[pbs-devel] [RFC v2 proxmox-backup 27/42] verify: implement chunk verification for stores with s3 backend

Christian Ebner c.ebner at proxmox.com
Thu May 29 16:31:52 CEST 2025


For datastores backed by an S3 compatible object store, rather than
reading the chunks to be verified from the local filesystem, fetch
them via the s3 client from the configured bucket.

Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---
 src/backup/verify.rs | 59 +++++++++++++++++++++++++++++++++++---------
 1 file changed, 47 insertions(+), 12 deletions(-)

diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index a01ddcca3..2c28c6af5 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -5,6 +5,7 @@ use std::sync::{Arc, Mutex};
 use std::time::Instant;
 
 use anyhow::{bail, Error};
+use hyper::body::HttpBody;
 use tracing::{error, info, warn};
 
 use proxmox_worker_task::WorkerTaskContext;
@@ -189,18 +190,52 @@ impl VerifyWorker {
                 continue; // already verified or marked corrupt
             }
 
-            match self.datastore.load_chunk(&info.digest) {
-                Err(err) => {
-                    self.corrupt_chunks.lock().unwrap().insert(info.digest);
-                    error!("can't verify chunk, load failed - {err}");
-                    errors.fetch_add(1, Ordering::SeqCst);
-                    Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
-                }
-                Ok(chunk) => {
-                    let size = info.size();
-                    read_bytes += chunk.raw_size();
-                    decoder_pool.send((chunk, info.digest, size))?;
-                    decoded_bytes += size;
+            match &self.backend {
+                DatastoreBackend::Filesystem => match self.datastore.load_chunk(&info.digest) {
+                    Err(err) => {
+                        self.corrupt_chunks.lock().unwrap().insert(info.digest);
+                        error!("can't verify chunk, load failed - {err}");
+                        errors.fetch_add(1, Ordering::SeqCst);
+                        Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
+                    }
+                    Ok(chunk) => {
+                        let size = info.size();
+                        read_bytes += chunk.raw_size();
+                        decoder_pool.send((chunk, info.digest, size))?;
+                        decoded_bytes += size;
+                    }
+                },
+                DatastoreBackend::S3(s3_client) => {
+                    //TODO: How to avoid all these requests? Does the AWS api offer other means
+                    // to verify the contents/integrity of objects?
+                    match proxmox_async::runtime::block_on(s3_client.get_object(info.digest.into()))
+                    {
+                        Ok(Some(response)) => {
+                            let bytes =
+                                proxmox_async::runtime::block_on(response.content.collect())?
+                                    .to_bytes();
+                            let chunk = DataBlob::from_raw(bytes.to_vec())?;
+                            let size = info.size();
+                            read_bytes += chunk.raw_size();
+                            decoder_pool.send((chunk, info.digest, size))?;
+                            decoded_bytes += size;
+                        }
+                        Ok(None) => {
+                            self.corrupt_chunks.lock().unwrap().insert(info.digest);
+                            error!(
+                                "can't verify missing chunk with digest {}",
+                                hex::encode(info.digest)
+                            );
+                            errors.fetch_add(1, Ordering::SeqCst);
+                        }
+                        Err(err) => {
+                            self.corrupt_chunks.lock().unwrap().insert(info.digest);
+                            error!("can't verify chunk, load failed - {err}");
+                            errors.fetch_add(1, Ordering::SeqCst);
+                            //TODO: How to handle corrupt chunks for S3 store?
+                            //Self::rename_corrupted_chunk(self.datastore.clone(), &info.digest);
+                        }
+                    }
                 }
             }
         }
-- 
2.39.5





More information about the pbs-devel mailing list