Migrate Proxmox Backup Server
I was recently confronted with the issue that I needed to move a running Proxmox Backup server to a new host. Along the migration I also needed to update the hostname to match the new concept. However, it does not really matter if you keep the hostname or not as fortunately PBS does not really care about it’s name.
Step 1: Research
As a senior admin I know you can usually find out anything you don’t know yet using google (ar any other search enginge out there). This time however I had a hard time. Looks like virtually nobody tried to migrate a PBS yet – or maybe the fact tht it is so easy leads to noboy writing the process down.
Okay, let’s do it on our own!
The Facts
Currently PBS is running an an “old” Proxmox VE host – and I mean on the physical host. We are migrating this PBS installation to a dedicated host, a VM on Hetzner’s cloud this time. As the PBS is only occasionally taking load and the backup performance does not really matter for our project, I chose a CX21 VM with 2 vCores and 2GB of RAM. The 40 GB HDD space are enoght for the OS and PBS’s own files. Additionally a Hetzner Storage Box is available to be used as the actual datastore.
In this case the chunks (the actual backed up files) have already been stored to the Storage Box. This means in this blog post I will not migrate the actual data but if you need to, it is as simple as rsyncing the data (rsync -azh source target) from one place to the other, just take care that the mount path is the same on the new server and stop the services on both servers before migrating!
Step 2: Preparation
The Cloud VM
First of all, I booked a CX21 cloud VM from Hetzner located in the same datacenter as the storage box resides. This is very important! Using a VM in FSN1 and storage box in HEL1 has very bad performance. I mean performance like when you’re driving right behind a farm tractor on a highway.
I chose Debian 11 (and you should do so, too). Right after the setup completed, I logged in using SSH and edited /etc/hostname to include or FQDN hostname – don’t forget to add a DNS entry!
As mentioned, our chunk data is stored on a Hetzner Storage box. I copied the respective line from fstab from the old server to the new one and created the mount path using mkdir /mnt/hetzner-sb1 in my case. For reference, this is what it looks like now (username/password redacted):
//u1234567-sub1.your-storagebox.de/u1234567-sub1 /mnt/hetzner-sb1 cifs username=u1234567-sub1,password=GeneratedPaSsWoRdFromRobot,uid=34,noforceuid,gid=34,noforcegid 0 0Then I mounted the box using mount /mnt/hetzner-sb1 and verieifed by running an ls /mnt/hetzner-sb1
Install Proxmox Backup Server software
We need to do a clean install as docuemnted here. The commands are simple and reliable:
Trust the repository key: wget https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg
Add the repo to apt sources: echo "deb http://download.proxmox.com/debian/pbs bullseye pbs-no-subscription">/etc/apt/sources.list.d/pbs.list
Download package lists: apt update
Install the software: apt-get install proxmox-backup
You could also install proxmox-backu-server instead of proxmox-backup. The proxmox-backup package contains all recommended extra packages, the other onwe is a minimal setup.
Disable 2FA temporarily
If you can, you should remove 2FA configuration from the root user before migrating or create a new administrative user without 2FA if WebAuthN is used. Else you might not be able to log in anymore.
If you are changing the hostname along the migration like I do you are required to deconfigure WebAuthN and reconfigure it after migration as the hostname is the "key" for WebnAuthN accounts on the token.
Stopping services on old and new server
It is important that no backups or other jobs are running while you are migrating. Run these commands on both servers:
service proxmox-backup stop
service proxmox-backup-proxy stop
Make sure that no job or task is running before stopping the services.
Step 3: Migrate config and metadata
Proxmox backup server stores its configuration in /etc/proxmox-backup and metadata (rrd stats etc) in /var/lib/proxmox-backup – We need to sync both folders to the new host (assuming the new host has IP 10.10.20.20) using rsync on the old host:
rsync -avzh /etc/proxmox-backup/* root@10.10.20.20:/etc/proxmox-backup/
rsync -avzh /var/lib/proxmox-backup/* root@10.10.20.20:/var/lib/proxmox-backup/
Step 4: Reboot the new server
To make sure all configs are applied and all services are running smoothly, we will now reboot the new server and verify our installation and migration.
After the reboot, visit https://10.10.20.20:8007 (use the IP-Address for now)
You whould see your datastore on the dashboard now – including historical usage data graph. If so, select the datastore on the left hand menu and select the content ribbon. You should see all backups there. This might look a bit like that:
Great! The worst part is over. If you preserved the hostname, you’re done and can proceed to step 7.
Step 5: Configure SSL
This step does not apply if you keep the hostname while migrating.
Now you will need to setup Let’s encrypt again (or use your preferred method). You can do this at Configuration -> Certificates. Simply click the add button and enter yor FQDN there:
You may also want to remove the migrated old certificate. Then click the “Order certificates now” button. If everything runs smoothly, you should now have a valid SSL-certificate:
Verify this by pointing your browser to https://your-hostname.your-domain.tld:8007/
If the certificate is no used immediately, restart the proxmox-backup-proxy service
Step 6: Configuring the clients
This step does not apply if you keep the hostname while migrating.
Now you have to direct your clients to use the new server. For manual backups using proxmox-backup-client you need to edit the cronjobs or backups scripts. For Proxmox VE you can simply edit /etc/pve/storage.cfg (for example using nano) and change the “server” directive of the storage block:
Proxmox VE will reload the changed file automatically after a few seconds.
Step 7: Testing
You should try to backup a client to see that everything works. In my case I ran a manual backup from my Proxmox VE server:
While the backup is running, you will also see that in the "Tasks" bade on the top right corner of your PBS server.
Done!
You should monitor your upcoming backups and verfiy them using PBS’ builtin verifications to make sure all chunks are accessible, especially if you also migrated the chunk storage.
Also don’t forget to re-enable 2FA if you disable dit before….
…and if you changed the hostname, you have to reconfigure WebAuthN under Configuration -> Other (and the other is located at the top if you click on Configuration – The did a good job in hiding that!)
I hope you were able to follow my steps to successfully migrate your PBS installation in a rush.
Tell me, did you encounter any issues?