You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
### Application with Database (CNPG CloudNativePG)
326
326
327
-
Databases use **CloudNativePG** with Barman backups to RustFS S3 — a separate backup path from the PVC/VolSync system.
327
+
Databases use **CloudNativePG** with Barman backups to RustFS S3 — a **separate backup path** from the PVC/VolSync system. PVC backups use NFS + Kopia (shared repository with cross-PVC deduplication). Database backups use S3 + Barman (SQL-aware `pg_basebackup` + WAL archiving for point-in-time recovery). Each tool uses its native backup mechanism — see [backup-restore.md](docs/backup-restore.md#why-two-backup-systems-nfs-for-pvcs-s3-for-databases) for the full rationale.
Copy file name to clipboardExpand all lines: docs/backup-restore.md
+30-2Lines changed: 30 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -182,14 +182,42 @@ Kyverno generates a secret per-PVC with:
182
182
/mnt/BigTank/k8s/volsync-kopia-nfs/
183
183
├── kopia.repository # Kopia repository config
184
184
├── kopia.blobcfg # Blob storage config
185
-
├── p/ # Pack files (deduplicated data)
185
+
├── p/ # Pack files (ALL deduplicated data from ALL PVCs)
186
186
├── q/ # Index blobs
187
-
├── n/ # Manifest blobs
187
+
├── n/ # Manifest blobs (snapshots tagged by namespace/pvc-name)
188
188
└── x/ # Session blobs
189
189
```
190
190
191
191
All PVC backups share the same Kopia repository, with snapshots tagged by namespace/pvc-name.
192
192
193
+
### Cross-PVC Deduplication
194
+
195
+
This shared repository design is a deliberate choice. Kopia uses **content-defined chunking** — files are split into variable-size chunks based on content boundaries, and each chunk is stored by its hash. If the same chunk exists anywhere in the repository (from any PVC, any namespace), it's stored only once.
196
+
197
+
**What this means in practice:**
198
+
- Delete and recreate an app → new PVC backs up → Kopia finds all chunks already exist → near-instant backup, almost zero new storage
199
+
- Multiple apps with similar files (configs, timezone data, shared libraries) → one copy
200
+
- Incremental backups only store changed chunks, not changed files
201
+
- Storage grows by unique data, not by number of PVCs
202
+
203
+
**Why not S3 + Restic?** VolSync also supports Restic to S3, but each PVC gets its own separate Restic repository — zero cross-PVC deduplication. Delete and recreate an app = full backup from scratch. More storage, more bandwidth, slower.
204
+
205
+
## Why Two Backup Systems (NFS for PVCs, S3 for Databases)
206
+
207
+
**PVC backups → NFS + Kopia** because:
208
+
- VolSync's Kopia mover needs filesystem access for content-defined chunking and dedup
209
+
- Direct NFS gives 10Gbps to TrueNAS with no HTTP overhead
210
+
- No per-namespace S3 credentials — Kyverno just injects the NFS mount
211
+
- One shared repository = cross-PVC deduplication (see above)
212
+
213
+
**Database backups → S3 + Barman** because:
214
+
- CNPG's built-in backup only supports Barman, and Barman speaks S3 (not NFS)
215
+
- Barman does SQL-aware backups (`pg_basebackup` + continuous WAL archiving) for point-in-time recovery
216
+
- Filesystem-level snapshots of running Postgres can be inconsistent without the WAL stream
217
+
- CNPG has no native NFS backup option
218
+
219
+
Each tool uses its native backup mechanism. Forcing either into the other's model would mean worse backups.
0 commit comments