-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(snapshots): Implement volume shadow copy support on Windows #3543
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #3543 +/- ##
==========================================
+ Coverage 75.83% 75.84% +0.01%
==========================================
Files 467 470 +3
Lines 37197 37301 +104
==========================================
+ Hits 28208 28291 +83
- Misses 7059 7080 +21
Partials 1930 1930 ☔ View full report in Codecov by Sentry. |
I took a pass at the PR, looks very promising, it's important to get CLI and policy configuration experience right so we can in the future expand it to support other snapshot mechanisms. BTW thanks for creating go-vss. Many projects need something like this. |
@jkowalski Thanks for your feedback! I made all the suggested changes. Please take another look. I set the default setting to |
This is looking great. You still have some linter failures. I recommend Also, we need more tests - related to CLI flag setting and corresponding I'm curious whether we can actually use VSS on Github Runner when running tests - it would be great do write a Windows-specific test that ensures we can snapshot files that are normally locked. A quick search reveals that elevated UAC is available - we just need to find a way to trigger this when running tests. We should also add tests for the behavior when VSS is not available (not running elevated). |
Linter failures should be fixed and I added policy set/show tests. So far, I have not been able to run kopia.exe with elevated privileges from an integration test. By using a manifest file, I can set |
I added an integration test that changes behavior depending on whether it is running with elevated privileges or not, and then used gsudo in the action workflow to test both conditions. |
@jkowalski Could you please take another look? |
@jkowalski |
sorry, missed that, taking a look now... |
this is looking awesome, i have 2 nits - but there are still some errors in the windows run which look like real issues with long filenames |
@jkowalski Thanks for taking a look! I made both changes. As far as I can tell, there are two Windows failures. The first has to do with the logfile_test using https://github.com/kopia/kopia/actions/runs/7479769611/job/21139454308#step:8:62 Is it ok to update the regex to also match I believe the other tests fail because https://github.com/kopia/kopia/actions/runs/7479769611/job/21139454308#step:8:1259 I don't think I understand why this was being done in the first place, so I I'm not sure what the best fix is. Should I add a special case to leave the path alone if it starts with |
Let's try that, or perhaps simply return any paths that start with "\?" as-is? |
@jkowalski Done. Can you re-run the tests, please? |
looks like there's some windows-specific regression in tests now, it likely is related to long filename rewriting |
Yep, I somehow missed the call to I'm not 100% sure how to handle |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, this is a really awesome contribution.
@mxk looks like there is currently some test flakiness in the master branch after we merged this. Would you be able to investigate the failures and fix them? Also, would be great if you could join http://slack.kopia.io |
@jkowalski I'm on Slack now and just looked through the issues and PRs. As far as I can tell, the original issue was Globally disabling VSS (#3625) defeats the purpose of The original issue also reports a race failure in go-ole, which seems to be caused by how it handles Is there anything else that I missed? |
Can we track all these action items in a separate issue with ultimate goal of re-enabling 'when-available' once all the underlying failures are addressed and test stability is restored? |
Awesome feature addition. I was eyeing on it since a long. where can I find the documentation for this new feature? I can't yet find it in official docs. |
So, hold on (if I may chime in): is 'shadow copy' now enabled by default on Windows, or not? EDIT: Also, surely it would be a good idea to publicise here, or, better, in the release notes, why shadow copies are desirable. |
VSS is currently disabled by default because it was causing issues for some tests. Issue #3636 was created to reenable it. You must currently use |
IMO vss should be left off by default. It is too new of a feature to force everyone to use it. |
Is there a way to enable the volume shadow copy on KopiaUI? My current backups are incomplete without this. I tried the before/after scripts but didn't quite understand how to set them up to work correctly. |
@dbolton Not yet. It can only be enabled via the command line for now. |
This is another attempt at adding Volume Shadow Copy Service (VSS) support on Windows. See #2334, #2662, and #3371 for background info and reasons why this is a desirable feature. This version is the most minimal implementation so that I can get an idea of whether this approach is acceptable. If so, I'll make a few improvements and add the policy option to the UI.
Unlike the example action scripts, this uses the
DeviceObject
path of the shadow copy directly, which removes the need to link the shadow copy anywhere in the file system, and makes the backup even more robust. To be fair, the linking step in the script probably could've been removed as well, assuming that Kopia doesn't have any issues handling\\?\
paths (everything seems to work fine in my testing).Usage
OR
Note: One issue that affects all uses of VSS is the need to run kopia.exe as an elevated user who is a member of the Administrators group. Without that, the snapshot will fail (unless
when-available
is specified, in which case VSS won't be used at for the snapshot)Fixes #2662, fixes #3371