I’m working on backing up my Qubes over borg backup. Part of the whole system is a script in dom0 that automatically attaches the LVM images of the qubes’ private storage to a disposable VM. I have noticed that there are different names for the LVM images:
I assume the last one is a backup of some sort (although I couldn’t figure out under which circumstances it is created). But I’m very confused about the first two. Some of my qubes have both, some only one of them. What is the difference? How do I know which one is the correct one to backup?
Thank you. That gives me some idea of what the different volumes are for. However, I still couldn’t find out under which circumstances there’s a “vm-personal-private” and under which there’s a “vm-personal-private-snap”. Starting and stopping the VM seems to change between them, but not always.
I think I’ve solved this by my script checking if one of these is there, and if not, backing up the other one. If someone still has some insight about how exactly this works, I’d be interested. But it’s not a pressing issue anymore.
Starting a VM should always create a snapshot of -private, which is written to during use, and after shutdown, that volume becomes the standard volume.
That is, after shutdown:
The snapshot will become the next standard volume (non-snapshot).
Assuming steadystate (e.g. after two successful shutdowns), the oldest -backup will be deleted, the second oldest will be retained, and the standard volume (non-snapshot) will become the most recent backup (assuming the standard pool setting for vm-pool of revisions_to_keep=2).
So, your backup will likely want different behavior related to whether the VM is running or not. But also, there can be a few seconds lag after shutdown for all the volume cleanup to complete, so keep that in mind.
What bothers me is that I can’t clearly tie the state of whether the VM is runnning to whether I can find a vm-name-private or vm-name-private-snap logical volume. I just tested this by running
$ ls /dev/qubes_dom0/*-private-snap
and comparing the output with the list of running VMs. They almost match, except that two VMs appear in the list of the LVM images that are not actually running. And I don’t think that a few seconds lag can explain this because I’ve left my machine running for over an hour without touching it, then came back to it and observed this. The VMs also don’t differ in some special way from the others. They’re just regular AppVMs.
But I’ve tested my script and it successfully backed up all of my VMs now. I’ll observe whether I run into problems in the future. I can live with the fact that maybe some data may end up in a later backup than I expected, since I backup daily anyways, so it feels like my data is save enough.