Minimizing size of Time Machine backups of encrypted VM disk

I'm using Parallels Desktop 13 on Sierra.

I encrypted an Ubuntu guest OS disk using Parallels' encryption feature so I can avoid having the guest perform encryption itself, and I use Time Machine on my host to make backups of the guest. Every time a backup is made, if I've made changes inside the guest since the last backup then Time Machine backs up the entire 7 GB disk image again. What are my options for minimizing the size of each backup, while still being able to have the guest disk encrypted? I don't want to fill up my Time Machine drive unnecessarily.

 

Incremental backups and disk encryption are "mutually exclusive". Making disk well suited for incremental changes detection significantly decreases cryptographical strength. So I may suggest to eight use FileValue to encrypt the whole Mac disk or use some backup tool inside your Ubuntu guest.

 

Thanks for the answer. I suspected that performing backup + snapshots + encryption together at the same level wasn't going to be very optimal. This combination isn't discussed in the Parallels help documentation, although it's probably not a very common use case. However, the help documentation also doesn't discuss the simpler and more common use cases of snapshots + encryption and backup + encryption. Please suggest these topics to the documentation team.

I will try your suggestion and use a backup tool inside the guest. My strategy will be:

• Enable the option Security > Encrypt with password to let Parallels manage guest encryption
• Disable the option Backup > SmartGuard, and perform snapshots manually and only if it's truly needed
  
• Enable the option Backup > Do not back up with Time Machine, so that Parallels will exclude the guest's .pvm bundle from backups
• Inside the guest, automate the creation and encryption of backups and the storage of them on the host via shared folder
• On the host, allow Time Machine to back up the encrypted backups created by the guest's backup tools

Hopefully this can result in much smaller backup delta files because the guest's backup tools have full awareness of the contents of the guest.

My main concern with this approach is keeping the guest-created backups properly associated with the host-created snapshot they were created under. For instance, if I want to roll back to a previous snapshot of the guest I would also want to discard any backups created under the current snapshot. That can be addressed with careful labeling of both the backups and snapshots. Perhaps I can write a tool to coordinate them.