thinking sysadmin » aws

Duplicity to Amazon S3 on FreeBSD: Building on the work of others

Andy — Mon, 02 Mar 2009 19:47:53 +0000

(This post adds only a couple small details to work described at randys.org and cenolan.com – go there for background on this post and useful scripts for automated Duplicity backup to S3.)

First off, if you want to use Duplicity installed from FreeBSD Ports to backup to Amazon S3, be sure to also install the devel/py-boto and security/pinentry-curses ports.

If you attempt to run the backup script described at randys.org or cenolan.com from cron, you may run into an error similar to the following:

2009-03-01_01:05:05: ... backing up filesystem
Cleanup of temporary directory /tmp/duplicity-gM4CN9-tempdir failed - this
is probably a bug.
Cleanup of temporary directory /tmp/duplicity-gM4CN9-tempdir failed - this
is probably a bug.
Traceback (most recent call last):
File "/usr/local/bin/duplicity", line 583, in 
with_tempdir(main)
File "/usr/local/bin/duplicity", line 577, in with_tempdir
fn()
File "/usr/local/bin/duplicity", line 558, in main
full_backup(col_stats)
File "/usr/local/bin/duplicity", line 234, in full_backup
bytes_written = write_multivol("full", tarblock_iter, globals.backend)
File "/usr/local/bin/duplicity", line 148, in write_multivol
globals.gpg_profile, globals.volsize)
File "/usr/local/lib/python2.5/site-packages/duplicity/gpg.py", line 240,
in GPGWriteFile
bytes_to_go = data_size - get_current_size()
File "/usr/local/lib/python2.5/site-packages/duplicity/gpg.py", line 232,
in get_current_size
return os.stat(filename).st_size
OSError: [Errno 2] No such file or directory:
'/tmp/duplicity-gM4CN9-tempdir/mktemp-iZknw0-2'

Traceback (most recent call last):
File "/usr/local/bin/duplicity", line 583, in 
with_tempdir(main)
File "/usr/local/bin/duplicity", line 577, in with_tempdir
fn()
File "/usr/local/bin/duplicity", line 558, in main
full_backup(col_stats)
File "/usr/local/bin/duplicity", line 232, in full_backup
sig_outfp = get_sig_fileobj("full-sig")
File "/usr/local/bin/duplicity", line 210, in get_sig_fileobj
fh = globals.backend.get_fileobj_write(sig_filename)
File "/usr/local/lib/python2.5/site-packages/duplicity/backend.py", line
354, in get_fileobj_write
fh = dup_temp.FileobjHooked(tdp.filtered_open("wb"))
File "/usr/local/lib/python2.5/site-packages/duplicity/path.py", line 716,
return gpg.GPGFile(1, self, gpg_profile)
File "/usr/local/lib/python2.5/site-packages/duplicity/gpg.py", line 112,
in __init__
'logger': self.logger_fp})
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 357,
in run
create_fhs, attach_fhs)
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 401,
in _attach_fork_exec
if process.pid == 0: self._as_child(process, gnupg_commands, args)
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 442,
in _as_child
os.execvp( command[0], command )
File "/usr/local/lib/python2.5/os.py", line 354, in execvp
_execvpe(file, args)
File "/usr/local/lib/python2.5/os.py", line 390, in _execvpe
func(fullname, *argrest)
OSError: [Errno 2] No such file or directory

Traceback (most recent call last):
File "/usr/local/bin/duplicity", line 583, in 
with_tempdir(main)
File "/usr/local/bin/duplicity", line 577, in with_tempdir
fn()
File "/usr/local/bin/duplicity", line 558, in main
full_backup(col_stats)
File "/usr/local/bin/duplicity", line 234, in full_backup
bytes_written = write_multivol("full", tarblock_iter, globals.backend)
File "/usr/local/bin/duplicity", line 148, in write_multivol
globals.gpg_profile, globals.volsize)
File "/usr/local/lib/python2.5/site-packages/duplicity/gpg.py", line 237,
in GPGWriteFile
file = GPGFile(True, path.Path(filename), profile)
File "/usr/local/lib/python2.5/site-packages/duplicity/gpg.py", line 112,
in __init__
'logger': self.logger_fp})
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 357,
in run
create_fhs, attach_fhs)
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 401,
in _attach_fork_exec
if process.pid == 0: self._as_child(process, gnupg_commands, args)
File "/usr/local/lib/python2.5/site-packages/GnuPGInterface.py", line 442,
in _as_child
os.execvp( command[0], command )
File "/usr/local/lib/python2.5/os.py", line 354, in execvp
_execvpe(file, args)
File "/usr/local/lib/python2.5/os.py", line 390, in _execvpe
func(fullname, *argrest)
OSError: [Errno 2] No such file or directory

The solution to the above is simple – make sure the path includes /usr/local/bin, perhaps by including this at the start of the backup script:

export PATH=${PATH}:/usr/local/bin

Finally, when running an incremental backup, you may get this error:

Fatal Error: Neither remote nor local manifest is readable.

This can be solved by setting the HOME environment variable to /root assuming you’re running the backup as root (instead of the default /var/log for cron jobs):

export HOME=/root

ElasticFish?

Andy — Wed, 12 Nov 2008 22:21:49 +0000

(In the spirit of Joerg Moellenkamp’s thought experiments:)

That virtualized Fishworks appliance got me thinking: What if you combined this with this? Yeah, managing Elastic Block Store devices would require some changes, but, if you needed a NAS for your EC2 instances…

Hotlinks, 7/1/2008

Andy — Tue, 01 Jul 2008 19:08:03 +0000

The Hitz report – Robin Harris at StorageMojo on the Sun-NetApp lawsuit:

NetApp’s biggest misperception is that WAFL is somehow central to the success they are enjoying today. That was true about 10 years ago. Guys, your average F500 CIO today could care less about WAFL.

NetApp is growing because they offer a compelling value proposition of quality products, relevant services and worldwide support. WAFL certainly supports that, but as NetApp execs note much of their recent success is due to the integration software that NetApp now offers.

WAFL is a small piece of the picture. Sun could copy it line for line and still not have a quarter of what NetApp offers.

NetApp faces challenges. Storage commoditization threatens all vendors traditional 60% gross margins. The GX integration is problematic and the bottom line benefit uncertain. EMC’s move into cloud file services is a clever flanking strategy.

An interesting opinion summed up nicely, I think.
Saving and Restoring ZFS Snapshots to and from Amazon S3 – A ZFS to S3 workaround for the lack of persistent storage on EC2.

README, 6/25/2008

Andy — Wed, 25 Jun 2008 19:27:15 +0000

Daemonic Dispatches: Dissecting SimpleDB BoxUsage – Colin Percival takes a critical look at Amazon’s SimpleDB pricing scheme.

No Luck with a Quick-n-Dirty BFU of SXCE 79 on EC2

Andy — Wed, 25 Jun 2008 14:19:10 +0000

For grins, I tried a quick-and-dirty BFU of a SXCE 79 instance running on EC2 to the latest nightly build this morning. I roughly followed Ben Rockwood’s BFU instructions and didn’t do anything to resolve conflicts beyond running acr. On reboot, it looks like the system panicked – I presume the reason is probably somewhere in here. Console dump after the jump for the curious.

v3.0.3-rc5-8.1.14.e chgset 'unavailable ' WARNING: Found hypervisor version: v3.0.3-rc5-8.1.14.e but need at least version v3.0.4 SunOS Release 5.11 Version snv_79 32-bit Copyright 1983-2007 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. NOTICE: xdf@0: failed to read feature-barrier Hostname: ip-10-250-11-159 Reading ZFS config: *done. ip-10-250-11-159 console login: syslogd: line 45: WARNING: loghost could not be resolved syncing file systems... done rebooting... v3.0.3-rc5-8.1.14.e chgset 'unavailable ' WARNING: Found hypervisor version: v3.0.3-rc5-8.1.14.e but need at least version v3.0.4 SunOS Release 5.11 Version snv_79 32-bit Copyright 1983-2007 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. NOTICE: xdf@0: failed to read feature-barrier WARNING: file system 'ctfs' version mismatch WARNING: Cannot mount /system/contract /kernel/fs/procfs: undefined symbol 'schedctl_set_cidpri' WARNING: mod_load: cannot load module 'procfs' WARNING: Cannot mount /proc WARNING: file system 'mntfs' version mismatch WARNING: Cannot mount /etc/mnttab /kernel/fs/tmpfs: undefined symbol 'choose_addr' WARNING: mod_load: cannot load module 'tmpfs' WARNING: Cannot mount /etc/svc/volatile WARNING: file system 'objfs' version mismatch WARNING: Cannot mount /system/object WARNING: file system 'sharefs' version mismatch WARNING: Cannot mount /etc/dfs/sharetab /kernel/fs/procfs: undefined symbol 'schedctl_set_cidpri' WARNING: mod_load: cannot load module 'procfs' /kernel/drv/ip: undefined symbol 'uioamove' /kernel/drv/ip: undefined symbol 'dl_errstr' /kernel/drv/ip: undefined symbol 'dl_primstr' /kernel/drv/ip: undefined symbol 'dhcifname' WARNING: mod_load: cannot load module 'ip' /kernel/fs/sockfs: undefined symbol 'uioafini' /kernel/fs/sockfs: undefined symbol 'uioainit' /kernel/fs/sockfs: undefined symbol 'uioasync' /kernel/fs/sockfs: undefined symbol 'kssl_handle_mblk' /kernel/fs/sockfs: undefined symbol 'sctp_disconnect' /kernel/fs/sockfs: undefined symbol 'sctp_getsockname' /kernel/fs/sockfs: undefined symbol 'nd_free' /kernel/fs/sockfs: undefined symbol 'nd_load' /kernel/fs/sockfs: undefined symbol 'sctp_create' /kernel/fs/sockfs: undefined symbol 'sctp_close' /kernel/fs/sockfs: undefined symbol 'sctp_listen' /kernel/fs/sockfs: undefined symbol 'sctp_recvd' /kernel/fs/sockfs: undefined symbol 'mi_mpprintf' /kernel/fs/sockfs: undefined symbol 'sctp_alloc_hdr' /kernel/fs/sockfs: undefined symbol 'sctp_get_opt' /kernel/fs/sockfs: undefined symbol 'tcp_wput' /kernel/fs/sockfs: undefined symbol 'mi_sprintf' /kernel/fs/sockfs: undefined symbol 'sctp_bind' /kernel/fs/sockfs: undefined symbol 'udp_wput' /kernel/fs/sockfs: undefined symbol 'sctp_getpeername' /kernel/fs/sockfs: undefined symbol 'sctp_sendmsg' /kernel/fs/sockfs: undefined symbol 'sctp_set_opt' /kernel/fs/sockfs: undefined symbol 'sctp_connect' WARNING: mod_load: cannot load module 'sockfs' WARNING: sockfs: unable to resolve dependency, module 'drv/ip' not found /kernel/sys/c2audit: undefined symbol 'getsonode' WARNING: mod_load: cannot load module 'c2audit' WARNING: c2audit: unable to resolve dependency, module 'fs/sockfs' not found /kernel/misc/strplumb: undefined symbol 'dl_attach' /kernel/misc/strplumb: undefined symbol 'dl_phys_addr' /kernel/misc/strplumb: undefined symbol 'dhcacklen' /kernel/misc/strplumb: undefined symbol 'dhcifname' /kernel/misc/strplumb: undefined symbol 'dl_bind' WARNING: mod_load: cannot load module 'strplumb' panic[cpu0]/thread=f502c3a0: mod_hold_stub: Couldn't load stub module misc/strplumb f5056c84 genunix:mod_hold_stub+161 (f5006070, 1, f4d38f) f5056ca0 unix:stubs_common_code+9 () syncing file systems... done skipping system dump - no dump device configured rebooting...

Linkage, 6/24/2008

Andy — Tue, 24 Jun 2008 23:19:37 +0000

S3 data corruption: “We’ve isolated this issue to a single load balancer that was brought into service at 10:55pm PDT on Friday, 6/20. It was taken out of service at 11am PDT Sunday, 6/22. While it was in service it handled a small fraction of Amazon S3’s total requests in the US. Intermittently, under load, it was corrupting single bytes in the byte stream. When the requests reached Amazon S3, if the Content-MD5 header was specified, Amazon S3 returned an error indicating the object did not match the MD5 supplied. When no MD5 is specified, we are unable to determine if transmission errors occurred, and Amazon S3 must assume that the object has been correctly transmitted.” (Seen at Daemonic Dispatches.)

Afternoon Links, 6/23/2008

Andy — Mon, 23 Jun 2008 23:24:45 +0000

The Register: Sun’s Niagara 3 will have 16-cores and 16 threads per core – “Each socket is chewing through an insane 256 threads.” I do love a good rumor.
CloudStatus – Just-launched website for monitoring each Amazon Web Services component in more detail than Amazon gives you. Seen at O’Reilly Radar.

Links, 6/18/2008

Andy — Wed, 18 Jun 2008 22:07:34 +0000

Cloud Computing: Is the Cloud There Yet? – A Brief History: A mostly negative look at the prospects for cloud computing. Although the arguments it makes are fairly reasonable, the article appears to presume that cloud computing is an all-or-nothing proposal, not a tool for only some tasks. Also odd – “Many routine tasks which are not processor intensive and time critical are the most likely candidates to be migrated to cloud computing” seems wrong (think Sun’s network.com, or how SmugMug uses EC2). Further, the article seems to ignore that big pharma and financial institutions are the largest users of AWS. Still, all in all, a perspective worth considering. (Originally seen at InsideHPC.com.)
What he said! – scalability.org: Joe Landman on “IT clusters. They are not HPC clusters by any stretch of the imagination. They don’t really work well. Some things sorta-kinda work. Lots of things don’t or cannot. You have some interesting failure modes.” I’ve seen exactly what he’s talking about from the biosciences arm of a large hardware/services company, where they sold something that was high margin, poorly configured, had a lousy interconnect, and, yes, was running RHEL. The article’s use of “IT” as a disparaging term was also interesting. (Also seen at InsideHPC.)
EMC flashing CLARiiON? – Rumor that flash from EMC is slowly starting to march down-market.

Capacity limit on OpenSolaris 2008.05 AMI

Andy — Wed, 04 Jun 2008 18:27:55 +0000

I missed this: Apparently the OpenSolaris 2008.05 AMI on EC2 has reached a capacity limit. So, while I got Sun’s approval this morning for their OpenSolaris/SXCE.79 on EC2 beta, I don’t get to use OpenSolaris until they add more capacity; SXCE.79 is a nice consolation prize, though.