Proxmox Backup Server
Last updated
Was this helpful?
Last updated
Was this helpful?
Lost or corrupted data due to deletion, ransomware, or other dangers can occur at any time. Therefore, regular backup of important data is crucial. To increase productivity and meet your operational goals, the user friendly Proxmox Backup solution lets you back up your data in a space efficient manner, restore it in a flash, and effectively reduce work hours, thanks to simplified management.
Open-Source
Proxmox Backup is a stand-alone solution. The open-source nature of the Proxmox software stack means that you get a secure, flexible product that you can trust. The , licensed under the GNU Affero General Public License, v3 (). Thus, you are free to use the software, inspect the source code at any time, or contribute to the project yourself.
Performance
The whole Proxmox Backup software stack is written in , a modern, fast, and memory-efficient language. Rust provides high speed and memory efficiency, due in part to its lack of runtime and garbage collector. Its rich type system and ownership model guarantee memory-safety and thread-safety.
Incremental & Deduplication
Backups are sent incrementally from the client to the Proxmox Backup Server, where data is then deduplicated. Typically, changes between periodic backups are low. Reading and sending only the changes reduces the storage space used and the network impact.
Periodic backups usually produce large amounts of duplicate data. The deduplication layer in the Proxmox Backup solution reduces the amount of duplicate data, reducing the physical space required for data storage.
When doing deduplication, there are different strategies to get optimal results in terms of performance and/or deduplication rates. Depending on the type of data, data can be split into fixed or variable sized chunks; Proxmox Backup Server supports both strategies.
Compression
Proxmox uses the ultra-fast Zstandard (ZSTD) compression which is able to compress several gigabytes of data per second. ZSTD is characterized by its high compression ratio and very fast compression speed.
The Proxmox backup solution uses a client-server model. This separation allows multiple, unrelated hosts to use the backup server. While the server stores the backup data and provides an API to create and manage datastores, the client tool will work with most modern Linux distributions, allowing you to create and manage backups from all of your hosts. The software's ability to encrypt data already on the client-side ensures that it is secure, before it even reaches the server.
Proxmox Backup Server enables you to pull or synchronize datastores to other locations for redundancy. This is an efficient method to synchronize data to offsite locations. Only changes since the previous sync get transferred.
The term Remote refers to a separate server, which has a datastore that can be synced to a local store.
A Sync Job is the process which is used to pull the contents of a datastore from a Remote to a local datastore. You can schedule it to either run regularly or start a sync job manually via the web interface.
Not only is it important to have backed up data available, it's also necessary to ensure that the data has not been compromised. With strong encryption ensuring data integrity, you are safe when backing up data with Proxmox Backup Server, even to targets which are not fully trusted, for example, a leased colocation facility.
Encryption
You can further increase security by generating a master key to store and recover encryption keys. This master key is created as an RSA public/private key pair, and then used to securely store the backup encryption key itself alongside the backup. Furthermore, you can print the secret encryption key, so that it's safe from any system disaster.
User role & group permission
Proxmox Backup protects your data against unauthorized access. Moreover, the available range of access control options help to ensure that users are limited to only the level of access they require.
There are also several authentication realms available: Linux PAM for system users, OpenID Connect for authentication through OpenID, and a Proxmox Backup authentication server for handling permissions and data ownership. There is also wide array of user roles (group permission sets), which specify exactly what each user is allowed to do on the server.
Checksum algorithm
Proxmox Backup Server uses a built-in SHA-256 checksum algorithm, to ensure the accuracy and consistency of your data. Within each backup, a manifest file (index.json) is created, which contains a list of all the backup files, along with their sizes and checksums. This manifest file is used to verify the integrity of each backup. You can schedule regular backup verification to detect bit rot and confirm that backups are safe.
Checksumming is also used in the deduplication layer to detect identical blocks of data. This is ideal for efficiently storing multiple VMs with identical operating systems, as if they all share a similar data structure, only one copy of that will need to be stored.
In addition to being used for backup verification, the checksum algorithm is also used in deduplication to detect common data between backups of different machines. This can greatly reduce the storage needed to store, for example, multiple VMs that use an identical operating system.
Ransomware protection
How long can your team or organization live without their data? With any sensible backup solution, recovery operations should be a frictionless process and not generate hours of unnecessary and frustrating labor for administrators. Speed, accuracy, and flexibility in the recovery process are important.
Proxmox Backup Server is lightning fast, meaning that when disaster strikes, you can have that VM, archive, or even single file back in seconds. In a disaster situation, the fast and simple restore via the GUI will ease any stress.
Granular recovery options.
Restore single files/directories/archives from the backup.
Interactive recovery shell for restoring only a few individual files.
Use regular garbage collection to remove redundant data from the data-store and free up space.
The administration of Proxmox Backup Server is so simple that you don't need to have a dedicated backup administrator. The integrated web-based configuration and management center enables you to set up and deploy backups, monitor tasks, logs and resource usage, and manage users, permissions, and datastores. It is so intuitive that even the helpdesk could perform recoveries.
Web-based user interface
The user interface comes with an array of options for administrating the server:
Get a quick overview of the most crucial information from the dashboard.
Easily create and mange datastores.
Browse file backups and select for restore.
Monitor tasks, logs and resource usage.
Manage users, access permissions, remote stores, and subscriptions.
Access a secure HTML5 console.
Manage network configuration and interfaces.
Command line interface (CLI)
For advanced users who are used to the comfort of the Unix shell, Proxmox provides a command line interface to accomplish special or very advanced tasks. The command line interface has intelligent tab completion and full UNIX man page documentation.
Proxmox Backup Server uses a RESTful API. We use JSON as the primary data format, and the whole API is formally defined using JSON Schema. This enables fast and easy integration for 3rd party management tools.
Security is ensured with a certificate fingerprint.
Restore single files from a VM or container backup or even start a VM as soon as the restore starts with the Live-restore functionality.
Benefits
Support for linear Tape-Open generation 5 (LTO-5) and later (with best-effort support for LTO-4), including hardware encryption.
Flexible retention policies: always recycle tapes, never recycle tapes, recycle tapes after a particular calendar event, etc.
Support for various tape autoloaders with the ‘pmtx’ tool (mtx tool rewritten in Rust).
Configuration via the web interface.
LTO barcode generator
In daily use, it helps to label tape cartridges so you can easily identify them. If you use a tape library, you have to add bar code labels in order to identify them.
In Proxmox Backup, this works through the use of .
With Proxmox Backup Server, all client-to-server traffic can be encrypted to safeguard data integrity. For high performance, the authenticated encryption is done on the client-side with . As your data is encrypted before it reaches the server, the data is useless to unauthorized users accessing the server.
A ransomware attack and encryption of your files and folders is a disaster for any business. Reliable backups and fast recovery can help limit the damage. Proxmox Backup Server includes several features to ; with fine-grained access control, data integrity verification, and the possibility to create off-site backups through remote sync and tape backups, the Proxmox solution helps you plan your ransomware defense strategy and ensures that your critical data stays protected.
Why restore all data if you can ? To reduce overhead, Proxmox Backup Server comes with a snapshot catalog for navigation. You can quickly search an archive of the contents and instantly restore single objects as well.
Proxmox Backup Server comes with an integrated, graphical user interface (GUI) to manage the server. This means that you can (via ). The web interface also provides a built-in console, so if you prefer the command line or need some extra control, you have a lot of options.
Tight integration with the makes Proxmox Backup Server a great choice for seamless backups of your virtual machines (supporting QEMU dirty bitmaps) and containers – even between remote locations. The intuitive web interface enables user-friendly management and makes it really easy to deploy, manage, and monitor backups.
After installing the Proxmox Backup Server on a dedicated host, simply (minimum pve-manager 6.2-9 installed). Then you can run backups the same way you would with any other Proxmox VE storage type.
The provides an easy way to copy datastore content to tapes and restore them at media-set granularity. Despite its age, digital magnetic tape continues to provide an easy and economical way for large amounts of data to be archived. Tape backup makes sense in any effective enterprise backup plan.
You can use a small web-app to print these labels: