File-Level Recovery For VirtualMachine backups

Step-by-Step Guide to Setting Up File-Level Recovery

Introduction

The File-Level Recovery for VirtualMachine feature is a powerful tool within Trilio's backup and recovery framework, designed to enable users to recover individual files or directories from VM backups without restoring an entire virtual machine. This feature is particularly useful in scenarios where only specific files or data need to be retrieved, saving time and resources.

Key Benefits

  • Granular Recovery: Recover specific files or directories from a VM backup, eliminating the need to restore the entire VM.

  • Flexibility: Use Trilio's default FileRecovery VM image or bring your own custom VM image to meet specific compliance, security, or operational requirements.

  • Secure Access: File recovery is performed via an SSH-enabled server, ensuring secure access to the backup data.

Prerequisites

Before using the File-Level Recovery for VirtualMachine feature, ensure that you have the following prerequisites in place:

1. Build a Custom VM Image (Optional):

Trilio offers a default FileRecovery VM image that comes pre-configured with all necessary dependencies and works out of the box for most use cases. However, if your organization has specific compliance, security, or operational requirements, you may opt to build and use a custom VM image instead.

Using a custom image is entirely optional. If needed, the image must be based on CentOS 8 and include all required dependencies.

👉 Refer to the dependency list and follow the instructions here to build and set up your custom FileRecovery VM image.

2. Create a DataVolume (Optional – Only if Using a Custom VM Image)

This step is optional and only required if you intend to use a custom FileRecovery VM image instead of the default image provided by Trilio.

To use your own image, you need to create a DataVolume and wait for the data import process to complete. Below is a sample YAML configuration for creating a DataVolume:

apiVersion: cdi.kubevirt.io/v1beta1
kind: DataVolume
metadata:
  name: trilio-filerecovery-datavolume
spec:
  source:
    registry:
      url: 'docker://<your-custom-image-url>'
  storage:
    accessModes:
      - ReadWriteOnce
    resources:
      requests:
        storage: 30Gi

🔹 If you are not using a custom VM image, you can skip this step. The FRVM controller will automatically pull and set up the default FileRecovery VM image when the first FileRecoveryVM is created.

🔹 Default FileRecovery VM image: quay.io/triliodata/filerecovery:5.1.0

If you’ve built a custom image, replace the url field with the location of your own published image.

Once the DataVolume is created, the DataVolume controller will automatically create a corresponding PVC and import the specified VM image into it. You can then reference this DataVolume or the generated PVC when creating the FileRecoveryVM custom resource.

For more information, refer to the official CDI documentation.

3. Generate an SSH Key Pair(Required):

Trilio launches an SSH-enabled server within the Recovery VM, running on the mounted filesystem where the backed-up VM data is accessed.

  • To SSH into the server, generate an SSH key pair in advance.

  • Provide the public key to Trilio during FileRecovery VM creation. Trilio will add it to the server's authorized_keys file, allowing access with the corresponding private key.

    For instructions on generating an SSH key pair, refer to this guide, or use any other preferred resource.

4. Create Encryption Secret(Optional):

To recover files from an encrypted VM backup, recreate the encryption secret used during the backup process in the install namespace. Users intending to recover files from an encrypted backup must have access to the encryption secrets in the install namespace.

How It Works

The File-Level Recovery for VirtualMachine feature creates a temporary virtual machine(Recovery VM in this context) that mounts the backed-up disks of the selected VM. Within this Recovery VM, an SSH-enabled server is launched, allowing users to securely access the mounted VM backup. Users can then SSH into the server, browse the backup, locate the required files, and download them using standard tools like SCP or WinSCP.

Use Cases

  • Accidental Deletion: Quickly recover files that were accidentally deleted from a VM.

  • Data Corruption: Retrieve uncorrupted versions of files from a previous backup.

User Journey for FileRecovery VM

1. Select Backup for File Recovery:

  • Go to the backup listing page and identify the VM backup from which you want to recover files.

  • Click on the dropdown arrow for the selected backup and choose "Browse Data".

Browse Data Selection

2. Select a VM from the Backup:

  • Trilio will list all the VMs and PVCs available in the backup.

  • Select the desired VM for file recovery.

VM and PVC Listing

3. Provide Required Inputs

When creating a FileRecovery VM through the UI, you will be prompted to fill in the following fields:

  • Namespace (required): Select the Kubernetes namespace where the FileRecoveryVM Custom Resource (CR) should be created.

  • Name (required): Provide a unique name for the FileRecoveryVM CR.

  • Public Key (required): Enter the SSH public key that will be used to access the SSH-enabled recovery server.

    🔐 Ensure this key matches the prerequisites for secure access.

  • Service Type (optional): Choose the Kubernetes service type for exposing the recovery service (e.g., ClusterIP, NodePort ,LoadBalancer ).\

    If not specified, the default service type will be:

    ClusterIP

  • Disk Selection:

    • Default Disk: Uses Trilio's pre-configured recovery image.

    • Custom Disk: Select this if you've created your own DataVolume or PVC based on a custom image (see Step 2).

  • Encryption Secret (if applicable): If your backup is encrypted, select the encryption secret (must match the one used during backup creation and should exist in the install namespace).

Advanced Options

  • Instancetype / ClusterInstancetype (optional): To customize VM resources like CPU and memory, select an appropriate VirtualMachineInstancetype or VirtualMachineClusterInstancetype CR from the dropdown.\

    If no Instancetype is selected, the following default resource values will be applied:

    resourceRequirements:
  requests:
    memory: "2Gi"
cpu:
  cores: 1
  sockets: 1
  threads: 1

💡 Refer to the KubeVirt documentation for guidance on creating these CRs.

  • Preference / ClusterPreference (optional): To set VM-level preferences (e.g., preferredDiskBus, preferredInterfaceModel), choose a corresponding VirtualMachinePreference or VirtualMachineClusterPreference CR.

    ⚙️ These preferences help tailor the VM configuration to your infrastructure or use case.

Once all required fields are filled in, click Create to initiate the FileRecoveryVM.

  • After entering the details, click "create" to proceed.

4. Background Processing:

Trilio performs the following actions in the background:

  • Creates the FileRecoveryVM CR using the provided inputs.

  • Launches an SSH-enabled server within the Recovery VM.

  • Mounts the selected VM backup in the Recovery VM.

  • Exposes the mounted VM backup filesystem externally through an SSH-enabled server via a Kubernetes service.

5. Accessing the Files:

  • Once processing is complete, Trilio UI will display an SSH command.

  • Use the command to SSH into the server running inside the Recovery VM.

  • The UI will also display the backup mount locations within the SSH server, allowing you to easily locate your backed-up data.

  • Browse the VM backup data and download files using the SCP command. For more details, please refer to this.

6. View and Manage FileRecoveryVM CRs:

  • Users can navigate to the FileRecoveryVM CR Listing Page to view all active FileRecoveryVM Custom Resources (CRs) present in the cluster.

  • This page provides an overview of each FileRecoveryVM, including its status, SSH details, and resource allocation.

  • Users will also have the option to create the FRVM directly from this page by clicking the Create button.

  • Users can retrieve the SSH command for accessing a specific FileRecovery VM directly from this page.

  • Additionally, if users wish to stop browsing and delete a FileRecoveryVM CR after completing file recovery, they can do so from this page with a single action.

Dependency List

If users want to build their own VM image for FileRecovery, their image must include the following dependencies.

 # Install necessary packages
 yum install -y epel-release
 yum install -y python3 python3-pip python3-setuptools tzdata librbd1 lvm2 yum-utils qemu-img ntfs-3g

 # Upgrade pip and setuptools
 pip3 install -U pip setuptools

 # Install Python packages
 pip3 install --ignore-installed PyYAML
 pip3 install jsonformatter
 pip3 install 's3fuse==4.0.107' --extra-index-url "${S3_FUSE_PIP_INDEX_URL}"

 # Add Docker CE repository and install Docker
 yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
 yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Supported File Systems for File Recovery

Currently, the File-Level Recovery for VirtualMachine supports file-level recovery for backed-up VMs with filesystems from the following list.

  • EXT

  • XFS

  • FAT

  • NTFS

Known Limitations

Windows VM FileRecovery with BitLocker Encryption

Not Supported: FileRecovery for Windows VMs with BitLocker encryption enabled is not supported. BitLocker encryption prevents the FileRecovery VM from mounting the encrypted partition, making file-level recovery impossible.

Workaround: To enable file-level recovery for Windows VMs with BitLocker encryption:

  1. Disable BitLocker Encryption: Manually disable BitLocker encryption within the Windows VM before taking a backup.

  2. Take a Fresh Backup: After disabling BitLocker, create a new backup of the VM.

  3. Perform File Recovery: The file-level recovery process will now work as expected, and the mounted disk will be accessible without errors.

PreviousFile-Level Recovery for Virtual MachinesNextDownload Files from the Recovery VM

Last updated

Was this helpful?