crostini How to Backup Containers

[Leon]

Orginal: https://www.reddit.com/r/Crostini/wiki/howto/backup

How to Backup Containers

Performing routine backups is always a good practice, and containers are no exception. Currently, this process is not the most straightforward due to the locked down termina VM, so here's how you can protect your data in case you need to powerwash.

Everything will assume working with the default penguin container when you enable Linux within Chrome OS settings.

Backup

We will use LXC/LXD's image management tools to create and export the image. Enter into the termina VM through crosh by pressing ctrl+alt+t in the Chrome browser. Then we must stop the container, publish it, export the image to a backup file, and put that file somewhere we can access it.

The termina VM is extremely locked down and the only writable locations are /tmp and $LXD_CONF (/mnt/stateful/lxd_conf).

Step 1: Stop Container

An alternative way to stop container from the below instructions is to issue the command sudo shutdown -h now from within the container itself

crosh> vsh termina

(termina) chronos@localhost ~ $ lxc list

+---------+---------+------+------+------------+-----------+

|  NAME   |  STATE  | IPV4 | IPV6 |    TYPE    | SNAPSHOTS |

+---------+---------+------+------+------------+-----------+

| penguin | RUNNING |      |      | PERSISTENT | 0         |

+---------+---------+------+------+------------+-----------+

(termina) chronos@localhost ~ $ lxc stop penguin --force

(termina) chronos@localhost ~ $ lxc list

+---------+---------+------+------+------------+-----------+

|  NAME   |  STATE  | IPV4 | IPV6 |    TYPE    | SNAPSHOTS |

+---------+---------+------+------+------------+-----------+

| penguin | STOPPED |      |      | PERSISTENT | 0         |

+---------+---------+------+------+------------+-----------+

Step 2: Publish Container

(termina) chronos@localhost ~ $ lxc publish penguin --alias backup

Container published with fingerprint: 8ff49b7f315b5253ec2c5a38c97567bb33d4bd16c957d903ace4d9d9b56e9ef9

Step 3: Export Image

(termina) chronos@localhost ~ $ lxc image export backup $LXD_CONF/backup

Image exported successfully! 

Step 4: Start Container

(termina) chronos@localhost ~ $ lxc start penguin

(termina) chronos@localhost ~ $ lxc list

+---------+---------+------+------+------------+-----------+

|  NAME   |  STATE  | IPV4 | IPV6 |    TYPE    | SNAPSHOTS |

+---------+---------+------+------+------------+-----------+

| penguin | RUNNING |      |      | PERSISTENT | 0         |

+---------+---------+------+------+------------+-----------+

Step 5: Push Backup File Into Container

Because of the locked down nature of the termina VM, we can't easily get at the file we just created so we will move it into our container's home directory where it will appear within the Chrome OS Files App.

Note: you have to substitute "YOURUSERNAME" in the path below with the username in your penguin container.

(termina) chronos@localhost ~ $ lxc file push $LXD_CONF/backup.tar.gz penguin/home/YOURUSERNAME/backup.tar.gz

Alternate Step 5

Instead of simply pushing the file to the VM, we can mount the $LXD_CONF directory in our penguin container. This makes it much easier to use in the long run, saves on storage, and avoids the no space left on device error.

(termina) chronos@localhost ~ $ lxc config device add penguin lxd-conf disk source=$LXD_CONF path=/mnt/lxd_conf

This creates a directory inside the container at /mnt/lxd_config that contains all of our images. Use the mv command inside penguin to move the backup to your user directory and finally use ChromeOs's files app to move the backup somewhere safe!

USERNAME@penguin ~ $ sudo mv /mnt/lxd_conf/FILENAME.tar.gz /home/USERNAME/FILENAME.tar.gz

Copy the file out of your Linux Files in the ChromeOS File App and you are done!

Step 6: Access your Backup File from Files App

You can now open your Files App in Chrome OS, browse to Linux Files and access your backup file.

Restore

This section is in need of updating and isn't up to date with the above backup section. Feel free to take a moment and improve on it

This is essentially the reverse of the backup steps. Once your archive is inside some "helper" container, we can pull it into the "/tmp" directory on the termina VM using the following:

lxc file pull helper/tmp/backup.tar.gz /tmp

We then import the image:

lxc image import /tmp/backup.tar.gz --alias backup

Finally we can create a new container using this image instead of the default Google image:

lxc init backup penguin

Issues With 4+ GB Images (or Anything Other Files) and Getting Them into Termina

This sub-section was updated on 7/24/18 and is tested working on a Pixelbook running the Dev Channel Version 69.0.3473.0, in case this breaks later

There are some odd issues with the way lxd works which end up making it difficult to import large files into Termina. Images can, however, quickly surpass this size, presenting obvious issues. Luckily, there is a process to get around this.

First, you will need to use the split command to break apart your file into pieces smaller than 4 GB. To be safe, I will tell it to make 3 GB files.

USERNAME@penguin ~ $ split -b 3GB backup.tar.gz backupSplit.tar.gz.

This command will produce as many 3 GB files as needed to break apart all of backup.tar.gz into parts. (6GB = 2 files) The parts will have names backupSplit.tar.gz.aa backupSplit.tar.gz.ab backupSplit.tar.gz.ac ... backupSplit.tar.gz.zz.

Then, use any method (see Alternate Step 5 above for my personal favorite method) to get the new 3GB files into termina. Once they are all there, we will use the cat command to recombine them.
<useless nerd stuff> This command, short for catinate, is really interesting. It basically prints out the raw contents of any file in Linux, even those such as tar files that we wouldn't normally consider to have any raw content. This works because what split is doing is actually cutting the raw data at that point. These two tools, originally meant to work with text files and generally do totally different things, work together really well in this use case! Anyway, we can then use the linux commands > and >>, called append, to take the raw command line output output of catand add it to a file, as we'll see in a second. > just stores the would-be command line output to the file specified after the command while >> specifically appends the output to the end of the specified output. </useless nerd stuff>

Method 1

We can do the recombination in a few ways. If it's just a few files, we can do it this way:

 (termina) chronos@localhost ~ $ cat backupSplit.tar.gz.aa > backupRecompiled.tar.gz

 (termina) chronos@localhost ~ $ cat backupSplit.tar.gz.ab >> backupRecompiled.tar.gz

 (termina) chronos@localhost ~ $ cat backupSplit.tar.gz.ac >> backupRecompiled.tar.gz

This takes the raw content of the first file backupSplit.tar.gz.aa and puts it in backupRecompiled.tar.gz. It then appends the contents of backupSplit.tar.gz.ab and backupSplit.tar.gz.acto the end of that file.

Method 2

If for some reason you have a stupidly huge backup that produces more than ~5 parts, you will want to do this in a better way. This better way is to use something of which I forgot the name (someone please correct me!), but basically acts as a for loop in this case. See below:

(termina) chronos@localhost ~ $ cat backupSplit.tar.gz.?? > backupRecompiled.tar.gz

This uses the question mark wildcards (??) to have the cat command run on all of the files starting with backupSplit.tar.gz. and ending with any two characters.
I am listing both Methods 1 and 2 here is because 1) Method 1 is a better explanation of how these commands work and 2) Method 1 worked better for me (Method 2 should work and is the more elegant solution, but I guess it didn't feel like it on my system ¯\_(ツ)_/¯)

After you have your full, recombined image in termina, proceed back up the section on restoring and start with lxc image import. Good luck with your data recovery!