3 Bacula Projects Roadmap
4 Status updated 22 February 2008
9 Item 1: Accurate restoration of renamed/deleted files
10 Item 2: Allow FD to initiate a backup
11 Item 3: Merge multiple backups (Synthetic Backup or Consolidation)
12 Item 4: Implement Catalog directive for Pool resource in Director
13 Item 5: Add an item to the restore option where you can select a Pool
14 Item 6: Deletion of disk Volumes when pruned
15 Item 7: Implement Base jobs
16 Item 8: Implement Copy pools
17 Item 9: Scheduling syntax that permits more flexibility and options
18 Item 10: Message mailing based on backup types
19 Item 11: Cause daemons to use a specific IP address to source communications
20 Item 12: Add Plug-ins to the FileSet Include statements.
21 Item 13: Restore only file attributes (permissions, ACL, owner, group...)
22 Item 14: Add an override in Schedule for Pools based on backup types
23 Item 15: Implement more Python events and functions
24 Item 16: Allow inclusion/exclusion of files in a fileset by creation/mod times
25 Item 17: Automatic promotion of backup levels based on backup size
26 Item 18: Better control over Job execution
27 Item 19: Automatic disabling of devices
28 Item 20: An option to operate on all pools with update vol parameters
29 Item 21: Include timestamp of job launch in "stat clients" output
30 Item 22: Implement Storage daemon compression
31 Item 23: Improve Bacula's tape and drive usage and cleaning management
32 Item 24: Multiple threads in file daemon for the same job
33 Item 25: Archival (removal) of User Files to Tape
36 Item 1: Accurate restoration of renamed/deleted files
37 Date: 28 November 2005
38 Origin: Martin Simmons (martin at lispworks dot com)
41 What: When restoring a fileset for a specified date (including "most
42 recent"), Bacula should give you exactly the files and directories
43 that existed at the time of the last backup prior to that date.
45 Currently this only works if the last backup was a Full backup.
46 When the last backup was Incremental/Differential, files and
47 directories that have been renamed or deleted since the last Full
48 backup are not currently restored correctly. Ditto for files with
49 extra/fewer hard links than at the time of the last Full backup.
51 Why: Incremental/Differential would be much more useful if this worked.
53 Notes: Merging of multiple backups into a single one seems to
54 rely on this working, otherwise the merged backups will not be
55 truly equivalent to a Full backup.
57 Note: Kern: notes shortened. This can be done without the need for
58 inodes. It is essentially the same as the current Verify job,
59 but one additional database record must be written, which does
60 not need any database change.
62 Notes: Kern: see if we can correct restoration of directories if
63 replace=ifnewer is set. Currently, if the directory does not
64 exist, a "dummy" directory is created, then when all the files
65 are updated, the dummy directory is newer so the real values
68 Item 2: Allow FD to initiate a backup
69 Origin: Frank Volf (frank at deze dot org)
70 Date: 17 November 2005
73 What: Provide some means, possibly by a restricted console that
74 allows a FD to initiate a backup, and that uses the connection
75 established by the FD to the Director for the backup so that
76 a Director that is firewalled can do the backup.
78 Why: Makes backup of laptops much easier.
81 Item 3: Merge multiple backups (Synthetic Backup or Consolidation)
82 Origin: Marc Cousin and Eric Bollengier
83 Date: 15 November 2005
86 What: A merged backup is a backup made without connecting to the Client.
87 It would be a Merge of existing backups into a single backup.
88 In effect, it is like a restore but to the backup medium.
90 For instance, say that last Sunday we made a full backup. Then
91 all week long, we created incremental backups, in order to do
92 them fast. Now comes Sunday again, and we need another full.
93 The merged backup makes it possible to do instead an incremental
94 backup (during the night for instance), and then create a merged
95 backup during the day, by using the full and incrementals from
96 the week. The merged backup will be exactly like a full made
97 Sunday night on the tape, but the production interruption on the
98 Client will be minimal, as the Client will only have to send
101 In fact, if it's done correctly, you could merge all the
102 Incrementals into single Incremental, or all the Incrementals
103 and the last Differential into a new Differential, or the Full,
104 last differential and all the Incrementals into a new Full
105 backup. And there is no need to involve the Client.
107 Why: The benefit is that :
108 - the Client just does an incremental ;
109 - the merged backup on tape is just as a single full backup,
110 and can be restored very fast.
112 This is also a way of reducing the backup data since the old
113 data can then be pruned (or not) from the catalog, possibly
114 allowing older volumes to be recycled
116 Item 4: Implement Catalog directive for Pool resource in Director
117 Origin: Alan Davis adavis@ruckus.com
121 What: The current behavior is for the director to create all pools
122 found in the configuration file in all catalogs. Add a
123 Catalog directive to the Pool resource to specify which
124 catalog to use for each pool definition.
126 Why: This allows different catalogs to have different pool
127 attributes and eliminates the side-effect of adding
128 pools to catalogs that don't need/use them.
130 Notes: Kern: I think this is relatively easy to do, and it is really
131 a pre-requisite to a number of the Copy pool, ... projects
132 that are listed here.
134 Item 5: Add an item to the restore option where you can select a Pool
135 Origin: kshatriyak at gmail dot com
139 What: In the restore option (Select the most recent backup for a
140 client) it would be useful to add an option where you can limit
141 the selection to a certain pool.
143 Why: When using cloned jobs, most of the time you have 2 pools - a
144 disk pool and a tape pool. People who have 2 pools would like to
145 select the most recent backup from disk, not from tape (tape
146 would be only needed in emergency). However, the most recent
147 backup (which may just differ a second from the disk backup) may
148 be on tape and would be selected. The problem becomes bigger if
149 you have a full and differential - the most "recent" full backup
150 may be on disk, while the most recent differential may be on tape
151 (though the differential on disk may differ even only a second or
152 so). Bacula will complain that the backups reside on different
153 media then. For now the only solution now when restoring things
154 when you have 2 pools is to manually search for the right
155 job-id's and enter them by hand, which is a bit fault tolerant.
157 Notes: Kern: This is a nice idea. It could also be the way to support
158 Jobs that have been Copied (similar to migration, but not yet
163 Item 6: Deletion of disk Volumes when pruned
165 Origin: Ross Boylan <RossBoylan at stanfordalumni dot org> (edited
169 What: Provide a way for Bacula to automatically remove Volumes
170 from the filesystem, or optionally to truncate them.
171 Obviously, the Volume must be pruned prior removal.
173 Why: This would allow users more control over their Volumes and
174 prevent disk based volumes from consuming too much space.
176 Notes: The following two directives might do the trick:
178 Volume Data Retention = <time period>
179 Remove Volume After = <time period>
181 The migration project should also remove a Volume that is
182 migrated. This might also work for tape Volumes.
184 Item 7: Implement Base jobs
185 Date: 28 October 2005
189 What: A base job is sort of like a Full save except that you
190 will want the FileSet to contain only files that are
191 unlikely to change in the future (i.e. a snapshot of
192 most of your system after installing it). After the
193 base job has been run, when you are doing a Full save,
194 you specify one or more Base jobs to be used. All
195 files that have been backed up in the Base job/jobs but
196 not modified will then be excluded from the backup.
197 During a restore, the Base jobs will be automatically
198 pulled in where necessary.
200 Why: This is something none of the competition does, as far as
201 we know (except perhaps BackupPC, which is a Perl program that
202 saves to disk only). It is big win for the user, it
203 makes Bacula stand out as offering a unique
204 optimization that immediately saves time and money.
205 Basically, imagine that you have 100 nearly identical
206 Windows or Linux machine containing the OS and user
207 files. Now for the OS part, a Base job will be backed
208 up once, and rather than making 100 copies of the OS,
209 there will be only one. If one or more of the systems
210 have some files updated, no problem, they will be
211 automatically restored.
213 Notes: Huge savings in tape usage even for a single machine.
214 Will require more resources because the DIR must send
215 FD a list of files/attribs, and the FD must search the
216 list and compare it for each file to be saved.
219 Item 8: Implement Copy pools
220 Date: 27 November 2005
221 Origin: David Boyes (dboyes at sinenomine dot net)
224 What: I would like Bacula to have the capability to write copies
225 of backed-up data on multiple physical volumes selected
226 from different pools without transferring the data
227 multiple times, and to accept any of the copy volumes
228 as valid for restore.
230 Why: In many cases, businesses are required to keep offsite
231 copies of backup volumes, or just wish for simple
232 protection against a human operator dropping a storage
233 volume and damaging it. The ability to generate multiple
234 volumes in the course of a single backup job allows
235 customers to simple check out one copy and send it
236 offsite, marking it as out of changer or otherwise
237 unavailable. Currently, the library and magazine
238 management capability in Bacula does not make this process
241 Restores would use the copy of the data on the first
242 available volume, in order of Copy pool chain definition.
244 This is also a major scalability issue -- as the number of
245 clients increases beyond several thousand, and the volume
246 of data increases, transferring the data multiple times to
247 produce additional copies of the backups will become
248 physically impossible due to transfer speed
249 issues. Generating multiple copies at server side will
250 become the only practical option.
252 How: I suspect that this will require adding a multiplexing
253 SD that appears to be a SD to a specific FD, but 1-n FDs
254 to the specific back end SDs managing the primary and copy
255 pools. Storage pools will also need to acquire parameters
256 to define the pools to be used for copies.
258 Notes: I would commit some of my developers' time if we can agree
259 on the design and behavior.
261 Notes: Additional notes from David:
262 I think there's two areas where new configuration would be needed.
264 1) Identify a "SD mux" SD (specify it in the config just like a normal
265 SD. The SD configuration would need something like a "Daemon Type =
266 Normal/Mux" keyword to identify it as a multiplexor. (The director code
267 would need modification to add the ability to do the multiple session
268 setup, but the impact of the change would be new code that was invoked
269 only when a SDmux is needed).
271 2) Additional keywords in the Pool definition to identify the need to
272 create copies. Each pool would acquire a Copypool= attribute (may be
273 repeated to generate more than one copy. 3 is about the practical limit,
274 but no point in hardcoding that).
281 Copypool = OffsiteCopy2
284 where Copy1 and OffsiteCopy2 are valid pools.
286 In terms of function (shorthand):
287 Backup job X is defined normally, specifying pool Primary as the pool to
288 use. Job gets scheduled, and Bacula starts scheduling resources.
289 Scheduler looks at pool definition for Primary, sees that there are a
290 non-zero number of copypool keywords. The director then connects to an
291 available SDmux, passes it the pool ids for Primary, Copy1, and
292 OffsiteCopy2 and waits. SDmux then goes out and reserves devices and
293 volumes in the normal SDs that serve Primary, Copy1 and OffsiteCopy2.
294 When all are ready, the SDmux signals ready back to the director, and
295 the FD is given the address of the SDmux as the SD to communicate with.
296 Backup proceeds normally, with the SDmux duplicating blocks to each
297 connected normal SD, and returning ready when all defined copies have
298 been written. At EOJ, FD shuts down connection with SDmux, which closes
299 down the normal SD connections and goes back to an idle state.
300 SDmux does not update database; normal SDs do (noting that file is
301 present on each volume it has been written to).
303 On restore, director looks for the volume containing the file in pool
304 Primary first, then Copy1, then OffsiteCopy2. If the volume holding the
305 file in pool Primary is missing or busy (being written in another job,
306 etc), or one of the volumes from the copypool list that have the file in
307 question is already mounted and ready for some reason, use it to do the
308 restore, else mount one of the copypool volumes and proceed.
311 Item 9: Scheduling syntax that permits more flexibility and options
312 Date: 15 December 2006
313 Origin: Gregory Brauer (greg at wildbrain dot com) and
314 Florian Schnabel <florian.schnabel at docufy dot de>
317 What: Currently, Bacula only understands how to deal with weeks of the
318 month or weeks of the year in schedules. This makes it impossible
319 to do a true weekly rotation of tapes. There will always be a
320 discontinuity that will require disruptive manual intervention at
321 least monthly or yearly because week boundaries never align with
322 month or year boundaries.
324 A solution would be to add a new syntax that defines (at least)
325 a start timestamp, and repetition period.
327 An easy option to skip a certain job on a certain date.
330 Why: Rotated backups done at weekly intervals are useful, and Bacula
331 cannot currently do them without extensive hacking.
333 You could then easily skip tape backups on holidays. Especially
334 if you got no autochanger and can only fit one backup on a tape
335 that would be really handy, other jobs could proceed normally
336 and you won't get errors that way.
339 Notes: Here is an example syntax showing a 3-week rotation where full
340 Backups would be performed every week on Saturday, and an
341 incremental would be performed every week on Tuesday. Each
342 set of tapes could be removed from the loader for the following
343 two cycles before coming back and being reused on the third
344 week. Since the execution times are determined by intervals
345 from a given point in time, there will never be any issues with
346 having to adjust to any sort of arbitrary time boundary. In
347 the example provided, I even define the starting schedule
348 as crossing both a year and a month boundary, but the run times
349 would be based on the "Repeat" value and would therefore happen
354 Name = "Week 1 Rotation"
355 #Saturday. Would run Dec 30, Jan 20, Feb 10, etc.
359 Start = 2006-12-30 01:00
363 #Tuesday. Would run Jan 2, Jan 23, Feb 13, etc.
367 Start = 2007-01-02 01:00
374 Name = "Week 2 Rotation"
375 #Saturday. Would run Jan 6, Jan 27, Feb 17, etc.
379 Start = 2007-01-06 01:00
383 #Tuesday. Would run Jan 9, Jan 30, Feb 20, etc.
387 Start = 2007-01-09 01:00
394 Name = "Week 3 Rotation"
395 #Saturday. Would run Jan 13, Feb 3, Feb 24, etc.
399 Start = 2007-01-13 01:00
403 #Tuesday. Would run Jan 16, Feb 6, Feb 27, etc.
407 Start = 2007-01-16 01:00
413 Notes: Kern: I have merged the previously separate project of skipping
414 jobs (via Schedule syntax) into this.
417 Item 10: Message mailing based on backup types
418 Origin: Evan Kaufman <evan.kaufman@gmail.com>
419 Date: January 6, 2006
422 What: In the "Messages" resource definitions, allowing messages
423 to be mailed based on the type (backup, restore, etc.) and level
424 (full, differential, etc) of job that created the originating
427 Why: It would, for example, allow someone's boss to be emailed
428 automatically only when a Full Backup job runs, so he can
429 retrieve the tapes for offsite storage, even if the IT dept.
430 doesn't (or can't) explicitly notify him. At the same time, his
431 mailbox wouldnt be filled by notifications of Verifies, Restores,
432 or Incremental/Differential Backups (which would likely be kept
435 Notes: One way this could be done is through additional message types, for example:
438 # email the boss only on full system backups
439 Mail = boss@mycompany.com = full, !incremental, !differential, !restore,
441 # email us only when something breaks
442 MailOnError = itdept@mycompany.com = all
445 Notes: Kern: This should be rather trivial to implement.
448 Item 11: Cause daemons to use a specific IP address to source communications
449 Origin: Bill Moran <wmoran@collaborativefusion.com>
452 What: Cause Bacula daemons (dir, fd, sd) to always use the ip address
453 specified in the [DIR|DF|SD]Addr directive as the source IP
454 for initiating communication.
455 Why: On complex networks, as well as extremely secure networks, it's
456 not unusual to have multiple possible routes through the network.
457 Often, each of these routes is secured by different policies
458 (effectively, firewalls allow or deny different traffic depending
459 on the source address)
460 Unfortunately, it can sometimes be difficult or impossible to
461 represent this in a system routing table, as the result is
462 excessive subnetting that quickly exhausts available IP space.
463 The best available workaround is to provide multiple IPs to
464 a single machine that are all on the same subnet. In order
465 for this to work properly, applications must support the ability
466 to bind outgoing connections to a specified address, otherwise
467 the operating system will always choose the first IP that
468 matches the required route.
469 Notes: Many other programs support this. For example, the following
470 can be configured in BIND:
471 query-source address 10.0.0.1;
472 transfer-source 10.0.0.2;
473 Which means queries from this server will always come from
474 10.0.0.1 and zone transfers will always originate from
478 Item 12: Add Plug-ins to the FileSet Include statements.
479 Date: 28 October 2005
481 Status: Partially coded in 1.37 -- much more to do.
483 What: Allow users to specify wild-card and/or regular
484 expressions to be matched in both the Include and
485 Exclude directives in a FileSet. At the same time,
486 allow users to define plug-ins to be called (based on
487 regular expression/wild-card matching).
489 Why: This would give the users the ultimate ability to control
490 how files are backed up/restored. A user could write a
491 plug-in knows how to backup his Oracle database without
492 stopping/starting it, for example.
495 Item 13: Restore only file attributes (permissions, ACL, owner, group...)
496 Origin: Eric Bollengier
498 Status: Implemented by Eric, see project-restore-attributes-only.patch
500 What: The goal of this project is to be able to restore only rights
501 and attributes of files without crushing them.
503 Why: Who have never had to repair a chmod -R 777, or a wild update
504 of recursive right under Windows? At this time, you must have
505 enough space to restore data, dump attributes (easy with acl,
506 more complex with unix/windows rights) and apply them to your
507 broken tree. With this options, it will be very easy to compare
508 right or ACL over the time.
510 Notes: If the file is here, we skip restore and we change rights.
511 If the file isn't here, we can create an empty one and apply
512 rights or do nothing.
514 This will not work with win32 stream, because it seems that we
515 can't split the WriteBackup stream to get only ACL and ownerchip.
517 Item 14: Add an override in Schedule for Pools based on backup types
519 Origin: Chad Slater <chad.slater@clickfox.com>
522 What: Adding a FullStorage=BigTapeLibrary in the Schedule resource
523 would help those of us who use different storage devices for different
524 backup levels cope with the "auto-upgrade" of a backup.
526 Why: Assume I add several new devices to be backed up, i.e. several
527 hosts with 1TB RAID. To avoid tape switching hassles, incrementals are
528 stored in a disk set on a 2TB RAID. If you add these devices in the
529 middle of the month, the incrementals are upgraded to "full" backups,
530 but they try to use the same storage device as requested in the
531 incremental job, filling up the RAID holding the differentials. If we
532 could override the Storage parameter for full and/or differential
533 backups, then the Full job would use the proper Storage device, which
534 has more capacity (i.e. a 8TB tape library.
537 Item 15: Implement more Python events and functions
538 Date: 28 October 2005
542 What: Allow Python scripts to be called at more places
543 within Bacula and provide additional access to Bacula
546 Implement an interface for Python scripts to access the
547 catalog through Bacula.
549 Why: This will permit users to customize Bacula through
557 Also add a way to get a listing of currently running
558 jobs (possibly also scheduled jobs).
561 to start the appropriate job.
564 Item 16: Allow inclusion/exclusion of files in a fileset by creation/mod times
565 Origin: Evan Kaufman <evan.kaufman@gmail.com>
566 Date: January 11, 2006
569 What: In the vein of the Wild and Regex directives in a Fileset's
570 Options, it would be helpful to allow a user to include or exclude
571 files and directories by creation or modification times.
573 You could factor the Exclude=yes|no option in much the same way it
574 affects the Wild and Regex directives. For example, you could exclude
575 all files modified before a certain date:
579 Modified Before = ####
582 Or you could exclude all files created/modified since a certain date:
586 Created Modified Since = ####
589 The format of the time/date could be done several ways, say the number
590 of seconds since the epoch:
591 1137008553 = Jan 11 2006, 1:42:33PM # result of `date +%s`
593 Or a human readable date in a cryptic form:
594 20060111134233 = Jan 11 2006, 1:42:33PM # YYYYMMDDhhmmss
596 Why: I imagine a feature like this could have many uses. It would
597 allow a user to do a full backup while excluding the base operating
598 system files, so if I installed a Linux snapshot from a CD yesterday,
599 I'll *exclude* all files modified *before* today. If I need to
600 recover the system, I use the CD I already have, plus the tape backup.
601 Or if, say, a Windows client is hit by a particularly corrosive
602 virus, and I need to *exclude* any files created/modified *since* the
605 Notes: Of course, this feature would work in concert with other
606 in/exclude rules, and wouldnt override them (or each other).
608 Notes: The directives I'd imagine would be along the lines of
609 "[Created] [Modified] [Before|Since] = <date>".
610 So one could compare against 'ctime' and/or 'mtime', but ONLY 'before'
614 Item 17: Automatic promotion of backup levels based on backup size
615 Date: 19 January 2006
616 Origin: Adam Thornton <athornton@sinenomine.net>
619 What: Amanda has a feature whereby it estimates the space that a
620 differential, incremental, and full backup would take. If the
621 difference in space required between the scheduled level and the next
622 level up is beneath some user-defined critical threshold, the backup
623 level is bumped to the next type. Doing this minimizes the number of
624 volumes necessary during a restore, with a fairly minimal cost in
627 Why: I know at least one (quite sophisticated and smart) user
628 for whom the absence of this feature is a deal-breaker in terms of
629 using Bacula; if we had it it would eliminate the one cool thing
630 Amanda can do and we can't (at least, the one cool thing I know of).
633 Item 18: Better control over Job execution
638 What: Bacula needs a few extra features for better Job execution:
639 1. A way to prevent multiple Jobs of the same name from
640 being scheduled at the same time (ususally happens when
641 a job is missed because a client is down).
642 2. Directives that permit easier upgrading of Job types
643 based on a period of time. I.e. "do a Full at least
644 once every 2 weeks", or "do a differential at least
645 once a week". If a lower level job is scheduled when
646 it begins to run it will be upgraded depending on
647 the specified criteria.
652 Item 19: Automatic disabling of devices
654 Origin: Peter Eriksson <peter at ifm.liu dot se>
657 What: After a configurable amount of fatal errors with a tape drive
658 Bacula should automatically disable further use of a certain
659 tape drive. There should also be "disable"/"enable" commands in
662 Why: On a multi-drive jukebox there is a possibility of tape drives
663 going bad during large backups (needing a cleaning tape run,
664 tapes getting stuck). It would be advantageous if Bacula would
665 automatically disable further use of a problematic tape drive
666 after a configurable amount of errors has occurred.
668 An example: I have a multi-drive jukebox (6 drives, 380+ slots)
669 where tapes occasionally get stuck inside the drive. Bacula will
670 notice that the "mtx-changer" command will fail and then fail
671 any backup jobs trying to use that drive. However, it will still
672 keep on trying to run new jobs using that drive and fail -
673 forever, and thus failing lots and lots of jobs... Since we have
674 many drives Bacula could have just automatically disabled
675 further use of that drive and used one of the other ones
678 Item 20: An option to operate on all pools with update vol parameters
679 Origin: Dmitriy Pinchukov <absh@bossdev.kiev.ua>
681 Status: Patch made by Nigel Stepp
683 What: When I do update -> Volume parameters -> All Volumes
684 from Pool, then I have to select pools one by one. I'd like
685 console to have an option like "0: All Pools" in the list of
688 Why: I have many pools and therefore unhappy with manually
689 updating each of them using update -> Volume parameters -> All
690 Volumes from Pool -> pool #.
693 Item 21: Include timestamp of job launch in "stat clients" output
694 Origin: Mark Bergman <mark.bergman@uphs.upenn.edu>
695 Date: Tue Aug 22 17:13:39 EDT 2006
698 What: The "stat clients" command doesn't include any detail on when
699 the active backup jobs were launched.
701 Why: Including the timestamp would make it much easier to decide whether
702 a job is running properly.
704 Notes: It may be helpful to have the output from "stat clients" formatted
705 more like that from "stat dir" (and other commands), in a column
706 format. The per-client information that's currently shown (level,
707 client name, JobId, Volume, pool, device, Files, etc.) is good, but
708 somewhat hard to parse (both programmatically and visually),
709 particularly when there are many active clients.
713 Item 22: Implement Storage daemon compression
714 Date: 18 December 2006
715 Origin: Vadim A. Umanski , e-mail umanski@ext.ru
717 What: The ability to compress backup data on the SD receiving data
718 instead of doing that on client sending data.
719 Why: The need is practical. I've got some machines that can send
720 data to the network 4 or 5 times faster than compressing
721 them (I've measured that). They're using fast enough SCSI/FC
722 disk subsystems but rather slow CPUs (ex. UltraSPARC II).
723 And the backup server has got a quite fast CPUs (ex. Dual P4
724 Xeons) and quite a low load. When you have 20, 50 or 100 GB
725 of raw data - running a job 4 to 5 times faster - that
726 really matters. On the other hand, the data can be
727 compressed 50% or better - so losing twice more space for
728 disk backup is not good at all. And the network is all mine
729 (I have a dedicated management/provisioning network) and I
730 can get as high bandwidth as I need - 100Mbps, 1000Mbps...
731 That's why the server-side compression feature is needed!
734 Item 23: Improve Bacula's tape and drive usage and cleaning management
735 Date: 8 November 2005, November 11, 2005
736 Origin: Adam Thornton <athornton at sinenomine dot net>,
737 Arno Lehmann <al at its-lehmann dot de>
740 What: Make Bacula manage tape life cycle information, tape reuse
741 times and drive cleaning cycles.
743 Why: All three parts of this project are important when operating
745 We need to know which tapes need replacement, and we need to
746 make sure the drives are cleaned when necessary. While many
747 tape libraries and even autoloaders can handle all this
748 automatically, support by Bacula can be helpful for smaller
749 (older) libraries and single drives. Limiting the number of
750 times a tape is used might prevent tape errors when using
751 tapes until the drives can't read it any more. Also, checking
752 drive status during operation can prevent some failures (as I
753 [Arno] had to learn the hard way...)
755 Notes: First, Bacula could (and even does, to some limited extent)
756 record tape and drive usage. For tapes, the number of mounts,
757 the amount of data, and the time the tape has actually been
758 running could be recorded. Data fields for Read and Write
759 time and Number of mounts already exist in the catalog (I'm
760 not sure if VolBytes is the sum of all bytes ever written to
761 that volume by Bacula). This information can be important
762 when determining which media to replace. The ability to mark
763 Volumes as "used up" after a given number of write cycles
764 should also be implemented so that a tape is never actually
765 worn out. For the tape drives known to Bacula, similar
766 information is interesting to determine the device status and
767 expected life time: Time it's been Reading and Writing, number
768 of tape Loads / Unloads / Errors. This information is not yet
769 recorded as far as I [Arno] know. A new volume status would
770 be necessary for the new state, like "Used up" or "Worn out".
771 Volumes with this state could be used for restores, but not
772 for writing. These volumes should be migrated first (assuming
773 migration is implemented) and, once they are no longer needed,
774 could be moved to a Trash pool.
776 The next step would be to implement a drive cleaning setup.
777 Bacula already has knowledge about cleaning tapes. Once it
778 has some information about cleaning cycles (measured in drive
779 run time, number of tapes used, or calender days, for example)
780 it can automatically execute tape cleaning (with an
781 autochanger, obviously) or ask for operator assistance loading
784 The final step would be to implement TAPEALERT checks not only
785 when changing tapes and only sending the information to the
786 administrator, but rather checking after each tape error,
787 checking on a regular basis (for example after each tape
788 file), and also before unloading and after loading a new tape.
789 Then, depending on the drives TAPEALERT state and the known
790 drive cleaning state Bacula could automatically schedule later
791 cleaning, clean immediately, or inform the operator.
793 Implementing this would perhaps require another catalog change
794 and perhaps major changes in SD code and the DIR-SD protocol,
795 so I'd only consider this worth implementing if it would
796 actually be used or even needed by many people.
798 Implementation of these projects could happen in three distinct
799 sub-projects: Measuring Tape and Drive usage, retiring
800 volumes, and handling drive cleaning and TAPEALERTs.
802 Item 24: Multiple threads in file daemon for the same job
803 Date: 27 November 2005
804 Origin: Ove Risberg (Ove.Risberg at octocode dot com)
807 What: I want the file daemon to start multiple threads for a backup
808 job so the fastest possible backup can be made.
810 The file daemon could parse the FileSet information and start
811 one thread for each File entry located on a separate
814 A confiuration option in the job section should be used to
815 enable or disable this feature. The confgutration option could
816 specify the maximum number of threads in the file daemon.
818 If the theads could spool the data to separate spool files
819 the restore process will not be much slower.
821 Why: Multiple concurrent backups of a large fileserver with many
822 disks and controllers will be much faster.
824 Item 25: Archival (removal) of User Files to Tape
826 Origin: Ray Pengelly [ray at biomed dot queensu dot ca
829 What: The ability to archive data to storage based on certain parameters
830 such as age, size, or location. Once the data has been written to
831 storage and logged it is then pruned from the originating
832 filesystem. Note! We are talking about user's files and not
835 Why: This would allow fully automatic storage management which becomes
836 useful for large datastores. It would also allow for auto-staging
837 from one media type to another.
839 Example 1) Medical imaging needs to store large amounts of data.
840 They decide to keep data on their servers for 6 months and then put
841 it away for long term storage. The server then finds all files
842 older than 6 months writes them to tape. The files are then removed
845 Example 2) All data that hasn't been accessed in 2 months could be
846 moved from high-cost, fibre-channel disk storage to a low-cost
847 large-capacity SATA disk storage pool which doesn't have as quick of
848 access time. Then after another 6 months (or possibly as one
849 storage pool gets full) data is migrated to Tape.
854 ========== Items on put hold by Kern ============================
856 Item h1: Split documentation
857 Origin: Maxx <maxxatworkat gmail dot com>
859 Status: Approved, awaiting implementation
861 What: Split documentation in several books
863 Why: Bacula manual has now more than 600 pages, and looking for
864 implementation details is getting complicated. I think
865 it would be good to split the single volume in two or
868 1) Introduction, requirements and tutorial, typically
869 are useful only until first installation time
871 2) Basic installation and configuration, with all the
872 gory details about the directives supported 3)
873 Advanced Bacula: testing, troubleshooting, GUI and
874 ancillary programs, security managements, scripting,
877 Notes: This is a project that needs to be done, and will be implemented,
878 but it is really a developer issue of timing, and does not
879 needed to be included in the voting.
882 Item h2: Implement support for stacking arbitrary stream filters, sinks.
883 Date: 23 November 2006
884 Origin: Landon Fuller <landonf@threerings.net>
885 Status: Planning. Assigned to landonf.
887 What: Implement support for the following:
888 - Stacking arbitrary stream filters (eg, encryption, compression,
889 sparse data handling))
890 - Attaching file sinks to terminate stream filters (ie, write out
891 the resultant data to a file)
892 - Refactor the restoration state machine accordingly
894 Why: The existing stream implementation suffers from the following:
895 - All state (compression, encryption, stream restoration), is
896 global across the entire restore process, for all streams. There are
897 multiple entry and exit points in the restoration state machine, and
898 thus multiple places where state must be allocated, deallocated,
899 initialized, or reinitialized. This results in exceptional complexity
900 for the author of a stream filter.
901 - The developer must enumerate all possible combinations of filters
902 and stream types (ie, win32 data with encryption, without encryption,
903 with encryption AND compression, etc).
905 Notes: This feature request only covers implementing the stream filters/
906 sinks, and refactoring the file daemon's restoration implementation
907 accordingly. If I have extra time, I will also rewrite the backup
908 implementation. My intent in implementing the restoration first is to
909 solve pressing bugs in the restoration handling, and to ensure that
910 the new restore implementation handles existing backups correctly.
912 I do not plan on changing the network or tape data structures to
913 support defining arbitrary stream filters, but supporting that
914 functionality is the ultimate goal.
916 Assistance with either code or testing would be fantastic.
918 Notes: Kern: this project has a lot of merit, and we need to do it, but
919 it is really an issue for developers rather than a new feature
920 for users, so I have removed it from the voting list, but kept it
921 here, but at some point, it will be implemented.
923 Item h3: Filesystem watch triggered backup.
925 Origin: Jesper Krogh <jesper@krogh.cc>
928 What: With inotify and similar filesystem triggeret notification
929 systems is it possible to have the file-daemon to monitor
930 filesystem changes and initiate backup.
932 Why: There are 2 situations where this is nice to have.
933 1) It is possible to get a much finer-grained backup than
934 the fixed schedules used now.. A file created and deleted
935 a few hours later, can automatically be caught.
937 2) The introduced load on the system will probably be
938 distributed more even on the system.
940 Notes: This can be combined with configration that specifies
941 something like: "at most every 15 minutes or when changes
944 Kern Notes: I would rather see this implemented by an external program
945 that monitors the Filesystem changes, then uses the console
948 Item h4: Directive/mode to backup only file changes, not entire file
949 Date: 11 November 2005
950 Origin: Joshua Kugler <joshua dot kugler at uaf dot edu>
951 Marek Bajon <mbajon at bimsplus dot com dot pl>
954 What: Currently when a file changes, the entire file will be backed up in
955 the next incremental or full backup. To save space on the tapes
956 it would be nice to have a mode whereby only the changes to the
957 file would be backed up when it is changed.
959 Why: This would save lots of space when backing up large files such as
960 logs, mbox files, Outlook PST files and the like.
962 Notes: This would require the usage of disk-based volumes as comparing
963 files would not be feasible using a tape drive.
965 Notes: Kern: I don't know how to implement this. Put on hold until someone
966 provides a detailed implementation plan.
969 Item h5: Implement multiple numeric backup levels as supported by dump
971 Origin: Daniel Rich <drich@employees.org>
973 What: Dump allows specification of backup levels numerically instead of just
974 "full", "incr", and "diff". In this system, at any given level, all
975 files are backed up that were were modified since the last backup of a
976 higher level (with 0 being the highest and 9 being the lowest). A
977 level 0 is therefore equivalent to a full, level 9 an incremental, and
978 the levels 1 through 8 are varying levels of differentials. For
979 bacula's sake, these could be represented as "full", "incr", and
980 "diff1", "diff2", etc.
982 Why: Support of multiple backup levels would provide for more advanced backup
983 rotation schemes such as "Towers of Hanoi". This would allow better
984 flexibility in performing backups, and can lead to shorter recover
987 Notes: Legato Networker supports a similar system with full, incr, and 1-9 as
990 Notes: Kern: I don't see the utility of this, and it would be a *huge*
991 modification to existing code.
993 Item h6: Implement NDMP protocol support
998 What: Network Data Management Protocol is implemented by a number of
999 NAS filer vendors to enable backups using third-party
1002 Why: This would allow NAS filer backups in Bacula without incurring
1003 the overhead of NFS or SBM/CIFS.
1005 Notes: Further information is available:
1007 http://www.ndmp.org/wp/wp.shtml
1008 http://www.traakan.com/ndmjob/index.html
1010 There are currently no viable open-source NDMP
1011 implementations. There is a reference SDK and example
1012 app available from ndmp.org but it has problems
1013 compiling on recent Linux and Solaris OS'. The ndmjob
1014 reference implementation from Traakan is known to
1015 compile on Solaris 10.
1017 Notes: Kern: I am not at all in favor of this until NDMP becomes
1018 an Open Standard or until there are Open Source libraries
1019 that interface to it.
1021 Item h7: Commercial database support
1022 Origin: Russell Howe <russell_howe dot wreckage dot org>
1026 What: It would be nice for the database backend to support more
1027 databases. I'm thinking of SQL Server at the moment, but I guess Oracle,
1028 DB2, MaxDB, etc are all candidates. SQL Server would presumably be
1029 implemented using FreeTDS or maybe an ODBC library?
1031 Why: We only really have one database server, which is MS SQL Server
1032 2000. Maintaining a second one for the backup software (we grew out of
1033 SQLite, which I liked, but which didn't work so well with our database
1034 size). We don't really have a machine with the resources to run
1035 postgres, and would rather only maintain a single DBMS. We're stuck with
1036 SQL Server because pretty much all the company's custom applications
1037 (written by consultants) are locked into SQL Server 2000. I can imagine
1038 this scenario is fairly common, and it would be nice to use the existing
1039 properly specced database server for storing Bacula's catalog, rather
1040 than having to run a second DBMS.
1042 Notes: This might be nice, but someone other than me will probably need to
1043 implement it, and at the moment, proprietary code cannot legally be
1044 mixed with Bacula GPLed code. This would be possible only providing
1045 the vendors provide GPLed (or OpenSource) interface code.
1047 Item h8: Incorporation of XACML2/SAML2 parsing
1048 Date: 19 January 2006
1049 Origin: Adam Thornton <athornton@sinenomine.net>
1052 What: XACML is "eXtensible Access Control Markup Language" and
1053 "SAML is the "Security Assertion Markup Language"--an XML standard
1054 for making statements about identity and authorization. Having these
1055 would give us a framework to approach ACLs in a generic manner, and
1056 in a way flexible enough to support the four major sorts of ACLs I
1057 see as a concern to Bacula at this point, as well as (probably) to
1058 deal with new sorts of ACLs that may appear in the future.
1060 Why: Bacula is beginning to need to back up systems with ACLs
1061 that do not map cleanly onto traditional Unix permissions. I see
1062 four sets of ACLs--in general, mutually incompatible with one
1063 another--that we're going to need to deal with. These are: NTFS
1064 ACLs, POSIX ACLs, NFSv4 ACLS, and AFS ACLS. (Some may question the
1065 relevance of AFS; AFS is one of Sine Nomine's core consulting
1066 businesses, and having a reputable file-level backup and restore
1067 technology for it (as Tivoli is probably going to drop AFS support
1068 soon since IBM no longer supports AFS) would be of huge benefit to
1069 our customers; we'd most likely create the AFS support at Sine Nomine
1070 for inclusion into the Bacula (and perhaps some changes to the
1071 OpenAFS volserver) core code.)
1073 Now, obviously, Bacula already handles NTFS just fine. However, I
1074 think there's a lot of value in implementing a generic ACL model, so
1075 that it's easy to support whatever particular instances of ACLs come
1076 down the pike: POSIX ACLS (think SELinux) and NFSv4 are the obvious
1077 things arriving in the Linux world in a big way in the near future.
1078 XACML, although overcomplicated for our needs, provides this
1079 framework, and we should be able to leverage other people's
1080 implementations to minimize the amount of work *we* have to do to get
1081 a generic ACL framework. Basically, the costs of implementation are
1082 high, but they're largely both external to Bacula and already sunk.
1084 Notes: As you indicate this is a bit of "blue sky" or in other words,
1085 at the moment, it is a bit esoteric to consider for Bacula.
1087 Item h9: Archive data
1089 Origin: calvin streeting calvin at absentdream dot com
1092 What: The abilty to archive to media (dvd/cd) in a uncompressed format
1093 for dead filing (archiving not backing up)
1095 Why: At work when jobs are finished and moved off of the main file
1096 servers (raid based systems) onto a simple Linux file server (ide based
1097 system) so users can find old information without contacting the IT
1100 So this data dosn't realy change it only gets added to,
1101 But it also needs backing up. At the moment it takes
1102 about 8 hours to back up our servers (working data) so
1103 rather than add more time to existing backups i am trying
1104 to implement a system where we backup the acrhive data to
1105 cd/dvd these disks would only need to be appended to
1106 (burn only new/changed files to new disks for off site
1107 storage). basialy understand the differnce between
1108 achive data and live data.
1110 Notes: Scan the data and email me when it needs burning divide
1111 into predefined chunks keep a recored of what is on what
1112 disk make me a label (simple php->mysql=>pdf stuff) i
1113 could do this bit ability to save data uncompresed so
1114 it can be read in any other system (future proof data)
1115 save the catalog with the disk as some kind of menu
1118 Notes: Kern: I don't understand this item, and in any case, if it
1119 is specific to DVD/CDs, which we do not recommend using,
1120 it is unlikely to be implemented except as a user
1124 Item h10: Clustered file-daemons
1125 Origin: Alan Brown ajb2 at mssl dot ucl dot ac dot uk
1128 What: A "virtual" filedaemon, which is actually a cluster of real ones.
1130 Why: In the case of clustered filesystems (SAN setups, GFS, or OCFS2, etc)
1131 multiple machines may have access to the same set of filesystems
1133 For performance reasons, one may wish to initate backups from
1134 several of these machines simultaneously, instead of just using
1135 one backup source for the common clustered filesystem.
1137 For obvious reasons, normally backups of $A-FD/$PATH and
1138 B-FD/$PATH are treated as different backup sets. In this case
1139 they are the same communal set.
1141 Likewise when restoring, it would be easier to just specify
1142 one of the cluster machines and let bacula decide which to use.
1144 This can be faked to some extent using DNS round robin entries
1145 and a virtual IP address, however it means "status client" will
1146 always give bogus answers. Additionally there is no way of
1147 spreading the load evenly among the servers.
1149 What is required is something similar to the storage daemon
1150 autochanger directives, so that Bacula can keep track of
1151 operating backups/restores and direct new jobs to a "free"
1154 Notes: Kern: I don't understand the request enough to be able to
1155 implement it. A lot more design detail should be presented
1156 before voting on this project.
1158 ========= Added since the last vote =================
1160 Item: Store and restore extended attributes, especially selinux file contexts
1161 Date: 28 December 2007
1162 Origin: Frank Sweetser <fs@wpi.edu>
1163 What: The ability to store and restore extended attributes on
1164 filesystems that support them, such as ext3.
1166 Why: Security Enhanced Linux (SELinux) enabled systems make extensive
1167 use of extended attributes. In addition to the standard user,
1168 group, and permission, each file has an associated SELinux context
1169 stored as an extended attribute. This context is used to define
1170 which operations a given program is permitted to perform on that
1171 file. Storing contexts on an SELinux system is as critical as
1172 storing ownership and permissions. In the case of a full system
1173 restore, the system will not even be able to boot until all
1174 critical system files have been properly relabeled.
1176 Notes: Fedora ships with a version of tar that has been patched to handle
1177 extended attributes. The patch has not been integrated upstream
1178 yet, so could serve as a good starting point.
1180 http://linux.die.net/man/2/getxattr
1181 http://linux.die.net/man/2/setxattr
1182 http://linux.die.net/man/2/listxattr
1184 http://linux.die.net/man/3/getfilecon
1185 http://linux.die.net/man/3/setfilecon
1187 Item 1: enable/disable compression depending on storage device (disk/tape)
1188 Origin: Ralf Gross ralf-lists@ralfgross.de
1190 Status: Initial Request
1192 What: Add a new option to the storage resource of the director. Depending
1193 on this option, compression will be enabled/disabled for a device.
1195 Why: If different devices (disks/tapes) are used for full/diff/incr
1196 backups, software compression will be enabled for all backups
1197 because of the FileSet compression option. For backup to tapes wich
1198 are able to do hardware compression this is not desired.
1201 Notes: http://news.gmane.org/gmane.comp.sysutils.backup.bacula.devel/cutoff=11124
1202 It must be clear to the user, that the FileSet compression option must
1203 still be enabled use compression for a backup job at all. Thus a name
1204 for the new option in the director must be well-defined.
1206 Notes: KES I think the Storage definition should probably override what
1207 is in the Job definition or vice-versa, but in any case, it must
1211 Item 1: Backup and Restore of Windows Encrypted Files through raw encryption functions
1213 Origin: Michael Mohr, SAG Mohr.External@infineon.com
1215 Date: 22 February 2008
1219 What: Make it possible to backup and restore Encypted Files from and
1220 to Windows systems without the need to decrypt it by using the raw encryption
1222 (see: http://msdn2.microsoft.com/en-us/library/aa363783.aspx)
1224 that is provided for that reason by Microsoft.
1225 If a file ist encrypted could be examined by evaluating the
1226 FILE_ATTRIBUTE_ENCRYTED flag of the GetFileAttributes
1229 Why: Without the usage of this interface the fd-daemon running
1230 under the system account can't read encypted Files because
1231 the key needed for the decrytion is missed by them. As a result
1232 actually encrypted files are not backed up
1233 by bacula and also no error is shown while missing these files.
1237 Item 1: Possibilty to schedule Jobs on last Friday of the month
1238 Origin: Carsten Menke <bootsy52 at gmx dot net>
1242 What: Currently if you want to run your monthly Backups on the last
1243 Friday of each month this is only possible with workarounds (e.g
1244 scripting) (As some months got 4 Fridays and some got 5 Fridays)
1245 The same is true if you plan to run your yearly Backups on the last
1246 Friday of the year. It would be nice to have the ability to use the builtin
1249 Why: In many companies the last working day of the week is Friday (or
1250 Saturday), so to get the most data of the month onto the monthly tape, the
1251 employees are advised to insert the tape for the monthly backups on the last
1252 friday of the month.
1254 Notes: To give this a complete functionality it would be nice if the "first"
1255 and "last" Keywords could be implemented in the scheduler, so it is also
1256 possible to run monthy backups at the first friday of the month and many things
1257 more. So if the syntax would expand to this {first|last} {Month|Week|Day|Mo-Fri}
1258 of the {Year|Month|Week} you would be able to run really flexible jobs.
1260 To got a certain Job run on the last Friday of the Month for example one could
1263 Run = pool=Monthly last Fri of the Month at 23:50
1267 Run = pool=Yearly last Fri of the Year at 23:50
1269 ## Certain Jobs the last Week of a Month
1271 Run = pool=LastWeek last Week of the Month at 23:50
1273 ## Monthly Backup on the last day of the month
1275 Run = pool=Monthly last Day of the Month at 23:50
1277 ========== Already implemented ================================
1279 Item n: make changing "spooldata=yes|no" possible for
1280 manual/interactive jobs
1281 Origin: Marc Schiffbauer <marc@schiffbauer.net>
1282 Date: 12 April 2007)
1285 What: Make it possible to modify the spooldata option
1286 for a job when being run from within the console.
1287 Currently it is possible to modify the backup level
1288 and the spooldata setting in a Schedule resource.
1289 It is also possible to modify the backup level when using
1290 the "run" command in the console.
1291 But it is currently not possible to to the same
1292 with "spooldata=yes|no" like:
1294 run job=MyJob level=incremental spooldata=yes
1296 Why: In some situations it would be handy to be able to switch
1297 spooldata on or off for interactive/manual jobs based on
1298 which data the admin expects or how fast the LAN/WAN
1299 connection currently is.
1303 ============= Empty Feature Request form ===========
1304 Item n: One line summary ...
1305 Date: Date submitted
1306 Origin: Name and email of originator.
1309 What: More detailed explanation ...
1311 Why: Why it is important ...
1313 Notes: Additional notes or features (omit if not used)
1314 ============== End Feature Request form ==============