(a fork of Attic-Backup)
"I found the Holy Grail of backups."
(Stavros K. about Attic-Backup, 8/2013)
34c3 presentation by Thomas Waldmann
Borg - a fork of Attic
Attic: 2010-2015, good design, proven code
development going slowly
some bugs and annoyances
not very open to new developers
Borg Backup: forked from Attic in May 2015
a community project, bus_factor++
lots of fixes and good PRs merged
open and inviting to new contributors
faster paced, lots of activity
Feature Set (1)
- easy and fast
- content-defined chunking (*)
- chunk deduplication (*)
- lz4, zstd, zlib, lzma compression
encryption with aes256-ctr
hmac-sha256 or blake2b
simple backend (k/v, fs, via ssh)
Feature Set (2)
FOSS (BSD license)
good platform / arch support
xattr / acl / bsdflags support
mount a backup via FUSE
Python 3.4+, a little Cython & C
good test coverage, CI
No problem with:
- VM images (sparse file support)
- (physical) disks, LV snapshots
- renamed huge directories
- inner duplication of data set
- historical duplication
- duplication on different machines
Content defined chunking:
- "buzhash" rolling hash
- cut data when hash has specific bit pattern,
yields chunks with ~ 2^n bytes target size
- n + other chunker params configurable
- seeded, to avoid fingerprinting chunk lengths
Store chunks under id into store:
- id = HASH(chunk), or
- id = MAC(id_key, chunk)
Now and Future
- 1.0 "oldstable", widely distributed, use 1.0.9+
1.1 "stable", recently released, use 1.1.4+
(new features, code cleanup)
1.2 Crypto Enhancements
- AES-GCM (AES-OCB? chacha20-poly1305? keccak?)
- Key Management
- Ciphersuite Flexibility
- "Serial Threaded Workers"? (avoids races)
How you can help
Python / Cython / C? Help us coding.
do a security review
do real-world performance tests / comparisons
find bugs / issues, improve docs
spread the word, borg is not well-known yet
sponsor development via bountysource
help with the windows native port
Borg Backup - Links
#borgbackup on chat.freenode.net
Questions / Feedback?
Find me at the Python assembly (sometimes).
Or use IRC, github issues or the mailing list.
- OpenSSL (1.0 or 1.1), but only for the crypto primitives (currently: AES in CTR mode)
- uses hardware acceleration (AES-NI)
- authentication is not hw accelerated:
borg 1.0+: hmac-sha256
borg 1.1+: additionally faster blake2b
- borg 1.2 (future): fast AEAD modes
AES-OCB (HW accelerated)
chacha20-poly1305 (quite quick in SW)
- crypto hashes from python stdlib / OpenSSL / blake2b reference implementation
- we use random from /dev/urandom (via Py stdlib)
- lz4 is super fast - use it! often faster than without.
- zstd is also cool: offers a wide range from very fast to very good compression (borg 1.1.4+)
- there is also zlib or lzma.
- borg 1.1 can use lz4 to predict compressibility (and then either use none, lz4, zstd, zlib or lzma)
- don't use lzma > level 6, it is pointless: small chunks!
- you can use different compression in same repo.
- existing chunks won't get recompressed.
- 1.1 has "recreate" to recompress.
Bonus: Chunking / Dedupe
- you can use different chunker params in same repo.
- existing chunks won't get re-chunked.
- 1.1 has "recreate" to re-chunk.
- differently cut chunks won't deduplicate.
- deduplication is based on (hmac-)sha256 of chunks' plaintext, before compression / encryption.
Bonus: Hash Table
- own hashtable implementation in C
- lots of chunks to manage, use memory efficiently
- doing rather simple linear hashing
- HT perf determines speed for unchanged files:
we check file mtime|ctime / size / inode number
(via a HT lookup) that we have all chunks in the repo
BorgBackup LT 34c3 (updated 2017-12)
By Thomas Waldmann