mod verify;
-pub use verify::*;
-mod user;
-pub use user::*;
-mod subscription;
-pub use subscription::*;
-mod disk;
-pub use disk::*;
mod node;
pub use node::*;
mod notifications;
pub use notifications::*;
mod openid;
pub use openid::*;
+mod prune;
+pub use prune::*;
+mod remote;
+pub use remote::*;
+mod subscription;
+pub use subscription::*;
+mod sync;
+pub use sync::*;
mod traffic_control;
pub use traffic_control::*;
+mod user;
+pub use user::*;
+mod verify;
+pub use verify::*;
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 03/41] datastore: ignore missing owner file when removing group directory
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (3 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 02/41] bin: sort submodules alphabetically Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 04/41] verify: refactor verify related functions to be methods of worker Christian Ebner
` (37 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Since commit 23be00a4 ("fix #3336: datastore: remove group if the
last snapshot is removed"), a backup group directory is cleaned up
when the new locking mechanism is in use once:
- the group is requested to be destroyed and all the snapshots have
been deleted
- the last snapshot of a group has been destroyed
Since then, the owner file is also cleaned up separately.
However, the owner file might be already missing due to removal of
the group directory executed when removing the last backup snapshot
of the group, making the subsequent call in the backup group destroy
method fail.
Fix this by ignoring a missing owner file and continue with trying to
emove the group directory itself.
Fixes: 23be00a4 ("fix #3336: datastore: remove group if the last snapshot is removed")
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/backup_info.rs | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/pbs-datastore/src/backup_info.rs b/pbs-datastore/src/backup_info.rs
index 8b8ac559d..37a605b94 100644
--- a/pbs-datastore/src/backup_info.rs
+++ b/pbs-datastore/src/backup_info.rs
@@ -257,9 +257,11 @@ impl BackupGroup {
let owner_path = self.store.owner_path(&self.ns, &self.group);
- std::fs::remove_file(&owner_path).map_err(|err| {
- format_err!("removing the owner file '{owner_path:?}' failed - {err}")
- })?;
+ if let Err(err) = std::fs::remove_file(&owner_path) {
+ if err.kind() != std::io::ErrorKind::NotFound {
+ bail!("removing the owner file '{owner_path:?}' failed - {err}");
+ }
+ }
let path = self.full_group_path();
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 04/41] verify: refactor verify related functions to be methods of worker
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (4 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 03/41] datastore: ignore missing owner file when removing group directory Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 05/41] s3 client: add crate for AWS S3 compatible object store client Christian Ebner
` (36 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Instead of passing the VerifyWorker state as reference to the various
verification related functions, implement them as methods or
associated functions of the VerifyWorker. This does not only make
their correlation more clear, but it also reduces the number of
function call parameters and improves readability.
No functional changes intended.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/admin/datastore.rs | 28 +-
src/api2/backup/environment.rs | 7 +-
src/backup/verify.rs | 830 ++++++++++++++++-----------------
src/server/verify_job.rs | 12 +-
4 files changed, 423 insertions(+), 454 deletions(-)
diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs
index cc7e17a29..443f8f4c0 100644
--- a/src/api2/admin/datastore.rs
+++ b/src/api2/admin/datastore.rs
@@ -70,10 +70,7 @@ use proxmox_rest_server::{formatter, WorkerTask};
use crate::api2::backup::optional_ns_param;
use crate::api2::node::rrd::create_value_from_rrd;
-use crate::backup::{
- check_ns_privs_full, verify_all_backups, verify_backup_dir, verify_backup_group, verify_filter,
- ListAccessibleBackupGroups, NS_PRIVS_OK,
-};
+use crate::backup::{check_ns_privs_full, ListAccessibleBackupGroups, VerifyWorker, NS_PRIVS_OK};
use crate::server::jobstate::{compute_schedule_status, Job, JobState};
@@ -884,14 +881,15 @@ pub fn verify(
auth_id.to_string(),
to_stdout,
move |worker| {
- let verify_worker = crate::backup::VerifyWorker::new(worker.clone(), datastore);
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore);
let failed_dirs = if let Some(backup_dir) = backup_dir {
let mut res = Vec::new();
- if !verify_backup_dir(
- &verify_worker,
+ if !verify_worker.verify_backup_dir(
&backup_dir,
worker.upid().clone(),
- Some(&move |manifest| verify_filter(ignore_verified, outdated_after, manifest)),
+ Some(&move |manifest| {
+ VerifyWorker::verify_filter(ignore_verified, outdated_after, manifest)
+ }),
)? {
res.push(print_ns_and_snapshot(
backup_dir.backup_ns(),
@@ -900,12 +898,13 @@ pub fn verify(
}
res
} else if let Some(backup_group) = backup_group {
- verify_backup_group(
- &verify_worker,
+ verify_worker.verify_backup_group(
&backup_group,
&mut StoreProgress::new(1),
worker.upid(),
- Some(&move |manifest| verify_filter(ignore_verified, outdated_after, manifest)),
+ Some(&move |manifest| {
+ VerifyWorker::verify_filter(ignore_verified, outdated_after, manifest)
+ }),
)?
} else {
let owner = if owner_check_required {
@@ -914,13 +913,14 @@ pub fn verify(
None
};
- verify_all_backups(
- &verify_worker,
+ verify_worker.verify_all_backups(
worker.upid(),
ns,
max_depth,
owner,
- Some(&move |manifest| verify_filter(ignore_verified, outdated_after, manifest)),
+ Some(&move |manifest| {
+ VerifyWorker::verify_filter(ignore_verified, outdated_after, manifest)
+ }),
)?
};
if !failed_dirs.is_empty() {
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 3d541b461..6cd29f512 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -18,7 +18,7 @@ use pbs_datastore::fixed_index::FixedIndexWriter;
use pbs_datastore::{DataBlob, DataStore};
use proxmox_rest_server::{formatter::*, WorkerTask};
-use crate::backup::verify_backup_dir_with_lock;
+use crate::backup::VerifyWorker;
use hyper::{Body, Response};
@@ -671,9 +671,8 @@ impl BackupEnvironment {
move |worker| {
worker.log_message("Automatically verifying newly added snapshot");
- let verify_worker = crate::backup::VerifyWorker::new(worker.clone(), datastore);
- if !verify_backup_dir_with_lock(
- &verify_worker,
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore);
+ if !verify_worker.verify_backup_dir_with_lock(
&backup_dir,
worker.upid().clone(),
None,
diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index 3d2cba8ac..0b954ae23 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -44,517 +44,491 @@ impl VerifyWorker {
corrupt_chunks: Arc::new(Mutex::new(HashSet::with_capacity(64))),
}
}
-}
-
-fn verify_blob(backup_dir: &BackupDir, info: &FileInfo) -> Result<(), Error> {
- let blob = backup_dir.load_blob(&info.filename)?;
- let raw_size = blob.raw_size();
- if raw_size != info.size {
- bail!("wrong size ({} != {})", info.size, raw_size);
- }
-
- let csum = openssl::sha::sha256(blob.raw_data());
- if csum != info.csum {
- bail!("wrong index checksum");
- }
+ fn verify_blob(backup_dir: &BackupDir, info: &FileInfo) -> Result<(), Error> {
+ let blob = backup_dir.load_blob(&info.filename)?;
- match blob.crypt_mode()? {
- CryptMode::Encrypt => Ok(()),
- CryptMode::None => {
- // digest already verified above
- blob.decode(None, None)?;
- Ok(())
+ let raw_size = blob.raw_size();
+ if raw_size != info.size {
+ bail!("wrong size ({} != {})", info.size, raw_size);
}
- CryptMode::SignOnly => bail!("Invalid CryptMode for blob"),
- }
-}
-
-fn rename_corrupted_chunk(datastore: Arc<DataStore>, digest: &[u8; 32]) {
- let (path, digest_str) = datastore.chunk_path(digest);
- let mut counter = 0;
- let mut new_path = path.clone();
- loop {
- new_path.set_file_name(format!("{}.{}.bad", digest_str, counter));
- if new_path.exists() && counter < 9 {
- counter += 1;
- } else {
- break;
+ let csum = openssl::sha::sha256(blob.raw_data());
+ if csum != info.csum {
+ bail!("wrong index checksum");
}
- }
- match std::fs::rename(&path, &new_path) {
- Ok(_) => {
- info!("corrupted chunk renamed to {:?}", &new_path);
- }
- Err(err) => {
- match err.kind() {
- std::io::ErrorKind::NotFound => { /* ignored */ }
- _ => info!("could not rename corrupted chunk {:?} - {err}", &path),
+ match blob.crypt_mode()? {
+ CryptMode::Encrypt => Ok(()),
+ CryptMode::None => {
+ // digest already verified above
+ blob.decode(None, None)?;
+ Ok(())
}
+ CryptMode::SignOnly => bail!("Invalid CryptMode for blob"),
}
- };
-}
+ }
-fn verify_index_chunks(
- verify_worker: &VerifyWorker,
- index: Box<dyn IndexFile + Send>,
- crypt_mode: CryptMode,
-) -> Result<(), Error> {
- let errors = Arc::new(AtomicUsize::new(0));
+ fn rename_corrupted_chunk(datastore: Arc<DataStore>, digest: &[u8; 32]) {
+ let (path, digest_str) = datastore.chunk_path(digest);
- let start_time = Instant::now();
+ let mut counter = 0;
+ let mut new_path = path.clone();
+ loop {
+ new_path.set_file_name(format!("{}.{}.bad", digest_str, counter));
+ if new_path.exists() && counter < 9 {
+ counter += 1;
+ } else {
+ break;
+ }
+ }
- let mut read_bytes = 0;
- let mut decoded_bytes = 0;
+ match std::fs::rename(&path, &new_path) {
+ Ok(_) => {
+ info!("corrupted chunk renamed to {:?}", &new_path);
+ }
+ Err(err) => {
+ match err.kind() {
+ std::io::ErrorKind::NotFound => { /* ignored */ }
+ _ => info!("could not rename corrupted chunk {:?} - {err}", &path),
+ }
+ }
+ };
+ }
- let datastore2 = Arc::clone(&verify_worker.datastore);
- let corrupt_chunks2 = Arc::clone(&verify_worker.corrupt_chunks);
- let verified_chunks2 = Arc::clone(&verify_worker.verified_chunks);
- let errors2 = Arc::clone(&errors);
+ fn verify_index_chunks(
+ &self,
+ index: Box<dyn IndexFile + Send>,
+ crypt_mode: CryptMode,
+ ) -> Result<(), Error> {
+ let errors = Arc::new(AtomicUsize::new(0));
+
+ let start_time = Instant::now();
+
+ let mut read_bytes = 0;
+ let mut decoded_bytes = 0;
+
+ let datastore2 = Arc::clone(&self.datastore);
+ let corrupt_chunks2 = Arc::clone(&self.corrupt_chunks);
+ let verified_chunks2 = Arc::clone(&self.verified_chunks);
+ let errors2 = Arc::clone(&errors);
+
+ let decoder_pool = ParallelHandler::new(
+ "verify chunk decoder",
+ 4,
+ move |(chunk, digest, size): (DataBlob, [u8; 32], u64)| {
+ let chunk_crypt_mode = match chunk.crypt_mode() {
+ Err(err) => {
+ corrupt_chunks2.lock().unwrap().insert(digest);
+ info!("can't verify chunk, unknown CryptMode - {err}");
+ errors2.fetch_add(1, Ordering::SeqCst);
+ return Ok(());
+ }
+ Ok(mode) => mode,
+ };
+
+ if chunk_crypt_mode != crypt_mode {
+ info!(
+ "chunk CryptMode {chunk_crypt_mode:?} does not match index CryptMode {crypt_mode:?}"
+ );
+ errors2.fetch_add(1, Ordering::SeqCst);
+ }
- let decoder_pool = ParallelHandler::new(
- "verify chunk decoder",
- 4,
- move |(chunk, digest, size): (DataBlob, [u8; 32], u64)| {
- let chunk_crypt_mode = match chunk.crypt_mode() {
- Err(err) => {
+ if let Err(err) = chunk.verify_unencrypted(size as usize, &digest) {
corrupt_chunks2.lock().unwrap().insert(digest);
- info!("can't verify chunk, unknown CryptMode - {err}");
+ info!("{err}");
errors2.fetch_add(1, Ordering::SeqCst);
- return Ok(());
+ Self::rename_corrupted_chunk(datastore2.clone(), &digest);
+ } else {
+ verified_chunks2.lock().unwrap().insert(digest);
}
- Ok(mode) => mode,
- };
- if chunk_crypt_mode != crypt_mode {
- info!(
- "chunk CryptMode {chunk_crypt_mode:?} does not match index CryptMode {crypt_mode:?}"
- );
- errors2.fetch_add(1, Ordering::SeqCst);
- }
+ Ok(())
+ },
+ );
- if let Err(err) = chunk.verify_unencrypted(size as usize, &digest) {
- corrupt_chunks2.lock().unwrap().insert(digest);
- info!("{err}");
- errors2.fetch_add(1, Ordering::SeqCst);
- rename_corrupted_chunk(datastore2.clone(), &digest);
+ let skip_chunk = |digest: &[u8; 32]| -> bool {
+ if self.verified_chunks.lock().unwrap().contains(digest) {
+ true
+ } else if self.corrupt_chunks.lock().unwrap().contains(digest) {
+ let digest_str = hex::encode(digest);
+ info!("chunk {digest_str} was marked as corrupt");
+ errors.fetch_add(1, Ordering::SeqCst);
+ true
} else {
- verified_chunks2.lock().unwrap().insert(digest);
+ false
}
+ };
+ let check_abort = |pos: usize| -> Result<(), Error> {
+ if pos & 1023 == 0 {
+ self.worker.check_abort()?;
+ self.worker.fail_on_shutdown()?;
+ }
Ok(())
- },
- );
-
- let skip_chunk = |digest: &[u8; 32]| -> bool {
- if verify_worker
- .verified_chunks
- .lock()
- .unwrap()
- .contains(digest)
- {
- true
- } else if verify_worker
- .corrupt_chunks
- .lock()
- .unwrap()
- .contains(digest)
- {
- let digest_str = hex::encode(digest);
- info!("chunk {digest_str} was marked as corrupt");
- errors.fetch_add(1, Ordering::SeqCst);
- true
- } else {
- false
- }
- };
-
- let check_abort = |pos: usize| -> Result<(), Error> {
- if pos & 1023 == 0 {
- verify_worker.worker.check_abort()?;
- verify_worker.worker.fail_on_shutdown()?;
- }
- Ok(())
- };
+ };
- let chunk_list =
- verify_worker
+ let chunk_list = self
.datastore
.get_chunks_in_order(&*index, skip_chunk, check_abort)?;
- for (pos, _) in chunk_list {
- verify_worker.worker.check_abort()?;
- verify_worker.worker.fail_on_shutdown()?;
+ for (pos, _) in chunk_list {
+ self.worker.check_abort()?;
+ self.worker.fail_on_shutdown()?;
- let info = index.chunk_info(pos).unwrap();
+ let info = index.chunk_info(pos).unwrap();
- // we must always recheck this here, the parallel worker below alter it!
- if skip_chunk(&info.digest) {
- continue; // already verified or marked corrupt
- }
-
- match verify_worker.datastore.load_chunk(&info.digest) {
- Err(err) => {
- verify_worker
- .corrupt_chunks
- .lock()
- .unwrap()
- .insert(info.digest);
- error!("can't verify chunk, load failed - {err}");
- errors.fetch_add(1, Ordering::SeqCst);
- rename_corrupted_chunk(verify_worker.datastore.clone(), &info.digest);
+ // we must always recheck this here, the parallel worker below alter it!
+ if skip_chunk(&info.digest) {
+ continue; // already verified or marked corrupt
}
- Ok(chunk) => {
- let size = info.size();
- read_bytes += chunk.raw_size();
- decoder_pool.send((chunk, info.digest, size))?;
- decoded_bytes += size;
+
+ match self.datastore.load_chunk(&info.digest) {
+ Err(err) => {
+ self.corrupt_chunks.lock().unwrap().insert(info.digest);
+ error!("can't verify chunk, load failed - {err}");
+ errors.fetch_add(1, Ordering::SeqCst);
+ Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
+ }
+ Ok(chunk) => {
+ let size = info.size();
+ read_bytes += chunk.raw_size();
+ decoder_pool.send((chunk, info.digest, size))?;
+ decoded_bytes += size;
+ }
}
}
- }
- decoder_pool.complete()?;
+ decoder_pool.complete()?;
+
+ let elapsed = start_time.elapsed().as_secs_f64();
- let elapsed = start_time.elapsed().as_secs_f64();
+ let read_bytes_mib = (read_bytes as f64) / (1024.0 * 1024.0);
+ let decoded_bytes_mib = (decoded_bytes as f64) / (1024.0 * 1024.0);
- let read_bytes_mib = (read_bytes as f64) / (1024.0 * 1024.0);
- let decoded_bytes_mib = (decoded_bytes as f64) / (1024.0 * 1024.0);
+ let read_speed = read_bytes_mib / elapsed;
+ let decode_speed = decoded_bytes_mib / elapsed;
- let read_speed = read_bytes_mib / elapsed;
- let decode_speed = decoded_bytes_mib / elapsed;
+ let error_count = errors.load(Ordering::SeqCst);
- let error_count = errors.load(Ordering::SeqCst);
+ info!(
+ " verified {read_bytes_mib:.2}/{decoded_bytes_mib:.2} MiB in {elapsed:.2} seconds, speed {read_speed:.2}/{decode_speed:.2} MiB/s ({error_count} errors)"
+ );
- info!(
- " verified {read_bytes_mib:.2}/{decoded_bytes_mib:.2} MiB in {elapsed:.2} seconds, speed {read_speed:.2}/{decode_speed:.2} MiB/s ({error_count} errors)"
- );
+ if errors.load(Ordering::SeqCst) > 0 {
+ bail!("chunks could not be verified");
+ }
- if errors.load(Ordering::SeqCst) > 0 {
- bail!("chunks could not be verified");
+ Ok(())
}
- Ok(())
-}
+ fn verify_fixed_index(&self, backup_dir: &BackupDir, info: &FileInfo) -> Result<(), Error> {
+ let mut path = backup_dir.relative_path();
+ path.push(&info.filename);
-fn verify_fixed_index(
- verify_worker: &VerifyWorker,
- backup_dir: &BackupDir,
- info: &FileInfo,
-) -> Result<(), Error> {
- let mut path = backup_dir.relative_path();
- path.push(&info.filename);
+ let index = self.datastore.open_fixed_reader(&path)?;
- let index = verify_worker.datastore.open_fixed_reader(&path)?;
+ let (csum, size) = index.compute_csum();
+ if size != info.size {
+ bail!("wrong size ({} != {})", info.size, size);
+ }
- let (csum, size) = index.compute_csum();
- if size != info.size {
- bail!("wrong size ({} != {})", info.size, size);
- }
+ if csum != info.csum {
+ bail!("wrong index checksum");
+ }
- if csum != info.csum {
- bail!("wrong index checksum");
+ self.verify_index_chunks(Box::new(index), info.chunk_crypt_mode())
}
- verify_index_chunks(verify_worker, Box::new(index), info.chunk_crypt_mode())
-}
-
-fn verify_dynamic_index(
- verify_worker: &VerifyWorker,
- backup_dir: &BackupDir,
- info: &FileInfo,
-) -> Result<(), Error> {
- let mut path = backup_dir.relative_path();
- path.push(&info.filename);
+ fn verify_dynamic_index(&self, backup_dir: &BackupDir, info: &FileInfo) -> Result<(), Error> {
+ let mut path = backup_dir.relative_path();
+ path.push(&info.filename);
- let index = verify_worker.datastore.open_dynamic_reader(&path)?;
+ let index = self.datastore.open_dynamic_reader(&path)?;
- let (csum, size) = index.compute_csum();
- if size != info.size {
- bail!("wrong size ({} != {})", info.size, size);
- }
-
- if csum != info.csum {
- bail!("wrong index checksum");
- }
+ let (csum, size) = index.compute_csum();
+ if size != info.size {
+ bail!("wrong size ({} != {})", info.size, size);
+ }
- verify_index_chunks(verify_worker, Box::new(index), info.chunk_crypt_mode())
-}
+ if csum != info.csum {
+ bail!("wrong index checksum");
+ }
-/// Verify a single backup snapshot
-///
-/// This checks all archives inside a backup snapshot.
-/// Errors are logged to the worker log.
-///
-/// Returns
-/// - Ok(true) if verify is successful
-/// - Ok(false) if there were verification errors
-/// - Err(_) if task was aborted
-pub fn verify_backup_dir(
- verify_worker: &VerifyWorker,
- backup_dir: &BackupDir,
- upid: UPID,
- filter: Option<&dyn Fn(&BackupManifest) -> bool>,
-) -> Result<bool, Error> {
- if !backup_dir.full_path().exists() {
- info!(
- "SKIPPED: verify {}:{} - snapshot does not exist (anymore).",
- verify_worker.datastore.name(),
- backup_dir.dir(),
- );
- return Ok(true);
+ self.verify_index_chunks(Box::new(index), info.chunk_crypt_mode())
}
- let snap_lock = backup_dir.lock_shared();
-
- match snap_lock {
- Ok(snap_lock) => {
- verify_backup_dir_with_lock(verify_worker, backup_dir, upid, filter, snap_lock)
- }
- Err(err) => {
+ /// Verify a single backup snapshot
+ ///
+ /// This checks all archives inside a backup snapshot.
+ /// Errors are logged to the worker log.
+ ///
+ /// Returns
+ /// - Ok(true) if verify is successful
+ /// - Ok(false) if there were verification errors
+ /// - Err(_) if task was aborted
+ pub fn verify_backup_dir(
+ &self,
+ backup_dir: &BackupDir,
+ upid: UPID,
+ filter: Option<&dyn Fn(&BackupManifest) -> bool>,
+ ) -> Result<bool, Error> {
+ if !backup_dir.full_path().exists() {
info!(
- "SKIPPED: verify {}:{} - could not acquire snapshot lock: {}",
- verify_worker.datastore.name(),
+ "SKIPPED: verify {}:{} - snapshot does not exist (anymore).",
+ self.datastore.name(),
backup_dir.dir(),
- err,
);
- Ok(true)
+ return Ok(true);
}
- }
-}
-/// See verify_backup_dir
-pub fn verify_backup_dir_with_lock(
- verify_worker: &VerifyWorker,
- backup_dir: &BackupDir,
- upid: UPID,
- filter: Option<&dyn Fn(&BackupManifest) -> bool>,
- _snap_lock: BackupLockGuard,
-) -> Result<bool, Error> {
- let datastore_name = verify_worker.datastore.name();
- let backup_dir_name = backup_dir.dir();
-
- let manifest = match backup_dir.load_manifest() {
- Ok((manifest, _)) => manifest,
- Err(err) => {
- info!("verify {datastore_name}:{backup_dir_name} - manifest load error: {err}");
- return Ok(false);
- }
- };
+ let snap_lock = backup_dir.lock_shared();
- if let Some(filter) = filter {
- if !filter(&manifest) {
- info!("SKIPPED: verify {datastore_name}:{backup_dir_name} (recently verified)");
- return Ok(true);
+ match snap_lock {
+ Ok(snap_lock) => self.verify_backup_dir_with_lock(backup_dir, upid, filter, snap_lock),
+ Err(err) => {
+ info!(
+ "SKIPPED: verify {}:{} - could not acquire snapshot lock: {}",
+ self.datastore.name(),
+ backup_dir.dir(),
+ err,
+ );
+ Ok(true)
+ }
}
}
- info!("verify {datastore_name}:{backup_dir_name}");
-
- let mut error_count = 0;
+ /// See verify_backup_dir
+ pub fn verify_backup_dir_with_lock(
+ &self,
+ backup_dir: &BackupDir,
+ upid: UPID,
+ filter: Option<&dyn Fn(&BackupManifest) -> bool>,
+ _snap_lock: BackupLockGuard,
+ ) -> Result<bool, Error> {
+ let datastore_name = self.datastore.name();
+ let backup_dir_name = backup_dir.dir();
+
+ let manifest = match backup_dir.load_manifest() {
+ Ok((manifest, _)) => manifest,
+ Err(err) => {
+ info!("verify {datastore_name}:{backup_dir_name} - manifest load error: {err}");
+ return Ok(false);
+ }
+ };
- let mut verify_result = VerifyState::Ok;
- for info in manifest.files() {
- let result = proxmox_lang::try_block!({
- info!(" check {}", info.filename);
- match ArchiveType::from_path(&info.filename)? {
- ArchiveType::FixedIndex => verify_fixed_index(verify_worker, backup_dir, info),
- ArchiveType::DynamicIndex => verify_dynamic_index(verify_worker, backup_dir, info),
- ArchiveType::Blob => verify_blob(backup_dir, info),
+ if let Some(filter) = filter {
+ if !filter(&manifest) {
+ info!("SKIPPED: verify {datastore_name}:{backup_dir_name} (recently verified)");
+ return Ok(true);
}
- });
+ }
- verify_worker.worker.check_abort()?;
- verify_worker.worker.fail_on_shutdown()?;
+ info!("verify {datastore_name}:{backup_dir_name}");
- if let Err(err) = result {
- info!(
- "verify {datastore_name}:{backup_dir_name}/{file_name} failed: {err}",
- file_name = info.filename,
- );
- error_count += 1;
- verify_result = VerifyState::Failed;
- }
- }
+ let mut error_count = 0;
- let verify_state = SnapshotVerifyState {
- state: verify_result,
- upid,
- };
-
- if let Err(err) = {
- let verify_state = serde_json::to_value(verify_state)?;
- backup_dir.update_manifest(|manifest| {
- manifest.unprotected["verify_state"] = verify_state;
- })
- } {
- info!("verify {datastore_name}:{backup_dir_name} - manifest update error: {err}");
- return Ok(false);
- }
+ let mut verify_result = VerifyState::Ok;
+ for info in manifest.files() {
+ let result = proxmox_lang::try_block!({
+ info!(" check {}", info.filename);
+ match ArchiveType::from_path(&info.filename)? {
+ ArchiveType::FixedIndex => self.verify_fixed_index(backup_dir, info),
+ ArchiveType::DynamicIndex => self.verify_dynamic_index(backup_dir, info),
+ ArchiveType::Blob => Self::verify_blob(backup_dir, info),
+ }
+ });
- Ok(error_count == 0)
-}
+ self.worker.check_abort()?;
+ self.worker.fail_on_shutdown()?;
-/// Verify all backups inside a backup group
-///
-/// Errors are logged to the worker log.
-///
-/// Returns
-/// - Ok((count, failed_dirs)) where failed_dirs had verification errors
-/// - Err(_) if task was aborted
-pub fn verify_backup_group(
- verify_worker: &VerifyWorker,
- group: &BackupGroup,
- progress: &mut StoreProgress,
- upid: &UPID,
- filter: Option<&dyn Fn(&BackupManifest) -> bool>,
-) -> Result<Vec<String>, Error> {
- let mut errors = Vec::new();
- let mut list = match group.list_backups() {
- Ok(list) => list,
- Err(err) => {
- info!(
- "verify {}, group {} - unable to list backups: {}",
- print_store_and_ns(verify_worker.datastore.name(), group.backup_ns()),
- group.group(),
- err,
- );
- return Ok(errors);
- }
- };
-
- let snapshot_count = list.len();
- info!(
- "verify group {}:{} ({} snapshots)",
- verify_worker.datastore.name(),
- group.group(),
- snapshot_count
- );
-
- progress.group_snapshots = snapshot_count as u64;
-
- BackupInfo::sort_list(&mut list, false); // newest first
- for (pos, info) in list.into_iter().enumerate() {
- if !verify_backup_dir(verify_worker, &info.backup_dir, upid.clone(), filter)? {
- errors.push(print_ns_and_snapshot(
- info.backup_dir.backup_ns(),
- info.backup_dir.as_ref(),
- ));
+ if let Err(err) = result {
+ info!(
+ "verify {datastore_name}:{backup_dir_name}/{file_name} failed: {err}",
+ file_name = info.filename,
+ );
+ error_count += 1;
+ verify_result = VerifyState::Failed;
+ }
}
- progress.done_snapshots = pos as u64 + 1;
- info!("percentage done: {progress}");
- }
- Ok(errors)
-}
-/// Verify all (owned) backups inside a datastore
-///
-/// Errors are logged to the worker log.
-///
-/// Returns
-/// - Ok(failed_dirs) where failed_dirs had verification errors
-/// - Err(_) if task was aborted
-pub fn verify_all_backups(
- verify_worker: &VerifyWorker,
- upid: &UPID,
- ns: BackupNamespace,
- max_depth: Option<usize>,
- owner: Option<&Authid>,
- filter: Option<&dyn Fn(&BackupManifest) -> bool>,
-) -> Result<Vec<String>, Error> {
- let mut errors = Vec::new();
-
- info!("verify datastore {}", verify_worker.datastore.name());
-
- let owner_filtered = if let Some(owner) = &owner {
- info!("limiting to backups owned by {owner}");
- true
- } else {
- false
- };
-
- // FIXME: This should probably simply enable recursion (or the call have a recursion parameter)
- let store = &verify_worker.datastore;
- let max_depth = max_depth.unwrap_or(pbs_api_types::MAX_NAMESPACE_DEPTH);
-
- let mut list = match ListAccessibleBackupGroups::new_with_privs(
- store,
- ns.clone(),
- max_depth,
- Some(PRIV_DATASTORE_VERIFY),
- Some(PRIV_DATASTORE_BACKUP),
- owner,
- ) {
- Ok(list) => list
- .filter_map(|group| match group {
- Ok(group) => Some(group),
- Err(err) if owner_filtered => {
- // intentionally not in task log, the user might not see this group!
- println!("error on iterating groups in ns '{ns}' - {err}");
- None
- }
- Err(err) => {
- // we don't filter by owner, but we want to log the error
- info!("error on iterating groups in ns '{ns}' - {err}");
- errors.push(err.to_string());
- None
- }
- })
- .filter(|group| {
- !(group.backup_type() == BackupType::Host && group.backup_id() == "benchmark")
+ let verify_state = SnapshotVerifyState {
+ state: verify_result,
+ upid,
+ };
+
+ if let Err(err) = {
+ let verify_state = serde_json::to_value(verify_state)?;
+ backup_dir.update_manifest(|manifest| {
+ manifest.unprotected["verify_state"] = verify_state;
})
- .collect::<Vec<BackupGroup>>(),
- Err(err) => {
- info!("unable to list backups: {err}");
- return Ok(errors);
+ } {
+ info!("verify {datastore_name}:{backup_dir_name} - manifest update error: {err}");
+ return Ok(false);
}
- };
- list.sort_unstable_by(|a, b| a.group().cmp(b.group()));
+ Ok(error_count == 0)
+ }
- let group_count = list.len();
- info!("found {group_count} groups");
+ /// Verify all backups inside a backup group
+ ///
+ /// Errors are logged to the worker log.
+ ///
+ /// Returns
+ /// - Ok((count, failed_dirs)) where failed_dirs had verification errors
+ /// - Err(_) if task was aborted
+ pub fn verify_backup_group(
+ &self,
+ group: &BackupGroup,
+ progress: &mut StoreProgress,
+ upid: &UPID,
+ filter: Option<&dyn Fn(&BackupManifest) -> bool>,
+ ) -> Result<Vec<String>, Error> {
+ let mut errors = Vec::new();
+ let mut list = match group.list_backups() {
+ Ok(list) => list,
+ Err(err) => {
+ info!(
+ "verify {}, group {} - unable to list backups: {}",
+ print_store_and_ns(self.datastore.name(), group.backup_ns()),
+ group.group(),
+ err,
+ );
+ return Ok(errors);
+ }
+ };
- let mut progress = StoreProgress::new(group_count as u64);
+ let snapshot_count = list.len();
+ info!(
+ "verify group {}:{} ({} snapshots)",
+ self.datastore.name(),
+ group.group(),
+ snapshot_count
+ );
- for (pos, group) in list.into_iter().enumerate() {
- progress.done_groups = pos as u64;
- progress.done_snapshots = 0;
- progress.group_snapshots = 0;
+ progress.group_snapshots = snapshot_count as u64;
- let mut group_errors =
- verify_backup_group(verify_worker, &group, &mut progress, upid, filter)?;
- errors.append(&mut group_errors);
+ BackupInfo::sort_list(&mut list, false); // newest first
+ for (pos, info) in list.into_iter().enumerate() {
+ if !self.verify_backup_dir(&info.backup_dir, upid.clone(), filter)? {
+ errors.push(print_ns_and_snapshot(
+ info.backup_dir.backup_ns(),
+ info.backup_dir.as_ref(),
+ ));
+ }
+ progress.done_snapshots = pos as u64 + 1;
+ info!("percentage done: {progress}");
+ }
+ Ok(errors)
}
- Ok(errors)
-}
+ /// Verify all (owned) backups inside a datastore
+ ///
+ /// Errors are logged to the worker log.
+ ///
+ /// Returns
+ /// - Ok(failed_dirs) where failed_dirs had verification errors
+ /// - Err(_) if task was aborted
+ pub fn verify_all_backups(
+ &self,
+ upid: &UPID,
+ ns: BackupNamespace,
+ max_depth: Option<usize>,
+ owner: Option<&Authid>,
+ filter: Option<&dyn Fn(&BackupManifest) -> bool>,
+ ) -> Result<Vec<String>, Error> {
+ let mut errors = Vec::new();
+
+ info!("verify datastore {}", self.datastore.name());
+
+ let owner_filtered = if let Some(owner) = &owner {
+ info!("limiting to backups owned by {owner}");
+ true
+ } else {
+ false
+ };
+
+ // FIXME: This should probably simply enable recursion (or the call have a recursion parameter)
+ let store = &self.datastore;
+ let max_depth = max_depth.unwrap_or(pbs_api_types::MAX_NAMESPACE_DEPTH);
+
+ let mut list = match ListAccessibleBackupGroups::new_with_privs(
+ store,
+ ns.clone(),
+ max_depth,
+ Some(PRIV_DATASTORE_VERIFY),
+ Some(PRIV_DATASTORE_BACKUP),
+ owner,
+ ) {
+ Ok(list) => list
+ .filter_map(|group| match group {
+ Ok(group) => Some(group),
+ Err(err) if owner_filtered => {
+ // intentionally not in task log, the user might not see this group!
+ println!("error on iterating groups in ns '{ns}' - {err}");
+ None
+ }
+ Err(err) => {
+ // we don't filter by owner, but we want to log the error
+ info!("error on iterating groups in ns '{ns}' - {err}");
+ errors.push(err.to_string());
+ None
+ }
+ })
+ .filter(|group| {
+ !(group.backup_type() == BackupType::Host && group.backup_id() == "benchmark")
+ })
+ .collect::<Vec<BackupGroup>>(),
+ Err(err) => {
+ info!("unable to list backups: {err}");
+ return Ok(errors);
+ }
+ };
+
+ list.sort_unstable_by(|a, b| a.group().cmp(b.group()));
+
+ let group_count = list.len();
+ info!("found {group_count} groups");
-/// Filter out any snapshot from being (re-)verified where this fn returns false.
-pub fn verify_filter(
- ignore_verified_snapshots: bool,
- outdated_after: Option<i64>,
- manifest: &BackupManifest,
-) -> bool {
- if !ignore_verified_snapshots {
- return true;
+ let mut progress = StoreProgress::new(group_count as u64);
+
+ for (pos, group) in list.into_iter().enumerate() {
+ progress.done_groups = pos as u64;
+ progress.done_snapshots = 0;
+ progress.group_snapshots = 0;
+
+ let mut group_errors = self.verify_backup_group(&group, &mut progress, upid, filter)?;
+ errors.append(&mut group_errors);
+ }
+
+ Ok(errors)
}
- match manifest.verify_state() {
- Err(err) => {
- warn!("error reading manifest: {err:#}");
- true
+ /// Filter out any snapshot from being (re-)verified where this fn returns false.
+ pub fn verify_filter(
+ ignore_verified_snapshots: bool,
+ outdated_after: Option<i64>,
+ manifest: &BackupManifest,
+ ) -> bool {
+ if !ignore_verified_snapshots {
+ return true;
}
- Ok(None) => true, // no last verification, always include
- Ok(Some(last_verify)) => {
- match outdated_after {
- None => false, // never re-verify if ignored and no max age
- Some(max_age) => {
- let now = proxmox_time::epoch_i64();
- let days_since_last_verify = (now - last_verify.upid.starttime) / 86400;
-
- days_since_last_verify > max_age
+
+ match manifest.verify_state() {
+ Err(err) => {
+ warn!("error reading manifest: {err:#}");
+ true
+ }
+ Ok(None) => true, // no last verification, always include
+ Ok(Some(last_verify)) => {
+ match outdated_after {
+ None => false, // never re-verify if ignored and no max age
+ Some(max_age) => {
+ let now = proxmox_time::epoch_i64();
+ let days_since_last_verify = (now - last_verify.upid.starttime) / 86400;
+
+ days_since_last_verify > max_age
+ }
}
}
}
diff --git a/src/server/verify_job.rs b/src/server/verify_job.rs
index a15a257da..95a7b2a9b 100644
--- a/src/server/verify_job.rs
+++ b/src/server/verify_job.rs
@@ -5,10 +5,7 @@ use pbs_api_types::{Authid, Operation, VerificationJobConfig};
use pbs_datastore::DataStore;
use proxmox_rest_server::WorkerTask;
-use crate::{
- backup::{verify_all_backups, verify_filter},
- server::jobstate::Job,
-};
+use crate::{backup::VerifyWorker, server::jobstate::Job};
/// Runs a verification job.
pub fn do_verification_job(
@@ -44,15 +41,14 @@ pub fn do_verification_job(
None => Default::default(),
};
- let verify_worker = crate::backup::VerifyWorker::new(worker.clone(), datastore);
- let result = verify_all_backups(
- &verify_worker,
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore);
+ let result = verify_worker.verify_all_backups(
worker.upid(),
ns,
verification_job.max_depth,
None,
Some(&move |manifest| {
- verify_filter(ignore_verified_snapshots, outdated_after, manifest)
+ VerifyWorker::verify_filter(ignore_verified_snapshots, outdated_after, manifest)
}),
);
let job_result = match result {
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 05/41] s3 client: add crate for AWS S3 compatible object store client
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (5 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 04/41] verify: refactor verify related functions to be methods of worker Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 06/41] s3 client: implement AWS signature v4 request authentication Christian Ebner
` (35 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the client to connect to an AWS S3 compatible object store API.
Force the use of an TLS encrypted connection as the communication
with the object store will contain sensitive information.
For self-signed certificates, check the fingerprint against the one
configured. This follows along the lines of the PBS client, used to
connect to the PBS server API.
The `S3Client` stores the client state and has to be configured upon
instantiation by providing `S3ClientOptions`.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
Cargo.toml | 3 +
pbs-s3-client/Cargo.toml | 17 ++++
pbs-s3-client/src/client.rs | 170 ++++++++++++++++++++++++++++++++++++
pbs-s3-client/src/lib.rs | 2 +
4 files changed, 192 insertions(+)
create mode 100644 pbs-s3-client/Cargo.toml
create mode 100644 pbs-s3-client/src/client.rs
create mode 100644 pbs-s3-client/src/lib.rs
diff --git a/Cargo.toml b/Cargo.toml
index d38321e33..87742f571 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -36,6 +36,7 @@ members = [
"pbs-fuse-loop",
"pbs-key-config",
"pbs-pxar-fuse",
+ "pbs-s3-client",
"pbs-tape",
"pbs-tools",
@@ -105,6 +106,7 @@ pbs-datastore = { path = "pbs-datastore" }
pbs-fuse-loop = { path = "pbs-fuse-loop" }
pbs-key-config = { path = "pbs-key-config" }
pbs-pxar-fuse = { path = "pbs-pxar-fuse" }
+pbs-s3-client = { path = "pbs-s3-client" }
pbs-tape = { path = "pbs-tape" }
pbs-tools = { path = "pbs-tools" }
@@ -245,6 +247,7 @@ pbs-client.workspace = true
pbs-config.workspace = true
pbs-datastore.workspace = true
pbs-key-config.workspace = true
+pbs-s3-client.workspace = true
pbs-tape.workspace = true
pbs-tools.workspace = true
proxmox-rrd.workspace = true
diff --git a/pbs-s3-client/Cargo.toml b/pbs-s3-client/Cargo.toml
new file mode 100644
index 000000000..9e3961efa
--- /dev/null
+++ b/pbs-s3-client/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "pbs-s3-client"
+version = "0.1.0"
+authors.workspace = true
+edition.workspace = true
+description = "low level client for AWS S3 compatible object stores"
+rust-version.workspace = true
+
+[dependencies]
+anyhow.workspace = true
+hex = { workspace = true, features = [ "serde" ] }
+hyper.workspace = true
+openssl.workspace = true
+tracing.workspace = true
+
+pbs-api-types.workspace = true
+proxmox-http.workspace = true
diff --git a/pbs-s3-client/src/client.rs b/pbs-s3-client/src/client.rs
new file mode 100644
index 000000000..b886843a3
--- /dev/null
+++ b/pbs-s3-client/src/client.rs
@@ -0,0 +1,170 @@
+use std::sync::{Arc, Mutex};
+use std::time::Duration;
+
+use anyhow::{bail, format_err, Context, Error};
+use hyper::client::{Client, HttpConnector};
+use hyper::http::uri::Authority;
+use hyper::Body;
+use openssl::hash::MessageDigest;
+use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
+use openssl::x509::X509StoreContextRef;
+use tracing::error;
+
+use pbs_api_types::{S3ClientConfig, S3ClientSecretsConfig};
+use proxmox_http::client::HttpsConnector;
+
+const S3_HTTP_CONNECT_TIMEOUT: Duration = Duration::from_secs(10);
+const S3_TCP_KEEPALIVE_TIME: u32 = 120;
+
+/// S3 object key path prefix without the context prefix as defined by the client options.
+///
+/// The client option's context prefix will be pre-pended by the various client methods before
+/// sending api requests.
+pub enum S3PathPrefix {
+ /// Path prefix relative to client's context prefix
+ Some(String),
+ /// No prefix
+ None,
+}
+
+/// Configuration options for client
+pub struct S3ClientOptions {
+ pub endpoint: String,
+ pub port: Option<u16>,
+ pub bucket: String,
+ pub store_prefix: String,
+ pub path_style: bool,
+ pub secret_key: String,
+ pub access_key: String,
+ pub region: String,
+ pub fingerprint: Option<String>,
+}
+
+impl S3ClientOptions {
+ pub fn from_config(
+ config: S3ClientConfig,
+ secrets: S3ClientSecretsConfig,
+ bucket: String,
+ store_prefix: String,
+ ) -> Self {
+ Self {
+ endpoint: config.endpoint,
+ port: config.port,
+ bucket,
+ store_prefix,
+ path_style: config.path_style.unwrap_or_default(),
+ region: config.region.unwrap_or("us-west-1".to_string()),
+ fingerprint: config.fingerprint,
+ access_key: config.access_key,
+ secret_key: secrets.secret_key,
+ }
+ }
+}
+
+/// S3 client for object stores compatible with the AWS S3 API
+pub struct S3Client {
+ client: Client<HttpsConnector>,
+ options: S3ClientOptions,
+ authority: Authority,
+}
+
+impl S3Client {
+ pub fn new(options: S3ClientOptions) -> Result<Self, Error> {
+ let expected_fingerprint = options.fingerprint.clone();
+ let verified_fingerprint = Arc::new(Mutex::new(None));
+ let trust_openssl_valid = Arc::new(Mutex::new(true));
+ let mut ssl_connector_builder = SslConnector::builder(SslMethod::tls())?;
+ ssl_connector_builder.set_verify_callback(
+ SslVerifyMode::PEER,
+ move |openssl_valid, context| match Self::verify_certificate_fingerprint(
+ openssl_valid,
+ context,
+ expected_fingerprint.clone(),
+ trust_openssl_valid.clone(),
+ ) {
+ Ok(None) => true,
+ Ok(Some(fingerprint)) => {
+ *verified_fingerprint.lock().unwrap() = Some(fingerprint);
+ true
+ }
+ Err(err) => {
+ error!("certificate validation failed {err:#}");
+ false
+ }
+ },
+ );
+
+ let mut http_connector = HttpConnector::new();
+ // want communication to object store backend api to always use https
+ http_connector.enforce_http(false);
+ http_connector.set_connect_timeout(Some(S3_HTTP_CONNECT_TIMEOUT));
+ let https_connector = HttpsConnector::with_connector(
+ http_connector,
+ ssl_connector_builder.build(),
+ S3_TCP_KEEPALIVE_TIME,
+ );
+ let client = Client::builder().build::<_, Body>(https_connector);
+
+ let authority_template = if let Some(port) = options.port {
+ format!("{}:{port}", options.endpoint)
+ } else {
+ options.endpoint.clone()
+ };
+ let authority = authority_template
+ .replace("{{bucket}}", &options.bucket)
+ .replace("{{region}}", &options.region);
+ let authority = Authority::try_from(authority)?;
+
+ Ok(Self {
+ client,
+ options,
+ authority,
+ })
+ }
+
+ fn verify_certificate_fingerprint(
+ openssl_valid: bool,
+ context: &mut X509StoreContextRef,
+ expected_fingerprint: Option<String>,
+ trust_openssl: Arc<Mutex<bool>>,
+ ) -> Result<Option<String>, Error> {
+ let mut trust_openssl_valid = trust_openssl.lock().unwrap();
+
+ // only rely on openssl prevalidation if was not forced earlier
+ if openssl_valid && *trust_openssl_valid {
+ return Ok(None);
+ }
+
+ let certificate = match context.current_cert() {
+ Some(certificate) => certificate,
+ None => bail!("context lacks current certificate."),
+ };
+
+ if context.error_depth() > 0 {
+ *trust_openssl_valid = false;
+ return Ok(None);
+ }
+
+ let certificate_digest = certificate
+ .digest(MessageDigest::sha256())
+ .context("failed to calculate certificate digest")?;
+ let certificate_fingerprint = hex::encode(certificate_digest);
+ let certificate_fingerprint = certificate_fingerprint
+ .as_bytes()
+ .chunks(2)
+ .map(|v| std::str::from_utf8(v).unwrap())
+ .collect::<Vec<&str>>()
+ .join(":");
+
+ if let Some(expected_fingerprint) = expected_fingerprint {
+ let expected_fingerprint = expected_fingerprint.to_lowercase();
+ if expected_fingerprint == certificate_fingerprint {
+ return Ok(Some(certificate_fingerprint));
+ }
+ }
+
+ Err(format_err!(
+ "unexpected certificate fingerprint {certificate_fingerprint}"
+ ))
+ }
+}
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
new file mode 100644
index 000000000..533ceab8e
--- /dev/null
+++ b/pbs-s3-client/src/lib.rs
@@ -0,0 +1,2 @@
+mod client;
+pub use client::{S3Client, S3ClientOptions};
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 06/41] s3 client: implement AWS signature v4 request authentication
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (6 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 05/41] s3 client: add crate for AWS S3 compatible object store client Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 07/41] s3 client: add dedicated type for s3 object keys Christian Ebner
` (34 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
The S3 API authenticates client requests by checking the
authentication signature provided by the requests `Authorization`
header. The latest AWS signature v4 signature is required for the
newest AWS regions [0] and most widely adapted [1-4], so rely soly on
that, not implementing older versions.
Adds helper methods to sign client requests, this includes encoding
and normalization of the headers, digest calculation of the request body
(if any) and signature generation.
[0] https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
[1] https://docs.ceph.com/en/reef/radosgw/s3/authentication/#aws-signature-v4
[2] https://cloud.google.com/storage/docs/interoperability
[3] https://docs.wasabi.com/v1/docs/how-do-i-use-aws-signature-version-4-with-wasabi
[4] https://min.io/product/s3-compatibility
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-s3-client/Cargo.toml | 3 +
pbs-s3-client/src/aws_sign_v4.rs | 140 +++++++++++++++++++++++++++++++
pbs-s3-client/src/lib.rs | 1 +
3 files changed, 144 insertions(+)
create mode 100644 pbs-s3-client/src/aws_sign_v4.rs
diff --git a/pbs-s3-client/Cargo.toml b/pbs-s3-client/Cargo.toml
index 9e3961efa..f068d9246 100644
--- a/pbs-s3-client/Cargo.toml
+++ b/pbs-s3-client/Cargo.toml
@@ -12,6 +12,9 @@ hex = { workspace = true, features = [ "serde" ] }
hyper.workspace = true
openssl.workspace = true
tracing.workspace = true
+url.workspace = true
pbs-api-types.workspace = true
proxmox-http.workspace = true
+proxmox-serde.workspace = true
+proxmox-time.workspace = true
diff --git a/pbs-s3-client/src/aws_sign_v4.rs b/pbs-s3-client/src/aws_sign_v4.rs
new file mode 100644
index 000000000..8a538e868
--- /dev/null
+++ b/pbs-s3-client/src/aws_sign_v4.rs
@@ -0,0 +1,140 @@
+//! Helpers for request authentication using AWS signature version 4
+
+use anyhow::Error;
+use hyper::Body;
+use hyper::Request;
+use openssl::hash::MessageDigest;
+use openssl::pkey::{PKey, Private};
+use openssl::sha::sha256;
+use openssl::sign::Signer;
+use url::Url;
+
+use super::client::S3ClientOptions;
+
+pub(crate) const AWS_SIGN_V4_DATETIME_FORMAT: &str = "%Y%m%dT%H%M%SZ";
+
+const AWS_SIGN_V4_DATE_FORMAT: &str = "%Y%m%d";
+const AWS_SIGN_V4_SERVICE_S3: &str = "s3";
+const AWS_SIGN_V4_REQUEST_POSTFIX: &str = "aws4_request";
+
+/// Generate signature for S3 request authentication using AWS signature version 4.
+/// See: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
+pub(crate) fn aws_sign_v4_signature(
+ request: &Request<Body>,
+ options: &S3ClientOptions,
+ epoch: i64,
+ payload_digest: &str,
+) -> Result<String, Error> {
+ // Include all headers in signature calculation since the reference docs note:
+ // "For the purpose of calculating an authorization signature, only the 'host' and any 'x-amz-*'
+ // headers are required. however, in order to prevent data tampering, you should consider
+ // including all the headers in the signature calculation."
+ // See https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
+ let mut canonical_headers = Vec::new();
+ let mut signed_headers = Vec::new();
+ for (key, value) in request.headers() {
+ canonical_headers.push(format!(
+ "{}:{}",
+ // Header name has to be lower case, key.as_str() does guarantee that, see
+ // https://docs.rs/http/0.2.0/http/header/struct.HeaderName.html
+ key.as_str(),
+ // No need to trim since `HeaderValue` only allows visible UTF8 chars, see
+ // https://docs.rs/http/0.2.0/http/header/struct.HeaderValue.html
+ value.to_str()?,
+ ));
+ signed_headers.push(key.as_str());
+ }
+ canonical_headers.sort();
+ signed_headers.sort();
+ let signed_headers_string = signed_headers.join(";");
+
+ let mut canonical_queries = Url::parse(&request.uri().to_string())?
+ .query_pairs()
+ .map(|(key, value)| {
+ format!(
+ "{}={}",
+ aws_sign_v4_uri_encode(&key, false),
+ aws_sign_v4_uri_encode(&value, false),
+ )
+ })
+ .collect::<Vec<String>>();
+ canonical_queries.sort();
+
+ let canonical_request = format!(
+ "{}\n{}\n{}\n{}\n\n{}\n{}",
+ request.method().as_str(),
+ request.uri().path(),
+ canonical_queries.join("&"),
+ canonical_headers.join("\n"),
+ signed_headers_string,
+ payload_digest,
+ );
+
+ let date = proxmox_time::strftime_utc(AWS_SIGN_V4_DATE_FORMAT, epoch)?;
+ let datetime = proxmox_time::strftime_utc(AWS_SIGN_V4_DATETIME_FORMAT, epoch)?;
+
+ let credential_scope = format!(
+ "{date}/{}/{AWS_SIGN_V4_SERVICE_S3}/{AWS_SIGN_V4_REQUEST_POSTFIX}",
+ options.region,
+ );
+ let canonical_request_hash = hex::encode(sha256(canonical_request.as_bytes()));
+ let string_to_sign =
+ format!("AWS4-HMAC-SHA256\n{datetime}\n{credential_scope}\n{canonical_request_hash}");
+
+ let date_sign_key = PKey::hmac(format!("AWS4{}", options.secret_key).as_bytes())?;
+ let date_tag = hmac_sha256(&date_sign_key, date.as_bytes())?;
+
+ let region_sign_key = PKey::hmac(&date_tag)?;
+ let region_tag = hmac_sha256(®ion_sign_key, options.region.as_bytes())?;
+
+ let service_sign_key = PKey::hmac(®ion_tag)?;
+ let service_tag = hmac_sha256(&service_sign_key, AWS_SIGN_V4_SERVICE_S3.as_bytes())?;
+
+ let signing_key = PKey::hmac(&service_tag)?;
+ let signing_tag = hmac_sha256(&signing_key, AWS_SIGN_V4_REQUEST_POSTFIX.as_bytes())?;
+
+ let signature_key = PKey::hmac(&signing_tag)?;
+ let signature = hmac_sha256(&signature_key, string_to_sign.as_bytes())?;
+ let signature = hex::encode(&signature);
+
+ Ok(format!(
+ "AWS4-HMAC-SHA256 Credential={}/{credential_scope},SignedHeaders={signed_headers_string},Signature={signature}",
+ options.access_key,
+ ))
+}
+// Custom `uri_encode` implementation as recommended by AWS docs, since possible implementation
+// incompatibility with uri encoding libraries.
+// See: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+pub(crate) fn aws_sign_v4_uri_encode(input: &str, is_object_key_name: bool) -> String {
+ // Assume up to 2 bytes per char max in output
+ let mut accumulator = String::with_capacity(2 * input.len());
+
+ input.chars().for_each(|char| {
+ match char {
+ // Unreserved characters, do not uri encode these bytes
+ 'A'..='Z' | 'a'..='z' | '0'..='9' | '-' | '.' | '_' | '~' => accumulator.push(char),
+ // Space character is reserved, must be encoded as '%20', not '+'
+ ' ' => accumulator.push_str("%20"),
+ // Encode the forward slash character, '/', everywhere except in the object key name
+ '/' if !is_object_key_name => accumulator.push_str("%2F"),
+ '/' if is_object_key_name => accumulator.push(char),
+ // URI encoded byte is formed by a '%' and the two-digit hexadecimal value of the byte
+ // Letters in the hexadecimal value must be uppercase
+ _ => {
+ for byte in char.to_string().as_bytes() {
+ accumulator.push_str(&format!("%{byte:02X}"));
+ }
+ }
+ }
+ });
+
+ accumulator
+}
+
+// Helper for hmac sha256 calculation
+fn hmac_sha256(key: &PKey<Private>, data: &[u8]) -> Result<Vec<u8>, Error> {
+ let mut signer = Signer::new(MessageDigest::sha256(), key)?;
+ signer.update(data)?;
+ let hmac = signer.sign_to_vec()?;
+ Ok(hmac)
+}
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
index 533ceab8e..5a60b92ec 100644
--- a/pbs-s3-client/src/lib.rs
+++ b/pbs-s3-client/src/lib.rs
@@ -1,2 +1,3 @@
+mod aws_sign_v4;
mod client;
pub use client::{S3Client, S3ClientOptions};
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 07/41] s3 client: add dedicated type for s3 object keys
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (7 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 06/41] s3 client: implement AWS signature v4 request authentication Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 08/41] s3 client: add type for last modified timestamp in responses Christian Ebner
` (33 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
S3 objects are uniquely identified within a bucket by their object
key [0].
Implements conversion and utility traits to easily convert and encode
a string or a chunk digest as corresponding object key for the S3
storage backend. Adds type checking for s3 client operations requiring
an object key.
[0] https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-s3-client/Cargo.toml | 1 +
pbs-s3-client/src/lib.rs | 4 +-
pbs-s3-client/src/object_key.rs | 102 ++++++++++++++++++++++++++++++++
3 files changed, 106 insertions(+), 1 deletion(-)
create mode 100644 pbs-s3-client/src/object_key.rs
diff --git a/pbs-s3-client/Cargo.toml b/pbs-s3-client/Cargo.toml
index f068d9246..9402257bd 100644
--- a/pbs-s3-client/Cargo.toml
+++ b/pbs-s3-client/Cargo.toml
@@ -11,6 +11,7 @@ anyhow.workspace = true
hex = { workspace = true, features = [ "serde" ] }
hyper.workspace = true
openssl.workspace = true
+serde.workspace = true
tracing.workspace = true
url.workspace = true
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
index 5a60b92ec..8b2be9721 100644
--- a/pbs-s3-client/src/lib.rs
+++ b/pbs-s3-client/src/lib.rs
@@ -1,3 +1,5 @@
mod aws_sign_v4;
mod client;
-pub use client::{S3Client, S3ClientOptions};
+pub use client::{S3Client, S3ClientOptions, S3PathPrefix};
+mod object_key;
+pub use object_key::{S3ObjectKey, S3_CONTENT_PREFIX};
diff --git a/pbs-s3-client/src/object_key.rs b/pbs-s3-client/src/object_key.rs
new file mode 100644
index 000000000..0afe275b4
--- /dev/null
+++ b/pbs-s3-client/src/object_key.rs
@@ -0,0 +1,102 @@
+use anyhow::Error;
+
+use crate::aws_sign_v4::aws_sign_v4_uri_encode;
+
+pub const S3_CONTENT_PREFIX: &str = ".cnt";
+
+#[derive(Clone, Debug)]
+pub struct S3ObjectKey {
+ object_key: String,
+}
+
+#[derive(Clone, Debug)]
+pub struct RelS3ObjectKey {
+ rel_object_key: String,
+}
+
+// All regular keys (non-digests) get prefixed by a `/.cnt`, so that
+// content listing without all the chunks can be done by that prefix.
+impl core::convert::From<&str> for RelS3ObjectKey {
+ fn from(s: &str) -> Self {
+ let s = s.strip_prefix("/").unwrap_or(s);
+ let rel_object_key = format!(
+ "{S3_CONTENT_PREFIX}/{encoded_key}",
+ encoded_key = aws_sign_v4_uri_encode(s, true),
+ );
+
+ Self { rel_object_key }
+ }
+}
+
+impl core::convert::From<&[u8; 32]> for RelS3ObjectKey {
+ fn from(digest: &[u8; 32]) -> Self {
+ // Use the same layout as on regular PBS datastores, including the 4 hex digit digest prefix
+ let object_key = hex::encode(digest);
+ let digest_prefix = &object_key[..4];
+ Self {
+ rel_object_key: format!(".chunks/{digest_prefix}/{object_key}"),
+ }
+ }
+}
+
+impl core::convert::From<[u8; 32]> for RelS3ObjectKey {
+ fn from(digest: [u8; 32]) -> Self {
+ Self::from(&digest)
+ }
+}
+
+impl RelS3ObjectKey {
+ pub fn to_full_key(&self, prefix: &str) -> S3ObjectKey {
+ S3ObjectKey {
+ object_key: format!("{prefix}/{}", self.rel_object_key),
+ }
+ }
+}
+
+impl std::ops::Deref for S3ObjectKey {
+ type Target = str;
+
+ fn deref(&self) -> &Self::Target {
+ &self.object_key
+ }
+}
+
+impl std::fmt::Display for S3ObjectKey {
+ fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+ write!(f, "{}", self.object_key)
+ }
+}
+
+impl std::str::FromStr for S3ObjectKey {
+ type Err = Error;
+
+ fn from_str(s: &str) -> Result<Self, Self::Err> {
+ Ok(Self {
+ object_key: s.to_string(),
+ })
+ }
+}
+
+proxmox_serde::forward_serialize_to_display!(S3ObjectKey);
+
+// Do not mangle with prefixes when de-serializing
+impl<'de> serde::Deserialize<'de> for S3ObjectKey {
+ fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+ where
+ D: serde::Deserializer<'de>,
+ {
+ let object_key = std::borrow::Cow::<'de, str>::deserialize(deserializer)?.to_string();
+ Ok(Self { object_key })
+ }
+}
+
+impl S3ObjectKey {
+ /// Generate source key for copy object operations given the source bucket.
+ pub fn to_copy_source_key(&self, source_bucket: &str) -> Self {
+ Self {
+ // object key already contains the required separator slash in-between source bucket
+ // and source object key.
+ object_key: format!("{source_bucket}{}", self.object_key),
+ }
+ }
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 08/41] s3 client: add type for last modified timestamp in responses
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (8 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 07/41] s3 client: add dedicated type for s3 object keys Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 09/41] s3 client: add helper to parse http date headers Christian Ebner
` (32 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds a helper to parse modified timestamps as encountered in s3 list
objects v2 and copy object api calls.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
Cargo.toml | 2 ++
pbs-s3-client/Cargo.toml | 2 ++
pbs-s3-client/src/lib.rs | 20 ++++++++++++++++++++
3 files changed, 24 insertions(+)
diff --git a/Cargo.toml b/Cargo.toml
index 87742f571..b11248f90 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -131,6 +131,7 @@ handlebars = "3.0"
hex = "0.4.3"
hickory-resolver = { version = "0.24.1", default-features = false, features = [ "system-config", "tokio-runtime" ] }
hyper = { version = "0.14", features = [ "backports", "deprecated", "full" ] }
+iso8601 = "0.4.1"
libc = "0.2"
log = "0.4.17"
nix = "0.26.1"
@@ -144,6 +145,7 @@ regex = "1.5.5"
rustyline = "9"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
+serde_plain = "1.0"
siphasher = "0.3"
syslog = "6"
tar = "0.4"
diff --git a/pbs-s3-client/Cargo.toml b/pbs-s3-client/Cargo.toml
index 9402257bd..6edd9a248 100644
--- a/pbs-s3-client/Cargo.toml
+++ b/pbs-s3-client/Cargo.toml
@@ -10,8 +10,10 @@ rust-version.workspace = true
anyhow.workspace = true
hex = { workspace = true, features = [ "serde" ] }
hyper.workspace = true
+iso8601.workspace = true
openssl.workspace = true
serde.workspace = true
+serde_plain.workspace = true
tracing.workspace = true
url.workspace = true
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
index 8b2be9721..66f38004b 100644
--- a/pbs-s3-client/src/lib.rs
+++ b/pbs-s3-client/src/lib.rs
@@ -3,3 +3,23 @@ mod client;
pub use client::{S3Client, S3ClientOptions, S3PathPrefix};
mod object_key;
pub use object_key::{S3ObjectKey, S3_CONTENT_PREFIX};
+
+use std::time::Duration;
+
+use anyhow::{anyhow, bail, Error};
+
+#[derive(Debug)]
+pub struct LastModifiedTimestamp {
+ _datetime: iso8601::DateTime,
+}
+
+impl std::str::FromStr for LastModifiedTimestamp {
+ type Err = Error;
+
+ fn from_str(timestamp: &str) -> Result<Self, Self::Err> {
+ let _datetime = iso8601::datetime(timestamp).map_err(|err| anyhow!(err))?;
+ Ok(Self { _datetime })
+ }
+}
+
+serde_plain::derive_deserialize_from_fromstr!(LastModifiedTimestamp, "last modified timestamp");
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 09/41] s3 client: add helper to parse http date headers
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (9 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 08/41] s3 client: add type for last modified timestamp in responses Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 10/41] s3 client: implement methods to operate on s3 objects in bucket Christian Ebner
` (31 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Add a helper to parse the preferred date/time format for http `Date`
headers as specified in RFC 2616 [0], which is a fixed-length subset
of the format specified in RFC 1123 [1], itself being a followup to
RFC 822 [2]. Does not implement the format as described in the
obsolete RFC 850 [3].
This allows to parse the `Date` and `Last-Modified` headers of S3 API
responses.
[0] https://datatracker.ietf.org/doc/html/rfc2616#section-3.3
[1] https://datatracker.ietf.org/doc/html/rfc1123#section-5.2.14
[2] https://datatracker.ietf.org/doc/html/rfc822#section-5
[3] https://datatracker.ietf.org/doc/html/rfc850
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-s3-client/src/lib.rs | 97 +++++++++++++++++++++++++++++++++++++++-
1 file changed, 96 insertions(+), 1 deletion(-)
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
index 66f38004b..8400edf20 100644
--- a/pbs-s3-client/src/lib.rs
+++ b/pbs-s3-client/src/lib.rs
@@ -6,7 +6,12 @@ pub use object_key::{S3ObjectKey, S3_CONTENT_PREFIX};
use std::time::Duration;
-use anyhow::{anyhow, bail, Error};
+use anyhow::{anyhow, bail, Context, Error};
+
+const VALID_DAYS_OF_WEEK: [&str; 7] = ["Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"];
+const VALID_MONTHS: [&str; 12] = [
+ "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec",
+];
#[derive(Debug)]
pub struct LastModifiedTimestamp {
@@ -23,3 +28,93 @@ impl std::str::FromStr for LastModifiedTimestamp {
}
serde_plain::derive_deserialize_from_fromstr!(LastModifiedTimestamp, "last modified timestamp");
+
+/// Preferred date format specified by RFC2616, given as fixed-length
+/// subset of RFC1123, which itself is a followup to RFC822.
+///
+/// https://datatracker.ietf.org/doc/html/rfc2616#section-3.3
+/// https://datatracker.ietf.org/doc/html/rfc1123#section-5.2.14
+/// https://datatracker.ietf.org/doc/html/rfc822#section-5
+#[derive(Debug)]
+pub struct HttpDate {
+ epoch: i64,
+}
+
+impl HttpDate {
+ pub fn to_duration(&self) -> Result<Duration, Error> {
+ let seconds = u64::try_from(self.epoch)?;
+ Ok(Duration::from_secs(seconds))
+ }
+}
+
+impl std::str::FromStr for HttpDate {
+ type Err = Error;
+
+ fn from_str(timestamp: &str) -> Result<Self, Self::Err> {
+ let input = timestamp.as_bytes();
+ if input.len() != 29 {
+ bail!("unexpected length: got {}", input.len());
+ }
+
+ let expect = |pos: usize, c: u8| {
+ if input[pos] != c {
+ bail!("unexpected char at pos {pos}");
+ }
+ Ok(())
+ };
+
+ let digit = |pos: usize| -> Result<i32, Error> {
+ let digit = input[pos] as i32;
+ if !(48..=57).contains(&digit) {
+ bail!("unexpected char at pos {pos}");
+ }
+ Ok(digit - 48)
+ };
+
+ fn check_max(i: i32, max: i32) -> Result<i32, Error> {
+ if i > max {
+ bail!("value too large ({i} > {max})");
+ }
+ Ok(i)
+ }
+
+ let mut tm = proxmox_time::TmEditor::new(true);
+
+ if !VALID_DAYS_OF_WEEK
+ .iter()
+ .any(|valid| valid.as_bytes() == &input[0..3])
+ {
+ bail!("unexpected day of week, got {:?}", &input[0..3]);
+ }
+
+ expect(3, b',').context("unexpected separator after day of week")?;
+ expect(4, b' ').context("missing space after day of week separator")?;
+ tm.set_mday(check_max(digit(5)? * 10 + digit(6)?, 31)?)?;
+ expect(7, b' ').context("unexpected separator after day")?;
+ if let Some(month) = VALID_MONTHS
+ .iter()
+ .position(|month| month.as_bytes() == &input[8..11])
+ {
+ // valid conversion to i32, position stems from fixed size array of 12 months.
+ tm.set_mon(check_max(month as i32 + 1, 12)?)?;
+ } else {
+ bail!("invalid month");
+ }
+ expect(11, b' ').context("unexpected separator after month")?;
+ tm.set_year(digit(12)? * 1000 + digit(13)? * 100 + digit(14)? * 10 + digit(15)?)?;
+ expect(16, b' ').context("unexpected separator after year")?;
+ tm.set_hour(check_max(digit(17)? * 10 + digit(18)?, 23)?)?;
+ expect(19, b':').context("unexpected separator after hour")?;
+ tm.set_min(check_max(digit(20)? * 10 + digit(21)?, 59)?)?;
+ expect(22, b':').context("unexpected separator after minute")?;
+ tm.set_sec(check_max(digit(23)? * 10 + digit(24)?, 60)?)?;
+ expect(25, b' ').context("unexpected separator after second")?;
+ if !input.ends_with(b"GMT") {
+ bail!("unexpected timezone");
+ }
+
+ let epoch = tm.into_epoch()?;
+
+ Ok(Self { epoch })
+ }
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 10/41] s3 client: implement methods to operate on s3 objects in bucket
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (10 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 09/41] s3 client: add helper to parse http date headers Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 11/41] config: introduce s3 object store client configuration Christian Ebner
` (30 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the basic implementation of the client to use s3 object stores
as backend for PBS datastores.
This implements the basic client actions on a bucket and objects
stored within given bucket.
This is not feature complete and intended to be extended on a
per-demand fashion rather than implementing the whole client at once.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
Cargo.toml | 3 +
pbs-s3-client/Cargo.toml | 8 +
pbs-s3-client/src/client.rs | 392 ++++++++++++++++++++++++++-
pbs-s3-client/src/lib.rs | 2 +
pbs-s3-client/src/response_reader.rs | 343 +++++++++++++++++++++++
5 files changed, 747 insertions(+), 1 deletion(-)
create mode 100644 pbs-s3-client/src/response_reader.rs
diff --git a/Cargo.toml b/Cargo.toml
index b11248f90..2c97e691f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -137,15 +137,18 @@ log = "0.4.17"
nix = "0.26.1"
nom = "7"
num-traits = "0.2"
+md5 = "0.7.0"
once_cell = "1.3.1"
openssl = "0.10.40"
percent-encoding = "2.1"
pin-project-lite = "0.2"
+quick-xml = "0.26"
regex = "1.5.5"
rustyline = "9"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
serde_plain = "1.0"
+serde-xml-rs = "0.5"
siphasher = "0.3"
syslog = "6"
tar = "0.4"
diff --git a/pbs-s3-client/Cargo.toml b/pbs-s3-client/Cargo.toml
index 6edd9a248..a6348a0e4 100644
--- a/pbs-s3-client/Cargo.toml
+++ b/pbs-s3-client/Cargo.toml
@@ -8,12 +8,20 @@ rust-version.workspace = true
[dependencies]
anyhow.workspace = true
+base64.workspace = true
+bytes.workspace = true
+futures.workspace = true
hex = { workspace = true, features = [ "serde" ] }
hyper.workspace = true
iso8601.workspace = true
+md5.workspace = true
openssl.workspace = true
+quick-xml = { workspace = true, features = ["async-tokio"] }
serde.workspace = true
serde_plain.workspace = true
+serde-xml-rs.workspace = true
+tokio = { workspace = true, features = [] }
+tokio-util = { workspace = true, features = ["compat"] }
tracing.workspace = true
url.workspace = true
diff --git a/pbs-s3-client/src/client.rs b/pbs-s3-client/src/client.rs
index b886843a3..515b05b9c 100644
--- a/pbs-s3-client/src/client.rs
+++ b/pbs-s3-client/src/client.rs
@@ -1,18 +1,39 @@
+use std::collections::HashMap;
+use std::io::Cursor;
+use std::path::Path;
+use std::str::FromStr;
use std::sync::{Arc, Mutex};
use std::time::Duration;
use anyhow::{bail, format_err, Context, Error};
+use bytes::{Bytes, BytesMut};
+use hyper::body::HttpBody;
use hyper::client::{Client, HttpConnector};
-use hyper::http::uri::Authority;
+use hyper::http::method::Method;
+use hyper::http::uri::{Authority, Parts, PathAndQuery, Scheme};
+use hyper::http::StatusCode;
+use hyper::http::{header, HeaderValue, Uri};
use hyper::Body;
+use hyper::{Request, Response};
use openssl::hash::MessageDigest;
+use openssl::sha::Sha256;
use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
use openssl::x509::X509StoreContextRef;
+use quick_xml::events::BytesText;
+use quick_xml::writer::Writer;
use tracing::error;
use pbs_api_types::{S3ClientConfig, S3ClientSecretsConfig};
use proxmox_http::client::HttpsConnector;
+use crate::aws_sign_v4::aws_sign_v4_signature;
+use crate::aws_sign_v4::AWS_SIGN_V4_DATETIME_FORMAT;
+use crate::object_key::{RelS3ObjectKey, S3ObjectKey};
+use crate::response_reader::{
+ CopyObjectResponse, DeleteObjectsResponse, GetObjectResponse, HeadObjectResponse,
+ ListObjectsV2Response, PutObjectResponse, ResponseReader,
+};
+
const S3_HTTP_CONNECT_TIMEOUT: Duration = Duration::from_secs(10);
const S3_TCP_KEEPALIVE_TIME: u32 = 120;
@@ -167,4 +188,373 @@ impl S3Client {
"unexpected certificate fingerprint {certificate_fingerprint}"
))
}
+
+ async fn prepare(&self, mut request: Request<Body>) -> Result<Request<Body>, Error> {
+ let host_header = request
+ .uri()
+ .authority()
+ .ok_or_else(|| format_err!("request missing authority"))?
+ .to_string();
+
+ // Content verification for aws s3 signature
+ let mut hasher = Sha256::new();
+ // Load payload into memory, needed as the hash and checksum have to be calculated a-priori
+ let buffer: Bytes = {
+ let body = request.body_mut();
+ let mut buf = BytesMut::with_capacity(body.size_hint().lower() as usize);
+ while let Some(chunk) = body.data().await {
+ let chunk = chunk?;
+ hasher.update(&chunk);
+ buf.extend_from_slice(&chunk);
+ }
+ buf.freeze()
+ };
+ // Use MD5 as upload integrity check, as other methods are not supported by all S3 object
+ // store providers and might be ignored and this is recommended by AWS as described in
+ // https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#API_PutObject_RequestSyntax
+ let payload_md5 = md5::compute(&buffer);
+ let payload_digest = hex::encode(hasher.finish());
+ let payload_len = buffer.len();
+ *request.body_mut() = Body::from(buffer);
+
+ let epoch = proxmox_time::epoch_i64();
+ let datetime = proxmox_time::strftime_utc(AWS_SIGN_V4_DATETIME_FORMAT, epoch)?;
+
+ request
+ .headers_mut()
+ .insert("x-amz-date", HeaderValue::from_str(&datetime)?);
+ request
+ .headers_mut()
+ .insert("host", HeaderValue::from_str(&host_header)?);
+ request.headers_mut().insert(
+ "x-amz-content-sha256",
+ HeaderValue::from_str(&payload_digest)?,
+ );
+ request.headers_mut().insert(
+ header::CONTENT_LENGTH,
+ HeaderValue::from_str(&payload_len.to_string())?,
+ );
+ if payload_len > 0 {
+ let md5_digest = base64::encode(*payload_md5);
+ request
+ .headers_mut()
+ .insert("Content-MD5", HeaderValue::from_str(&md5_digest)?);
+ }
+
+ let signature = aws_sign_v4_signature(&request, &self.options, epoch, &payload_digest)?;
+
+ request
+ .headers_mut()
+ .insert(header::AUTHORIZATION, HeaderValue::from_str(&signature)?);
+
+ Ok(request)
+ }
+
+ pub async fn send(&self, request: Request<Body>) -> Result<Response<Body>, Error> {
+ let request = self.prepare(request).await?;
+ let response = tokio::time::timeout(S3_HTTP_CONNECT_TIMEOUT, self.client.request(request))
+ .await
+ .context("request timeout")??;
+ Ok(response)
+ }
+
+ /// Check if bucket exists and got permissions to access it.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html
+ pub async fn head_bucket(&self) -> Result<(), Error> {
+ let request = Request::builder()
+ .method(Method::HEAD)
+ .uri(self.build_uri("/", &[])?)
+ .body(Body::empty())?;
+ let response = self.send(request).await?;
+ let (parts, _body) = response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::BAD_REQUEST | StatusCode::FORBIDDEN | StatusCode::NOT_FOUND => {
+ bail!("bucket does not exist or no permission to access it")
+ }
+ status_code => bail!("unexpected status code {status_code}"),
+ }
+
+ Ok(())
+ }
+
+ /// Fetch metadata from an object without returning the object itself.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html
+ pub async fn head_object(
+ &self,
+ object_key: RelS3ObjectKey,
+ ) -> Result<Option<HeadObjectResponse>, Error> {
+ let object_key = object_key.to_full_key(&self.options.store_prefix);
+ let request = Request::builder()
+ .method(Method::HEAD)
+ .uri(self.build_uri(&object_key, &[])?)
+ .body(Body::empty())?;
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.head_object_response().await
+ }
+
+ /// Fetch an object from object store.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
+ pub async fn get_object(
+ &self,
+ object_key: RelS3ObjectKey,
+ ) -> Result<Option<GetObjectResponse>, Error> {
+ let object_key = object_key.to_full_key(&self.options.store_prefix);
+ let request = Request::builder()
+ .method(Method::GET)
+ .uri(self.build_uri(&object_key, &[])?)
+ .body(Body::empty())?;
+
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.get_object_response().await
+ }
+
+ /// Returns some or all (up to 1,000) of the objects in a bucket with each request.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html
+ pub async fn list_objects_v2(
+ &self,
+ prefix: &S3PathPrefix,
+ continuation_token: Option<&str>,
+ ) -> Result<ListObjectsV2Response, Error> {
+ let mut query = vec![("list-type", "2")];
+ let abs_prefix: String;
+ if let S3PathPrefix::Some(prefix) = prefix {
+ abs_prefix = if prefix.starts_with("/") {
+ format!("{}{prefix}", self.options.store_prefix)
+ } else {
+ format!("{}/{prefix}", self.options.store_prefix)
+ };
+ query.push(("prefix", &abs_prefix));
+ }
+ if let Some(token) = continuation_token {
+ query.push(("continuation-token", token));
+ }
+ let request = Request::builder()
+ .method(Method::GET)
+ .uri(self.build_uri("/", &query)?)
+ .body(Body::empty())?;
+
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.list_objects_v2_response().await
+ }
+
+ /// Add a new object to a bucket.
+ ///
+ /// Do not reupload if an object with matching key already exists in the bucket.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+ pub async fn put_object(
+ &self,
+ object_key: RelS3ObjectKey,
+ object_data: Body,
+ ) -> Result<PutObjectResponse, Error> {
+ let object_key = object_key.to_full_key(&self.options.store_prefix);
+ let request = Request::builder()
+ .method(Method::PUT)
+ .uri(self.build_uri(&object_key, &[])?)
+ .header(header::CONTENT_TYPE, "binary/octet")
+ // Never overwrite pre-existing objects with the same key.
+ //.header(header::IF_NONE_MATCH, "*")
+ .body(object_data)?;
+
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.put_object_response().await
+ }
+
+ /// Removes an object from a bucket.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html
+ pub async fn delete_object(&self, object_key: RelS3ObjectKey) -> Result<(), Error> {
+ let object_key = object_key.to_full_key(&self.options.store_prefix);
+ let request = Request::builder()
+ .method(Method::DELETE)
+ .uri(self.build_uri(&object_key, &[])?)
+ .body(Body::empty())?;
+
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.delete_object_response().await
+ }
+
+ /// Delete multiple objects from a bucket using a single HTTP request.
+ /// See reference docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjects.html
+ pub async fn delete_objects(
+ &self,
+ object_keys: &[S3ObjectKey],
+ ) -> Result<DeleteObjectsResponse, Error> {
+ let mut body = String::from(r#"<Delete xmlns="http://s3.amazonaws.com/doc/2006-03-01/">"#);
+ for object_key in object_keys {
+ body.push_str("<Object><Key>");
+ body.push_str(object_key);
+ body.push_str("</Key></Object>");
+ }
+ body.push_str("</Delete>");
+ let request = Request::builder()
+ .method(Method::POST)
+ .uri(self.build_uri("/", &[("delete", "")])?)
+ .body(Body::from(body))?;
+
+ let response = self.send(request).await?;
+ let response_reader = ResponseReader::new(response);
+ response_reader.delete_objects_response().await
+ }
+
+ /// Delete objects by given key prefix.
+ /// Requires at least 2 api calls.
+ pub async fn delete_objects_by_prefix(&self, prefix: &S3PathPrefix) -> Result<bool, Error> {
+ // S3 API does not provide a convenient way to delete objects by key prefix.
+ // List all objects with given group prefix and delete all objects found, so this
+ // requires at least 2 API calls.
+ let mut next_continuation_token: Option<String> = None;
+ let mut delete_errors = false;
+ loop {
+ let list_objects_result = self
+ .list_objects_v2(prefix, next_continuation_token.as_deref())
+ .await?;
+
+ let objects_to_delete: Vec<S3ObjectKey> = list_objects_result
+ .contents
+ .into_iter()
+ .map(|item| item.key)
+ .collect();
+
+ let response = self.delete_objects(&objects_to_delete).await?;
+ if response.error.is_some() {
+ delete_errors = true;
+ }
+
+ if list_objects_result.is_truncated {
+ next_continuation_token = list_objects_result
+ .next_continuation_token
+ .as_ref()
+ .cloned();
+ continue;
+ }
+ break;
+ }
+ Ok(delete_errors)
+ }
+
+ /// Delete objects by given key prefix, but exclude items pre-filter based on suffix
+ /// (including the parent component of the matched suffix). E.g. do not remove items in a
+ /// snapshot directory, by matching based on the protected file marker (given as suffix).
+ /// Items matching the suffix provided as `ignore` will be excluded in the parent of a matching
+ /// suffix entry. E.g. owner and notes for a group, if a group snapshots was matched by a
+ /// protected marker.
+ ///
+ /// Requires at least 2 api calls.
+ pub async fn delete_objects_by_prefix_with_suffix_filter(
+ &self,
+ prefix: &S3PathPrefix,
+ suffix: &str,
+ excldue_from_parent: &[&str],
+ ) -> Result<bool, Error> {
+ // S3 API does not provide a convenient way to delete objects by key prefix.
+ // List all objects with given group prefix and delete all objects found, so this
+ // requires at least 2 API calls.
+ let mut next_continuation_token: Option<String> = None;
+ let mut delete_errors = false;
+ let mut prefix_filters = Vec::new();
+ let mut list_objects = Vec::new();
+ loop {
+ let list_objects_result = self
+ .list_objects_v2(prefix, next_continuation_token.as_deref())
+ .await?;
+
+ let mut prefixes: Vec<String> = list_objects_result
+ .contents
+ .iter()
+ .filter_map(|item| {
+ let prefix_filter = item.key.strip_suffix(suffix).map(|prefix| {
+ let path = Path::new(prefix);
+ if let Some(parent) = path.parent() {
+ for filter in excldue_from_parent {
+ let filter = parent.join(filter);
+ // valid utf-8 as combined from `str` values
+ prefix_filters.push(filter.to_string_lossy().to_string());
+ }
+ }
+ prefix.to_string()
+ });
+ if prefix_filter.is_none() {
+ list_objects.push(item.key.clone());
+ }
+ prefix_filter
+ })
+ .collect();
+ prefix_filters.append(&mut prefixes);
+
+ if list_objects_result.is_truncated {
+ next_continuation_token = list_objects_result
+ .next_continuation_token
+ .as_ref()
+ .cloned();
+ continue;
+ }
+ break;
+ }
+
+ let objects_to_delete: Vec<S3ObjectKey> = list_objects
+ .into_iter()
+ .filter_map(|item| {
+ for prefix in &prefix_filters {
+ if item.strip_prefix(prefix).is_some() {
+ return None;
+ }
+ }
+ Some(item)
+ })
+ .collect();
+
+ for objects in objects_to_delete.chunks(1000) {
+ let result = self.delete_objects(objects).await?;
+ if result.error.is_some() {
+ delete_errors = true;
+ }
+ }
+
+ Ok(delete_errors)
+ }
+
+ #[inline(always)]
+ /// Helper to generate [`Uri`] instance with common properties based on given path and query.
+ fn build_uri(&self, mut path: &str, query: &[(&str, &str)]) -> Result<Uri, Error> {
+ if path.starts_with('/') {
+ path = &path[1..];
+ }
+ let mut path_and_query = if self.options.path_style {
+ format!("/{bucket}/{path}", bucket = self.options.bucket)
+ } else {
+ format!("/{path}")
+ };
+
+ if !query.is_empty() {
+ path_and_query.push('?');
+ // No further input validation as http::uri::Builder will check path and query
+ let mut query_iter = query.iter().peekable();
+ while let Some((key, value)) = query_iter.next() {
+ path_and_query.push_str(key);
+ if !value.is_empty() {
+ path_and_query.push('=');
+ path_and_query.push_str(value);
+ }
+ if query_iter.peek().is_some() {
+ path_and_query.push('&');
+ }
+ }
+ }
+
+ let path_and_query =
+ PathAndQuery::from_str(&path_and_query).context("failed to parse path and query")?;
+
+ let mut uri_parts = Parts::default();
+ uri_parts.scheme = Some(Scheme::HTTPS);
+ uri_parts.authority = Some(self.authority.clone());
+ uri_parts.path_and_query = Some(path_and_query);
+
+ Uri::from_parts(uri_parts).context("failed to build uri")
+ }
}
diff --git a/pbs-s3-client/src/lib.rs b/pbs-s3-client/src/lib.rs
index 8400edf20..a9fa0d847 100644
--- a/pbs-s3-client/src/lib.rs
+++ b/pbs-s3-client/src/lib.rs
@@ -3,6 +3,8 @@ mod client;
pub use client::{S3Client, S3ClientOptions, S3PathPrefix};
mod object_key;
pub use object_key::{S3ObjectKey, S3_CONTENT_PREFIX};
+mod response_reader;
+pub use response_reader::PutObjectResponse;
use std::time::Duration;
diff --git a/pbs-s3-client/src/response_reader.rs b/pbs-s3-client/src/response_reader.rs
new file mode 100644
index 000000000..32ae48869
--- /dev/null
+++ b/pbs-s3-client/src/response_reader.rs
@@ -0,0 +1,343 @@
+use std::str::FromStr;
+
+use anyhow::{anyhow, bail, Context, Error};
+use hyper::body::HttpBody;
+use hyper::header::HeaderName;
+use hyper::http::header;
+use hyper::http::StatusCode;
+use hyper::{Body, HeaderMap, Response};
+use serde::Deserialize;
+
+use crate::S3ObjectKey;
+use crate::{HttpDate, LastModifiedTimestamp};
+
+pub(crate) struct ResponseReader {
+ response: Response<Body>,
+}
+
+#[derive(Debug)]
+pub struct ListObjectsV2Response {
+ pub date: HttpDate,
+ pub name: String,
+ pub prefix: String,
+ pub key_count: u64,
+ pub max_keys: u64,
+ pub is_truncated: bool,
+ pub continuation_token: Option<String>,
+ pub next_continuation_token: Option<String>,
+ pub contents: Vec<ListObjectsV2Contents>,
+}
+
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+struct ListObjectsV2ResponseBody {
+ pub name: String,
+ pub prefix: String,
+ pub key_count: u64,
+ pub max_keys: u64,
+ pub is_truncated: bool,
+ pub continuation_token: Option<String>,
+ pub next_continuation_token: Option<String>,
+ pub contents: Option<Vec<ListObjectsV2Contents>>,
+}
+
+impl ListObjectsV2ResponseBody {
+ fn with_date(self, date: HttpDate) -> ListObjectsV2Response {
+ ListObjectsV2Response {
+ date,
+ name: self.name,
+ prefix: self.prefix,
+ key_count: self.key_count,
+ max_keys: self.max_keys,
+ is_truncated: self.is_truncated,
+ continuation_token: self.continuation_token,
+ next_continuation_token: self.next_continuation_token,
+ contents: self.contents.unwrap_or_default(),
+ }
+ }
+}
+
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+pub struct ListObjectsV2Contents {
+ pub key: S3ObjectKey,
+ pub last_modified: LastModifiedTimestamp,
+ pub e_tag: String,
+ pub size: u64,
+ pub storage_class: String,
+}
+
+#[derive(Debug)]
+/// Subset of the head object response (headers only, there is no body)
+/// See https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html#API_HeadObject_ResponseSyntax
+pub struct HeadObjectResponse {
+ pub content_length: u64,
+ pub content_type: String,
+ pub date: HttpDate,
+ pub e_tag: String,
+ pub last_modified: HttpDate,
+}
+
+#[derive(Debug)]
+/// Subset of the get object response
+/// https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html#API_GetObject_ResponseSyntax
+pub struct GetObjectResponse {
+ pub content_length: u64,
+ pub content_type: String,
+ pub date: HttpDate,
+ pub e_tag: String,
+ pub last_modified: HttpDate,
+ pub content: Body,
+}
+
+#[derive(Debug)]
+pub struct CopyObjectResponse {
+ pub copy_object_result: CopyObjectResult,
+ pub x_amz_version_id: Option<String>,
+}
+
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+pub struct CopyObjectResult {
+ pub e_tag: String,
+ pub last_modified: LastModifiedTimestamp,
+}
+
+/// Subset of the put object response
+/// https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#API_PutObject_ResponseSyntax
+#[derive(Debug)]
+pub enum PutObjectResponse {
+ NeedsRetry,
+ PreconditionFailed,
+ Success(String),
+}
+
+/// Subset of the delete objects response
+/// https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjects.html#API_DeleteObjects_ResponseElements
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+pub struct DeleteObjectsResponse {
+ pub deleted: Option<Vec<DeletedObject>>,
+ pub error: Option<Vec<DeleteObjectError>>,
+}
+
+/// https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletedObject.html
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+pub struct DeletedObject {
+ pub delete_marker: Option<bool>,
+ pub delete_marker_version_id: Option<String>,
+ pub key: Option<S3ObjectKey>,
+ pub version_id: Option<String>,
+}
+
+/// https://docs.aws.amazon.com/AmazonS3/latest/API/API_Error.html
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "PascalCase")]
+pub struct DeleteObjectError {
+ pub code: Option<String>,
+ pub key: Option<S3ObjectKey>,
+ pub message: Option<String>,
+ pub version_id: Option<String>,
+}
+
+impl ResponseReader {
+ pub(crate) fn new(response: Response<Body>) -> Self {
+ Self { response }
+ }
+
+ pub(crate) async fn list_objects_v2_response(self) -> Result<ListObjectsV2Response, Error> {
+ let (parts, body) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::NOT_FOUND => bail!("bucket does not exist"),
+ status_code => bail!("unexpected status code {status_code}"),
+ }
+
+ let body = body.collect().await?.to_bytes();
+ let body = String::from_utf8(body.to_vec())?;
+
+ let date: HttpDate = Self::parse_header(header::DATE, &parts.headers)?;
+
+ let response: ListObjectsV2ResponseBody =
+ serde_xml_rs::from_str(&body).context("failed to parse response body")?;
+
+ Ok(response.with_date(date))
+ }
+
+ pub(crate) async fn head_object_response(self) -> Result<Option<HeadObjectResponse>, Error> {
+ let (parts, body) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::NOT_FOUND => return Ok(None),
+ status_code => bail!("unexpected status code {status_code}"),
+ }
+ let body = body.collect().await?.to_bytes();
+ if !body.is_empty() {
+ bail!("got unexpected non-empty response body");
+ }
+
+ let content_length: u64 = Self::parse_header(header::CONTENT_LENGTH, &parts.headers)?;
+ let content_type = Self::parse_header(header::CONTENT_TYPE, &parts.headers)?;
+ let e_tag = Self::parse_header(header::ETAG, &parts.headers)?;
+ let date = Self::parse_header(header::DATE, &parts.headers)?;
+ let last_modified = Self::parse_header(header::LAST_MODIFIED, &parts.headers)?;
+
+ Ok(Some(HeadObjectResponse {
+ content_length,
+ content_type,
+ date,
+ e_tag,
+ last_modified,
+ }))
+ }
+
+ pub(crate) async fn get_object_response(self) -> Result<Option<GetObjectResponse>, Error> {
+ let (parts, content) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::NOT_FOUND => return Ok(None),
+ StatusCode::FORBIDDEN => bail!("object is archived and inaccessible until restored"),
+ status_code => bail!("unexpected status code {status_code}"),
+ }
+
+ let content_length: u64 = Self::parse_header(header::CONTENT_LENGTH, &parts.headers)?;
+ let content_type = Self::parse_header(header::CONTENT_TYPE, &parts.headers)?;
+ let e_tag = Self::parse_header(header::ETAG, &parts.headers)?;
+ let date = Self::parse_header(header::DATE, &parts.headers)?;
+ let last_modified = Self::parse_header(header::LAST_MODIFIED, &parts.headers)?;
+
+ Ok(Some(GetObjectResponse {
+ content_length,
+ content_type,
+ date,
+ e_tag,
+ last_modified,
+ content,
+ }))
+ }
+
+ pub(crate) async fn copy_object_response(self) -> Result<CopyObjectResponse, Error> {
+ let (parts, content) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::NOT_FOUND => bail!("object not found"),
+ StatusCode::FORBIDDEN => bail!("the source object is not in the active tier"),
+ status_code => bail!("unexpected status code {status_code}"),
+ }
+
+ let body = content.collect().await?.to_bytes();
+ let body = String::from_utf8(body.to_vec())?;
+
+ let x_amz_version_id = match parts.headers.get("x-amz-version-id") {
+ Some(version_id) => Some(
+ version_id
+ .to_str()
+ .context("failed to parse version id header")?
+ .to_owned(),
+ ),
+ None => None,
+ };
+
+ let copy_object_result: CopyObjectResult =
+ serde_xml_rs::from_str(&body).context("failed to parse response body")?;
+
+ Ok(CopyObjectResponse {
+ copy_object_result,
+ x_amz_version_id,
+ })
+ }
+
+ pub(crate) async fn put_object_response(self) -> Result<PutObjectResponse, Error> {
+ let (parts, body) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ // If-None-Match precondition failed, an object with same key already present.
+ // FIXME: Should this be dropped in favor of re-uploading and rely on the local
+ // cache to detect duplicates to increase data safety guarantees?
+ StatusCode::PRECONDITION_FAILED => return Ok(PutObjectResponse::PreconditionFailed),
+ StatusCode::CONFLICT => return Ok(PutObjectResponse::NeedsRetry),
+ StatusCode::BAD_REQUEST => bail!("invalid request: {body:?}"),
+ status_code => bail!("unexpected status code {status_code}"),
+ };
+
+ let body = body.collect().await?.to_bytes();
+ if !body.is_empty() {
+ bail!("got unexpected non-empty response body");
+ }
+
+ let e_tag = Self::parse_header(header::ETAG, &parts.headers)?;
+
+ Ok(PutObjectResponse::Success(e_tag))
+ }
+
+ pub(crate) async fn delete_object_response(self) -> Result<(), Error> {
+ let (parts, _body) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::NO_CONTENT => (),
+ status_code => bail!("unexpected status code {status_code}"),
+ };
+
+ Ok(())
+ }
+
+ pub(crate) async fn delete_objects_response(self) -> Result<DeleteObjectsResponse, Error> {
+ let (parts, body) = self.response.into_parts();
+
+ match parts.status {
+ StatusCode::OK => (),
+ StatusCode::BAD_REQUEST => bail!("invalid request: {body:?}"),
+ status_code => bail!("unexpected status code {status_code}"),
+ };
+
+ let body = body.collect().await?.to_bytes();
+ let body = String::from_utf8(body.to_vec())?;
+
+ let delete_objects_response: DeleteObjectsResponse =
+ serde_xml_rs::from_str(&body).context("failed to parse response body")?;
+
+ Ok(delete_objects_response)
+ }
+
+ fn parse_header<T: FromStr>(name: HeaderName, headers: &HeaderMap) -> Result<T, Error>
+ where
+ <T as FromStr>::Err: Send + Sync + 'static,
+ Result<T, <T as FromStr>::Err>: Context<T, <T as FromStr>::Err>,
+ {
+ let header_value = headers
+ .get(&name)
+ .ok_or_else(|| anyhow!("missing header '{name}'"))?;
+ let header_str = header_value
+ .to_str()
+ .with_context(|| format!("non UTF-8 header '{name}'"))?;
+ let value = header_str
+ .parse()
+ .with_context(|| format!("failed to parse header '{name}'"))?;
+ Ok(value)
+ }
+
+ // TODO: Integrity checks via CRC32 or SHA265 currently cannot be performed, since not
+ // supported by all S3 object store providers.
+ // See also:
+ // https://tracker.ceph.com/issues/63951
+ // https://tracker.ceph.com/issues/69105
+ // https://www.backblaze.com/docs/cloud-storage-s3-compatible-api
+ fn parse_x_amz_checksum_crc32_header(headers: &HeaderMap) -> Result<Option<u32>, Error> {
+ let x_amz_checksum_crc32 = match headers.get("x-amz-checksum-crc32") {
+ Some(x_amz_checksum_crc32) => x_amz_checksum_crc32,
+ None => return Ok(None),
+ };
+ let x_amz_checksum_crc32 = base64::decode(x_amz_checksum_crc32.to_str()?)?;
+ let x_amz_checksum_crc32: [u8; 4] = x_amz_checksum_crc32
+ .try_into()
+ .map_err(|_e| anyhow!("failed to convert x-amz-checksum-crc32 header"))?;
+ let x_amz_checksum_crc32 = u32::from_be_bytes(x_amz_checksum_crc32);
+ Ok(Some(x_amz_checksum_crc32))
+ }
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 11/41] config: introduce s3 object store client configuration
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (11 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 10/41] s3 client: implement methods to operate on s3 objects in bucket Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 12/41] api: config: implement endpoints to manipulate and list s3 configs Christian Ebner
` (29 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the client configuration for s3 object store as dedicated
configuration files, with secrets being stored separately from the
regular configuration and excluded from api responses for security
reasons.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-config/src/lib.rs | 1 +
pbs-config/src/s3.rs | 82 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 83 insertions(+)
create mode 100644 pbs-config/src/s3.rs
diff --git a/pbs-config/src/lib.rs b/pbs-config/src/lib.rs
index 9c4d77c24..d03c079ab 100644
--- a/pbs-config/src/lib.rs
+++ b/pbs-config/src/lib.rs
@@ -10,6 +10,7 @@ pub mod network;
pub mod notifications;
pub mod prune;
pub mod remote;
+pub mod s3;
pub mod sync;
pub mod tape_job;
pub mod token_shadow;
diff --git a/pbs-config/src/s3.rs b/pbs-config/src/s3.rs
new file mode 100644
index 000000000..5fce5034d
--- /dev/null
+++ b/pbs-config/src/s3.rs
@@ -0,0 +1,82 @@
+use std::collections::HashMap;
+use std::sync::LazyLock;
+
+use anyhow::Error;
+
+use proxmox_schema::*;
+use proxmox_section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin};
+
+use pbs_api_types::{S3ClientConfig, S3ClientSecretsConfig, JOB_ID_SCHEMA};
+
+use crate::{open_backup_lockfile, replace_backup_config, BackupLockGuard};
+
+pub static CONFIG: LazyLock<SectionConfig> = LazyLock::new(init);
+
+fn init() -> SectionConfig {
+ let obj_schema = match S3ClientConfig::API_SCHEMA {
+ Schema::Object(ref obj_schema) => obj_schema,
+ _ => unreachable!(),
+ };
+ let secrets_obj_schema = match S3ClientSecretsConfig::API_SCHEMA {
+ Schema::Object(ref obj_schema) => obj_schema,
+ _ => unreachable!(),
+ };
+
+ let plugin =
+ SectionConfigPlugin::new("s3client".to_string(), Some(String::from("id")), obj_schema);
+ let secrets_plugin = SectionConfigPlugin::new(
+ "s3secrets".to_string(),
+ Some(String::from("secrets-id")),
+ secrets_obj_schema,
+ );
+ let mut config = SectionConfig::new(&JOB_ID_SCHEMA);
+ config.register_plugin(plugin);
+ config.register_plugin(secrets_plugin);
+
+ config
+}
+
+pub const S3_CFG_FILENAME: &str = "/etc/proxmox-backup/s3.cfg";
+pub const S3_SECRETS_CFG_FILENAME: &str = "/etc/proxmox-backup/s3-secrets.cfg";
+pub const S3_CFG_LOCKFILE: &str = "/etc/proxmox-backup/.s3.lck";
+
+/// Get exclusive lock
+pub fn lock_config() -> Result<BackupLockGuard, Error> {
+ open_backup_lockfile(S3_CFG_LOCKFILE, None, true)
+}
+
+pub fn config() -> Result<(SectionConfigData, [u8; 32]), Error> {
+ parse_config(S3_CFG_FILENAME)
+}
+
+pub fn secrets_config() -> Result<(SectionConfigData, [u8; 32]), Error> {
+ parse_config(S3_SECRETS_CFG_FILENAME)
+}
+
+pub fn save_config(config: &SectionConfigData, secrets: &SectionConfigData) -> Result<(), Error> {
+ let raw = CONFIG.write(S3_CFG_FILENAME, config)?;
+ replace_backup_config(S3_CFG_FILENAME, raw.as_bytes())?;
+
+ let secrets_raw = CONFIG.write(S3_SECRETS_CFG_FILENAME, secrets)?;
+ // Secrets are stored with `backup` permissions to allow reading from
+ // not protected api endpoints as well.
+ replace_backup_config(S3_SECRETS_CFG_FILENAME, secrets_raw.as_bytes())?;
+
+ Ok(())
+}
+
+// shell completion helper
+pub fn complete_s3_client_id(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
+ match config() {
+ Ok((data, _digest)) => data.sections.keys().map(|id| id.to_string()).collect(),
+ Err(_) => Vec::new(),
+ }
+}
+
+fn parse_config(path: &str) -> Result<(SectionConfigData, [u8; 32]), Error> {
+ let content = proxmox_sys::fs::file_read_optional_string(path)?;
+ let content = content.unwrap_or_default();
+ let digest = openssl::sha::sha256(content.as_bytes());
+ let data = CONFIG.parse(path, &content)?;
+ Ok((data, digest))
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 12/41] api: config: implement endpoints to manipulate and list s3 configs
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (12 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 11/41] config: introduce s3 object store client configuration Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 13/41] api: datastore: check S3 backend bucket access on datastore create Christian Ebner
` (28 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Allows to create, list, modify and delete configurations for s3
clients via the api.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/config/mod.rs | 2 +
src/api2/config/s3.rs | 310 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 312 insertions(+)
create mode 100644 src/api2/config/s3.rs
diff --git a/src/api2/config/mod.rs b/src/api2/config/mod.rs
index 15dc5db92..1cd9ead76 100644
--- a/src/api2/config/mod.rs
+++ b/src/api2/config/mod.rs
@@ -14,6 +14,7 @@ pub mod metrics;
pub mod notifications;
pub mod prune;
pub mod remote;
+pub mod s3;
pub mod sync;
pub mod tape_backup_job;
pub mod tape_encryption_keys;
@@ -32,6 +33,7 @@ const SUBDIRS: SubdirMap = &sorted!([
("notifications", ¬ifications::ROUTER),
("prune", &prune::ROUTER),
("remote", &remote::ROUTER),
+ ("s3", &s3::ROUTER),
("sync", &sync::ROUTER),
("tape-backup-job", &tape_backup_job::ROUTER),
("tape-encryption-keys", &tape_encryption_keys::ROUTER),
diff --git a/src/api2/config/s3.rs b/src/api2/config/s3.rs
new file mode 100644
index 000000000..824de4e50
--- /dev/null
+++ b/src/api2/config/s3.rs
@@ -0,0 +1,310 @@
+use ::serde::{Deserialize, Serialize};
+use anyhow::Error;
+use hex::FromHex;
+use serde_json::Value;
+
+use proxmox_router::{http_bail, Permission, Router, RpcEnvironment};
+use proxmox_schema::{api, param_bail};
+
+use pbs_api_types::{
+ S3ClientConfig, S3ClientConfigUpdater, S3ClientSecretsConfig, S3ClientSecretsConfigUpdater,
+ JOB_ID_SCHEMA, PRIV_SYS_AUDIT, PRIV_SYS_MODIFY, PROXMOX_CONFIG_DIGEST_SCHEMA,
+};
+use pbs_config::s3;
+
+#[api(
+ input: {
+ properties: {},
+ },
+ returns: {
+ description: "List configured s3 clients.",
+ type: Array,
+ items: { type: S3ClientConfig },
+ },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false),
+ },
+)]
+/// List all s3 client configurations.
+pub fn list_s3_client_config(
+ _param: Value,
+ rpcenv: &mut dyn RpcEnvironment,
+) -> Result<Vec<S3ClientConfig>, Error> {
+ let (config, digest) = s3::config()?;
+ let list = config.convert_to_typed_array("s3client")?;
+
+ let (_secrets, secrets_digest) = s3::secrets_config()?;
+ let digest = digest_with_secrets(&digest, &secrets_digest);
+ rpcenv["digest"] = hex::encode(digest).into();
+
+ Ok(list)
+}
+
+#[api(
+ protected: true,
+ input: {
+ properties: {
+ config: {
+ type: S3ClientConfig,
+ flatten: true,
+ },
+ secrets: {
+ type: S3ClientSecretsConfig,
+ flatten: true,
+ },
+ },
+ },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false),
+ },
+)]
+/// Create a new s3 client configuration.
+pub fn create_s3_client_config(
+ config: S3ClientConfig,
+ secrets: S3ClientSecretsConfig,
+ _rpcenv: &mut dyn RpcEnvironment,
+) -> Result<(), Error> {
+ // Asssure both, config and secrets are referenced by the same `id`
+ if config.id != secrets.secrets_id {
+ param_bail!(
+ "id",
+ "config and secrets must use the same id ({} != {})",
+ config.id,
+ secrets.secrets_id
+ );
+ }
+
+ let _lock = s3::lock_config()?;
+ let (mut section_config, _digest) = s3::config()?;
+ if section_config.sections.contains_key(&config.id) {
+ param_bail!("id", "s3 client config '{}' already exists.", config.id);
+ }
+
+ let (mut section_secrets, _secrets_digest) = s3::secrets_config()?;
+ if section_secrets.sections.contains_key(&config.id) {
+ param_bail!("id", "s3 secrets config '{}' already exists.", config.id);
+ }
+
+ section_config.set_data(&config.id, "s3client", &config)?;
+ section_secrets.set_data(&config.id, "s3secrets", &secrets)?;
+ s3::save_config(§ion_config, §ion_secrets)?;
+
+ Ok(())
+}
+
+#[api(
+ input: {
+ properties: {
+ id: {
+ schema: JOB_ID_SCHEMA,
+ },
+ },
+ },
+ returns: { type: S3ClientConfig },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false),
+ },
+)]
+/// Read an s3 client configuration.
+pub fn read_s3_client_config(
+ id: String,
+ rpcenv: &mut dyn RpcEnvironment,
+) -> Result<S3ClientConfig, Error> {
+ let (config, digest) = s3::config()?;
+ let s3_client_config: S3ClientConfig = config.lookup("s3client", &id)?;
+
+ let (_secrets, secrets_digest) = s3::secrets_config()?;
+ let digest = digest_with_secrets(&digest, &secrets_digest);
+ rpcenv["digest"] = hex::encode(digest).into();
+
+ Ok(s3_client_config)
+}
+
+#[api()]
+#[derive(Serialize, Deserialize)]
+#[serde(rename_all = "kebab-case")]
+/// Deletable property name
+pub enum DeletableProperty {
+ /// Delete the port property.
+ Port,
+ /// Delete the region property.
+ Region,
+ /// Delete the fingerprint property.
+ Fingerprint,
+ /// Delete the path-style property.
+ PathStyle,
+}
+
+#[api(
+ protected: true,
+ input: {
+ properties: {
+ id: {
+ schema: JOB_ID_SCHEMA,
+ },
+ update: {
+ type: S3ClientConfigUpdater,
+ flatten: true,
+ },
+ "update-secrets": {
+ type: S3ClientSecretsConfigUpdater,
+ flatten: true,
+ },
+ delete: {
+ description: "List of properties to delete.",
+ type: Array,
+ optional: true,
+ items: {
+ type: DeletableProperty,
+ }
+ },
+ digest: {
+ optional: true,
+ schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
+ },
+ },
+ },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false),
+ },
+)]
+/// Update an s3 client configuration.
+#[allow(clippy::too_many_arguments)]
+pub fn update_s3_client_config(
+ id: String,
+ update: S3ClientConfigUpdater,
+ update_secrets: S3ClientSecretsConfigUpdater,
+ delete: Option<Vec<DeletableProperty>>,
+ digest: Option<String>,
+ _rpcenv: &mut dyn RpcEnvironment,
+) -> Result<(), Error> {
+ let _lock = s3::lock_config()?;
+ let (mut config, expected_digest) = s3::config()?;
+ let (mut secrets, secrets_digest) = s3::secrets_config()?;
+ let expected_digest = digest_with_secrets(&expected_digest, &secrets_digest);
+
+ // Secrets are not included in digest concurrent changes therefore not detected.
+ if let Some(ref digest) = digest {
+ let digest = <[u8; 32]>::from_hex(digest)?;
+ crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
+ }
+
+ let mut data: S3ClientConfig = config.lookup("s3client", &id)?;
+
+ if let Some(delete) = delete {
+ for delete_prop in delete {
+ match delete_prop {
+ DeletableProperty::Port => {
+ data.port = None;
+ }
+ DeletableProperty::Region => {
+ data.region = None;
+ }
+ DeletableProperty::Fingerprint => {
+ data.fingerprint = None;
+ }
+ DeletableProperty::PathStyle => {
+ data.path_style = None;
+ }
+ }
+ }
+ }
+
+ if let Some(endpoint) = update.endpoint {
+ data.endpoint = endpoint;
+ }
+ if let Some(port) = update.port {
+ data.port = Some(port);
+ }
+ if let Some(region) = update.region {
+ data.region = Some(region);
+ }
+ if let Some(access_key) = update.access_key {
+ data.access_key = access_key;
+ }
+ if let Some(fingerprint) = update.fingerprint {
+ data.fingerprint = Some(fingerprint);
+ }
+ if let Some(path_style) = update.path_style {
+ data.path_style = Some(path_style);
+ }
+
+ let mut secrets_data: S3ClientSecretsConfig = secrets.lookup("s3secrets", &id)?;
+ if let Some(secret_key) = update_secrets.secret_key {
+ secrets_data.secret_key = secret_key;
+ }
+
+ config.set_data(&id, "s3client", &data)?;
+ secrets.set_data(&id, "s3secrets", &secrets_data)?;
+ s3::save_config(&config, &secrets)?;
+
+ Ok(())
+}
+
+#[api(
+ protected: true,
+ input: {
+ properties: {
+ id: {
+ schema: JOB_ID_SCHEMA,
+ },
+ digest: {
+ optional: true,
+ schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
+ },
+ },
+ },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false),
+ },
+)]
+/// Remove an s3 client configuration.
+pub fn delete_s3_client_config(
+ id: String,
+ digest: Option<String>,
+ _rpcenv: &mut dyn RpcEnvironment,
+) -> Result<(), Error> {
+ let _lock = s3::lock_config()?;
+ let (mut config, expected_digest) = s3::config()?;
+ let (mut secrets, secrets_digest) = s3::secrets_config()?;
+ let expected_digest = digest_with_secrets(&expected_digest, &secrets_digest);
+
+ if let Some(ref digest) = digest {
+ let digest = <[u8; 32]>::from_hex(digest)?;
+ crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
+ }
+
+ match (config.sections.remove(&id), secrets.sections.remove(&id)) {
+ (Some(_), Some(_)) => {}
+ (None, None) => http_bail!(
+ NOT_FOUND,
+ "s3 client config and secrets '{id}' do not exist."
+ ),
+ (Some(_), None) => http_bail!(
+ NOT_FOUND,
+ "removed s3 client config, but no secrets for '{id}' found."
+ ),
+ (None, Some(_)) => http_bail!(
+ NOT_FOUND,
+ "removed s3 client secrets, but no config for '{id}' found."
+ ),
+ }
+ s3::save_config(&config, &secrets)
+}
+
+// Calculate the digest based on the digest of config and secrets to detect changes for both
+fn digest_with_secrets(digest: &[u8; 32], secrets_digest: &[u8; 32]) -> [u8; 32] {
+ let mut digest = digest.to_vec();
+ digest.append(&mut secrets_digest.to_vec());
+ openssl::sha::sha256(&digest)
+}
+
+const ITEM_ROUTER: Router = Router::new()
+ .get(&API_METHOD_READ_S3_CLIENT_CONFIG)
+ .put(&API_METHOD_UPDATE_S3_CLIENT_CONFIG)
+ .delete(&API_METHOD_DELETE_S3_CLIENT_CONFIG);
+
+pub const ROUTER: Router = Router::new()
+ .get(&API_METHOD_LIST_S3_CLIENT_CONFIG)
+ .post(&API_METHOD_CREATE_S3_CLIENT_CONFIG)
+ .match_all("id", &ITEM_ROUTER);
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 13/41] api: datastore: check S3 backend bucket access on datastore create
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (13 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 12/41] api: config: implement endpoints to manipulate and list s3 configs Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 14/41] api/bin: add endpoint and command to check s3 client connection Christian Ebner
` (27 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Check if the configured S3 object store backend can be reached and
the provided secrets have the permissions to access the bucket.
Perform the check before creating the chunk store, so it is not left
behind if the bucket cannot be reached.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/config/datastore.rs | 49 ++++++++++++++++++++++++++++++++----
1 file changed, 44 insertions(+), 5 deletions(-)
diff --git a/src/api2/config/datastore.rs b/src/api2/config/datastore.rs
index b133be707..1b9219f5c 100644
--- a/src/api2/config/datastore.rs
+++ b/src/api2/config/datastore.rs
@@ -1,8 +1,9 @@
use std::path::{Path, PathBuf};
use ::serde::{Deserialize, Serialize};
-use anyhow::{bail, Context, Error};
+use anyhow::{bail, format_err, Context, Error};
use hex::FromHex;
+use pbs_s3_client::{S3Client, S3ClientOptions};
use serde_json::Value;
use tracing::{info, warn};
@@ -12,10 +13,11 @@ use proxmox_section_config::SectionConfigData;
use proxmox_uuid::Uuid;
use pbs_api_types::{
- Authid, DataStoreConfig, DataStoreConfigUpdater, DatastoreNotify, DatastoreTuning, KeepOptions,
- MaintenanceMode, PruneJobConfig, PruneJobOptions, DATASTORE_SCHEMA, PRIV_DATASTORE_ALLOCATE,
- PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_MODIFY, PRIV_SYS_MODIFY, PROXMOX_CONFIG_DIGEST_SCHEMA,
- UPID_SCHEMA,
+ Authid, DataStoreConfig, DataStoreConfigUpdater, DatastoreBackendConfig, DatastoreBackendType,
+ DatastoreNotify, DatastoreTuning, KeepOptions, MaintenanceMode, PruneJobConfig,
+ PruneJobOptions, S3ClientConfig, S3ClientSecretsConfig, DATASTORE_SCHEMA,
+ PRIV_DATASTORE_ALLOCATE, PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_MODIFY, PRIV_SYS_MODIFY,
+ PROXMOX_CONFIG_DIGEST_SCHEMA, UPID_SCHEMA,
};
use pbs_config::BackupLockGuard;
use pbs_datastore::chunk_store::ChunkStore;
@@ -116,6 +118,43 @@ pub(crate) fn do_create_datastore(
.parse_property_string(datastore.tuning.as_deref().unwrap_or(""))?,
)?;
+ if let Some(ref backend_config) = datastore.backend {
+ let backend_config: DatastoreBackendConfig = backend_config.parse()?;
+ match backend_config.ty.unwrap_or_default() {
+ DatastoreBackendType::Filesystem => (),
+ DatastoreBackendType::S3 => {
+ let s3_client_id = backend_config
+ .client
+ .as_ref()
+ .ok_or_else(|| format_err!("missing required client"))?;
+ let bucket = backend_config
+ .bucket
+ .clone()
+ .ok_or_else(|| format_err!("missing required bucket"))?;
+ let (config, _config_digest) =
+ pbs_config::s3::config().context("failed to get s3 config")?;
+ let (secrets, _secrets_digest) =
+ pbs_config::s3::secrets_config().context("failed to get s3 secrets")?;
+ let config: S3ClientConfig = config
+ .lookup("s3client", s3_client_id)
+ .with_context(|| format!("no '{s3_client_id}' in config"))?;
+ let secrets: S3ClientSecretsConfig = secrets
+ .lookup("s3secrets", s3_client_id)
+ .with_context(|| format!("no '{s3_client_id}' in secrets"))?;
+ let options = S3ClientOptions::from_config(
+ config,
+ secrets,
+ bucket,
+ datastore.name.to_owned(),
+ );
+ let s3_client = S3Client::new(options).context("failed to create s3 client")?;
+ // Fine to block since this runs in worker task
+ proxmox_async::runtime::block_on(s3_client.head_bucket())
+ .context("failed to access bucket")?;
+ }
+ }
+ }
+
let unmount_guard = if datastore.backing_device.is_some() {
do_mount_device(datastore.clone())?;
UnmountGuard::new(Some(path.clone()))
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 14/41] api/bin: add endpoint and command to check s3 client connection
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (14 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 13/41] api: datastore: check S3 backend bucket access on datastore create Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 15/41] datastore: allow to get the backend for a datastore Christian Ebner
` (26 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds a dedicated api endpoint and a proxmox-backup-manager command to
check if the configured S3 client can reach the bucket.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/admin/mod.rs | 2 +
src/api2/admin/s3.rs | 80 +++++++++++++++++++++++++++
src/bin/proxmox-backup-manager.rs | 1 +
src/bin/proxmox_backup_manager/mod.rs | 2 +
src/bin/proxmox_backup_manager/s3.rs | 46 +++++++++++++++
5 files changed, 131 insertions(+)
create mode 100644 src/api2/admin/s3.rs
create mode 100644 src/bin/proxmox_backup_manager/s3.rs
diff --git a/src/api2/admin/mod.rs b/src/api2/admin/mod.rs
index a1c49f8e2..7694de4b9 100644
--- a/src/api2/admin/mod.rs
+++ b/src/api2/admin/mod.rs
@@ -9,6 +9,7 @@ pub mod gc;
pub mod metrics;
pub mod namespace;
pub mod prune;
+pub mod s3;
pub mod sync;
pub mod traffic_control;
pub mod verify;
@@ -19,6 +20,7 @@ const SUBDIRS: SubdirMap = &sorted!([
("metrics", &metrics::ROUTER),
("prune", &prune::ROUTER),
("gc", &gc::ROUTER),
+ ("s3", &s3::ROUTER),
("sync", &sync::ROUTER),
("traffic-control", &traffic_control::ROUTER),
("verify", &verify::ROUTER),
diff --git a/src/api2/admin/s3.rs b/src/api2/admin/s3.rs
new file mode 100644
index 000000000..b79384455
--- /dev/null
+++ b/src/api2/admin/s3.rs
@@ -0,0 +1,80 @@
+//! S3 bucket operations
+
+use anyhow::{Context, Error};
+use hyper::Body;
+use serde_json::Value;
+
+use proxmox_router::{list_subdirs_api_method, Permission, Router, RpcEnvironment, SubdirMap};
+use proxmox_schema::*;
+use proxmox_sortable_macro::sortable;
+
+use pbs_api_types::{
+ S3ClientConfig, S3ClientSecretsConfig, PRIV_SYS_MODIFY, S3_BUCKET_NAME_SCHEMA,
+ S3_CLIENT_ID_SCHEMA,
+};
+
+#[api(
+ input: {
+ properties: {
+ "s3-client-id": {
+ schema: S3_CLIENT_ID_SCHEMA,
+ },
+ bucket: {
+ schema: S3_BUCKET_NAME_SCHEMA,
+ },
+ "store-prefix": {
+ type: String,
+ description: "Store prefix within bucket for S3 object keys (commonly datastore name)",
+ },
+ },
+ },
+ access: {
+ permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false),
+ },
+)]
+/// Perform basic sanity check for given s3 client configuration
+pub async fn check(
+ s3_client_id: String,
+ bucket: String,
+ store_prefix: String,
+ _rpcenv: &mut dyn RpcEnvironment,
+) -> Result<Value, Error> {
+ let (config, _digest) = pbs_config::s3::config()?;
+ let config: S3ClientConfig = config
+ .lookup("s3client", &s3_client_id)
+ .context("config lookup failed")?;
+ let (secrets, _secrets_digest) = pbs_config::s3::secrets_config()?;
+ let secrets: S3ClientSecretsConfig = secrets
+ .lookup("s3secrets", &s3_client_id)
+ .context("secrets lookup failed")?;
+
+ let options =
+ pbs_s3_client::S3ClientOptions::from_config(config, secrets, bucket, store_prefix);
+
+ let test_object_key = ".s3-client-test";
+ let client = pbs_s3_client::S3Client::new(options).context("client creation failed")?;
+ client.head_bucket().await.context("head object failed")?;
+ client
+ .put_object(test_object_key.into(), Body::empty())
+ .await
+ .context("put object failed")?;
+ client
+ .get_object(test_object_key.into())
+ .await
+ .context("get object failed")?;
+ client
+ .delete_object(test_object_key.into())
+ .await
+ .context("delete object failed")?;
+
+ Ok(Value::Null)
+}
+
+#[sortable]
+const S3_OPERATION_SUBDIRS: SubdirMap = &[("check", &Router::new().get(&API_METHOD_CHECK))];
+
+const S3_OPERATION_ROUTER: Router = Router::new()
+ .get(&list_subdirs_api_method!(S3_OPERATION_SUBDIRS))
+ .subdirs(S3_OPERATION_SUBDIRS);
+
+pub const ROUTER: Router = Router::new().match_all("s3-client-id", &S3_OPERATION_ROUTER);
diff --git a/src/bin/proxmox-backup-manager.rs b/src/bin/proxmox-backup-manager.rs
index d4363e717..68d87c676 100644
--- a/src/bin/proxmox-backup-manager.rs
+++ b/src/bin/proxmox-backup-manager.rs
@@ -677,6 +677,7 @@ async fn run() -> Result<(), Error> {
.insert("garbage-collection", garbage_collection_commands())
.insert("acme", acme_mgmt_cli())
.insert("cert", cert_mgmt_cli())
+ .insert("s3", s3_commands())
.insert("subscription", subscription_commands())
.insert("sync-job", sync_job_commands())
.insert("verify-job", verify_job_commands())
diff --git a/src/bin/proxmox_backup_manager/mod.rs b/src/bin/proxmox_backup_manager/mod.rs
index 9b5c73e9a..312a6db6b 100644
--- a/src/bin/proxmox_backup_manager/mod.rs
+++ b/src/bin/proxmox_backup_manager/mod.rs
@@ -26,6 +26,8 @@ mod prune;
pub use prune::*;
mod remote;
pub use remote::*;
+mod s3;
+pub use s3::*;
mod subscription;
pub use subscription::*;
mod sync;
diff --git a/src/bin/proxmox_backup_manager/s3.rs b/src/bin/proxmox_backup_manager/s3.rs
new file mode 100644
index 000000000..2683ccbd7
--- /dev/null
+++ b/src/bin/proxmox_backup_manager/s3.rs
@@ -0,0 +1,46 @@
+use pbs_api_types::{S3_BUCKET_NAME_SCHEMA, S3_CLIENT_ID_SCHEMA};
+use proxmox_router::{cli::*, RpcEnvironment};
+use proxmox_schema::api;
+
+use proxmox_backup::api2;
+
+use anyhow::Error;
+use serde_json::Value;
+
+#[api(
+ input: {
+ properties: {
+ "s3-client-id": {
+ schema: S3_CLIENT_ID_SCHEMA,
+ },
+ bucket: {
+ schema: S3_BUCKET_NAME_SCHEMA,
+ },
+ "store-prefix": {
+ type: String,
+ description: "Store prefix within bucket for S3 object keys (commonly datastore name)",
+ },
+ },
+ },
+)]
+/// Perform basic sanity checks for given S3 client configuration
+async fn check(
+ s3_client_id: String,
+ bucket: String,
+ store_prefix: String,
+ rpcenv: &mut dyn RpcEnvironment,
+) -> Result<Value, Error> {
+ api2::admin::s3::check(s3_client_id, bucket, store_prefix, rpcenv).await?;
+ Ok(Value::Null)
+}
+
+pub fn s3_commands() -> CommandLineInterface {
+ let cmd_def = CliCommandMap::new().insert(
+ "check",
+ CliCommand::new(&API_METHOD_CHECK)
+ .arg_param(&["s3-client-id", "bucket"])
+ .completion_cb("s3-client-id", pbs_config::s3::complete_s3_client_id),
+ );
+
+ cmd_def.into()
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 15/41] datastore: allow to get the backend for a datastore
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (15 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 14/41] api/bin: add endpoint and command to check s3 client connection Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 16/41] api: backup: store datastore backend in runtime environment Christian Ebner
` (25 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Implements an enum with variants Filesystem and S3 to distinguish
between available backends. Filesystem will be used as default, if no
backend is configured in the datastores configuration. If the
datastore has an s3 backend configured, the backend method will
instantiate and s3 client and return it with the S3 variant.
This allows to instantiate the client once, keeping and reusing the
same open connection to the api for the lifetime of task or job, e.g.
in the backup writer/readers runtime environment.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/Cargo.toml | 1 +
pbs-datastore/src/datastore.rs | 53 ++++++++++++++++++++++++++++++++--
pbs-datastore/src/lib.rs | 1 +
3 files changed, 53 insertions(+), 2 deletions(-)
diff --git a/pbs-datastore/Cargo.toml b/pbs-datastore/Cargo.toml
index d7fe71b34..182398d7e 100644
--- a/pbs-datastore/Cargo.toml
+++ b/pbs-datastore/Cargo.toml
@@ -46,4 +46,5 @@ pbs-api-types.workspace = true
pbs-buildcfg.workspace = true
pbs-config.workspace = true
pbs-key-config.workspace = true
+pbs-s3-client.workspace = true
pbs-tools.workspace = true
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 924d8cf9c..3e54ce31f 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -8,6 +8,7 @@ use std::time::Duration;
use anyhow::{bail, format_err, Context, Error};
use nix::unistd::{unlinkat, UnlinkatFlags};
+use pbs_s3_client::{S3Client, S3ClientOptions};
use pbs_tools::lru_cache::LruCache;
use tracing::{info, warn};
@@ -23,8 +24,9 @@ use proxmox_worker_task::WorkerTaskContext;
use pbs_api_types::{
ArchiveType, Authid, BackupGroupDeleteStats, BackupNamespace, BackupType, ChunkOrder,
- DataStoreConfig, DatastoreFSyncLevel, DatastoreTuning, GarbageCollectionStatus,
- MaintenanceMode, MaintenanceType, Operation, UPID,
+ DataStoreConfig, DatastoreBackendConfig, DatastoreBackendType, DatastoreFSyncLevel,
+ DatastoreTuning, GarbageCollectionStatus, MaintenanceMode, MaintenanceType, Operation,
+ S3ClientConfig, S3ClientSecretsConfig, UPID,
};
use pbs_config::BackupLockGuard;
@@ -127,6 +129,7 @@ pub struct DataStoreImpl {
chunk_order: ChunkOrder,
last_digest: Option<[u8; 32]>,
sync_level: DatastoreFSyncLevel,
+ backend_config: DatastoreBackendConfig,
}
impl DataStoreImpl {
@@ -141,6 +144,7 @@ impl DataStoreImpl {
chunk_order: Default::default(),
last_digest: None,
sync_level: Default::default(),
+ backend_config: Default::default(),
})
}
}
@@ -196,6 +200,12 @@ impl Drop for DataStore {
}
}
+#[derive(Clone)]
+pub enum DatastoreBackend {
+ Filesystem,
+ S3(Arc<S3Client>),
+}
+
impl DataStore {
// This one just panics on everything
#[doc(hidden)]
@@ -206,6 +216,39 @@ impl DataStore {
})
}
+ /// Get the backend for this datastore based on it's configuration
+ pub fn backend(&self) -> Result<DatastoreBackend, Error> {
+ let backend_type = match self.inner.backend_config.ty.unwrap_or_default() {
+ DatastoreBackendType::Filesystem => DatastoreBackend::Filesystem,
+ DatastoreBackendType::S3 => {
+ let s3_client_id = self
+ .inner
+ .backend_config
+ .client
+ .as_ref()
+ .ok_or_else(|| format_err!("missing client for s3 backend"))?;
+ let bucket = self
+ .inner
+ .backend_config
+ .bucket
+ .clone()
+ .ok_or_else(|| format_err!("missing bucket for s3 backend"))?;
+
+ let (config, _config_digest) = pbs_config::s3::config()?;
+ let (secrets, _secrets_digest) = pbs_config::s3::secrets_config()?;
+ let config: S3ClientConfig = config.lookup("s3client", s3_client_id)?;
+ let secrets: S3ClientSecretsConfig = secrets.lookup("s3secrets", s3_client_id)?;
+
+ let options =
+ S3ClientOptions::from_config(config, secrets, bucket, self.name().to_owned());
+ let s3_client = S3Client::new(options)?;
+ DatastoreBackend::S3(Arc::new(s3_client))
+ }
+ };
+
+ Ok(backend_type)
+ }
+
pub fn lookup_datastore(
name: &str,
operation: Option<Operation>,
@@ -383,6 +426,11 @@ impl DataStore {
.parse_property_string(config.tuning.as_deref().unwrap_or(""))?,
)?;
+ let backend_config: DatastoreBackendConfig = serde_json::from_value(
+ DatastoreBackendConfig::API_SCHEMA
+ .parse_property_string(config.backend.as_deref().unwrap_or(""))?,
+ )?;
+
Ok(DataStoreImpl {
chunk_store,
gc_mutex: Mutex::new(()),
@@ -391,6 +439,7 @@ impl DataStore {
chunk_order: tuning.chunk_order.unwrap_or_default(),
last_digest,
sync_level: tuning.sync_level.unwrap_or_default(),
+ backend_config,
})
}
diff --git a/pbs-datastore/src/lib.rs b/pbs-datastore/src/lib.rs
index 5014b6c09..e6f65575b 100644
--- a/pbs-datastore/src/lib.rs
+++ b/pbs-datastore/src/lib.rs
@@ -203,6 +203,7 @@ pub use store_progress::StoreProgress;
mod datastore;
pub use datastore::{
check_backup_owner, ensure_datastore_is_mounted, get_datastore_mount_status, DataStore,
+ DatastoreBackend,
};
mod hierarchy;
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 16/41] api: backup: store datastore backend in runtime environment
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (16 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 15/41] datastore: allow to get the backend for a datastore Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 17/41] api: backup: conditionally upload chunks to S3 object store backend Christian Ebner
` (24 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Get and store the datastore's backend during creation of the backup
runtime environment and upload the chunks to the local filesystem or
s3 object store based on the backend variant.
By storing the backend variant in the environment the s3 client is
instantiated only once and reused for all api calls in the same
backup http/2 connection.
Refactor the upgrade method by moving all logic into the async block,
such that the now possible error on backup environment creation gets
propagated to the thread spawn call side.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/environment.rs | 12 +++--
src/api2/backup/mod.rs | 99 +++++++++++++++++-----------------
2 files changed, 57 insertions(+), 54 deletions(-)
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 6cd29f512..8919b919a 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -15,7 +15,8 @@ use pbs_api_types::Authid;
use pbs_datastore::backup_info::{BackupDir, BackupInfo};
use pbs_datastore::dynamic_index::DynamicIndexWriter;
use pbs_datastore::fixed_index::FixedIndexWriter;
-use pbs_datastore::{DataBlob, DataStore};
+use pbs_datastore::{DataBlob, DataStore, DatastoreBackend};
+use pbs_s3_client::PutObjectResponse;
use proxmox_rest_server::{formatter::*, WorkerTask};
use crate::backup::VerifyWorker;
@@ -115,6 +116,7 @@ pub struct BackupEnvironment {
pub datastore: Arc<DataStore>,
pub backup_dir: BackupDir,
pub last_backup: Option<BackupInfo>,
+ pub backend: DatastoreBackend,
state: Arc<Mutex<SharedBackupState>>,
}
@@ -125,7 +127,7 @@ impl BackupEnvironment {
worker: Arc<WorkerTask>,
datastore: Arc<DataStore>,
backup_dir: BackupDir,
- ) -> Self {
+ ) -> Result<Self, Error> {
let state = SharedBackupState {
finished: false,
uid_counter: 0,
@@ -137,7 +139,8 @@ impl BackupEnvironment {
backup_stat: UploadStatistic::new(),
};
- Self {
+ let backend = datastore.backend()?;
+ Ok(Self {
result_attributes: json!({}),
env_type,
auth_id,
@@ -147,8 +150,9 @@ impl BackupEnvironment {
formatter: JSON_FORMATTER,
backup_dir,
last_backup: None,
+ backend,
state: Arc::new(Mutex::new(state)),
- }
+ })
}
/// Register a Chunk with associated length.
diff --git a/src/api2/backup/mod.rs b/src/api2/backup/mod.rs
index 567bca3ef..2c6afca41 100644
--- a/src/api2/backup/mod.rs
+++ b/src/api2/backup/mod.rs
@@ -185,7 +185,8 @@ fn upgrade_to_backup_protocol(
}
// lock last snapshot to prevent forgetting/pruning it during backup
- let guard = last.backup_dir
+ let guard = last
+ .backup_dir
.lock_shared()
.with_context(|| format!("while locking last snapshot during backup '{last:?}'"))?;
Some(guard)
@@ -204,14 +205,14 @@ fn upgrade_to_backup_protocol(
Some(worker_id),
auth_id.to_string(),
true,
- move |worker| {
+ move |worker| async move {
let mut env = BackupEnvironment::new(
env_type,
auth_id,
worker.clone(),
datastore,
backup_dir,
- );
+ )?;
env.debug = debug;
env.last_backup = last_backup;
@@ -264,55 +265,53 @@ fn upgrade_to_backup_protocol(
});
let mut abort_future = abort_future.map(|_| Err(format_err!("task aborted")));
- async move {
- // keep flock until task ends
- let _group_guard = _group_guard;
- let snap_guard = snap_guard;
- let _last_guard = _last_guard;
-
- let res = select! {
- req = req_fut => req,
- abrt = abort_future => abrt,
- };
- if benchmark {
- env.log("benchmark finished successfully");
- proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
- return Ok(());
+ // keep flock until task ends
+ let _group_guard = _group_guard;
+ let snap_guard = snap_guard;
+ let _last_guard = _last_guard;
+
+ let res = select! {
+ req = req_fut => req,
+ abrt = abort_future => abrt,
+ };
+ if benchmark {
+ env.log("benchmark finished successfully");
+ proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
+ return Ok(());
+ }
+
+ let verify = |env: BackupEnvironment| {
+ if let Err(err) = env.verify_after_complete(snap_guard) {
+ env.log(format!(
+ "backup finished, but starting the requested verify task failed: {}",
+ err
+ ));
}
+ };
- let verify = |env: BackupEnvironment| {
- if let Err(err) = env.verify_after_complete(snap_guard) {
- env.log(format!(
- "backup finished, but starting the requested verify task failed: {}",
- err
- ));
- }
- };
-
- match (res, env.ensure_finished()) {
- (Ok(_), Ok(())) => {
- env.log("backup finished successfully");
- verify(env);
- Ok(())
- }
- (Err(err), Ok(())) => {
- // ignore errors after finish
- env.log(format!("backup had errors but finished: {}", err));
- verify(env);
- Ok(())
- }
- (Ok(_), Err(err)) => {
- env.log(format!("backup ended and finish failed: {}", err));
- env.log("removing unfinished backup");
- proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
- Err(err)
- }
- (Err(err), Err(_)) => {
- env.log(format!("backup failed: {}", err));
- env.log("removing failed backup");
- proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
- Err(err)
- }
+ match (res, env.ensure_finished()) {
+ (Ok(_), Ok(())) => {
+ env.log("backup finished successfully");
+ verify(env);
+ Ok(())
+ }
+ (Err(err), Ok(())) => {
+ // ignore errors after finish
+ env.log(format!("backup had errors but finished: {}", err));
+ verify(env);
+ Ok(())
+ }
+ (Ok(_), Err(err)) => {
+ env.log(format!("backup ended and finish failed: {}", err));
+ env.log("removing unfinished backup");
+ proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
+ Err(err)
+ }
+ (Err(err), Err(_)) => {
+ env.log(format!("backup failed: {}", err));
+ env.log("removing failed backup");
+ proxmox_async::runtime::block_in_place(|| env.remove_backup())?;
+ Err(err)
}
}
},
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 17/41] api: backup: conditionally upload chunks to S3 object store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (17 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 16/41] api: backup: store datastore backend in runtime environment Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 18/41] api: backup: conditionally upload blobs " Christian Ebner
` (23 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Upload fixed and dynamic sized chunks to either the filesystem or
the S3 object store, depending on the configured backend.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/upload_chunk.rs | 44 ++++++++++++++++++++++-----------
1 file changed, 29 insertions(+), 15 deletions(-)
diff --git a/src/api2/backup/upload_chunk.rs b/src/api2/backup/upload_chunk.rs
index 20259660a..838eec1fa 100644
--- a/src/api2/backup/upload_chunk.rs
+++ b/src/api2/backup/upload_chunk.rs
@@ -15,7 +15,8 @@ use proxmox_sortable_macro::sortable;
use pbs_api_types::{BACKUP_ARCHIVE_NAME_SCHEMA, CHUNK_DIGEST_SCHEMA};
use pbs_datastore::file_formats::{DataBlobHeader, EncryptedDataBlobHeader};
-use pbs_datastore::{DataBlob, DataStore};
+use pbs_datastore::{DataBlob, DataStore, DatastoreBackend};
+use pbs_s3_client::PutObjectResponse;
use pbs_tools::json::{required_integer_param, required_string_param};
use super::environment::*;
@@ -153,16 +154,10 @@ fn upload_fixed_chunk(
) -> ApiResponseFuture {
async move {
let wid = required_integer_param(¶m, "wid")? as usize;
- let size = required_integer_param(¶m, "size")? as u32;
- let encoded_size = required_integer_param(¶m, "encoded-size")? as u32;
-
- let digest_str = required_string_param(¶m, "digest")?;
- let digest = <[u8; 32]>::from_hex(digest_str)?;
-
let env: &BackupEnvironment = rpcenv.as_ref();
let (digest, size, compressed_size, is_duplicate) =
- UploadChunk::new(req_body, env.datastore.clone(), digest, size, encoded_size).await?;
+ upload_to_backend(req_body, param, env).await?;
env.register_fixed_chunk(wid, digest, size, compressed_size, is_duplicate)?;
let digest_str = hex::encode(digest);
@@ -222,16 +217,10 @@ fn upload_dynamic_chunk(
) -> ApiResponseFuture {
async move {
let wid = required_integer_param(¶m, "wid")? as usize;
- let size = required_integer_param(¶m, "size")? as u32;
- let encoded_size = required_integer_param(¶m, "encoded-size")? as u32;
-
- let digest_str = required_string_param(¶m, "digest")?;
- let digest = <[u8; 32]>::from_hex(digest_str)?;
-
let env: &BackupEnvironment = rpcenv.as_ref();
let (digest, size, compressed_size, is_duplicate) =
- UploadChunk::new(req_body, env.datastore.clone(), digest, size, encoded_size).await?;
+ upload_to_backend(req_body, param, env).await?;
env.register_dynamic_chunk(wid, digest, size, compressed_size, is_duplicate)?;
let digest_str = hex::encode(digest);
@@ -243,6 +232,31 @@ fn upload_dynamic_chunk(
.boxed()
}
+async fn upload_to_backend(
+ req_body: Body,
+ param: Value,
+ env: &BackupEnvironment,
+) -> Result<([u8; 32], u32, u32, bool), Error> {
+ let size = required_integer_param(¶m, "size")? as u32;
+ let encoded_size = required_integer_param(¶m, "encoded-size")? as u32;
+ let digest_str = required_string_param(¶m, "digest")?;
+ let digest = <[u8; 32]>::from_hex(digest_str)?;
+
+ match &env.backend {
+ DatastoreBackend::Filesystem => {
+ UploadChunk::new(req_body, env.datastore.clone(), digest, size, encoded_size).await
+ }
+ DatastoreBackend::S3(s3_client) => {
+ let is_duplicate = match s3_client.put_object(digest.into(), req_body).await? {
+ PutObjectResponse::PreconditionFailed => true,
+ PutObjectResponse::NeedsRetry => bail!("concurrent operation, reupload required"),
+ PutObjectResponse::Success(_content) => false,
+ };
+ Ok((digest, size, encoded_size, is_duplicate))
+ }
+ }
+}
+
pub const API_METHOD_UPLOAD_SPEEDTEST: ApiMethod = ApiMethod::new(
&ApiHandler::AsyncHttp(&upload_speedtest),
&ObjectSchema::new("Test upload speed.", &[]),
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 18/41] api: backup: conditionally upload blobs to S3 object store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (18 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 17/41] api: backup: conditionally upload chunks to S3 object store backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 19/41] api: backup: conditionally upload indices " Christian Ebner
` (22 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Upload blobs to both, the local datastore cache and the S3 object
store if s3 is configured as backend.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/environment.rs | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 8919b919a..393a8351d 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -581,6 +581,31 @@ impl BackupEnvironment {
let blob = DataBlob::load_from_reader(&mut &data[..])?;
let raw_data = blob.raw_data();
+ if let DatastoreBackend::S3(s3_client) = &self.backend {
+ let data = Body::from(raw_data.to_vec());
+ let mut object_key = self.backup_dir.relative_path();
+ object_key.push(file_name);
+ let object_key = object_key
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid path"))?;
+ match proxmox_async::runtime::block_on(s3_client.put_object(object_key.into(), data))? {
+ PutObjectResponse::PreconditionFailed => {
+ self.log(format!(
+ "Upload of blob failed, object {object_key} already present."
+ ));
+ bail!("upload of blob failed");
+ }
+ PutObjectResponse::NeedsRetry => {
+ self.log("Upload of blob failed, reupload required.");
+ bail!("concurrent operation, reupload required");
+ }
+ PutObjectResponse::Success(_content) => {
+ self.log(format!("Uploaded blob to object store: {object_key}"))
+ }
+ }
+ }
+
replace_file(&path, raw_data, CreateOptions::new(), false)?;
self.log(format!(
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 19/41] api: backup: conditionally upload indices to S3 object store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (19 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 18/41] api: backup: conditionally upload blobs " Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 20/41] api: backup: conditionally upload manifest " Christian Ebner
` (21 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
If the datastore is backed by an S3 compatible object store, upload
the dynamic or fixed index files to the object store after closing
them. The local index files are kept in the local caching datastore
to allow for fast and efficient content lookups, avoiding expensive
(as in monetary cost and IO latency) requests.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/environment.rs | 65 ++++++++++++++++++++++++++++++++++
1 file changed, 65 insertions(+)
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 393a8351d..72e369bcf 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -2,6 +2,7 @@ use anyhow::{bail, format_err, Context, Error};
use pbs_config::BackupLockGuard;
use std::collections::HashMap;
+use std::io::Read;
use std::sync::{Arc, Mutex};
use tracing::info;
@@ -479,6 +480,38 @@ impl BackupEnvironment {
);
}
+ // For S3 backends, upload the index file to the object store after closing
+ if let DatastoreBackend::S3(s3_client) = &self.backend {
+ let mut object_key = self.backup_dir.relative_path();
+ object_key.push(&data.name);
+ let object_key = object_key
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid file name"))?;
+
+ let mut full_path = self.datastore.base_path();
+ full_path.push(object_key);
+ let mut file = std::fs::File::open(&full_path)?;
+ let mut buffer = Vec::new();
+ file.read_to_end(&mut buffer)?;
+ let data = Body::from(buffer);
+ match proxmox_async::runtime::block_on(s3_client.put_object(object_key.into(), data))? {
+ PutObjectResponse::PreconditionFailed => {
+ self.log(format!(
+ "Upload of dynamic index failed, object key {object_key} already present"
+ ));
+ bail!("Upload of dynamic index failed");
+ }
+ PutObjectResponse::NeedsRetry => {
+ self.log("Upload of dynamic index failed, reupload required");
+ bail!("concurrent operation, reupload required");
+ }
+ PutObjectResponse::Success(_content) => {
+ self.log(format!("Uploaded index file to object store: {object_key}"))
+ }
+ }
+ }
+
self.log_upload_stat(
&data.name,
&csum,
@@ -553,6 +586,38 @@ impl BackupEnvironment {
);
}
+ // For S3 backends, upload the index file to the object store after closing
+ if let DatastoreBackend::S3(s3_client) = &self.backend {
+ let mut object_key = self.backup_dir.relative_path();
+ object_key.push(&data.name);
+ let object_key = object_key
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid file name"))?;
+
+ let mut full_path = self.datastore.base_path();
+ full_path.push(object_key);
+ let mut file = std::fs::File::open(&full_path)?;
+ let mut buffer = Vec::new();
+ file.read_to_end(&mut buffer)?;
+ let data = Body::from(buffer);
+ match proxmox_async::runtime::block_on(s3_client.put_object(object_key.into(), data))? {
+ PutObjectResponse::PreconditionFailed => {
+ self.log(format!(
+ "Upload of fixed index failed, object {object_key} already present."
+ ));
+ bail!("upload of fixed index failed");
+ }
+ PutObjectResponse::NeedsRetry => {
+ self.log("Upload of fixed index failed, reupload required.");
+ bail!("concurrent operation, reupload required");
+ }
+ PutObjectResponse::Success(_content) => {
+ self.log(format!("Uploaded index file to object store: {object_key}"))
+ }
+ }
+ }
+
self.log_upload_stat(
&data.name,
&expected_csum,
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 20/41] api: backup: conditionally upload manifest to S3 object store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (20 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 19/41] api: backup: conditionally upload indices " Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 21/41] sync: pull: conditionally upload content to S3 backend Christian Ebner
` (20 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Upload the manifest to the S3 object store backend after it has been
finished in the backup api call handler, if s3 is configured as
backend. Keep also the locally cached version for fast and efficient
listing of contents without the need to perform expensive (as in
monetary cost and IO latency) requests.
The datastore's metadata contents will be synced from the S3 backend
during datastore opening.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/environment.rs | 33 ++++++++++++++++++++++++++++++++-
1 file changed, 32 insertions(+), 1 deletion(-)
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 72e369bcf..685b78e89 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -12,7 +12,7 @@ use serde_json::{json, Value};
use proxmox_router::{RpcEnvironment, RpcEnvironmentType};
use proxmox_sys::fs::{replace_file, CreateOptions};
-use pbs_api_types::Authid;
+use pbs_api_types::{Authid, MANIFEST_BLOB_NAME};
use pbs_datastore::backup_info::{BackupDir, BackupInfo};
use pbs_datastore::dynamic_index::DynamicIndexWriter;
use pbs_datastore::fixed_index::FixedIndexWriter;
@@ -719,6 +719,37 @@ impl BackupEnvironment {
}
}
+ if let DatastoreBackend::S3(s3_client) = &self.backend {
+ // Upload manifest to S3 object store
+ let mut object_key = self.backup_dir.relative_path();
+ object_key.push(MANIFEST_BLOB_NAME.as_ref());
+ let mut path = self.datastore.base_path();
+ path.push(&object_key);
+ let mut manifest = std::fs::File::open(&path)?;
+ let mut buffer = Vec::new();
+ manifest.read_to_end(&mut buffer)?;
+ let data = Body::from(buffer);
+ let object_key = object_key
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid path"))?;
+ match proxmox_async::runtime::block_on(s3_client.put_object(object_key.into(), data))? {
+ PutObjectResponse::PreconditionFailed => {
+ self.log(format!(
+ "Upload of manifest failed, object {object_key} already present."
+ ));
+ bail!("upload of manifest failed");
+ }
+ PutObjectResponse::NeedsRetry => {
+ self.log("Upload of manifest failed, reupload required.");
+ bail!("concurrent operation, reupload required");
+ }
+ PutObjectResponse::Success(_content) => {
+ self.log(format!("Uploaded manifest to object store: {object_key}"))
+ }
+ }
+ }
+
self.datastore.try_ensure_sync_level()?;
// marks the backup as successful
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 21/41] sync: pull: conditionally upload content to S3 backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (21 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 20/41] api: backup: conditionally upload manifest " Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 22/41] api: reader: fetch chunks based on datastore backend Christian Ebner
` (19 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
If the datastore is backed by an S3 object store, not only insert the
pulled contents to the local cache store, but also upload it to the
S3 backend.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/server/pull.rs | 58 ++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 56 insertions(+), 2 deletions(-)
diff --git a/src/server/pull.rs b/src/server/pull.rs
index b1724c142..f36efd7c8 100644
--- a/src/server/pull.rs
+++ b/src/server/pull.rs
@@ -8,6 +8,7 @@ use std::time::SystemTime;
use anyhow::{bail, format_err, Error};
use proxmox_human_byte::HumanByte;
+use tokio::io::AsyncReadExt;
use tracing::info;
use pbs_api_types::{
@@ -24,7 +25,7 @@ use pbs_datastore::fixed_index::FixedIndexReader;
use pbs_datastore::index::IndexFile;
use pbs_datastore::manifest::{BackupManifest, FileInfo};
use pbs_datastore::read_chunk::AsyncReadChunk;
-use pbs_datastore::{check_backup_owner, DataStore, StoreProgress};
+use pbs_datastore::{check_backup_owner, DataStore, DatastoreBackend, StoreProgress};
use pbs_tools::sha::sha256;
use super::sync::{
@@ -167,7 +168,18 @@ async fn pull_index_chunks<I: IndexFile>(
move |(chunk, digest, size): (DataBlob, [u8; 32], u64)| {
// println!("verify and write {}", hex::encode(&digest));
chunk.verify_unencrypted(size as usize, &digest)?;
- target2.insert_chunk(&chunk, &digest)?;
+ match target2.backend()? {
+ DatastoreBackend::Filesystem => {
+ target2.insert_chunk(&chunk, &digest)?;
+ }
+ DatastoreBackend::S3(s3_client) => {
+ let data = chunk.raw_data().to_vec();
+ let upload_body = hyper::Body::from(data);
+ proxmox_async::runtime::block_on(
+ s3_client.put_object(digest.into(), upload_body),
+ )?;
+ }
+ }
Ok(())
},
);
@@ -331,6 +343,20 @@ async fn pull_single_archive<'a>(
if let Err(err) = std::fs::rename(&tmp_path, &path) {
bail!("Atomic rename file {:?} failed - {}", path, err);
}
+ if let DatastoreBackend::S3(s3_client) = snapshot.datastore().backend()? {
+ let archive_path = snapshot.relative_path().join(archive_name);
+ let object_key = archive_path
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid archive path"))?;
+
+ let archive = tokio::fs::File::open(&path).await?;
+ let mut reader = tokio::io::BufReader::new(archive);
+ let mut contents = Vec::new();
+ reader.read_to_end(&mut contents).await?;
+ let data = hyper::body::Body::from(contents);
+ s3_client.put_object(object_key.into(), data).await?;
+ }
Ok(sync_stats)
}
@@ -401,6 +427,7 @@ async fn pull_snapshot<'a>(
}
}
+ let manifest_data = tmp_manifest_blob.raw_data().to_vec();
let manifest = BackupManifest::try_from(tmp_manifest_blob)?;
if ignore_not_verified_or_encrypted(
@@ -467,9 +494,36 @@ async fn pull_snapshot<'a>(
if let Err(err) = std::fs::rename(&tmp_manifest_name, &manifest_name) {
bail!("Atomic rename file {:?} failed - {}", manifest_name, err);
}
+ if let DatastoreBackend::S3(s3_client) = snapshot.datastore().backend()? {
+ let object_path = snapshot.relative_path().join(MANIFEST_BLOB_NAME.as_ref());
+ let object_key = object_path
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid archive path"))?;
+
+ let data = hyper::body::Body::from(manifest_data);
+ s3_client.put_object(object_key.into(), data).await?;
+ }
if !client_log_name.exists() {
reader.try_download_client_log(&client_log_name).await?;
+ if client_log_name.exists() {
+ if let DatastoreBackend::S3(s3_client) = snapshot.datastore().backend()? {
+ let object_path = snapshot.relative_path().join(CLIENT_LOG_BLOB_NAME.as_ref());
+ let object_key = object_path
+ .as_os_str()
+ .to_str()
+ .ok_or_else(|| format_err!("invalid archive path"))?;
+
+ let log_file = tokio::fs::File::open(&client_log_name).await?;
+ let mut reader = tokio::io::BufReader::new(log_file);
+ let mut contents = Vec::new();
+ reader.read_to_end(&mut contents).await?;
+
+ let data = hyper::body::Body::from(contents);
+ s3_client.put_object(object_key.into(), data).await?;
+ }
+ }
};
snapshot
.cleanup_unreferenced_files(&manifest)
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 22/41] api: reader: fetch chunks based on datastore backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (22 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 21/41] sync: pull: conditionally upload content to S3 backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 23/41] datastore: local chunk reader: read chunks based on backend Christian Ebner
` (18 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Read the chunk based on the datastores backend, reading from local
filesystem or fetching from S3 object store.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/reader/environment.rs | 12 +++++++----
src/api2/reader/mod.rs | 38 ++++++++++++++++++++++------------
2 files changed, 33 insertions(+), 17 deletions(-)
diff --git a/src/api2/reader/environment.rs b/src/api2/reader/environment.rs
index 3b2f06f43..8924352b0 100644
--- a/src/api2/reader/environment.rs
+++ b/src/api2/reader/environment.rs
@@ -1,13 +1,14 @@
use std::collections::HashSet;
use std::sync::{Arc, RwLock};
+use anyhow::Error;
use serde_json::{json, Value};
use proxmox_router::{RpcEnvironment, RpcEnvironmentType};
use pbs_api_types::Authid;
use pbs_datastore::backup_info::BackupDir;
-use pbs_datastore::DataStore;
+use pbs_datastore::{DataStore, DatastoreBackend};
use proxmox_rest_server::formatter::*;
use proxmox_rest_server::WorkerTask;
use tracing::info;
@@ -23,6 +24,7 @@ pub struct ReaderEnvironment {
pub worker: Arc<WorkerTask>,
pub datastore: Arc<DataStore>,
pub backup_dir: BackupDir,
+ pub backend: DatastoreBackend,
allowed_chunks: Arc<RwLock<HashSet<[u8; 32]>>>,
}
@@ -33,8 +35,9 @@ impl ReaderEnvironment {
worker: Arc<WorkerTask>,
datastore: Arc<DataStore>,
backup_dir: BackupDir,
- ) -> Self {
- Self {
+ ) -> Result<Self, Error> {
+ let backend = datastore.backend()?;
+ Ok(Self {
result_attributes: json!({}),
env_type,
auth_id,
@@ -43,8 +46,9 @@ impl ReaderEnvironment {
debug: tracing::enabled!(tracing::Level::DEBUG),
formatter: JSON_FORMATTER,
backup_dir,
+ backend,
allowed_chunks: Arc::new(RwLock::new(HashSet::new())),
- }
+ })
}
pub fn log<S: AsRef<str>>(&self, msg: S) {
diff --git a/src/api2/reader/mod.rs b/src/api2/reader/mod.rs
index cc791299c..3417f49be 100644
--- a/src/api2/reader/mod.rs
+++ b/src/api2/reader/mod.rs
@@ -24,7 +24,8 @@ use pbs_api_types::{
};
use pbs_config::CachedUserInfo;
use pbs_datastore::index::IndexFile;
-use pbs_datastore::{DataStore, PROXMOX_BACKUP_READER_PROTOCOL_ID_V1};
+use pbs_datastore::{DataStore, DatastoreBackend, PROXMOX_BACKUP_READER_PROTOCOL_ID_V1};
+use pbs_s3_client::S3Client;
use pbs_tools::json::required_string_param;
use crate::api2::backup::optional_ns_param;
@@ -159,7 +160,7 @@ fn upgrade_to_backup_reader_protocol(
worker.clone(),
datastore,
backup_dir,
- );
+ )?;
env.debug = debug;
@@ -320,17 +321,10 @@ fn download_chunk(
));
}
- let (path, _) = env.datastore.chunk_path(&digest);
- let path2 = path.clone();
-
- env.debug(format!("download chunk {:?}", path));
-
- let data =
- proxmox_async::runtime::block_in_place(|| std::fs::read(path)).map_err(move |err| {
- http_err!(BAD_REQUEST, "reading file {:?} failed: {}", path2, err)
- })?;
-
- let body = Body::from(data);
+ let body = match &env.backend {
+ DatastoreBackend::Filesystem => load_from_filesystem(env, &digest)?,
+ DatastoreBackend::S3(s3_client) => fetch_from_object_store(s3_client, &digest).await?,
+ };
// fixme: set other headers ?
Ok(Response::builder()
@@ -342,6 +336,24 @@ fn download_chunk(
.boxed()
}
+async fn fetch_from_object_store(s3_client: &S3Client, digest: &[u8; 32]) -> Result<Body, Error> {
+ if let Some(response) = s3_client.get_object(digest.into()).await? {
+ return Ok(response.content);
+ }
+ bail!("cannot find chunk with digest {}", hex::encode(digest));
+}
+
+fn load_from_filesystem(env: &ReaderEnvironment, digest: &[u8; 32]) -> Result<Body, Error> {
+ let (path, _) = env.datastore.chunk_path(digest);
+ let path2 = path.clone();
+
+ env.debug(format!("download chunk {path:?}"));
+
+ let data = proxmox_async::runtime::block_in_place(|| std::fs::read(path))
+ .map_err(move |err| http_err!(BAD_REQUEST, "reading file {path2:?} failed: {err}"))?;
+ Ok(Body::from(data))
+}
+
/* this is too slow
fn download_chunk_old(
_parts: Parts,
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 23/41] datastore: local chunk reader: read chunks based on backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (23 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 22/41] api: reader: fetch chunks based on datastore backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 24/41] verify worker: add datastore backed to verify worker Christian Ebner
` (17 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Get and store the datastore's backend on local chunk reader
instantiantion and fetch chunks based on the variant from either the
filesystem or the s3 object store.
By storing the backend variant, the s3 client is instantiated only
once and reused until the local chunk reader instance is dropped.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/Cargo.toml | 2 ++
pbs-datastore/src/local_chunk_reader.rs | 37 +++++++++++++++++++++----
2 files changed, 33 insertions(+), 6 deletions(-)
diff --git a/pbs-datastore/Cargo.toml b/pbs-datastore/Cargo.toml
index 182398d7e..1577a4ce9 100644
--- a/pbs-datastore/Cargo.toml
+++ b/pbs-datastore/Cargo.toml
@@ -14,6 +14,7 @@ crc32fast.workspace = true
endian_trait.workspace = true
futures.workspace = true
hex = { workspace = true, features = [ "serde" ] }
+hyper.workspace = true
libc.workspace = true
log.workspace = true
nix.workspace = true
@@ -30,6 +31,7 @@ zstd-safe.workspace = true
pathpatterns.workspace = true
pxar.workspace = true
+proxmox-async.workspace = true
proxmox-borrow.workspace = true
proxmox-human-byte.workspace = true
proxmox-io.workspace = true
diff --git a/pbs-datastore/src/local_chunk_reader.rs b/pbs-datastore/src/local_chunk_reader.rs
index 05a70c068..a363059a1 100644
--- a/pbs-datastore/src/local_chunk_reader.rs
+++ b/pbs-datastore/src/local_chunk_reader.rs
@@ -3,17 +3,21 @@ use std::pin::Pin;
use std::sync::Arc;
use anyhow::{bail, Error};
+use hyper::body::HttpBody;
use pbs_api_types::CryptMode;
+use pbs_s3_client::S3Client;
use pbs_tools::crypt_config::CryptConfig;
use crate::data_blob::DataBlob;
+use crate::datastore::DatastoreBackend;
use crate::read_chunk::{AsyncReadChunk, ReadChunk};
use crate::DataStore;
#[derive(Clone)]
pub struct LocalChunkReader {
store: Arc<DataStore>,
+ backend: DatastoreBackend,
crypt_config: Option<Arc<CryptConfig>>,
crypt_mode: CryptMode,
}
@@ -24,8 +28,11 @@ impl LocalChunkReader {
crypt_config: Option<Arc<CryptConfig>>,
crypt_mode: CryptMode,
) -> Self {
+ // TODO: Error handling!
+ let backend = store.backend().unwrap();
Self {
store,
+ backend,
crypt_config,
crypt_mode,
}
@@ -47,10 +54,25 @@ impl LocalChunkReader {
}
}
+async fn fetch(s3_client: Arc<S3Client>, digest: &[u8; 32]) -> Result<DataBlob, Error> {
+ if let Some(response) = s3_client.get_object(digest.into()).await? {
+ let bytes = response.content.collect().await?.to_bytes();
+ DataBlob::from_raw(bytes.to_vec())
+ } else {
+ bail!("no object with digest {}", hex::encode(digest));
+ }
+}
+
impl ReadChunk for LocalChunkReader {
fn read_raw_chunk(&self, digest: &[u8; 32]) -> Result<DataBlob, Error> {
- let chunk = self.store.load_chunk(digest)?;
+ let chunk = match &self.backend {
+ DatastoreBackend::Filesystem => self.store.load_chunk(digest)?,
+ DatastoreBackend::S3(s3_client) => {
+ proxmox_async::runtime::block_on(fetch(s3_client.clone(), digest))?
+ }
+ };
self.ensure_crypt_mode(chunk.crypt_mode()?)?;
+
Ok(chunk)
}
@@ -69,11 +91,14 @@ impl AsyncReadChunk for LocalChunkReader {
digest: &'a [u8; 32],
) -> Pin<Box<dyn Future<Output = Result<DataBlob, Error>> + Send + 'a>> {
Box::pin(async move {
- let (path, _) = self.store.chunk_path(digest);
-
- let raw_data = tokio::fs::read(&path).await?;
-
- let chunk = DataBlob::load_from_reader(&mut &raw_data[..])?;
+ let chunk = match &self.backend {
+ DatastoreBackend::Filesystem => {
+ let (path, _) = self.store.chunk_path(digest);
+ let raw_data = tokio::fs::read(&path).await?;
+ DataBlob::load_from_reader(&mut &raw_data[..])?
+ }
+ DatastoreBackend::S3(s3_client) => fetch(s3_client.clone(), digest).await?,
+ };
self.ensure_crypt_mode(chunk.crypt_mode()?)?;
Ok(chunk)
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 24/41] verify worker: add datastore backed to verify worker
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (24 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 23/41] datastore: local chunk reader: read chunks based on backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 25/41] verify: implement chunk verification for stores with s3 backend Christian Ebner
` (16 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
In order to fetch chunks from an S3 compatible object store,
instantiate and store the s3 client in the verify worker by storing
the datastore's backend. This allows to reuse the same instance for
the whole verification task.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/admin/datastore.rs | 2 +-
src/api2/backup/environment.rs | 2 +-
src/backup/verify.rs | 14 ++++++++++----
src/server/verify_job.rs | 2 +-
4 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs
index 443f8f4c0..4b032e817 100644
--- a/src/api2/admin/datastore.rs
+++ b/src/api2/admin/datastore.rs
@@ -881,7 +881,7 @@ pub fn verify(
auth_id.to_string(),
to_stdout,
move |worker| {
- let verify_worker = VerifyWorker::new(worker.clone(), datastore);
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore)?;
let failed_dirs = if let Some(backup_dir) = backup_dir {
let mut res = Vec::new();
if !verify_worker.verify_backup_dir(
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 685b78e89..384e8a73f 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -796,7 +796,7 @@ impl BackupEnvironment {
move |worker| {
worker.log_message("Automatically verifying newly added snapshot");
- let verify_worker = VerifyWorker::new(worker.clone(), datastore);
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore)?;
if !verify_worker.verify_backup_dir_with_lock(
&backup_dir,
worker.upid().clone(),
diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index 0b954ae23..a01ddcca3 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -17,7 +17,7 @@ use pbs_api_types::{
use pbs_datastore::backup_info::{BackupDir, BackupGroup, BackupInfo};
use pbs_datastore::index::IndexFile;
use pbs_datastore::manifest::{BackupManifest, FileInfo};
-use pbs_datastore::{DataBlob, DataStore, StoreProgress};
+use pbs_datastore::{DataBlob, DataStore, DatastoreBackend, StoreProgress};
use crate::tools::parallel_handler::ParallelHandler;
@@ -30,19 +30,25 @@ pub struct VerifyWorker {
datastore: Arc<DataStore>,
verified_chunks: Arc<Mutex<HashSet<[u8; 32]>>>,
corrupt_chunks: Arc<Mutex<HashSet<[u8; 32]>>>,
+ backend: DatastoreBackend,
}
impl VerifyWorker {
/// Creates a new VerifyWorker for a given task worker and datastore.
- pub fn new(worker: Arc<dyn WorkerTaskContext>, datastore: Arc<DataStore>) -> Self {
- Self {
+ pub fn new(
+ worker: Arc<dyn WorkerTaskContext>,
+ datastore: Arc<DataStore>,
+ ) -> Result<Self, Error> {
+ let backend = datastore.backend()?;
+ Ok(Self {
worker,
datastore,
// start with 16k chunks == up to 64G data
verified_chunks: Arc::new(Mutex::new(HashSet::with_capacity(16 * 1024))),
// start with 64 chunks since we assume there are few corrupt ones
corrupt_chunks: Arc::new(Mutex::new(HashSet::with_capacity(64))),
- }
+ backend,
+ })
}
fn verify_blob(backup_dir: &BackupDir, info: &FileInfo) -> Result<(), Error> {
diff --git a/src/server/verify_job.rs b/src/server/verify_job.rs
index 95a7b2a9b..c8792174b 100644
--- a/src/server/verify_job.rs
+++ b/src/server/verify_job.rs
@@ -41,7 +41,7 @@ pub fn do_verification_job(
None => Default::default(),
};
- let verify_worker = VerifyWorker::new(worker.clone(), datastore);
+ let verify_worker = VerifyWorker::new(worker.clone(), datastore)?;
let result = verify_worker.verify_all_backups(
worker.upid(),
ns,
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 25/41] verify: implement chunk verification for stores with s3 backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (25 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 24/41] verify worker: add datastore backed to verify worker Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 26/41] datastore: create namespace marker in S3 backend Christian Ebner
` (15 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
For datastores backed by an S3 compatible object store, rather than
reading the chunks to be verified from the local filesystem, fetch
them via the s3 client from the configured bucket.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/backup/verify.rs | 59 +++++++++++++++++++++++++++++++++++---------
1 file changed, 47 insertions(+), 12 deletions(-)
diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index a01ddcca3..2c28c6af5 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -5,6 +5,7 @@ use std::sync::{Arc, Mutex};
use std::time::Instant;
use anyhow::{bail, Error};
+use hyper::body::HttpBody;
use tracing::{error, info, warn};
use proxmox_worker_task::WorkerTaskContext;
@@ -189,18 +190,52 @@ impl VerifyWorker {
continue; // already verified or marked corrupt
}
- match self.datastore.load_chunk(&info.digest) {
- Err(err) => {
- self.corrupt_chunks.lock().unwrap().insert(info.digest);
- error!("can't verify chunk, load failed - {err}");
- errors.fetch_add(1, Ordering::SeqCst);
- Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
- }
- Ok(chunk) => {
- let size = info.size();
- read_bytes += chunk.raw_size();
- decoder_pool.send((chunk, info.digest, size))?;
- decoded_bytes += size;
+ match &self.backend {
+ DatastoreBackend::Filesystem => match self.datastore.load_chunk(&info.digest) {
+ Err(err) => {
+ self.corrupt_chunks.lock().unwrap().insert(info.digest);
+ error!("can't verify chunk, load failed - {err}");
+ errors.fetch_add(1, Ordering::SeqCst);
+ Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
+ }
+ Ok(chunk) => {
+ let size = info.size();
+ read_bytes += chunk.raw_size();
+ decoder_pool.send((chunk, info.digest, size))?;
+ decoded_bytes += size;
+ }
+ },
+ DatastoreBackend::S3(s3_client) => {
+ //TODO: How to avoid all these requests? Does the AWS api offer other means
+ // to verify the contents/integrity of objects?
+ match proxmox_async::runtime::block_on(s3_client.get_object(info.digest.into()))
+ {
+ Ok(Some(response)) => {
+ let bytes =
+ proxmox_async::runtime::block_on(response.content.collect())?
+ .to_bytes();
+ let chunk = DataBlob::from_raw(bytes.to_vec())?;
+ let size = info.size();
+ read_bytes += chunk.raw_size();
+ decoder_pool.send((chunk, info.digest, size))?;
+ decoded_bytes += size;
+ }
+ Ok(None) => {
+ self.corrupt_chunks.lock().unwrap().insert(info.digest);
+ error!(
+ "can't verify missing chunk with digest {}",
+ hex::encode(info.digest)
+ );
+ errors.fetch_add(1, Ordering::SeqCst);
+ }
+ Err(err) => {
+ self.corrupt_chunks.lock().unwrap().insert(info.digest);
+ error!("can't verify chunk, load failed - {err}");
+ errors.fetch_add(1, Ordering::SeqCst);
+ //TODO: How to handle corrupt chunks for S3 store?
+ //Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
+ }
+ }
}
}
}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 26/41] datastore: create namespace marker in S3 backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (26 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 25/41] verify: implement chunk verification for stores with s3 backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 27/41] datastore: create/delete protected marker file on S3 storage backend Christian Ebner
` (14 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
The S3 object store only allows to store objects, referenced by their
key. For backup namespaces datastores however use directories, so
they cannot be represented as one to one mapping.
Instead, create an empty marker file for each namespace and operate
based on that.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/datastore.rs | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 3e54ce31f..91eac4321 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -8,7 +8,7 @@ use std::time::Duration;
use anyhow::{bail, format_err, Context, Error};
use nix::unistd::{unlinkat, UnlinkatFlags};
-use pbs_s3_client::{S3Client, S3ClientOptions};
+use pbs_s3_client::{PutObjectResponse, S3Client, S3ClientOptions};
use pbs_tools::lru_cache::LruCache;
use tracing::{info, warn};
@@ -43,6 +43,7 @@ static DATASTORE_MAP: LazyLock<Mutex<HashMap<String, Arc<DataStoreImpl>>>> =
LazyLock::new(|| Mutex::new(HashMap::new()));
const GROUP_NOTES_FILE_NAME: &str = "notes";
+const NAMESPACE_MARKER_FILENAME: &str = ".namespace";
/// checks if auth_id is owner, or, if owner is a token, if
/// auth_id is the user of the token
@@ -608,6 +609,24 @@ impl DataStore {
// construct ns before mkdir to enforce max-depth and name validity
let ns = BackupNamespace::from_parent_ns(parent, name)?;
+ if let DatastoreBackend::S3(s3_client) = self.backend()? {
+ let marker = ns.path().join(NAMESPACE_MARKER_FILENAME);
+ let namespace_marker = marker
+ .to_str()
+ .ok_or_else(|| format_err!("unexpected namespace path"))?;
+
+ let response = proxmox_async::runtime::block_on(
+ s3_client.put_object(namespace_marker.into(), hyper::body::Body::empty()),
+ )?;
+ match response {
+ PutObjectResponse::NeedsRetry => bail!("failed to create namespace, needs retry"),
+ PutObjectResponse::PreconditionFailed => {
+ bail!("failed to create namespace, precondition failed")
+ }
+ PutObjectResponse::Success(_) => (),
+ }
+ }
+
let mut ns_full_path = self.base_path();
ns_full_path.push(ns.path());
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 27/41] datastore: create/delete protected marker file on S3 storage backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (27 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 26/41] datastore: create namespace marker in S3 backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 28/41] datastore: prune groups/snapshots from S3 object store backend Christian Ebner
` (13 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Commit 8292d3d2 ("api2/admin/datastore: add get/set_protection")
introduced the protected flag for backup snapshots, considering
snapshots as protected based on the presence/absence of the
`.protected` marker file in the corresponding snapshot directory.
To allow independent recovery of a datastore backed by an S3 bucket,
also create/delete the marker file on the object store backend. For
actual checks, still rely on the marker as encountered in the local
cache store.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/datastore.rs | 45 ++++++++++++++++++++++++++++++----
1 file changed, 40 insertions(+), 5 deletions(-)
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 91eac4321..cde47b064 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -1562,12 +1562,47 @@ impl DataStore {
let protected_path = backup_dir.protected_file();
if protection {
- std::fs::File::create(protected_path)
+ std::fs::File::create(&protected_path)
.map_err(|err| format_err!("could not create protection file: {}", err))?;
- } else if let Err(err) = std::fs::remove_file(protected_path) {
- // ignore error for non-existing file
- if err.kind() != std::io::ErrorKind::NotFound {
- bail!("could not remove protection file: {}", err);
+ if let DatastoreBackend::S3(s3_client) = self.backend()? {
+ let marker = backup_dir.relative_path().join(".protected");
+ let protected_marker = marker
+ .to_str()
+ .ok_or_else(|| format_err!("unexpected protected marker path"))?;
+ let response = proxmox_async::runtime::block_on(
+ s3_client.put_object(protected_marker.into(), hyper::body::Body::empty()),
+ )?;
+ match response {
+ PutObjectResponse::NeedsRetry => {
+ let _ = std::fs::remove_file(protected_path);
+ bail!("failed to mark snapshot as protected, needs retry")
+ }
+ PutObjectResponse::PreconditionFailed => {
+ let _ = std::fs::remove_file(protected_path);
+ bail!("failed to mark snapshot as protected, precondition failed")
+ }
+ PutObjectResponse::Success(_) => (),
+ }
+ }
+ } else {
+ if let Err(err) = std::fs::remove_file(&protected_path) {
+ // ignore error for non-existing file
+ if err.kind() != std::io::ErrorKind::NotFound {
+ bail!("could not remove protection file: {err}");
+ }
+ }
+ if let DatastoreBackend::S3(s3_client) = self.backend()? {
+ let marker = backup_dir.relative_path().join(".protected");
+ let protected_marker = marker
+ .to_str()
+ .ok_or_else(|| format_err!("unexpected protected marker path"))?;
+ if let Err(err) = proxmox_async::runtime::block_on(
+ s3_client.delete_object(protected_marker.into()),
+ ) {
+ std::fs::File::create(&protected_path)
+ .map_err(|err| format_err!("could not re-create protection file: {err}"))?;
+ return Err(err);
+ }
}
}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 28/41] datastore: prune groups/snapshots from S3 object store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (28 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 27/41] datastore: create/delete protected marker file on S3 storage backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 29/41] datastore: get and set owner for S3 " Christian Ebner
` (12 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
When pruning a backup group or a backup snapshot for a datastore with
S3 object store backend, remove the associated objects by removing
them based on the prefix.
In order to exclude protected contents, add a filtering based on the
presence of the protected marker.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/backup_info.rs | 53 +++++++++++++++++++++++++++++---
pbs-datastore/src/datastore.rs | 44 +++++++++++++++++++++++---
src/api2/admin/datastore.rs | 24 ++++++++++-----
3 files changed, 103 insertions(+), 18 deletions(-)
diff --git a/pbs-datastore/src/backup_info.rs b/pbs-datastore/src/backup_info.rs
index 37a605b94..9252a4d3e 100644
--- a/pbs-datastore/src/backup_info.rs
+++ b/pbs-datastore/src/backup_info.rs
@@ -9,6 +9,7 @@ use std::time::Duration;
use anyhow::{bail, format_err, Context, Error};
use const_format::concatcp;
+use pbs_s3_client::{S3PathPrefix, S3_CONTENT_PREFIX};
use proxmox_sys::fs::{lock_dir_noblock, lock_dir_noblock_shared, replace_file, CreateOptions};
use proxmox_systemd::escape_unit;
@@ -18,11 +19,12 @@ use pbs_api_types::{
};
use pbs_config::{open_backup_lockfile, BackupLockGuard};
+use crate::datastore::GROUP_NOTES_FILE_NAME;
use crate::manifest::{BackupManifest, MANIFEST_LOCK_NAME};
-use crate::{DataBlob, DataStore};
+use crate::{DataBlob, DataStore, DatastoreBackend};
pub const DATASTORE_LOCKS_DIR: &str = "/run/proxmox-backup/locks";
-const PROTECTED_MARKER_FILENAME: &str = ".protected";
+pub const PROTECTED_MARKER_FILENAME: &str = ".protected";
proxmox_schema::const_regex! {
pub BACKUP_FILES_AND_PROTECTED_REGEX = concatcp!(r"^(.*\.([fd]idx|blob)|\", PROTECTED_MARKER_FILENAME, ")$");
@@ -218,7 +220,7 @@ impl BackupGroup {
///
/// Returns `BackupGroupDeleteStats`, containing the number of deleted snapshots
/// and number of protected snaphsots, which therefore were not removed.
- pub fn destroy(&self) -> Result<BackupGroupDeleteStats, Error> {
+ pub fn destroy(&self, backend: &DatastoreBackend) -> Result<BackupGroupDeleteStats, Error> {
let _guard = self
.lock()
.with_context(|| format!("while destroying group '{self:?}'"))?;
@@ -232,10 +234,30 @@ impl BackupGroup {
delete_stats.increment_protected_snapshots();
continue;
}
- snap.destroy(false)?;
+ // also for S3 cleanup local only, the actual S3 objects will be removed below,
+ // reducing the number of required API calls.
+ snap.destroy(false, &DatastoreBackend::Filesystem)?;
delete_stats.increment_removed_snapshots();
}
+ if let DatastoreBackend::S3(s3_client) = backend {
+ let path = self.relative_group_path();
+ let group_prefix = path
+ .to_str()
+ .ok_or_else(|| format_err!("invalid group path prefix"))?;
+ let prefix = format!("{S3_CONTENT_PREFIX}/{group_prefix}");
+ let delete_objects_error = proxmox_async::runtime::block_on(
+ s3_client.delete_objects_by_prefix_with_suffix_filter(
+ &S3PathPrefix::Some(prefix),
+ PROTECTED_MARKER_FILENAME,
+ &["owner", GROUP_NOTES_FILE_NAME],
+ ),
+ )?;
+ if delete_objects_error {
+ bail!("deleting objects failed");
+ }
+ }
+
// Note: make sure the old locking mechanism isn't used as `remove_dir_all` is not safe in
// that case
if delete_stats.all_removed() && !*OLD_LOCKING {
@@ -588,7 +610,7 @@ impl BackupDir {
/// Destroy the whole snapshot, bails if it's protected
///
/// Setting `force` to true skips locking and thus ignores if the backup is currently in use.
- pub fn destroy(&self, force: bool) -> Result<(), Error> {
+ pub fn destroy(&self, force: bool, backend: &DatastoreBackend) -> Result<(), Error> {
let (_guard, _manifest_guard);
if !force {
_guard = self
@@ -601,6 +623,20 @@ impl BackupDir {
bail!("cannot remove protected snapshot"); // use special error type?
}
+ if let DatastoreBackend::S3(s3_client) = backend {
+ let path = self.relative_path();
+ let snapshot_prefix = path
+ .to_str()
+ .ok_or_else(|| format_err!("invalid snapshot path"))?;
+ let prefix = format!("{S3_CONTENT_PREFIX}/{snapshot_prefix}");
+ let delete_objects_error = proxmox_async::runtime::block_on(
+ s3_client.delete_objects_by_prefix(&S3PathPrefix::Some(prefix)),
+ )?;
+ if delete_objects_error {
+ bail!("deleting objects failed");
+ }
+ }
+
let full_path = self.full_path();
log::info!("removing backup snapshot {:?}", full_path);
std::fs::remove_dir_all(&full_path).map_err(|err| {
@@ -630,6 +666,13 @@ impl BackupDir {
// do to rectify the situation.
if guard.is_ok() && group.list_backups()?.is_empty() && !*OLD_LOCKING {
group.remove_group_dir()?;
+ if let DatastoreBackend::S3(s3_client) = backend {
+ let path = group.relative_group_path().join("owner");
+ let owner_key = path
+ .to_str()
+ .ok_or_else(|| format_err!("invalid group path prefix"))?;
+ proxmox_async::runtime::block_on(s3_client.delete_object(owner_key.into()))?;
+ }
} else if let Err(err) = guard {
log::debug!("{err:#}");
}
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index cde47b064..c304eea21 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -29,8 +29,11 @@ use pbs_api_types::{
S3ClientConfig, S3ClientSecretsConfig, UPID,
};
use pbs_config::BackupLockGuard;
+use pbs_s3_client::{S3PathPrefix, S3_CONTENT_PREFIX};
-use crate::backup_info::{BackupDir, BackupGroup, BackupInfo, OLD_LOCKING};
+use crate::backup_info::{
+ BackupDir, BackupGroup, BackupInfo, OLD_LOCKING, PROTECTED_MARKER_FILENAME,
+};
use crate::chunk_store::ChunkStore;
use crate::dynamic_index::{DynamicIndexReader, DynamicIndexWriter};
use crate::fixed_index::{FixedIndexReader, FixedIndexWriter};
@@ -42,7 +45,7 @@ use crate::DataBlob;
static DATASTORE_MAP: LazyLock<Mutex<HashMap<String, Arc<DataStoreImpl>>>> =
LazyLock::new(|| Mutex::new(HashMap::new()));
-const GROUP_NOTES_FILE_NAME: &str = "notes";
+pub const GROUP_NOTES_FILE_NAME: &str = "notes";
const NAMESPACE_MARKER_FILENAME: &str = ".namespace";
/// checks if auth_id is owner, or, if owner is a token, if
@@ -660,7 +663,9 @@ impl DataStore {
let mut stats = BackupGroupDeleteStats::default();
for group in self.iter_backup_groups(ns.to_owned())? {
- let delete_stats = group?.destroy()?;
+ let group = group?;
+ let backend = self.backend()?;
+ let delete_stats = group.destroy(&backend)?;
stats.add(&delete_stats);
removed_all_groups = removed_all_groups && delete_stats.all_removed();
}
@@ -694,6 +699,8 @@ impl DataStore {
let store = self.name();
let mut removed_all_requested = true;
let mut stats = BackupGroupDeleteStats::default();
+ let backend = self.backend()?;
+
if delete_groups {
log::info!("removing whole namespace recursively below {store}:/{ns}",);
for ns in self.recursive_iter_backup_ns(ns.to_owned())? {
@@ -701,6 +708,24 @@ impl DataStore {
stats.add(&delete_stats);
removed_all_requested = removed_all_requested && removed_ns_groups;
}
+
+ if let DatastoreBackend::S3(s3_client) = &backend {
+ let ns_dir = ns.path();
+ let ns_prefix = ns_dir
+ .to_str()
+ .ok_or_else(|| format_err!("invalid namespace path prefix"))?;
+ let prefix = format!("{S3_CONTENT_PREFIX}/{ns_prefix}");
+ let delete_objects_error = proxmox_async::runtime::block_on(
+ s3_client.delete_objects_by_prefix_with_suffix_filter(
+ &S3PathPrefix::Some(prefix),
+ PROTECTED_MARKER_FILENAME,
+ &["owner", GROUP_NOTES_FILE_NAME],
+ ),
+ )?;
+ if delete_objects_error {
+ bail!("deleting objects failed");
+ }
+ }
} else {
log::info!("pruning empty namespace recursively below {store}:/{ns}");
}
@@ -736,6 +761,15 @@ impl DataStore {
log::warn!("failed to remove namespace {ns} - {err}")
}
}
+ if let DatastoreBackend::S3(s3_client) = &backend {
+ // Only remove the namespace marker, if it was empty,
+ // than this is the same as the namespace being removed.
+ let ns_dir = ns.path().join(NAMESPACE_MARKER_FILENAME);
+ let ns_key = ns_dir
+ .to_str()
+ .ok_or_else(|| format_err!("invalid namespace path"))?;
+ proxmox_async::runtime::block_on(s3_client.delete_object(ns_key.into()))?;
+ }
}
}
@@ -753,7 +787,7 @@ impl DataStore {
) -> Result<BackupGroupDeleteStats, Error> {
let backup_group = self.backup_group(ns.clone(), backup_group.clone());
- backup_group.destroy()
+ backup_group.destroy(&self.backend()?)
}
/// Remove a backup directory including all content
@@ -765,7 +799,7 @@ impl DataStore {
) -> Result<(), Error> {
let backup_dir = self.backup_dir(ns.clone(), backup_dir.clone())?;
- backup_dir.destroy(force)
+ backup_dir.destroy(force, &self.backend()?)
}
/// Returns the time of the last successful backup
diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs
index 4b032e817..ed5ee8a0c 100644
--- a/src/api2/admin/datastore.rs
+++ b/src/api2/admin/datastore.rs
@@ -420,7 +420,7 @@ pub async fn delete_snapshot(
let snapshot = datastore.backup_dir(ns, backup_dir)?;
- snapshot.destroy(false)?;
+ snapshot.destroy(false, &datastore.backend()?)?;
Ok(Value::Null)
})
@@ -1086,13 +1086,21 @@ pub fn prune(
});
if !keep {
- if let Err(err) = backup_dir.destroy(false) {
- warn!(
- "failed to remove dir {:?}: {}",
- backup_dir.relative_path(),
- err,
- );
- }
+ match datastore.backend() {
+ Ok(backend) => {
+ if let Err(err) = backup_dir.destroy(false, &backend) {
+ warn!(
+ "failed to remove dir {:?}: {}",
+ backup_dir.relative_path(),
+ err,
+ );
+ }
+ }
+ Err(err) => warn!(
+ "failed to remove dir {:?}: {err}",
+ backup_dir.relative_path()
+ ),
+ };
}
}
prune_result
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 29/41] datastore: get and set owner for S3 store backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (29 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 28/41] datastore: prune groups/snapshots from S3 object store backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 30/41] datastore: implement garbage collection for s3 backend Christian Ebner
` (11 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Read or write the ownership information from/to the corresponding
object in the S3 object store. Keep that information available if
the bucket is reused as datastore.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/datastore.rs | 39 ++++++++++++++++++++++++++++++++++
1 file changed, 39 insertions(+)
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index c304eea21..0754ba13e 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -839,6 +839,25 @@ impl DataStore {
backup_group: &pbs_api_types::BackupGroup,
) -> Result<Authid, Error> {
let full_path = self.owner_path(ns, backup_group);
+
+ if let DatastoreBackend::S3(s3_client) = self.backend()? {
+ let object_key = format!(
+ "{}/{backup_group}/owner",
+ ns.path()
+ .to_str()
+ .ok_or_else(|| format_err!("unexpected owner path"))?,
+ );
+ let response =
+ proxmox_async::runtime::block_on(s3_client.get_object(object_key.as_str().into()))?
+ .ok_or_else(|| format_err!("fetching owner failed"))?;
+ let content =
+ proxmox_async::runtime::block_on(hyper::body::HttpBody::collect(response.content))?;
+ let owner = String::from_utf8(content.to_bytes().trim_ascii_end().to_vec())?;
+ return owner
+ .parse()
+ .map_err(|err| format_err!("parsing owner for {backup_group} failed: {err}"));
+ }
+
let owner = proxmox_sys::fs::file_read_firstline(full_path)?;
owner
.trim_end() // remove trailing newline
@@ -867,6 +886,26 @@ impl DataStore {
) -> Result<(), Error> {
let path = self.owner_path(ns, backup_group);
+ if let DatastoreBackend::S3(s3_client) = self.backend()? {
+ let object_key = format!(
+ "{}/{backup_group}/owner",
+ ns.path()
+ .to_str()
+ .ok_or_else(|| format_err!("unexpected owner path"))?,
+ );
+ let data = hyper::body::Body::from(format!("{auth_id}\n"));
+ let response = proxmox_async::runtime::block_on(
+ s3_client.put_object(object_key.as_str().into(), data),
+ )?;
+ match response {
+ PutObjectResponse::NeedsRetry => bail!("failed to set owner, needs retry"),
+ PutObjectResponse::PreconditionFailed => {
+ bail!("failed to set owner, precondition failed")
+ }
+ PutObjectResponse::Success(_) => (),
+ }
+ }
+
let mut open_options = std::fs::OpenOptions::new();
open_options.write(true);
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 30/41] datastore: implement garbage collection for s3 backend
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (30 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 29/41] datastore: get and set owner for S3 " Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 31/41] ui: add datastore type selector and reorganize component layout Christian Ebner
` (10 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Implements the garbage collection for datastore's backed by an s3
object store.
Take advantage of the local datastore by placing marker files in the
chunk store during phase 1 of the garbage collection, updating their
atime if already present. By this expensive api calls can be avoided
to update the object metadata (only possible via a copy object
operation).
The phase 2 is implemented by fetching a list of all the chunks via
the ListObjectsV2 api call, filtered by the chunk folder prefix.
This operation has to be performed in patches of 1000 objects, given
by the api's response limits.
For each object key, lookup the marker file and decide based on the
marker existence and it's atime if the chunk object needs to be
removed. Deletion happens via the delete objects operation, allowing
to delete multiple chunks by a single request.
This allows to efficiently lookup chunks which are not in use
anymore while being performant and cost effective.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/chunk_store.rs | 4 +
pbs-datastore/src/datastore.rs | 216 +++++++++++++++++++++++++++----
2 files changed, 195 insertions(+), 25 deletions(-)
diff --git a/pbs-datastore/src/chunk_store.rs b/pbs-datastore/src/chunk_store.rs
index 29a3d477f..449fe0f72 100644
--- a/pbs-datastore/src/chunk_store.rs
+++ b/pbs-datastore/src/chunk_store.rs
@@ -353,6 +353,10 @@ impl ChunkStore {
ProcessLocker::oldest_shared_lock(self.locker.clone().unwrap())
}
+ pub fn mutex(&self) -> &std::sync::Mutex<()> {
+ &self.mutex
+ }
+
pub fn sweep_unused_chunks(
&self,
oldest_writer: i64,
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 0754ba13e..1d411e8d1 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -4,7 +4,7 @@ use std::os::unix::ffi::OsStrExt;
use std::os::unix::io::AsRawFd;
use std::path::{Path, PathBuf};
use std::sync::{Arc, LazyLock, Mutex};
-use std::time::Duration;
+use std::time::{Duration, SystemTime};
use anyhow::{bail, format_err, Context, Error};
use nix::unistd::{unlinkat, UnlinkatFlags};
@@ -1227,6 +1227,7 @@ impl DataStore {
chunk_lru_cache: &mut Option<LruCache<[u8; 32], ()>>,
status: &mut GarbageCollectionStatus,
worker: &dyn WorkerTaskContext,
+ s3_client: Option<Arc<S3Client>>,
) -> Result<(), Error> {
status.index_file_count += 1;
status.index_data_bytes += index.index_bytes();
@@ -1243,21 +1244,41 @@ impl DataStore {
}
}
- if !self.inner.chunk_store.cond_touch_chunk(digest, false)? {
- let hex = hex::encode(digest);
- warn!(
- "warning: unable to access non-existent chunk {hex}, required by {file_name:?}"
- );
-
- // touch any corresponding .bad files to keep them around, meaning if a chunk is
- // rewritten correctly they will be removed automatically, as well as if no index
- // file requires the chunk anymore (won't get to this loop then)
- for i in 0..=9 {
- let bad_ext = format!("{}.bad", i);
- let mut bad_path = PathBuf::new();
- bad_path.push(self.chunk_path(digest).0);
- bad_path.set_extension(bad_ext);
- self.inner.chunk_store.cond_touch_path(&bad_path, false)?;
+ match s3_client {
+ None => {
+ // Filesystem backend
+ if !self.inner.chunk_store.cond_touch_chunk(digest, false)? {
+ let hex = hex::encode(digest);
+ warn!(
+ "warning: unable to access non-existent chunk {hex}, required by {file_name:?}"
+ );
+
+ // touch any corresponding .bad files to keep them around, meaning if a chunk is
+ // rewritten correctly they will be removed automatically, as well as if no index
+ // file requires the chunk anymore (won't get to this loop then)
+ for i in 0..=9 {
+ let bad_ext = format!("{}.bad", i);
+ let mut bad_path = PathBuf::new();
+ bad_path.push(self.chunk_path(digest).0);
+ bad_path.set_extension(bad_ext);
+ self.inner.chunk_store.cond_touch_path(&bad_path, false)?;
+ }
+ }
+ }
+ Some(ref _s3_client) => {
+ // Update atime on local cache marker files.
+ if !self.inner.chunk_store.cond_touch_chunk(digest, false)? {
+ let (chunk_path, _digest) = self.chunk_path(digest);
+ // Insert empty file as marker to tell GC phase2 that this is
+ // a chunk still in-use, so to keep in the S3 object store.
+ std::fs::File::options()
+ .write(true)
+ .create_new(true)
+ .open(&chunk_path)
+ .with_context(|| {
+ format!("failed to create marker for chunk {}", hex::encode(digest))
+ })?;
+ }
}
}
}
@@ -1269,6 +1290,7 @@ impl DataStore {
status: &mut GarbageCollectionStatus,
worker: &dyn WorkerTaskContext,
cache_capacity: usize,
+ s3_client: Option<Arc<S3Client>>,
) -> Result<(), Error> {
// Iterate twice over the datastore to fetch index files, even if this comes with an
// additional runtime cost:
@@ -1362,6 +1384,7 @@ impl DataStore {
&mut chunk_lru_cache,
status,
worker,
+ s3_client.as_ref().cloned(),
)?;
if !unprocessed_index_list.remove(&path) {
@@ -1396,7 +1419,14 @@ impl DataStore {
continue;
}
};
- self.index_mark_used_chunks(index, &path, &mut chunk_lru_cache, status, worker)?;
+ self.index_mark_used_chunks(
+ index,
+ &path,
+ &mut chunk_lru_cache,
+ status,
+ worker,
+ s3_client.as_ref().cloned(),
+ )?;
warn!("Marked chunks for unexpected index file at '{path:?}'");
}
if strange_paths_count > 0 {
@@ -1494,18 +1524,154 @@ impl DataStore {
1024 * 1024
};
- info!("Start GC phase1 (mark used chunks)");
+ let s3_client = match self.backend()? {
+ DatastoreBackend::Filesystem => None,
+ DatastoreBackend::S3(s3_client) => {
+ proxmox_async::runtime::block_on(s3_client.head_bucket())
+ .context("failed to reach bucket")?;
+ Some(s3_client)
+ }
+ };
- self.mark_used_chunks(&mut gc_status, worker, gc_cache_capacity)
- .context("marking used chunks failed")?;
+ info!("Start GC phase1 (mark used chunks)");
- info!("Start GC phase2 (sweep unused chunks)");
- self.inner.chunk_store.sweep_unused_chunks(
- oldest_writer,
- min_atime,
+ self.mark_used_chunks(
&mut gc_status,
worker,
- )?;
+ gc_cache_capacity,
+ s3_client.as_ref().cloned(),
+ )
+ .context("marking used chunks failed")?;
+
+ info!("Start GC phase2 (sweep unused chunks)");
+
+ if let Some(ref s3_client) = s3_client {
+ let mut chunk_count = 0;
+ let prefix = S3PathPrefix::Some(".chunks/".to_string());
+ // Operates in batches of 1000 objects max per request
+ let mut list_bucket_result =
+ proxmox_async::runtime::block_on(s3_client.list_objects_v2(&prefix, None))?;
+
+ let mut delete_list = Vec::with_capacity(1000);
+ loop {
+ let lock = self.inner.chunk_store.mutex().lock().unwrap();
+
+ for content in list_bucket_result.contents {
+ // Check object is actually a chunk
+ let digest = match Path::new::<str>(&content.key).file_name() {
+ Some(file_name) => file_name,
+ // should never be the case as objects will have a filename
+ None => continue,
+ };
+ let bytes = digest.as_bytes();
+ if bytes.len() != 64 && bytes.len() != 64 + ".0.bad".len() {
+ continue;
+ }
+ if !bytes.iter().take(64).all(u8::is_ascii_hexdigit) {
+ continue;
+ }
+
+ let bad = bytes.ends_with(b".bad");
+
+ // Safe since contains valid ascii hexdigits only as checked above.
+ let digest_str = digest.to_string_lossy();
+ let hexdigit_prefix = unsafe { digest_str.get_unchecked(0..4) };
+ let mut chunk_path = self.base_path();
+ chunk_path.push(".chunks");
+ chunk_path.push(hexdigit_prefix);
+ chunk_path.push(digest);
+
+ // Check local markers (created or atime updated during phase1) and
+ // keep or delete chunk based on that.
+ let atime = match std::fs::metadata(chunk_path) {
+ Ok(stat) => stat.accessed()?,
+ Err(err) if err.kind() == std::io::ErrorKind::NotFound => {
+ // File not found, delete by setting atime to unix epoch
+ info!("Not found, mark for deletion: {}", content.key);
+ SystemTime::UNIX_EPOCH
+ }
+ Err(err) => return Err(err.into()),
+ };
+ let atime = atime.duration_since(SystemTime::UNIX_EPOCH)?.as_secs() as i64;
+
+ chunk_count += 1;
+
+ if atime < min_atime {
+ if let Some(cache) = self.cache() {
+ let mut digest_bytes = [0u8; 32];
+ hex::decode_to_slice(digest.as_bytes(), &mut digest_bytes)?;
+ // ignore errors, phase 3 will retry cleanup anyways
+ let _ = cache.remove(&digest_bytes);
+ }
+ delete_list.push(content.key);
+ if bad {
+ gc_status.removed_bad += 1;
+ } else {
+ gc_status.removed_chunks += 1;
+ }
+ gc_status.removed_bytes += content.size;
+ } else if atime < oldest_writer {
+ if bad {
+ gc_status.still_bad += 1;
+ } else {
+ gc_status.pending_chunks += 1;
+ }
+ gc_status.pending_bytes += content.size;
+ } else {
+ if !bad {
+ gc_status.disk_chunks += 1;
+ }
+ gc_status.disk_bytes += content.size;
+ }
+ }
+
+ if !delete_list.is_empty() {
+ let delete_objects_result = proxmox_async::runtime::block_on(
+ s3_client.delete_objects(&delete_list),
+ )?;
+ if let Some(_err) = delete_objects_result.error {
+ bail!("failed to delete some objects");
+ }
+ delete_list.clear();
+ }
+
+ drop(lock);
+
+ // Process next batch of chunks if there is more
+ if list_bucket_result.is_truncated {
+ list_bucket_result =
+ proxmox_async::runtime::block_on(s3_client.list_objects_v2(
+ &prefix,
+ list_bucket_result.next_continuation_token.as_deref(),
+ ))?;
+ continue;
+ }
+
+ break;
+ }
+ info!("processed {chunk_count} total chunks");
+
+ // Phase 2 GC of Filesystem backed storage is phase 3 for S3 backed GC
+ info!("Start GC phase3 (sweep unused chunk markers)");
+
+ let mut tmp_gc_status = GarbageCollectionStatus {
+ upid: Some(upid.to_string()),
+ ..Default::default()
+ };
+ self.inner.chunk_store.sweep_unused_chunks(
+ oldest_writer,
+ min_atime,
+ &mut tmp_gc_status,
+ worker,
+ )?;
+ } else {
+ self.inner.chunk_store.sweep_unused_chunks(
+ oldest_writer,
+ min_atime,
+ &mut gc_status,
+ worker,
+ )?;
+ }
info!(
"Removed garbage: {}",
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 31/41] ui: add datastore type selector and reorganize component layout
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (31 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 30/41] datastore: implement garbage collection for s3 backend Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 32/41] ui: add S3 client edit window for configuration create/edit Christian Ebner
` (9 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
In preparation for adding the S3 backed datastore variant to the edit
window. Introduce a datastore type selector in order to distinguish
between creation of regular and removable datastores, instead of
using the checkbox as is currently the case.
This allows to more easily expand for further datastore type variants
while keeping the datastore edit window compact.
Since selecting the type is one of the first steps during datastore
creation, position the component right below the datastore name field
and re-organize the components related to the removable datastore
creation, while keeping additional required components for the S3
backed datastore creation in mind.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
www/window/DataStoreEdit.js | 78 +++++++++++++++++++++----------------
1 file changed, 45 insertions(+), 33 deletions(-)
diff --git a/www/window/DataStoreEdit.js b/www/window/DataStoreEdit.js
index 372984e37..35ceddbc6 100644
--- a/www/window/DataStoreEdit.js
+++ b/www/window/DataStoreEdit.js
@@ -52,6 +52,41 @@ Ext.define('PBS.DataStoreEdit', {
allowBlank: false,
fieldLabel: gettext('Name'),
},
+ {
+ xtype: 'proxmoxKVComboBox',
+ name: 'datastore-type',
+ fieldLabel: gettext('Datastore Type'),
+ value: '__default__',
+ submitValue: false,
+ comboItems: [
+ ['__default__', 'Regular'],
+ ['removable', 'Removable'],
+ ],
+ cbind: {
+ disabled: '{!isCreate}',
+ },
+ listeners: {
+ change: function (checkbox, selected) {
+ let isRemovable = selected === 'removable';
+
+ let inputPanel = checkbox.up('inputpanel');
+ let pathField = inputPanel.down('[name=path]');
+ let uuidEditField = inputPanel.down('[name=backing-device]');
+
+ uuidEditField.setDisabled(!isRemovable);
+ uuidEditField.allowBlank = !isRemovable;
+ uuidEditField.setValue('');
+
+ if (isRemovable) {
+ pathField.setFieldLabel(gettext('Path on Device'));
+ pathField.setEmptyText(gettext('A relative path'));
+ } else {
+ pathField.setFieldLabel(gettext('Backing Path'));
+ pathField.setEmptyText(gettext('An absolute path'));
+ }
+ },
+ },
+ },
{
xtype: 'pmxDisplayEditField',
cbind: {
@@ -63,17 +98,6 @@ Ext.define('PBS.DataStoreEdit', {
emptyText: gettext('An absolute path'),
validator: (val) => val?.trim() !== '/',
},
- {
- xtype: 'pbsPartitionSelector',
- fieldLabel: gettext('Device'),
- name: 'backing-device',
- disabled: true,
- allowBlank: true,
- cbind: {
- editable: '{isCreate}',
- },
- emptyText: gettext('Device path'),
- },
],
column2: [
{
@@ -97,31 +121,19 @@ Ext.define('PBS.DataStoreEdit', {
value: '{scheduleValue}',
},
},
- ],
- columnB: [
{
- xtype: 'checkbox',
- boxLabel: gettext('Removable datastore'),
- submitValue: false,
- listeners: {
- change: function (checkbox, isRemovable) {
- let inputPanel = checkbox.up('inputpanel');
- let pathField = inputPanel.down('[name=path]');
- let uuidEditField = inputPanel.down('[name=backing-device]');
-
- uuidEditField.setDisabled(!isRemovable);
- uuidEditField.allowBlank = !isRemovable;
- uuidEditField.setValue('');
- if (isRemovable) {
- pathField.setFieldLabel(gettext('Path on Device'));
- pathField.setEmptyText(gettext('A relative path'));
- } else {
- pathField.setFieldLabel(gettext('Backing Path'));
- pathField.setEmptyText(gettext('An absolute path'));
- }
- },
+ xtype: 'pbsPartitionSelector',
+ fieldLabel: gettext('Device'),
+ name: 'backing-device',
+ disabled: true,
+ allowBlank: true,
+ cbind: {
+ editable: '{isCreate}',
},
+ emptyText: gettext('Device path'),
},
+ ],
+ columnB: [
{
xtype: 'textfield',
name: 'comment',
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 32/41] ui: add S3 client edit window for configuration create/edit
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (32 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 31/41] ui: add datastore type selector and reorganize component layout Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 33/41] ui: add S3 client view for configuration Christian Ebner
` (8 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds an edit window for creating or editing S3 client configurations.
Loosely based on the same edit window for the remote configuration.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
www/window/S3ClientEdit.js | 144 +++++++++++++++++++++++++++++++++++++
1 file changed, 144 insertions(+)
create mode 100644 www/window/S3ClientEdit.js
diff --git a/www/window/S3ClientEdit.js b/www/window/S3ClientEdit.js
new file mode 100644
index 000000000..2e5ea7678
--- /dev/null
+++ b/www/window/S3ClientEdit.js
@@ -0,0 +1,144 @@
+Ext.define('PBS.window.S3ClientEdit', {
+ extend: 'Proxmox.window.Edit',
+ alias: 'widget.pbsS3ClientEdit',
+ mixins: ['Proxmox.Mixin.CBind'],
+
+ onlineHelp: 'backup_s3client',
+
+ isAdd: true,
+
+ subject: gettext('S3 Client'),
+
+ fieldDefaults: { labelWidth: 120 },
+
+ cbindData: function(initialConfig) {
+ let me = this;
+
+ let baseurl = '/api2/extjs/config/s3';
+ let id = initialConfig.id;
+
+ me.isCreate = !id;
+ me.url = id ? `${baseurl}/${id}` : baseurl;
+ me.method = id ? 'PUT' : 'POST';
+ me.autoLoad = !!id;
+ return {
+ passwordEmptyText: me.isCreate ? '' : gettext('Unchanged'),
+ };
+ },
+
+ items: {
+ xtype: 'inputpanel',
+ column1: [
+ {
+ xtype: 'pmxDisplayEditField',
+ name: 'id',
+ fieldLabel: gettext('Unique Identifier'),
+ renderer: Ext.htmlEncode,
+ allowBlank: false,
+ minLength: 4,
+ cbind: {
+ editable: '{isCreate}',
+ },
+ },
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'endpoint',
+ fieldLabel: gettext('Endpoint'),
+ allowBlank: false,
+ emptyText: gettext('e.g. {{bucket}}.s3.{{region}}.amazonaws.com'),
+ autoEl: {
+ tag: 'div',
+ 'data-qtip': gettext('IP or FQDN S3 endpoint (allows {{bucket}} or {{region}} templating)'),
+ },
+ },
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'port',
+ fieldLabel: gettext('Port'),
+ emptyText: gettext("default (443)"),
+ cbind: {
+ deleteEmpty: '{!isCreate}',
+ },
+ },
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'path-style',
+ fieldLabel: gettext('Path Style'),
+ autoEl: {
+ tag: 'div',
+ 'data-qtip': gettext('Use path style over vhost style bucket addressing.'),
+ },
+ uncheckedValue: false,
+ value: false,
+ },
+ ],
+
+ column2: [
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'region',
+ fieldLabel: gettext('Region'),
+ emptyText: gettext("default (us-west-1)"),
+ cbind: {
+ deleteEmpty: '{!isCreate}',
+ },
+ },
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'access-key',
+ fieldLabel: gettext('Access Key'),
+ cbind: {
+ emptyText: '{passwordEmptyText}',
+ allowBlank: '{!isCreate}',
+ },
+ },
+ {
+ xtype: 'textfield',
+ name: 'secret-key',
+ inputType: 'password',
+ fieldLabel: gettext('Secret Key'),
+ cbind: {
+ emptyText: '{passwordEmptyText}',
+ allowBlank: '{!isCreate}',
+ },
+ },
+ ],
+
+ columnB: [
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'fingerprint',
+ fieldLabel: gettext('Fingerprint'),
+ emptyText: gettext("Server certificate's SHA-256 fingerprint, required for self-signed certificates"),
+ cbind: {
+ deleteEmpty: '{!isCreate}',
+ },
+ },
+ ],
+ },
+
+ getValues: function() {
+ let me = this;
+ let values = me.callParent(arguments);
+
+ if (me.isCreate) {
+ /// Secrets are stored into separate config, but set the same id for both configs
+ values['secrets-id'] = values.id;
+ }
+
+ if (values.delete && !Ext.isArray(values.delete)) {
+ values.delete = values.delete.split(',');
+ }
+ PBS.Utils.delete_if_default(values, 'path-style', false, me.isCreate);
+
+ if (values['access-key'] === '') {
+ delete values['access-key'];
+ }
+
+ if (values['secret-key'] === '') {
+ delete values['secret-key'];
+ }
+
+ return values;
+ },
+});
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 33/41] ui: add S3 client view for configuration
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (33 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 32/41] ui: add S3 client edit window for configuration create/edit Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 34/41] ui: expose the S3 client view in the navigation tree Christian Ebner
` (7 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the view to configure S3 clients in the Configuration section of
the UI.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
www/config/S3ClientView.js | 137 +++++++++++++++++++++++++++++++++++++
1 file changed, 137 insertions(+)
create mode 100644 www/config/S3ClientView.js
diff --git a/www/config/S3ClientView.js b/www/config/S3ClientView.js
new file mode 100644
index 000000000..5e98e94b8
--- /dev/null
+++ b/www/config/S3ClientView.js
@@ -0,0 +1,137 @@
+Ext.define('pmx-s3client', {
+ extend: 'Ext.data.Model',
+ fields: ['id', 'endpoint', 'port', 'access-key', 'secret-key', 'region', 'fingerprint'],
+ idProperty: 'id',
+ proxy: {
+ type: 'proxmox',
+ url: '/api2/json/config/s3',
+ },
+});
+
+Ext.define('PBS.config.S3ClientView', {
+ extend: 'Ext.grid.GridPanel',
+ alias: 'widget.pbsS3ClientView',
+
+ title: gettext('S3 Clients'),
+
+ stateful: true,
+ stateId: 'grid-s3clients',
+ tools: [PBS.Utils.get_help_tool("backup-s3-client")],
+
+ controller: {
+ xclass: 'Ext.app.ViewController',
+
+ addS3Client: function() {
+ let me = this;
+ Ext.create('PBS.window.S3ClientEdit', {
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+ editS3Client: function() {
+ let me = this;
+ let view = me.getView();
+ let selection = view.getSelection();
+ if (selection.length < 1) return;
+
+ Ext.create('PBS.window.S3ClientEdit', {
+ id: selection[0].data.id,
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+ reload: function() { this.getView().getStore().rstore.load(); },
+
+ init: function(view) {
+ Proxmox.Utils.monStoreErrors(view, view.getStore().rstore);
+ },
+ },
+
+ listeners: {
+ activate: 'reload',
+ itemdblclick: 'editS3Client',
+ },
+
+ store: {
+ type: 'diff',
+ autoDestroy: true,
+ autoDestroyRstore: true,
+ sorters: 'id',
+ rstore: {
+ type: 'update',
+ storeid: 'pmx-s3client',
+ model: 'pmx-s3client',
+ autoStart: true,
+ interval: 5000,
+ },
+ },
+
+ tbar: [
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Add'),
+ handler: 'addS3Client',
+ selModel: false,
+ },
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Edit'),
+ handler: 'editS3Client',
+ disabled: true,
+ },
+ {
+ xtype: 'proxmoxStdRemoveButton',
+ baseurl: '/config/s3',
+ callback: 'reload',
+ },
+ ],
+
+ viewConfig: {
+ trackOver: false,
+ },
+
+ columns: [
+ {
+ dataIndex: 'id',
+ header: gettext('Unique Identifier'),
+ renderer: Ext.String.htmlEncode,
+ sortable: true,
+ width: 200,
+ },
+ {
+ dataIndex: 'endpoint',
+ header: gettext('Endpoint'),
+ sortable: true,
+ width: 200,
+ },
+ {
+ dataIndex: 'port',
+ header: gettext('Port'),
+ renderer: Ext.String.htmlEncode,
+ sortable: true,
+ width: 100,
+ },
+ {
+ dataIndex: 'region',
+ header: gettext('Region'),
+ renderer: Ext.String.htmlEncode,
+ sortable: true,
+ width: 100,
+ },
+ {
+ dataIndex: 'fingerprint',
+ header: gettext('Fingerprint'),
+ renderer: Ext.String.htmlEncode,
+ sortable: false,
+ flex: 1,
+ },
+ ],
+});
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 34/41] ui: expose the S3 client view in the navigation tree
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (34 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 33/41] ui: add S3 client view for configuration Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 35/41] ui: add s3 client selector and bucket field for s3 backend setup Christian Ebner
` (6 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Add a `S3 Clients` item to the navigation tree to allow accessing the
S3 client configuration view and edit windows.
Adds the required source files to the Makefile.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
www/Makefile | 2 ++
www/NavigationTree.js | 6 ++++++
2 files changed, 8 insertions(+)
diff --git a/www/Makefile b/www/Makefile
index 304e8cf34..3b6b18cbd 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -61,6 +61,7 @@ JSSRC= \
config/RemoteView.js \
config/TrafficControlView.js \
config/ACLView.js \
+ config/S3ClientView.js \
config/SyncView.js \
config/VerifyView.js \
config/PruneView.js \
@@ -85,6 +86,7 @@ JSSRC= \
window/PruneJobEdit.js \
window/GCJobEdit.js \
window/UserEdit.js \
+ window/S3ClientEdit.js \
window/Settings.js \
window/TokenEdit.js \
window/VerifyJobEdit.js \
diff --git a/www/NavigationTree.js b/www/NavigationTree.js
index f28de3eb0..a9db3a146 100644
--- a/www/NavigationTree.js
+++ b/www/NavigationTree.js
@@ -80,6 +80,12 @@ Ext.define('PBS.store.NavigationStore', {
path: 'pbsSubscription',
leaf: true,
},
+ {
+ text: gettext('S3 Clients'),
+ iconCls: 'fa fa-cloud-upload',
+ path: 'pbsS3ClientView',
+ leaf: true,
+ },
],
},
{
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 35/41] ui: add s3 client selector and bucket field for s3 backend setup
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (35 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 34/41] ui: expose the S3 client view in the navigation tree Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 36/41] tools: lru cache: add removed callback for evicted cache nodes Christian Ebner
` (5 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
In order to be able to create datastore with an s3 object store
backend. Implements a s3 client selector and exposes it in the
datastore edit window, together with the additional bucket name field
to associate with the datastore's s3 backend.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
www/Makefile | 1 +
www/form/S3ClientSelector.js | 33 +++++++++++++++++++++++++++
www/window/DataStoreEdit.js | 44 ++++++++++++++++++++++++++++++++++++
3 files changed, 78 insertions(+)
create mode 100644 www/form/S3ClientSelector.js
diff --git a/www/Makefile b/www/Makefile
index 3b6b18cbd..7c2e508d0 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -42,6 +42,7 @@ JSSRC= \
Schema.js \
form/TokenSelector.js \
form/AuthidSelector.js \
+ form/S3ClientSelector.js \
form/RemoteSelector.js \
form/RemoteTargetSelector.js \
form/DataStoreSelector.js \
diff --git a/www/form/S3ClientSelector.js b/www/form/S3ClientSelector.js
new file mode 100644
index 000000000..a1348b499
--- /dev/null
+++ b/www/form/S3ClientSelector.js
@@ -0,0 +1,33 @@
+Ext.define('PBS.form.S3ClientSelector', {
+ extend: 'Proxmox.form.ComboGrid',
+ alias: 'widget.pbsS3ClientSelector',
+
+ allowBlank: false,
+ autoSelect: false,
+ valueField: 'id',
+ displayField: 'id',
+
+ store: {
+ model: 'pmx-s3client',
+ autoLoad: true,
+ sorters: 'id',
+ },
+
+ listConfig: {
+ columns: [
+ {
+ header: gettext('S3 Client ID'),
+ sortable: true,
+ dataIndex: 'id',
+ renderer: Ext.String.htmlEncode,
+ flex: 1,
+ },
+ {
+ header: gettext('Host'),
+ sortable: true,
+ dataIndex: 'host',
+ flex: 1,
+ },
+ ],
+ },
+});
diff --git a/www/window/DataStoreEdit.js b/www/window/DataStoreEdit.js
index 35ceddbc6..ce931cec2 100644
--- a/www/window/DataStoreEdit.js
+++ b/www/window/DataStoreEdit.js
@@ -61,6 +61,7 @@ Ext.define('PBS.DataStoreEdit', {
comboItems: [
['__default__', 'Regular'],
['removable', 'Removable'],
+ ['s3', 'S3 (experimental)'],
],
cbind: {
disabled: '{!isCreate}',
@@ -68,18 +69,32 @@ Ext.define('PBS.DataStoreEdit', {
listeners: {
change: function (checkbox, selected) {
let isRemovable = selected === 'removable';
+ let isS3 = selected === 's3';
let inputPanel = checkbox.up('inputpanel');
let pathField = inputPanel.down('[name=path]');
let uuidEditField = inputPanel.down('[name=backing-device]');
+ let bucketField = inputPanel.down('[name=bucket]');
+ let s3ClientSelector = inputPanel.down('[name=s3client]');
uuidEditField.setDisabled(!isRemovable);
uuidEditField.allowBlank = !isRemovable;
uuidEditField.setValue('');
+ bucketField.setDisabled(!isS3);
+ bucketField.allowBlank = !isS3;
+ bucketField.setValue('');
+
+ s3ClientSelector.setDisabled(!isS3);
+ s3ClientSelector.allowBlank = !isS3;
+ s3ClientSelector.setValue('');
+
if (isRemovable) {
pathField.setFieldLabel(gettext('Path on Device'));
pathField.setEmptyText(gettext('A relative path'));
+ } else if (isS3) {
+ pathField.setFieldLabel(gettext('Store Cache'));
+ pathField.setEmptyText(gettext('An absolute path'));
} else {
pathField.setFieldLabel(gettext('Backing Path'));
pathField.setEmptyText(gettext('An absolute path'));
@@ -98,6 +113,15 @@ Ext.define('PBS.DataStoreEdit', {
emptyText: gettext('An absolute path'),
validator: (val) => val?.trim() !== '/',
},
+ {
+ xtype: 'pbsS3ClientSelector',
+ name: 's3client',
+ fieldLabel: gettext('S3 Client ID'),
+ disabled: true,
+ cbind: {
+ editable: '{isCreate}',
+ },
+ },
],
column2: [
{
@@ -132,6 +156,13 @@ Ext.define('PBS.DataStoreEdit', {
},
emptyText: gettext('Device path'),
},
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'bucket',
+ fieldLabel: gettext('Bucket'),
+ allowBlank: false,
+ disabled: true,
+ },
],
columnB: [
{
@@ -154,7 +185,20 @@ Ext.define('PBS.DataStoreEdit', {
if (me.isCreate) {
// New datastores default to using the notification system
values['notification-mode'] = 'notification-system';
+
+ if (values.s3client) {
+ let s3BackendConf = {
+ type: 's3',
+ client: values.s3client,
+ bucket: values.bucket,
+ };
+ values.backend = PBS.Utils.printPropertyString(s3BackendConf);
+ }
}
+
+ delete values.s3client;
+ delete values.bucket;
+
return values;
},
},
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 36/41] tools: lru cache: add removed callback for evicted cache nodes
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (36 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 35/41] ui: add s3 client selector and bucket field for s3 backend setup Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 37/41] tools: async lru cache: implement insert, remove and contains methods Christian Ebner
` (4 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Add a callback function to be executed on evicted cache nodes. The
callback gets the key of the removed node, allowing to externally act
based on that value.
Since the callback might fail, extend the current LRU cache api to
return an error on insert, covering the error for the `removed`
callback.
Async lru cache, callsites and tests are adapted to include the
additional callback parameter accordingly.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/cached_chunk_reader.rs | 6 +++-
pbs-datastore/src/datastore.rs | 2 +-
pbs-datastore/src/dynamic_index.rs | 1 +
pbs-tools/src/async_lru_cache.rs | 23 +++++++++----
pbs-tools/src/lru_cache.rs | 42 +++++++++++++++---------
5 files changed, 50 insertions(+), 24 deletions(-)
diff --git a/pbs-datastore/src/cached_chunk_reader.rs b/pbs-datastore/src/cached_chunk_reader.rs
index be7f2a1e2..95ac23a54 100644
--- a/pbs-datastore/src/cached_chunk_reader.rs
+++ b/pbs-datastore/src/cached_chunk_reader.rs
@@ -81,7 +81,11 @@ impl<I: IndexFile, R: AsyncReadChunk + Send + Sync + 'static> CachedChunkReader<
let info = self.index.chunk_info(chunk.0).unwrap();
// will never be None, see AsyncChunkCacher
- let data = self.cache.access(info.digest, &self.cacher).await?.unwrap();
+ let data = self
+ .cache
+ .access(info.digest, &self.cacher, |_| Ok(()))
+ .await?
+ .unwrap();
let want_bytes = ((info.range.end - cur_offset) as usize).min(size - read);
let slice = &mut buf[read..(read + want_bytes)];
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 1d411e8d1..85f46f917 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -1239,7 +1239,7 @@ impl DataStore {
// Avoid multiple expensive atime updates by utimensat
if let Some(chunk_lru_cache) = chunk_lru_cache {
- if chunk_lru_cache.insert(*digest, ()) {
+ if chunk_lru_cache.insert(*digest, (), |_| Ok(()))? {
continue;
}
}
diff --git a/pbs-datastore/src/dynamic_index.rs b/pbs-datastore/src/dynamic_index.rs
index 8e9cb1163..e9d28c7de 100644
--- a/pbs-datastore/src/dynamic_index.rs
+++ b/pbs-datastore/src/dynamic_index.rs
@@ -599,6 +599,7 @@ impl<S: ReadChunk> BufferedDynamicReader<S> {
store: &mut self.store,
index: &self.index,
},
+ |_| Ok(()),
)?
.ok_or_else(|| format_err!("chunk not found by cacher"))?;
diff --git a/pbs-tools/src/async_lru_cache.rs b/pbs-tools/src/async_lru_cache.rs
index c43b87717..141114933 100644
--- a/pbs-tools/src/async_lru_cache.rs
+++ b/pbs-tools/src/async_lru_cache.rs
@@ -42,7 +42,16 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V: Clone + Send + 'static> AsyncL
/// Access an item either via the cache or by calling cacher.fetch. A return value of Ok(None)
/// means the item requested has no representation, Err(_) means a call to fetch() failed,
/// regardless of whether it was initiated by this call or a previous one.
- pub async fn access(&self, key: K, cacher: &dyn AsyncCacher<K, V>) -> Result<Option<V>, Error> {
+ /// Calls the removed callback on the evicted item, if any.
+ pub async fn access<F>(
+ &self,
+ key: K,
+ cacher: &dyn AsyncCacher<K, V>,
+ removed: F,
+ ) -> Result<Option<V>, Error>
+ where
+ F: Fn(K) -> Result<(), Error>,
+ {
let (owner, result_fut) = {
// check if already requested
let mut maps = self.maps.lock().unwrap();
@@ -71,7 +80,7 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V: Clone + Send + 'static> AsyncL
// this call was the one initiating the request, put into LRU and remove from map
let mut maps = self.maps.lock().unwrap();
if let Ok(Some(ref value)) = result {
- maps.0.insert(key, value.clone());
+ maps.0.insert(key, value.clone(), removed)?;
}
maps.1.remove(&key);
}
@@ -106,15 +115,15 @@ mod test {
let cache: AsyncLruCache<i32, String> = AsyncLruCache::new(2);
assert_eq!(
- cache.access(10, &cacher).await.unwrap(),
+ cache.access(10, &cacher, |_| Ok(())).await.unwrap(),
Some("x10".to_string())
);
assert_eq!(
- cache.access(20, &cacher).await.unwrap(),
+ cache.access(20, &cacher, |_| Ok(())).await.unwrap(),
Some("x20".to_string())
);
assert_eq!(
- cache.access(30, &cacher).await.unwrap(),
+ cache.access(30, &cacher, |_| Ok(())).await.unwrap(),
Some("x30".to_string())
);
@@ -123,14 +132,14 @@ mod test {
tokio::spawn(async move {
let cacher = TestAsyncCacher { prefix: "y" };
assert_eq!(
- c.access(40, &cacher).await.unwrap(),
+ c.access(40, &cacher, |_| Ok(())).await.unwrap(),
Some("y40".to_string())
);
});
}
assert_eq!(
- cache.access(20, &cacher).await.unwrap(),
+ cache.access(20, &cacher, |_| Ok(())).await.unwrap(),
Some("x20".to_string())
);
});
diff --git a/pbs-tools/src/lru_cache.rs b/pbs-tools/src/lru_cache.rs
index 94757bbf7..a7aea6528 100644
--- a/pbs-tools/src/lru_cache.rs
+++ b/pbs-tools/src/lru_cache.rs
@@ -60,10 +60,10 @@ impl<K, V> CacheNode<K, V> {
/// assert_eq!(cache.get_mut(1), None);
/// assert_eq!(cache.len(), 0);
///
-/// cache.insert(1, 1);
-/// cache.insert(2, 2);
-/// cache.insert(3, 3);
-/// cache.insert(4, 4);
+/// cache.insert(1, 1, |_| Ok(()));
+/// cache.insert(2, 2, |_| Ok(()));
+/// cache.insert(3, 3, |_| Ok(()));
+/// cache.insert(4, 4, |_| Ok(()));
/// assert_eq!(cache.len(), 3);
///
/// assert_eq!(cache.get_mut(1), None);
@@ -77,9 +77,9 @@ impl<K, V> CacheNode<K, V> {
/// assert_eq!(cache.len(), 0);
/// assert_eq!(cache.get_mut(2), None);
/// // access will fill in missing cache entry by fetching from LruCacher
-/// assert_eq!(cache.access(2, &mut LruCacher {}).unwrap(), Some(&mut 2));
+/// assert_eq!(cache.access(2, &mut LruCacher {}, |_| Ok(())).unwrap(), Some(&mut 2));
///
-/// cache.insert(1, 1);
+/// cache.insert(1, 1, |_| Ok(()));
/// assert_eq!(cache.get_mut(1), Some(&mut 1));
///
/// cache.clear();
@@ -135,7 +135,10 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
/// Insert or update an entry identified by `key` with the given `value`.
/// This entry is placed as the most recently used node at the head.
- pub fn insert(&mut self, key: K, value: V) -> bool {
+ pub fn insert<F>(&mut self, key: K, value: V, removed: F) -> Result<bool, anyhow::Error>
+ where
+ F: Fn(K) -> Result<(), anyhow::Error>,
+ {
match self.map.entry(key) {
Entry::Occupied(mut o) => {
// Node present, update value
@@ -144,7 +147,7 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
let mut node = unsafe { Box::from_raw(node_ptr) };
node.value = value;
let _node_ptr = Box::into_raw(node);
- true
+ Ok(true)
}
Entry::Vacant(v) => {
// Node not present, insert a new one
@@ -160,9 +163,11 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
// avoid borrow conflict. This means there are temporarily
// self.capacity + 1 cache nodes.
if self.map.len() > self.capacity {
- self.pop_tail();
+ if let Some(removed_node) = self.pop_tail() {
+ removed(removed_node)?;
+ }
}
- false
+ Ok(false)
}
}
}
@@ -176,11 +181,12 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
}
/// Remove the least recently used node from the cache.
- fn pop_tail(&mut self) {
+ fn pop_tail(&mut self) -> Option<K> {
if let Some(old_tail) = self.list.pop_tail() {
// Remove HashMap entry for old tail
- self.map.remove(&old_tail.key);
+ return self.map.remove(&old_tail.key).map(|_| old_tail.key);
}
+ None
}
/// Get a mutable reference to the value identified by `key`.
@@ -208,11 +214,15 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
/// value.
/// If fetch returns a value, it is inserted as the most recently used entry
/// in the cache.
- pub fn access<'a>(
+ pub fn access<'a, F>(
&'a mut self,
key: K,
cacher: &mut dyn Cacher<K, V>,
- ) -> Result<Option<&'a mut V>, anyhow::Error> {
+ removed: F,
+ ) -> Result<Option<&'a mut V>, anyhow::Error>
+ where
+ F: Fn(K) -> Result<(), anyhow::Error>,
+ {
match self.map.entry(key) {
Entry::Occupied(mut o) => {
// Cache hit, birng node to front of list
@@ -236,7 +246,9 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V> LruCache<K, V> {
// avoid borrow conflict. This means there are temporarily
// self.capacity + 1 cache nodes.
if self.map.len() > self.capacity {
- self.pop_tail();
+ if let Some(removed_node) = self.pop_tail() {
+ removed(removed_node)?;
+ }
}
}
}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 37/41] tools: async lru cache: implement insert, remove and contains methods
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (37 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 36/41] tools: lru cache: add removed callback for evicted cache nodes Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 38/41] datastore: add local datastore cache for network attached storages Christian Ebner
` (3 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Add methods to insert new cache entries without using the cacher,
remove cache entries given their key and check if the cache contains
a key, marking it the most recently used one if it does.
These methods will be used to implement the local datastore cache
which stores the values (chunks) on the filesystem rather than
keeping track of them by storing them in-memory in the cache. The lru
cache will only be used to allow for fast lookup and keep track of
the lookup order.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-tools/src/async_lru_cache.rs | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/pbs-tools/src/async_lru_cache.rs b/pbs-tools/src/async_lru_cache.rs
index 141114933..3a975de32 100644
--- a/pbs-tools/src/async_lru_cache.rs
+++ b/pbs-tools/src/async_lru_cache.rs
@@ -87,6 +87,29 @@ impl<K: std::cmp::Eq + std::hash::Hash + Copy, V: Clone + Send + 'static> AsyncL
result
}
+
+ /// Insert an item as the most recently used one into the cache, calling the removed callback
+ /// on the evicted cache item, if any.
+ pub fn insert<F>(&self, key: K, value: V, removed: F) -> Result<(), Error>
+ where
+ F: Fn(K) -> Result<(), Error>,
+ {
+ let mut maps = self.maps.lock().unwrap();
+ maps.0.insert(key, value.clone(), removed)?;
+ Ok(())
+ }
+
+ /// Check if the item exists and if so, mark it as the most recently uses one.
+ pub fn contains(&self, key: K) -> bool {
+ let mut maps = self.maps.lock().unwrap();
+ maps.0.get_mut(key).is_some()
+ }
+
+ /// Remove the item from the cache.
+ pub fn remove(&self, key: K) {
+ let mut maps = self.maps.lock().unwrap();
+ maps.0.remove(key);
+ }
}
#[cfg(test)]
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 38/41] datastore: add local datastore cache for network attached storages
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (38 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 37/41] tools: async lru cache: implement insert, remove and contains methods Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 39/41] api: backup: use local datastore cache on S3 backend chunk upload Christian Ebner
` (2 subsequent siblings)
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Use a local datastore as cache using LRU cache replacement policy for
operations on a datastore backed by a network, e.g. by an S3 object
store backend. The goal is to reduce number of requests to the
backend and thereby save costs (monetary as well as time).
The cacher allows to fetch cache items on cache misses via the access
method.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
pbs-datastore/src/datastore.rs | 47 ++++++-
pbs-datastore/src/lib.rs | 3 +
.../src/local_datastore_lru_cache.rs | 116 ++++++++++++++++++
3 files changed, 165 insertions(+), 1 deletion(-)
create mode 100644 pbs-datastore/src/local_datastore_lru_cache.rs
diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs
index 85f46f917..bef1f7182 100644
--- a/pbs-datastore/src/datastore.rs
+++ b/pbs-datastore/src/datastore.rs
@@ -39,8 +39,9 @@ use crate::dynamic_index::{DynamicIndexReader, DynamicIndexWriter};
use crate::fixed_index::{FixedIndexReader, FixedIndexWriter};
use crate::hierarchy::{ListGroups, ListGroupsType, ListNamespaces, ListNamespacesRecursive};
use crate::index::IndexFile;
+use crate::local_datastore_lru_cache::S3Cacher;
use crate::task_tracking::{self, update_active_operations};
-use crate::DataBlob;
+use crate::{DataBlob, LocalDatastoreLruCache};
static DATASTORE_MAP: LazyLock<Mutex<HashMap<String, Arc<DataStoreImpl>>>> =
LazyLock::new(|| Mutex::new(HashMap::new()));
@@ -134,6 +135,7 @@ pub struct DataStoreImpl {
last_digest: Option<[u8; 32]>,
sync_level: DatastoreFSyncLevel,
backend_config: DatastoreBackendConfig,
+ lru_store_caching: Option<LocalDatastoreLruCache>,
}
impl DataStoreImpl {
@@ -149,6 +151,7 @@ impl DataStoreImpl {
last_digest: None,
sync_level: Default::default(),
backend_config: Default::default(),
+ lru_store_caching: None,
})
}
}
@@ -253,6 +256,37 @@ impl DataStore {
Ok(backend_type)
}
+ pub fn cache(&self) -> Option<&LocalDatastoreLruCache> {
+ self.inner.lru_store_caching.as_ref()
+ }
+
+ /// Check if the digest is present in the local datastore cache.
+ /// Always returns false if there is no cache configured for this datastore.
+ pub fn cache_contains(&self, digest: &[u8; 32]) -> bool {
+ if let Some(cache) = self.inner.lru_store_caching.as_ref() {
+ return cache.contains(digest);
+ }
+ false
+ }
+
+ /// Insert digest as most recently used on in the cache.
+ /// Returns with success if there is no cache configured for this datastore.
+ pub fn cache_insert(&self, digest: &[u8; 32], chunk: &DataBlob) -> Result<(), Error> {
+ if let Some(cache) = self.inner.lru_store_caching.as_ref() {
+ return cache.insert(digest, chunk);
+ }
+ Ok(())
+ }
+
+ pub fn cacher(&self) -> Result<Option<S3Cacher>, Error> {
+ self.backend().map(|backend| match backend {
+ DatastoreBackend::S3(s3_client) => {
+ Some(S3Cacher::new(s3_client, self.inner.chunk_store.clone()))
+ }
+ DatastoreBackend::Filesystem => None,
+ })
+ }
+
pub fn lookup_datastore(
name: &str,
operation: Option<Operation>,
@@ -435,6 +469,16 @@ impl DataStore {
.parse_property_string(config.backend.as_deref().unwrap_or(""))?,
)?;
+ const LOCAL_DATASTORE_CACHE_SIZE: usize = 10_000_000;
+ let lru_store_caching = if DatastoreBackendType::S3 == backend_config.ty.unwrap_or_default()
+ {
+ let cache =
+ LocalDatastoreLruCache::new(LOCAL_DATASTORE_CACHE_SIZE, chunk_store.clone());
+ Some(cache)
+ } else {
+ None
+ };
+
Ok(DataStoreImpl {
chunk_store,
gc_mutex: Mutex::new(()),
@@ -444,6 +488,7 @@ impl DataStore {
last_digest,
sync_level: tuning.sync_level.unwrap_or_default(),
backend_config,
+ lru_store_caching,
})
}
diff --git a/pbs-datastore/src/lib.rs b/pbs-datastore/src/lib.rs
index e6f65575b..f1ad3d4c2 100644
--- a/pbs-datastore/src/lib.rs
+++ b/pbs-datastore/src/lib.rs
@@ -216,3 +216,6 @@ pub use snapshot_reader::SnapshotReader;
mod local_chunk_reader;
pub use local_chunk_reader::LocalChunkReader;
+
+mod local_datastore_lru_cache;
+pub use local_datastore_lru_cache::LocalDatastoreLruCache;
diff --git a/pbs-datastore/src/local_datastore_lru_cache.rs b/pbs-datastore/src/local_datastore_lru_cache.rs
new file mode 100644
index 000000000..c711c5208
--- /dev/null
+++ b/pbs-datastore/src/local_datastore_lru_cache.rs
@@ -0,0 +1,116 @@
+//! Use a local datastore as cache for operations on a datastore attached via
+//! a network layer (e.g. via the S3 backend).
+
+use std::future::Future;
+use std::sync::Arc;
+
+use anyhow::{bail, Error};
+use hyper::body::HttpBody;
+
+use pbs_s3_client::S3Client;
+use pbs_tools::async_lru_cache::{AsyncCacher, AsyncLruCache};
+
+use crate::ChunkStore;
+use crate::DataBlob;
+
+#[derive(Clone)]
+pub struct S3Cacher {
+ client: Arc<S3Client>,
+ store: Arc<ChunkStore>,
+}
+
+impl AsyncCacher<[u8; 32], ()> for S3Cacher {
+ fn fetch(
+ &self,
+ key: [u8; 32],
+ ) -> Box<dyn Future<Output = Result<Option<()>, Error>> + Send + 'static> {
+ let client = self.client.clone();
+ let store = self.store.clone();
+ Box::new(async move {
+ match client.get_object(key.into()).await? {
+ None => bail!("could not fetch object with key {}", hex::encode(key)),
+ Some(response) => {
+ let bytes = response.content.collect().await?.to_bytes();
+ let chunk = DataBlob::from_raw(bytes.to_vec())?;
+ store.insert_chunk(&chunk, &key)?;
+ Ok(Some(()))
+ }
+ }
+ })
+ }
+}
+
+impl S3Cacher {
+ pub fn new(client: Arc<S3Client>, store: Arc<ChunkStore>) -> Self {
+ Self { client, store }
+ }
+}
+
+/// LRU cache using local datastore for caching chunks
+///
+/// Uses a LRU cache, but without storing the values in-memory but rather
+/// on the filesystem
+pub struct LocalDatastoreLruCache {
+ cache: AsyncLruCache<[u8; 32], ()>,
+ store: Arc<ChunkStore>,
+}
+
+impl LocalDatastoreLruCache {
+ pub fn new(capacity: usize, store: Arc<ChunkStore>) -> Self {
+ Self {
+ cache: AsyncLruCache::new(capacity),
+ store,
+ }
+ }
+
+ /// Insert a new chunk into the local datastore cache.
+ ///
+ /// Fails if the chunk cannot be inserted successfully.
+ pub fn insert(&self, digest: &[u8; 32], chunk: &DataBlob) -> Result<(), Error> {
+ self.store.insert_chunk(chunk, digest)?;
+ self.cache.insert(*digest, (), |digest| {
+ let (path, _digest_str) = self.store.chunk_path(&digest);
+ // Truncate to free up space but keep the inode around, since that
+ // is used as marker for chunks in use by garbage collection.
+ nix::unistd::truncate(&path, 0).map_err(Error::from)
+ })
+ }
+
+ /// Remove a chunk from the local datastore cache.
+ ///
+ /// Fails if the chunk cannot be deleted successfully.
+ pub fn remove(&self, digest: &[u8; 32]) -> Result<(), Error> {
+ self.cache.remove(*digest);
+ let (path, _digest_str) = self.store.chunk_path(digest);
+ std::fs::remove_file(path).map_err(Error::from)
+ }
+
+ pub async fn access(
+ &self,
+ digest: &[u8; 32],
+ cacher: &mut S3Cacher,
+ ) -> Result<Option<DataBlob>, Error> {
+ if self
+ .cache
+ .access(*digest, cacher, |digest| {
+ let (path, _digest_str) = self.store.chunk_path(&digest);
+ // Truncate to free up space but keep the inode around, since that
+ // is used as marker for chunks in use by garbage collection.
+ nix::unistd::truncate(&path, 0).map_err(Error::from)
+ })
+ .await?
+ .is_some()
+ {
+ let (path, _digest_str) = self.store.chunk_path(digest);
+ let mut file = std::fs::File::open(&path)?;
+ let chunk = DataBlob::load_from_reader(&mut file)?;
+ Ok(Some(chunk))
+ } else {
+ Ok(None)
+ }
+ }
+
+ pub fn contains(&self, digest: &[u8; 32]) -> bool {
+ self.cache.contains(*digest)
+ }
+}
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 39/41] api: backup: use local datastore cache on S3 backend chunk upload
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (39 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 38/41] datastore: add local datastore cache for network attached storages Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 40/41] api: reader: use local datastore cache on S3 backend chunk fetching Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 41/41] api: backup: add no-cache flag to bypass local datastore cache Christian Ebner
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Take advantage of the local datastore cache to avoid re-uploading of
already known chunks. This not only helps improve the backup/upload
speeds, but also avoids additionally costs by reducing the number of
requests and transferred payload data to the S3 object store api.
If the cache is present, lookup if it contains the chunk, skipping
upload altogether if it is. Otherwise, upload the chunk into memory,
upload it to the S3 object store api and insert it into the local
datastore cache.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/backup/upload_chunk.rs | 46 ++++++++++++++++++++++++++++++---
src/server/pull.rs | 4 +++
2 files changed, 46 insertions(+), 4 deletions(-)
diff --git a/src/api2/backup/upload_chunk.rs b/src/api2/backup/upload_chunk.rs
index 838eec1fa..7a80fd0eb 100644
--- a/src/api2/backup/upload_chunk.rs
+++ b/src/api2/backup/upload_chunk.rs
@@ -247,10 +247,48 @@ async fn upload_to_backend(
UploadChunk::new(req_body, env.datastore.clone(), digest, size, encoded_size).await
}
DatastoreBackend::S3(s3_client) => {
- let is_duplicate = match s3_client.put_object(digest.into(), req_body).await? {
- PutObjectResponse::PreconditionFailed => true,
- PutObjectResponse::NeedsRetry => bail!("concurrent operation, reupload required"),
- PutObjectResponse::Success(_content) => false,
+ // Load chunk data into memory, need to write it twice, to S3 object store and
+ // local cache store. Further, body needs to be consumed also if chunks insert
+ // can be skipped since cached.
+ let data = req_body
+ .map_err(Error::from)
+ .try_fold(Vec::new(), |mut acc, chunk| {
+ acc.extend_from_slice(&chunk);
+ future::ok::<_, Error>(acc)
+ })
+ .await?;
+
+ if encoded_size != data.len() as u32 {
+ bail!(
+ "got blob with unexpected length ({encoded_size} != {})",
+ data.len()
+ );
+ }
+
+ if env.datastore.cache_contains(&digest) {
+ return Ok((digest, size, encoded_size, true));
+ }
+
+ let datastore = env.datastore.clone();
+ let upload_body = hyper::Body::from(data.clone());
+ let upload = s3_client.put_object(digest.into(), upload_body);
+ let cache_insert = tokio::task::spawn_blocking(move || {
+ let chunk = DataBlob::from_raw(data)?;
+ datastore.cache_insert(&digest, &chunk)
+ });
+ let is_duplicate = match futures::join!(upload, cache_insert) {
+ (Ok(upload_response), Ok(Ok(()))) => match upload_response {
+ PutObjectResponse::PreconditionFailed => true,
+ PutObjectResponse::NeedsRetry => {
+ bail!("concurrent operation, reupload required")
+ }
+ PutObjectResponse::Success(_content) => false,
+ },
+ (Ok(_), Ok(Err(err))) => return Err(err.context("chunk cache insert failed")),
+ (Ok(_), Err(err)) => {
+ return Err(Error::from(err).context("chunk cache insert task failed"))
+ }
+ (Err(err), _) => return Err(err.context("chunk upload failed")),
};
Ok((digest, size, encoded_size, is_duplicate))
}
diff --git a/src/server/pull.rs b/src/server/pull.rs
index f36efd7c8..85d3154eb 100644
--- a/src/server/pull.rs
+++ b/src/server/pull.rs
@@ -173,6 +173,10 @@ async fn pull_index_chunks<I: IndexFile>(
target2.insert_chunk(&chunk, &digest)?;
}
DatastoreBackend::S3(s3_client) => {
+ if target2.cache_contains(&digest) {
+ return Ok(());
+ }
+ target2.cache_insert(&digest, &chunk)?;
let data = chunk.raw_data().to_vec();
let upload_body = hyper::Body::from(data);
proxmox_async::runtime::block_on(
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 40/41] api: reader: use local datastore cache on S3 backend chunk fetching
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (40 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 39/41] api: backup: use local datastore cache on S3 backend chunk upload Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 41/41] api: backup: add no-cache flag to bypass local datastore cache Christian Ebner
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Take advantage of the local datastore filesystem cache for datastores
backed by an s3 object store in order to reduce number of requests
and latency, and increase throughput.
Also, reducing the number of requests is cost beneficial for S3 object
stores charging for fetching of objects.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/api2/reader/mod.rs | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/src/api2/reader/mod.rs b/src/api2/reader/mod.rs
index 3417f49be..24962a136 100644
--- a/src/api2/reader/mod.rs
+++ b/src/api2/reader/mod.rs
@@ -323,7 +323,28 @@ fn download_chunk(
let body = match &env.backend {
DatastoreBackend::Filesystem => load_from_filesystem(env, &digest)?,
- DatastoreBackend::S3(s3_client) => fetch_from_object_store(s3_client, &digest).await?,
+ DatastoreBackend::S3(s3_client) => {
+ match env.datastore.cache() {
+ None => fetch_from_object_store(s3_client, &digest).await?,
+ Some(cache) => {
+ let mut cacher = env
+ .datastore
+ .cacher()?
+ .ok_or(format_err!("no cacher for datastore"))?;
+ // Download from object store, insert to local cache store and read from
+ // file. Can this be optimized?
+ let chunk =
+ cache
+ .access(&digest, &mut cacher)
+ .await?
+ .ok_or(format_err!(
+ "unable to access chunk with digest {}",
+ hex::encode(digest)
+ ))?;
+ Body::from(chunk.raw_data().to_owned())
+ }
+ }
+ }
};
// fixme: set other headers ?
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 41/41] api: backup: add no-cache flag to bypass local datastore cache
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
` (41 preceding siblings ...)
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 40/41] api: reader: use local datastore cache on S3 backend chunk fetching Christian Ebner
@ 2025-06-16 14:21 ` Christian Ebner
42 siblings, 0 replies; 44+ messages in thread
From: Christian Ebner @ 2025-06-16 14:21 UTC (permalink / raw)
To: pbs-devel
Adds the `no-cache` flag so the client can request to bypass the
local datastore cache for chunk uploads. This is mainly intended for
debugging and benchmarking, but can be used in cases the caching is
known to be ineffective (no possible deduplication).
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
examples/upload-speed.rs | 1 +
pbs-client/src/backup_writer.rs | 4 +++-
proxmox-backup-client/src/benchmark.rs | 1 +
proxmox-backup-client/src/main.rs | 8 ++++++++
src/api2/backup/environment.rs | 3 +++
src/api2/backup/mod.rs | 3 +++
src/api2/backup/upload_chunk.rs | 11 +++++++++++
src/server/push.rs | 1 +
8 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/examples/upload-speed.rs b/examples/upload-speed.rs
index e4b570ec5..8a6594a47 100644
--- a/examples/upload-speed.rs
+++ b/examples/upload-speed.rs
@@ -25,6 +25,7 @@ async fn upload_speed() -> Result<f64, Error> {
&(BackupType::Host, "speedtest".to_string(), backup_time).into(),
false,
true,
+ false,
)
.await?;
diff --git a/pbs-client/src/backup_writer.rs b/pbs-client/src/backup_writer.rs
index 325425069..a91880720 100644
--- a/pbs-client/src/backup_writer.rs
+++ b/pbs-client/src/backup_writer.rs
@@ -82,6 +82,7 @@ impl BackupWriter {
backup: &BackupDir,
debug: bool,
benchmark: bool,
+ no_cache: bool,
) -> Result<Arc<BackupWriter>, Error> {
let mut param = json!({
"backup-type": backup.ty(),
@@ -89,7 +90,8 @@ impl BackupWriter {
"backup-time": backup.time,
"store": datastore,
"debug": debug,
- "benchmark": benchmark
+ "benchmark": benchmark,
+ "no-cache": no_cache,
});
if !ns.is_root() {
diff --git a/proxmox-backup-client/src/benchmark.rs b/proxmox-backup-client/src/benchmark.rs
index a6f24d745..ed21c7a91 100644
--- a/proxmox-backup-client/src/benchmark.rs
+++ b/proxmox-backup-client/src/benchmark.rs
@@ -236,6 +236,7 @@ async fn test_upload_speed(
&(BackupType::Host, "benchmark".to_string(), backup_time).into(),
false,
true,
+ true,
)
.await?;
diff --git a/proxmox-backup-client/src/main.rs b/proxmox-backup-client/src/main.rs
index 44f4f5db5..83fc9309a 100644
--- a/proxmox-backup-client/src/main.rs
+++ b/proxmox-backup-client/src/main.rs
@@ -742,6 +742,12 @@ fn spawn_catalog_upload(
optional: true,
default: false,
},
+ "no-cache": {
+ type: Boolean,
+ description: "Bypass local datastore cache for network storages.",
+ optional: true,
+ default: false,
+ },
}
}
)]
@@ -754,6 +760,7 @@ async fn create_backup(
change_detection_mode: Option<BackupDetectionMode>,
dry_run: bool,
skip_e2big_xattr: bool,
+ no_cache: bool,
limit: ClientRateLimitConfig,
_info: &ApiMethod,
_rpcenv: &mut dyn RpcEnvironment,
@@ -960,6 +967,7 @@ async fn create_backup(
&snapshot,
true,
false,
+ no_cache,
)
.await?;
diff --git a/src/api2/backup/environment.rs b/src/api2/backup/environment.rs
index 384e8a73f..874f0c44d 100644
--- a/src/api2/backup/environment.rs
+++ b/src/api2/backup/environment.rs
@@ -112,6 +112,7 @@ pub struct BackupEnvironment {
result_attributes: Value,
auth_id: Authid,
pub debug: bool,
+ pub no_cache: bool,
pub formatter: &'static dyn OutputFormatter,
pub worker: Arc<WorkerTask>,
pub datastore: Arc<DataStore>,
@@ -128,6 +129,7 @@ impl BackupEnvironment {
worker: Arc<WorkerTask>,
datastore: Arc<DataStore>,
backup_dir: BackupDir,
+ no_cache: bool,
) -> Result<Self, Error> {
let state = SharedBackupState {
finished: false,
@@ -148,6 +150,7 @@ impl BackupEnvironment {
worker,
datastore,
debug: tracing::enabled!(tracing::Level::DEBUG),
+ no_cache,
formatter: JSON_FORMATTER,
backup_dir,
last_backup: None,
diff --git a/src/api2/backup/mod.rs b/src/api2/backup/mod.rs
index 2c6afca41..0913d4264 100644
--- a/src/api2/backup/mod.rs
+++ b/src/api2/backup/mod.rs
@@ -51,6 +51,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new(
("backup-time", false, &BACKUP_TIME_SCHEMA),
("debug", true, &BooleanSchema::new("Enable verbose debug logging.").schema()),
("benchmark", true, &BooleanSchema::new("Job is a benchmark (do not keep data).").schema()),
+ ("no-cache", true, &BooleanSchema::new("Disable local datastore cache for network storages").schema()),
]),
)
).access(
@@ -77,6 +78,7 @@ fn upgrade_to_backup_protocol(
async move {
let debug = param["debug"].as_bool().unwrap_or(false);
let benchmark = param["benchmark"].as_bool().unwrap_or(false);
+ let no_cache = param["no-cache"].as_bool().unwrap_or(false);
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
@@ -212,6 +214,7 @@ fn upgrade_to_backup_protocol(
worker.clone(),
datastore,
backup_dir,
+ no_cache,
)?;
env.debug = debug;
diff --git a/src/api2/backup/upload_chunk.rs b/src/api2/backup/upload_chunk.rs
index 7a80fd0eb..4e949a073 100644
--- a/src/api2/backup/upload_chunk.rs
+++ b/src/api2/backup/upload_chunk.rs
@@ -247,6 +247,17 @@ async fn upload_to_backend(
UploadChunk::new(req_body, env.datastore.clone(), digest, size, encoded_size).await
}
DatastoreBackend::S3(s3_client) => {
+ if env.no_cache {
+ let is_duplicate = match s3_client.put_object(digest.into(), req_body).await? {
+ PutObjectResponse::PreconditionFailed => true,
+ PutObjectResponse::NeedsRetry => {
+ bail!("concurrent operation, reupload required")
+ }
+ PutObjectResponse::Success(_content) => false,
+ };
+ return Ok((digest, size, encoded_size, is_duplicate));
+ }
+
// Load chunk data into memory, need to write it twice, to S3 object store and
// local cache store. Further, body needs to be consumed also if chunks insert
// can be skipped since cached.
diff --git a/src/server/push.rs b/src/server/push.rs
index e71012ed8..6a31d2abe 100644
--- a/src/server/push.rs
+++ b/src/server/push.rs
@@ -828,6 +828,7 @@ pub(crate) async fn push_snapshot(
snapshot,
false,
false,
+ false,
)
.await?;
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 44+ messages in thread
end of thread, other threads:[~2025-06-16 14:29 UTC | newest]
Thread overview: 44+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-06-16 14:21 [pbs-devel] [PATCH proxmox{, -backup} v3 00/43] fix #2943: S3 storage backend for datastores Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 1/2] pbs-api-types: add types for S3 client configs and secrets Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox v3 2/2] pbs-api-types: extend datastore config by backend config enum Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 01/41] api: fix minor formatting issues Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 02/41] bin: sort submodules alphabetically Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 03/41] datastore: ignore missing owner file when removing group directory Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 04/41] verify: refactor verify related functions to be methods of worker Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 05/41] s3 client: add crate for AWS S3 compatible object store client Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 06/41] s3 client: implement AWS signature v4 request authentication Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 07/41] s3 client: add dedicated type for s3 object keys Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 08/41] s3 client: add type for last modified timestamp in responses Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 09/41] s3 client: add helper to parse http date headers Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 10/41] s3 client: implement methods to operate on s3 objects in bucket Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 11/41] config: introduce s3 object store client configuration Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 12/41] api: config: implement endpoints to manipulate and list s3 configs Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 13/41] api: datastore: check S3 backend bucket access on datastore create Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 14/41] api/bin: add endpoint and command to check s3 client connection Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 15/41] datastore: allow to get the backend for a datastore Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 16/41] api: backup: store datastore backend in runtime environment Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 17/41] api: backup: conditionally upload chunks to S3 object store backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 18/41] api: backup: conditionally upload blobs " Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 19/41] api: backup: conditionally upload indices " Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 20/41] api: backup: conditionally upload manifest " Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 21/41] sync: pull: conditionally upload content to S3 backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 22/41] api: reader: fetch chunks based on datastore backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 23/41] datastore: local chunk reader: read chunks based on backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 24/41] verify worker: add datastore backed to verify worker Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 25/41] verify: implement chunk verification for stores with s3 backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 26/41] datastore: create namespace marker in S3 backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 27/41] datastore: create/delete protected marker file on S3 storage backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 28/41] datastore: prune groups/snapshots from S3 object store backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 29/41] datastore: get and set owner for S3 " Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 30/41] datastore: implement garbage collection for s3 backend Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 31/41] ui: add datastore type selector and reorganize component layout Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 32/41] ui: add S3 client edit window for configuration create/edit Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 33/41] ui: add S3 client view for configuration Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 34/41] ui: expose the S3 client view in the navigation tree Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 35/41] ui: add s3 client selector and bucket field for s3 backend setup Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 36/41] tools: lru cache: add removed callback for evicted cache nodes Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 37/41] tools: async lru cache: implement insert, remove and contains methods Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 38/41] datastore: add local datastore cache for network attached storages Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 39/41] api: backup: use local datastore cache on S3 backend chunk upload Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 40/41] api: reader: use local datastore cache on S3 backend chunk fetching Christian Ebner
2025-06-16 14:21 ` [pbs-devel] [PATCH proxmox-backup v3 41/41] api: backup: add no-cache flag to bypass local datastore cache Christian Ebner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal