XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Feedback on immutability

    Scheduled Pinned Locked Moved Backup
    55 Posts 10 Posters 14.9k Views 12 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V Offline
      vkeven
      last edited by vkeven

      Where is the doc for these ? edit ok right here https://github.com/vatesfr/xen-orchestra/tree/master/%40xen-orchestra/immutable-backups , with V**m there is an option for immutability when you add the S3 bucket directly so its look like its only a flag sent at bucket creation and using the versionning/compliance feature

      florentF 1 Reply Last reply Reply Quote 1
      • florentF Offline
        florent Vates 🪐 XO Team @vkeven
        last edited by

        @vkeven we don't have ( for now) the feature to create bucket directly from XO. Also I think it is more secure if XO don't know at all the credits of the bucket admin

        1 Reply Last reply Reply Quote 0
        • olivierlambertO Offline
          olivierlambert Vates 🪐 Co-Founder CEO
          last edited by

          Indeed, because if XO is compromised, then it could disable immutability.

          V 1 Reply Last reply Reply Quote 0
          • V Offline
            vkeven @olivierlambert
            last edited by

            @olivierlambert We tried adding compliance( prevent any file manipulation for X period) directly into bucket but XOA could not do his backup job correctly and the logs are full of access denied probably because of file merging or manipulation refused , so how we should do this ?

            R 1 Reply Last reply Reply Quote 0
            • R Offline
              rtjdamen @vkeven
              last edited by

              @vkeven same problem here, we decided not to proceed with this as it would never work with an incremental delta without doing a full every few weeks. We are going to handle this with s3 and synology internal features.

              1 Reply Last reply Reply Quote 0
              • olivierlambertO Offline
                olivierlambert Vates 🪐 Co-Founder CEO
                last edited by

                Thanks for your feedback, we'll discuss internally if there's any other possible approach (and I'm not sure).

                R 1 Reply Last reply Reply Quote 0
                • V Offline
                  vkeven
                  last edited by

                  So what is the deal with these guy ?

                  1 Reply Last reply Reply Quote 0
                  • olivierlambertO olivierlambert referenced this topic
                  • R Offline
                    redneckitguy @olivierlambert
                    last edited by

                    @olivierlambert
                    Any updates on this? We're using Backblaze buckets with compliance turned on at the bucket level, but we keep getting failures once the retention period expires and it starts to remove the old backup chains.

                    We tried setting 28 days of retention at the bucket level, 42 in XenOrchestra, and are running a full backup every 2 weeks. I have a ticket open with support but so far a resolution hasn't been found.

                    1 Reply Last reply Reply Quote 0
                    • olivierlambertO Offline
                      olivierlambert Vates 🪐 Co-Founder CEO
                      last edited by

                      In theory that should work 🤔 Ping @florent

                      R 1 Reply Last reply Reply Quote 0
                      • R Offline
                        redneckitguy @olivierlambert
                        last edited by redneckitguy

                        @olivierlambert
                        So it looks like the issue is not related to object lock or immutability but rather Backblaze not handling the merge requests very well. Not sure why this isn't impacting the other backup job without object lock, but anyways.... guess we're in the market for a different storage provider.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post