// Copyright (c) 2015-2023 MinIO, Inc.
//
// This file is part of MinIO Object Storage stack
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see .
package cmd
import (
"bytes"
"context"
"encoding/xml"
"io"
"os"
"strings"
"github.com/minio/madmin-go/v3"
"github.com/minio/minio/internal/logger"
)
// From Veeam-SOSAPI_1.0_Document_v1.02d.pdf
// - SOSAPI Protocol Version
// - Model Name of the vendor plus version for statistical analysis.
// - List of Smart Object Storage protocol capabilities supported by the server.
// Currently, there are three capabilities supported:
// - Capacity Reporting
// - Backup data locality for upload sessions (Veeam Smart Entity)
// - Handover of IAM & STS Endpoints instead of manual definition in Veeam Backup & Replication. This allows Veeam
// Agents to directly backup to object storage.
//
// An object storage system can implement one, multiple, or all functions.
//
// - Optional (mandatory if is true): Set Endpoints for IAM and STS processing.
//
// - Optional: Set server preferences for Backup & Replication parallel sessions, batch size of deletes, and block sizes (before
// compression). This is an optional area; by default, there should be no section in the
// system.xml. Vendors can work with Veeam Product Management and the Alliances team on getting approval to integrate
// specific system recommendations based on current support case statistics and storage performance possibilities.
// Vendors might change the settings based on the configuration and scale out of the solution (more storage nodes =>
// higher task limit).
//
//
//
// - Defines how many S3 operations are executed parallel within one Repository Task Slot (and within one backup object
// that gets offloaded). The same registry key setting overwrites the storage-defined setting.
// Optional value, default 64, range: 1-unlimited
//
// -
// Some of the Veeam products use Multi Delete operations. This setting can reduce how many objects are included in one
// multi-delete operation. The same registry key setting overwrites the storage-defined setting.
// Optional value, default 1000, range: 1-unlimited (S3 standard maximum is 1000 and should not be set higher)
//
// -
// Setting reduces the parallel Repository Task slots that offload or write data to object storage. The same user interface
// setting overwrites the storage-defined setting.
// Optional value, default 0, range: 0-unlimited (0 equals unlimited, which means the maximum configured repository task
// slots are used for object offloading or writing)
//
// -
// Veeam Block Size for backup and restore processing before compression is applied. The higher the block size, the more
// backup space is needed for incremental backups. Larger block sizes also mean less performance for random read restore
// methods like Instant Restore, File Level Recovery, and Database/Application restores. Veeam recommends that vendors
// optimize the storage system for the default value of 1MB minus compression object sizes. The setting simultaneously
// affects read from source, block, file, dedup, and object storage backup targets for a specific Veeam Job. When customers
// create a new backup job and select the object storage or a SOBR as a backup target with this setting, the job default
// setting will be set to this value. This setting will be only applied to newly created jobs (manual changes with Active Full
// processing possible from the customer side).
// Optional value, default 1024, allowed values 256,512,1024,4096,8192, value defined in KB size.
//
// - The object should be present in all buckets accessed by Veeam products that want to leverage the SOSAPI functionality.
//
// - The current protocol version is 1.0.
type apiEndpoints struct {
IAMEndpoint string `xml:"IAMEndpoint"`
STSEndpoint string `xml:"STSEndpoint"`
}
// globalVeeamForceSC is set by the environment variable _MINIO_VEEAM_FORCE_SC
// This will override the storage class returned by the storage backend if it is non-standard
// and we detect a Veeam client by checking the User Agent.
var globalVeeamForceSC = os.Getenv("_MINIO_VEEAM_FORCE_SC")
type systemInfo struct {
XMLName xml.Name `xml:"SystemInfo" json:"-"`
ProtocolVersion string `xml:"ProtocolVersion"`
ModelName string `xml:"ModelName"`
ProtocolCapabilities struct {
CapacityInfo bool `xml:"CapacityInfo"`
UploadSessions bool `xml:"UploadSessions"`
IAMSTS bool `xml:"IAMSTS"`
} `mxl:"ProtocolCapabilities"`
APIEndpoints *apiEndpoints `xml:"APIEndpoints,omitempty"`
SystemRecommendations struct {
S3ConcurrentTaskLimit int `xml:"S3ConcurrentTaskLimit,omitempty"`
S3MultiObjectDeleteLimit int `xml:"S3MultiObjectDeleteLimit,omitempty"`
StorageCurrentTaskLimit int `xml:"StorageCurrentTaskLimit,omitempty"`
KBBlockSize int `xml:"KbBlockSize"`
} `xml:"SystemRecommendations"`
}
// This optional functionality allows vendors to report space information to Veeam products, and Veeam will make placement
// decisions based on this information. For example, Veeam Backup & Replication has a Scale-out-Backup-Repository feature where
// multiple buckets can be used together. The placement logic for additional backup files is based on available space. Other values
// will augment the Veeam user interface and statistics, including free space warnings.
type capacityInfo struct {
XMLName xml.Name `xml:"CapacityInfo" json:"-"`
Capacity int64 `xml:"Capacity"`
Available int64 `xml:"Available"`
Used int64 `xml:"Used"`
}
const (
systemXMLObject = ".system-d26a9498-cb7c-4a87-a44a-8ae204f5ba6c/system.xml"
capacityXMLObject = ".system-d26a9498-cb7c-4a87-a44a-8ae204f5ba6c/capacity.xml"
veeamAgentSubstr = "APN/1.0 Veeam/1.0"
)
func isVeeamSOSAPIObject(object string) bool {
switch object {
case systemXMLObject, capacityXMLObject:
return true
default:
return false
}
}
// isVeeamClient - returns true if the request is from Veeam client.
func isVeeamClient(ctx context.Context) bool {
ri := logger.GetReqInfo(ctx)
return ri != nil && strings.Contains(ri.UserAgent, veeamAgentSubstr)
}
func veeamSOSAPIHeadObject(ctx context.Context, bucket, object string, opts ObjectOptions) (ObjectInfo, error) {
gr, err := veeamSOSAPIGetObject(ctx, bucket, object, nil, opts)
if gr != nil {
gr.Close()
return gr.ObjInfo, nil
}
return ObjectInfo{}, err
}
func veeamSOSAPIGetObject(ctx context.Context, bucket, object string, rs *HTTPRangeSpec, opts ObjectOptions) (gr *GetObjectReader, err error) {
var buf []byte
switch object {
case systemXMLObject:
si := systemInfo{
ProtocolVersion: `"1.0"`,
ModelName: "\"MinIO " + ReleaseTag + "\"",
}
si.ProtocolCapabilities.CapacityInfo = true
// Default recommended block size with MinIO
si.SystemRecommendations.KBBlockSize = 4096
buf = encodeResponse(&si)
case capacityXMLObject:
objAPI := newObjectLayerFn()
if objAPI == nil {
return nil, errServerNotInitialized
}
q, _ := globalBucketQuotaSys.Get(ctx, bucket)
binfo := globalBucketQuotaSys.GetBucketUsageInfo(ctx, bucket)
ci := capacityInfo{
Used: int64(binfo.Size),
}
var quotaSize int64
if q != nil && q.Type == madmin.HardQuota {
if q.Size > 0 {
quotaSize = int64(q.Size)
} else if q.Quota > 0 {
quotaSize = int64(q.Quota)
}
}
if quotaSize == 0 {
info := objAPI.StorageInfo(ctx, true)
info.Backend = objAPI.BackendInfo()
ci.Capacity = int64(GetTotalUsableCapacity(info.Disks, info))
} else {
ci.Capacity = quotaSize
}
ci.Available = ci.Capacity - ci.Used
buf = encodeResponse(&ci)
default:
return nil, errFileNotFound
}
etag := getMD5Hash(buf)
r := bytes.NewReader(buf)
off, length := int64(0), r.Size()
if rs != nil {
off, length, err = rs.GetOffsetLength(r.Size())
if err != nil {
return nil, err
}
}
r.Seek(off, io.SeekStart)
return NewGetObjectReaderFromReader(io.LimitReader(r, length), ObjectInfo{
Bucket: bucket,
Name: object,
Size: r.Size(),
IsLatest: true,
ContentType: string(mimeXML),
NumVersions: 1,
ETag: etag,
ModTime: UTCNow(),
}, opts)
}