CrashPlan on FreeNAS using Iohyve

The better way to run CrashPlan on your FreeNAS…

With the 9.10 version of FreeNAS, comes a better way to virtualize functionality on your FreeNAS server. It also allows us to move away from the headaches we have seen with the Jails, particularly with the CrashPlan. The CrashPlan jail has required too many hours of tinkering with every upgrade, and after seeing everything break with the release of CrashPlan version 4.8, I decided there must be a better way to back up my data on my NAS.

The solution resides with Iohyve – a built in hypervisor that allows you to run virtual machines.

The first step is to ssh into your FreeNAS installation and identify the zpool you wish to install your virtual machine on – I have added a separate pool running on an SSD disk within my environment, and named the SSD storage zpool “SSD”.

zpool list

iohyve_set_con

 

Identify the correct zpool name in your environment.

Next, run the setup of iohyve on your identified zpool:

iohyve setup pool=SSD

setup

 

You also need to identify the correct interface, to bridge your VM to:

ifconfig

Once identified, set the interface to bridge your VM to, and set the correct kernel module to load:

iohyve setup net=alc0 kmod=1

 

Now create the ubuntu host (named ubuntu_crashplan), allocating 20GB of disk space:

iohyve create ubuntu_crashplan 20G SSD

create

 

Next we need to set the correct parameters for Ubuntu, first allowing to boot with grub, set the OS as debian based, configure the RAM, CPU count, and the con parameter (adjust RAM and CPU as needed):

iohyve set ubuntu_crashplan loader=grub-bhyve os=debian ram=1024M cpu=1 con=nmdm1

set_parameters

 

Now we need to fetch the ISO to install (or copy the link to your preferred version of ubuntu):

iohyve fetchiso http://releases.ubuntu.com/16.04/ubuntu-16.04.1-server-amd64.iso

Then install the ISO image

iohyve install ubuntu_crashplan ubuntu-16.04.1-server-amd64.iso

install_ubuntu

Give the installer a minute to start, then open up a second SSH session to your FreeNAS, and run the console command to connect to the new virtual machine:

iohyve console ubuntu_crashplan

ubuntu-setup

Step through the installer as normal, but once you arrive to the software selection screen of the installer, you may choose “OpenSSH server” to allow direct access to the virtual machine.

Once the installer completes, reboot the new virtual machine.

 Verify the status:

iohyve list

Start the virtual machine:

iohyve start ubuntu_crashplan

Set a static IP if you prefer, or set a DHCP reservation within your firewall. Then either SSH into your new ubuntu server or use the “iohyve console ubuntu_crashplan” command to gain access.

We have several considerations, before implementing CrashPlain:

  1. What paths do we want to mount?
  2. What file system do we use to mount these paths?

In my environment, I will be making the following mounts, with the mkdir command:

/mnt/Movies

/mnt/TV

/mnt/Photos

/mnt/Restore

We will then need to mount the appropriate folder to be backed up on the FreeNAS to the created mount points.

Example mounts of shares using CIFS

In my example, I am going to use CIFS and a separate service account to mount to the share:

sudo apt-get update

sudo apt-get install cifs-utils

Create a samba user:

sudo nano /etc/samba/user

Create (2) lines in the credentials file (I created an account with read-only permissions within FreeNAS for the SMB share)

username=samba

password=password

Use “control+o” to write the file, and “control+x” to exit from Nano.

Set the new user file to read only:

sudo chmod 0400 /etc/samba/user

Backup your fstab file:

sudo cp /etc/fstab /etc/fstab.bak

Edit your fstab file:

sudo nano /etc/fstab

We will need to add the various mount points on your FreeNAS with their associated path on your CrashPlan server. Please note that if you have a share name with a space, you must substitute the space with “\040” in your fstab file. For example:

//192.168.1.10/FreeNAS/Music\040Videos/ /mnt/Music_Videos/ cifs crednetials=/etc/samba/user,noexec 0 0

fstab_example

Suggestion: You will want to map out a restore folder to your NAS. That will direct downloaded files to your NAS instead of the 20GB virtual machine disk. For example, I created a /mnt/Restore directory on the CrashPlan VM that maps to a Downloads folder on my NAS.

Enter your mount points and mappings, and reboot your server to test. Once everything is mapped out correctly, you can install CrashPlan:

cd /tmp/

wget https://download.code42.com/installs/linux/install/CrashPlan/CrashPlan_4.8.0_Linux.tgz

tar -xzf CrashPlan_4.8.0_Linux.tgz

cd /crashplan-install/

sudo ./install.sh

Now we should be prompted with the CrashPlan installer. Use the defaults, except for the incoming backup data. I created a /mnt/Restore mapping in my example:

crashplan_installer

Once completed, some useful information:

crashplan_completed

Headless Setup:

Allow the server to listen to external connections:

sudo nano /usr/local/crashplan/conf/my.service.xml

Identify and change from:

<serviceHost>localhost</serviceHost>

To:

<serviceHost>0.0.0.0</serviceHost>

Copy the key from your Headless CrashPlan .ui_info file, and double checking the listening port:

cat /var/lib/crashplan/.ui_info

Into your local .ui_info on your computer.

This varies by operating system, so please refer to CrashPlan’s site for the file locations at:

https://support.code42.com/CrashPlan/4/Configuring/Using_CrashPlan_On_A_Headless_Computer

Once done, your client will have a .ui_info file that shows the correct port, the correct key, and the IP of the new virtual server. The virtual (and headless) server’s .ui_info will show the IP as 0.0.0.0 after we configure the my.services.xml file.

Complimentary .ui_info files – client on the left, server on the right:

ui_info_compared

Once these are in agreement, restart the crashplan service on the virtual server:

sudo service crashplan restart

Launch the local application from your machine with the correct .ui_info, and you should attach!

crashplan_intro

 

With this replacing a previous CrashPlan Jail, I simply adopted this computer after the login to replace my previous setup. All mount points were named to replicate the setup in the replaced FreeNAS jail.

Once you have connectivity between your client and your host, you can lock each .ui_info file with the immutable bit. For the Ubuntu Crashplan server, use:

sudo chattr +i  /var/lib/crashplan/.ui_info

For OS X, use:

sudo chflags nouchg /Library/Application\ Support/CrashPlan/.ui_info

This will lock both files, and prevent edits. To unlock the files, change the chattr attribute to “-i” (instead of +i) and the chflags attribute from “nouchg” to “uchg”.

 

Installing the CrashPlan Jail on FreeNAS

Please note – I am recommending that users move away from using a jail to run CrashPlan on your FreeNAS server. Using Iohyve, which is available on FreeNAS version 9.10, allows you to host an Ubuntu server running CrashPlan. Please see my post at:

CrashPlan on FreeNAS using Iohyve

 

 

Utilizing the Crashplan Jail on your FreeNAS breaks down to the implementation of the following steps:

  1. Installing the Crashplan Jail
  2. Configuring the Crashplan Jail
  3. Linking storage paths to the Crashplan Jail
  4. Installing the Crashplan application on your desktop/laptop and linking the GUI interface to your Crashplan Jail

Step 1: Installing the Crashplan Jail

Begin by installing the crashplan plugin via the web interface for FreeNAS.

Plugins -> Available -> crashplan then choose install

Install_Jail

The plugin will download and install.

Installing_Jail

Expand your plugins in your left pane from the FreeNAS web interface, and choose CrashPlan.

Initial_Jail_Launch

You will then be prompted by the CrashPlan and Oracle Java EULA – scroll down to accept.

crashplan_EULA

The following window may be closed; it will supply you with a link to the “unsupported” headless install of CrashPlan.

Crashplan_link

Step 2: Configuring the Crashplan Jail

We need to set the correct IP information on the newly installed jail. Each jail will have a separate virtual IP that will allow you to interface the jail remotely. Browse to your “jails” tab, select the crashplan jail, then choose the wrench that populates to edit your settings.

edit_jail

I recommended placing your jails in a separate IP block to avoid conflicts (outside of your networks normal DHCP range), and statically setting an IP so you know exactly how to connect to your jail. I have also chosen the advanced options to set the gateway on my subnet.

jail_IP

After saving your IP configuration and verifying the IP on the jail tab,

We need to add storage to the CrashPlan jail with the following path:

Jails -> Storage -> Add Storage

The formula will be as follows:

  1. Choose the Jail we are adding storage to (crashplan_1 in my example)
  2. Browse to the source dataset that we want to mount (/mnt/zfs/Time-Machine in my example)
  3. Browse to the destination mounting point from your jail’s perspective (/mnt/Time-Machine in my example)
  4. Make the directory Read-Only from the CrashPlan Jail
  5. Create the directory (Time-Machine in the example)
  6. Mount the directory within the Jail (should mount when created, but is an editable option after creating)

Mount_Jail_Storage

You will need to repeat this process for all of your data sets that you wish to backup.

We then launch the terminal interface for the jail through the FreeNAS web interface. Select your jail, then choose the small command window icon to launch the shell.

jail_shell_1

Enable SSH within the shell:

ee /etc/rc.conf

Modify the following from:

sshd_enable="NO"

to:

sshd_enable="YES"

verify_rc.conf (verified utilizing “cat”)

Now starts the SSH server:

service sshd start

Within the terminal, we need to extract some information. I will use Easy Editor (ee) to extract the information from the correct path with the following command:

 ee /usr/pbi/crashplan-amd64/share/crashplan/conf/my.service
.xml

jail_shel_2

Within the editor, scroll down to <serviceUIConfig> and change the localhost IP of 127.0.0.1 to 0.0.0.0:

jail_shell_3

jail_shell_4

Note at the next line that the Jail will be listening to port 4243. This port number will be required later.

Press “Escape” on your keyboard to enter the menu, then “c” for file operations, then “c” to save the file.

Next we need to add a crashplan user. Still within the terminal:

root@crashplan_1:/ # adduser                                                    
Username: crashplan                                                             
Full name: CrashPlan                                                            
Uid (Leave empty for default):                                                  
Login group [crashplan]:                                                        
Login group is crashplan. Invite crashplan into other groups? []: wheel         
Login class [default]:                                                          
Shell (sh csh tcsh nologin) [sh]: tcsh                                          
Home directory [/home/crashplan]:                                               
Home directory permissions (Leave empty for default):                           
Use password-based authentication? [yes]: yes                                   
Use an empty password? (yes/no) [no]: no                                        
Use a random password? (yes/no) [no]: no                                        
Enter password: 

Enter your password twice and record it for later. Answer no to lockout the account, then save the account.

Add_User

We will also need to allow the jail to resolve DNS requests, by editing the following path:

ee /etc/resolv.conf

Simply add the following line to the config:

nameserver 8.8.8.8             (or whatever IP you prefer to resolve DNS against)

Now we will install bash:

pkg update
pkg install bash

install_bash

ln -s /usr/local/bin/bash /bin/bash

We will now activate the plugin with the following path:

Plugins -> Installed -> crashplan (switch on)… PLEASE NOTE My setup required me to restart the Crashplan service under the jail tab.

activate_jail

Next we will verify that the Crashplan service and Java are running within the CrashPlan jail, and configure the Crashplan plugin to accept connections from other hosts.

Since the SSH server is running in the jail, we can simply ssh into the IP we assigned to the jail with the crashplan user and password.

  • SSH to your FreeNAS server as root
  • Run “jls” to list your jails. Note the JID (number) of the crashplan jail
  • Run “jexec (JID of the crashplan jail) csh”. For example, if the JID is 3, run “jexec 3 csh”
  • Run “echo crashplan_enable=\”YES\” >> /etc/rc.conf”
  • Run “service crashplan start” and see if it starts without errors
  • Run “sockstat -l” and see that you have a lot of java processes listening on port 4243.
  • Run “service crashplan stop”
  • Run “ee /usr/pbi/crashplan-amd64/share/crashplan/conf/my.service.xml”
  • Scroll down to find the line that says “<serviceHost>127.0.0.1</serviceHost>”. Change 127.0.0.1 to 0.0.0.0
  • Hit Esc to bring up the menu, a to leave the editor, and save the file.
  • service crashplan start
  • sockstat -l — the java processes should now be listening on *:4243

Step 3: Linking storage paths to the Crashplan Jail

We need to add storage to the CrashPlan jail with the following path:

Jails -> Storage -> Add Storage

The formula will be as follows:

  1. Choose the Jail we are adding storage to (crashplan_1 in my example)
  2. Browse to the source dataset that we want to mount (/mnt/zfs/Time-Machine in my example)
  3. Browse to the destination mounting point from your jail’s perspective (/mnt/Time-Machine in my example)
  4. Make the directory Read-Only from the CrashPlan Jail
  5. Create the directory (Time-Machine in the example)
  6. Mount the directory within the Jail (should mount when created, but is an editable option after creating)

Mount_Jail_Storage

Repeat this process for all of your data sets that you wish to backup.

Step 4: Installing the Crashplan application on your desktop/laptop and linking the GUI interface to your Crashplan Jail

Download and install the CrashPlan app on your local machine from the Crasplan website:

http://www.code42.com/crashplan/download/

Once you install it, you need to edit your local ui.properties file, to reflect the the correct port that the Crashplan jail is listening on, the authentication key of the Crashplan jail, and the IP address of the Crashplan jail. Via SSH to your Crashplan Jail, retrieve the first two settings with the following command:

cat /var/lib/crashplan/.ui_info

This reveals that the Jail is listening to port 4243, has a specified key, and is listening for connections from 0.0.0.0 (anywhere). The actual IP address of the Crashplan jail was set in step 2 above (172.16.13.84 in my example).

The following link reflects the current locations on different operating systems of the ui.properties file location on your local GUI Crashplan application:

https://support.code42.com/CrashPlan/4/Configuring/Using_CrashPlan_On_A_Headless_Computer#Locations_Of_.ui_info

Edit your local .ui_info file, and replace the port, key, and IP address with the information of your Crashplan jail on your FreeNAS.

Launch the locally installed Crashplan Application – the app should connect to your Jail and update the Crashplan engine. After several restarts, you  will be introduced to the GUI interface where you can make changes to the upload bandwidth, CPU usage, etc on your Jail.