 So, hello and welcome back again. I will give you an overview of Barrios. Tell you what it is and let's get started. First, who am I? My name is Andreas Rogge. I'm developing Barrios for a living like all my colleagues. I do customer support at Barrios GmbH and Coca-G. I'm a longtime user of Barrios and with a long time, I mean long time like since the project started and there was a predecessor which I've been using like almost 20 years. I have a background in IT operations and systems administrations. So, where do I work? Barrios GmbH and Coca-G is the company that funds the Barrios project with whatever the project needs like build systems, developers, coffee, you name it. It's also a business that provides binary package subscriptions. You can have technical support where you can talk to me if you want to. We offer training and we have partnerships with local providers. The local providers also allow us to provide the support in local languages. So, we do it for English and of course German because that's our native language. But we also have Dutch, French, Spanish I think, yes something Russian. I'm not sure, not really, not anymore. So, if you're like Barrios, you will probably find some local partner in your language if you want to have support. And, yeah, so that's for this. So, what is Barrios? The name is somewhat of an acronym for backup archiving recovery open source. Now, what does that mean? First of all, it is open source. So, everything is released under AGPL and other comfortable licenses like BSE licenses, open LDAP license, ZLIP license, some public domain stuff. Everything we program for ourselves is AGPL but we're standing on a lot of great libraries and projects which may have different licenses. Everything we do, and I really mean everything we do, we release on GitHub. There is no open core or whatever, all code is always on GitHub. However, open source doesn't mean open binary. So, if you want to have the latest binaries, you can have a subscription from us or you have to build it yourself or your distributor needs to do. It's extensible, which is an important point for a backup solution. We have a lot of methods how to extend the system. The usual backup system can move files from A to B and back. Maybe you want to do something before you move the file so you can add a script. Maybe you have something complicated which is not a file so you need some specific way to actually do the backup. So, you can write a plug-in. There's a plug-in interface in every of the components so you can extend everything of the system and if that's not enough, it's open source. You can change it. If you want to add something, open a pull request. It's network based. Everything runs over the network. So, if you do a backup, it's passed from the system that is backuped to a system that takes the backup over an IP network, IPv4, IPv6. And we do encryption by default. So, all network connections starting with Barrios 18.2 unless you explicitly disable it will use TLS with pre-shared keys which you already have configured because for Barrios you need pre-shared keys. And every connection will be encrypted by default with OpenSSL. What else? It's multi-platform and it really is. Right now we build binaries for at least 13 platforms including major Linux distributions like the whole Red Hat stuff, SUSE, Debian, Ubuntu. We also have binaries for FreeBSD, macOS and Windows and some of the commercial unixes like Solaris, HP UX and AIX. So, you can build for more systems if you need it and you have a C++11 compatible compiler. We can probably make it work. And probably you can even make it work yourself. Last but not least, it has an enterprise focus. So, some of the features are targeted to an enterprise audience like you get a catalog where you can do your reviews. So, you know what files went where and when did this happen. You can configure detailed data retention, how long to keep stuff around. These are great features for all users but they made it into the project because they are interesting for enterprise users. That doesn't mean we don't want normal people or home users to use the product. It's just the focus is on the enterprise, whatever an enterprise is. Yeah. And lastly, don't forget, it's a backup software. So basically, as I said, it moves files from a source to some destination and once you lost the files on the source or you don't want them, you can just move them back. So, that is what Parios is. How does it work? This is an overview diagram of the architecture and I try to explain what the components are and what happens. So, in the center you have a Barrios server. So, this is a sales slide. That's why it's not saying Barrios Director. The component is called... Sorry! So, the main component is a Barrios Director which does the whole scheduling and most of the configuration goes there. So, what backup sets should be done when, from where to where is all managed by the Director. The Director also has a catalog of everything that has happened and is restoreable. So, as long as you have your catalog entries and media available, you can restore and you can also look what happened and what were the log records of the original backup, for example. Then the scheduling itself and the other jobs that run move data from some kind of source, which is the file daemon, to some kind of destination, which is the search daemon or for restore the other way around. The file daemon can do, of course, files and, as I already mentioned, there are plugins. So, you can, for example, connect it to a vCenter system and backup snapshots of your VMDA servers. You can efficiently do backups of a Gluster FS with Gluster Fine through another plugin where you don't have to move through all single file, but it can just efficiently query Gluster what has changed. I think there's something for Ceph to do something like this for Ceph FS, which is basically the same thing. We can do backup Microsoft SQL server on a Windows machine with incremental backups, I think. We have NDMP support, so if you have a large filer that supports NDMP, we can also backup this. We have also some newer plugins, which are now in core, to backup, for example, MySQL databases. This has been a contribution that is somewhat older, it's now part of the core, so there's a plugin for this. We also have a plugin for Overlord or Rathad Virtualization, which is new, so you can also backup and restore these virtual machines. I think plugins is not that hard. We try to make it even easier, so I hope we are going to see much more things you can backup and restore with Barrios very soon. On the other hand, the search daemon can write to the usual suspects like disk storage, obviously, tapes and tape auto changers, where you can just store the data. On the tape auto changer, you can also have tape encryption, half-way tape encryption, and we can write to the cloud, which may be an S3 backend, a Seth backend, GlusterFS, as described, and you can do disk to disk to tape, for example, so you can migrate from one storage to the other and back and from one data center to the other and back, if you want to. So, that's what it does. What are the key features or what do I believe are the key features of Barrios? First of all, the catalog database. So, for a lot of the simpler backup systems you find around, you can take backups, you can restore them, but you have no way to say like, okay, what backups of that file on that server in that directory do I have and where are they stored? So, that's one of the great strengths I believe Barrios has. Encryption on multiple levels. I already mentioned TLS encryption by default for all TCP connections. I also mentioned hardware encryption for LTO tape drives. But we can also do something that is called zero knowledge backup, where the file daemon actually has a private key and a public key and encrypts the data with its public key. It's stored on the SD, the SD can't read it. The director has the metadata, so it knows how the files are called, but it can never look into them and only the file daemon itself with the correct private key can then decrypt the data when it's restored. So, if you have documents which are problematic, you can just back up your bosses or your human resources people's laptop with this and the administrator has no chance to take a look at the files. Also, it's quite firewall friendly. It works over the network, as we always said. There is not that much of different network ports that are used and you can choose the direction. So, you have a single port per connection. The file daemon to the storage daemon is one connection. And the director to both other daemons are the others and you can choose in which direction these are open. So, you can configure your client to actually connect to your server if you don't know the IP address of the client because it's DHCP, for example. But you can, for example, also make sure that the connection from the storage machine to the client that is back up happens in that direction and not the other way around as a default. For example, if the machine you are backing up is in a DMZ, so you have to poke a hole into the firewall, of course, but just in the direction into the DMZ and not the other way around. And EMP support is one big thing, not so much for the normal customer, but for larger companies with NetApp filers, that's really, really relevant. We have a plug-in interface that I already mentioned that is great, so you can just extend everything with C++ and Python, which makes things really, really simple. So, what's new? What did we change? What did we change in the project? First of all, nowadays, all our commits go into the master branch. This might seem obvious. To us, it wasn't. Now it is. We adapted the GitHub flow, which actually means we work on things, publish them as a pull request, discuss them publicly, even the changes we do internally, and then either accept them or we don't. We try to get the community more involved. We had quite a few community contributions last year, and we hope we get a lot better at that. We do code reviews for every changes, which is actually happening because of the GitHub flow. So, every pull request one of our core developers opens is peer reviewed by another core developer before it is moved into master. We have much improved automated testing. I don't want to go into detail too much, but I think the number of automated tests has at least doubled, if not tripled in the last year. We have upgraded our continuous integration system to work much faster, do better tests, and we nowadays build every commit on every branch. So, we know everything we do builds and works for everything, but the Unix platforms. So, the Linux, FreeBSD and stuff, everything automatically built and tested. So, every change, even if you have a pull request, we can just wait for it to build, take a look at it and tell you, okay, that's a great idea, but it doesn't work on FreeBSD, sorry. We move the documentation to REST, which is basically a good idea, because it's much simpler to edit than the latest documentation was before. And now, actually, we start to push ourselves and each other to open a pull request which already includes the documentation for the change, which is a huge improvement. So, what changed in the software? What are the notable features of 19.2? We have the Pacona Extra backup plugin finally in the core, so many people have been using it. We have a plugin to backup overt and reted virtualization, which will be in a separate talk. I'm not going into detail very much now. We now can run a job when a client connects to the director. So, if you have a laptop, for example, you can set it up. So, if you come to the office and plug it in and it hasn't run a backup for some time, it will just start when you connect it. We have a database copy tool, which is probably still somewhat experimental. That doesn't sound like a big deal, but you can copy your MySQL catalog into a PostResql database. So, for people who want to migrate, this may be a good idea. Many people on the mailing list ask for that. We have finally the Python Barreios Client Library has now added support for the TLS encryption of the new protocol. So, that was the last thing that didn't do encryption by default. And we have some minor performance improvements. I'm not going into detail too much on that. So, what's our future direction? Where do we want to go? We want to partition the file table. If you have a Barreios installation and you have more than just a few clients, you might have noticed this gets somewhat big. We'll try to cut this down. It's not completely decided how, what, and when, but that's going to happen. We will have a lot of new plugins for FileDemon, at least I hope so. For example, for PostResql, for maybe object storages, so you can just back up your S3 if you want to. We will try to improve the day-to-day user experience. There's a lot of little things that can be improved, which are really simple to do. For example, if you say you want to restore before a certain point in time, you have to give this point in time right now down to the second, which just doesn't make sense. It's a simple change, but I think we have like 50 of these, which we can just do, and hopefully that will happen. We want to do de-duplication. On the one hand, get de-duplication friendly, so if you have a system that can do block-level de-duplication, the data we write on the SD will be de-duplicated, and maybe in the end, even automatic de-duplication in the SD backend itself. That's a very future story, but it's a direction in which we want to go. Also, we want to overhaul the device reservation logic. This becomes obvious once you have tried Barrios with a tape auto-changer with more than two tape drives. It sometimes does really, really strange things, and we will probably have to find just a new way to do this. Lastly, if you want to get involved in the project, maybe contribute, plug-in, whatever, you can get in touch with us using the mailing lists, Barrios users at googlegroups.com for day-to-day chat, and Barrios Devol for development talk. You can take a look at GitHub. We have a lot of things going on there right now. We had a lot of pull requests. You can review our code, please. If you look at our code, leave a comment. If it sucks, tell us. And you can, of course, get in touch at the next events. At this event, of course, we are all around, and the next events will be scale in Pasadena in the USA. If I'm not mistaken, it takes place at the beginning of March, then we will be present at OpenExpo Europe in Madrid, which is in June, and we have an OS camp also in June after the open-source data center conference, which is dedicated to Barrios, a whole day, I think. Yes. And also, this is more or less tentatively, but we try to make Frostconn in St. Augustine in August work for us, too. So, I don't know how much time I have left for questions. Two. So, any questions? Yeah. That's kind of the problem, in 2015. Yeah. Is that actually the way to go to use S3 as a backend? Yes and no. For you, right now, as a user, yes. For us, in the long term, probably not. So, we will have an S3 backend. We will probably replace the current S3 backend with a different one, but up until this has happened, the S3 backend that is right there now will be supported. I think you were first. Sorry? The question is, are agents for VMs? Is it, as an agent-less solution, is it really quite the install agent? Yeah. You can install an agent into the virtual machine, but you don't have to. If you install the agent in the virtual machine, you just back up the virtual machine like you would with a physical machine. If you have a dedicated machine on the vCenter that does the backup, it will take a snapshot of the virtual machine, back up that, and you can then do differential and incremental backups based on change block tracking in VM there. So, the comment from the back was, it doesn't work with an ESXi. You need a vCenter license for that. Yes. So, sorry. You had this nation who setmate in both places. Yes. What kind of setmates and phases are you? That's a good question. Seth is my, I have, what, what? So, I know we have a customer that actually backups his Gluster onto Seth. I don't know why, but they do it. And they have a large amount of data. So, not really a simple one. You can ask me about that later if you want to, but it's probably out of scope. But, good question. Do we have time's up? Sorry. Catch me somewhere.