Prepare for the backup

Before you back up data, you must perform some preparatory tasks, such as configuring the backup destination and the backup key.

Configure the backup destination

When you configure the backup destination, the sys tenant, which is a cluster management tenant and does not contain user data, is not supported for backup and restore. Therefore, the DATA_BACKUP_DEST parameter does not need to be configured for the sys tenant.

Considerations

Procedure

1. Log in to the database as the tenant administrator of the sys tenant or a user tenant.

   Note

   In MySQL mode, the administrator user is the root user. In Oracle mode, the administrator user is the SYS user.

2. Configure the destination for backup.

   At present, OceanBase Database supports Network File System (NFS), Alibaba Cloud OSS, and Tencent Cloud COS as the destination for backup.

   • Configure the destination for backup for a specified tenant in the sys tenant

     ALTER SYSTEM SET DATA_BACKUP_DEST= 'data_backup_path' TENANT = mysql_tenant;
     

   • Configure the destination for backup for the current tenant

     The sample statement is as follows:

     ALTER SYSTEM SET DATA_BACKUP_DEST= 'data_backup_path';
     

   Note

   After upgrading from OceanBase Database V4.0.x to V4.1.0, you need to change the backup path. After upgrading from OceanBase Database V4.1.x to V4.2.0, you do not need to change the backup path.

   For more information, see the following sections.

   Alibaba Cloud OSS

   NFS

   Tencent Cloud COS

   When you use OSS as the destination for backup, you can also use the delete_mode parameter to configure the cleanup mode of backup files. The delete_mode parameter supports the delete mode and the tagging mode. If you do not specify the delete_mode parameter, the delete mode will be used by default. For more information about the delete_mode parameter, see View parameters for data backup.

   Notice

   When you use an object storage service as the backup medium, separate the parameters of the object storage service path with the & character. Make sure that the parameters contain only uppercase and lowercase English letters, numbers, /-_$+=, and wildcard characters. If the parameters contain other characters, the setting may fail.

   If you use OSS as the archive medium, the system tenant can set the destination for backup for the specified tenant mysql_tenant and configure the cleanup mode of backup files as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete' TENANT = mysql_tenant;
   

   A user tenant can set the destination for backup for the current tenant and configure the cleanup mode of backup files as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete';
   

   In the example above, oss:// indicates that OSS is used as the backup medium. The storage bucket name is oceanbase-test-bucket, and the path within the bucket is /backup. The parameters of the path are separated with ?. The host parameter is used to set the host address of the storage bucket, and the access_id and access_key parameters are used to set the access keys of OSS. The delete_mode parameter is set to delete.

   After you set the delete mode or the tagging mode, for more information about how to automatically clear expired backup data, see Automatic cleanup of backed-up data.

   Notice

   When you use NFS as the destination for backup, note the following points:

   • The value of the data_backup_dest parameter must not contain a question mark (?).
   • The value of the data_backup_dest parameter must be an absolute path, and the OBServer node must have write permissions for the path.
   • Make sure that all OBServer nodes have mounted the same NFS server. Additionally, to ensure a smooth backup, use the recommended parameters to mount NFS. For more information, see Deploy an NFS client.

   If you use NFS as the backup medium, the system tenant can set the destination for backup for the specified tenant mysql_tenant as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST= 'file:///data/nfs/backup/data' TENANT = mysql_tenant;
   

   If you use NFS as the backup medium, a user tenant can set the destination for backup for the current tenant as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='file:///data/nfs/backup/data';
   

   In the example above, file:// indicates that NFS is used as the backup medium. The backup path is file:///data/nfs/backup/data.

   Notice

   When you use COS as the backup medium, note the following points:

   • Disable the List Cache feature of the bucket. Otherwise, errors may occur that compromise the consistency of backup data. To disable the List Cache feature, contact the COS technical support team.
   • A bucket with the Multi-AZ feature enabled does not support the APPEND Object interface. You need to disable the Multi-AZ feature. Otherwise, an error will occur during backup.
   • The access_key parameter must not contain commas or other special characters.

   COS supports the delete_mode parameter to configure the cleanup mode of backup files. The configuration method is the same as that for OSS.

   Notice

   When you use an object storage service as the backup medium, separate the parameters of the object storage service path with the & character. Make sure that the parameters contain only uppercase and lowercase English letters, numbers, /-_$+=, and wildcard characters. If the parameters contain other characters, the setting may fail.

   If you use COS as the backup medium, the system tenant can set the destination for backup for the specified tenant mysql_tenant as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='cos://oceanbase-test-appid/backup?host=cos.ap-xxxx.myqcloud.com&access_id=xxx&access_key=xxx&appid=xxx' TENANT = mysql_tenant;
   

   A user tenant can set the destination for backup for the current tenant as follows:

   obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='cos://oceanbase-test-appid/backup?host=cos.ap-xxxx.myqcloud.com&access_id=xxx&access_key=xxx&appid=xxx';
   

   In the example above, cos:// indicates that COS is used as the backup medium. The storage bucket name is oceanbase-test-appid, and the path within the bucket is /backup. The parameters of the path are separated with ?. The host parameter is used to set the host address of the storage bucket, that is, the endpoint (without the storage bucket name). The access_id and access_key parameters are used to set the access keys of COS. The appid parameter, which is the APPID of the Tencent cloud account, is an optional parameter.

3. After the configuration is completed, the sys tenant can query the CDB_OB_BACKUP_PARAMETER view to check the backup path and other information of each tenant in the cluster. For more information, see View parameters for data backup.

Considerations and notes

After the data_backup_dest parameter is configured, the default system creates a format file in the destination directory specified in the configuration to verify the validity of the destination and ensure the integrity of the data. Therefore, when you configure the destination for data backup data_backup_dest, keep the following considerations in mind:

• If the format file does not exist, the configured destination must be an empty directory. Otherwise, an error -9080 will occur, indicating that the format file does not exist.

• If the format file already exists, its content must pass the verification. Otherwise, an error -9081 will occur, indicating that the format file is mismatched. The verification mainly checks whether the cluster, tenant, and destination type specified in the format file are the same as those of the current operation.

• If the format file does not exist or its content verification fails during a backup task, the task will fail.

Back up your keys

Before you perform a data backup, you must also consider the encryption status of the source tenant. If transparent encryption is configured for the source tenant, you must back up the encryption keys of the source tenant.

1. Log in to the database as the tenant administrator of the sys tenant or a user tenant.

2. Back up the keys.

   • The system tenant backs up the keys of a specified tenant.

     ALTER SYSTEM BACKUP KEY TENANT = tenant_name TO 'backup_key_path' ENCRYPTED BY 'password';
     

   • Back up the tenant's encryption key

     The statement is as follows:

     ALTER SYSTEM BACKUP KEY TO 'backup_key_path' ENCRYPTED BY 'password';
     

   In the statement:

   • backup_key_path: the path where the secret key is to be backed up. You can specify this parameter. It must not be the same as the path for data backup or log archive.

   • password: the password for encrypting the path of the key backup file.

   The system tenant backs up the keys of the mysql_tenant tenant to the file:///data_backup_dest/key path as follows:

   obclient [(none)]> ALTER SYSTEM BACKUP KEY TENANT = mysql_tenant TO 'file:///data_backup_dest/key' ENCRYPTED BY '******';
   

3. After the configuration is successful, you can view the path where the key backup file is stored through the view.

   • The sys tenant can query the CDB_OB_BACKUP_STORAGE_INFO view for the path where keys are backed up.

     SELECT * FROM oceanbase.CDB_OB_BACKUP_STORAGE_INFO;
     

   • Users can query the DBA_OB_BACKUP_STORAGE_INFO view for the path where the keys are backed up.

     MySQL mode

     Oracle mode

     The statement is as follows:

     SELECT * FROM oceanbase.DBA_OB_BACKUP_STORAGE_INFO;
     

     The statement is as follows:

     SELECT * FROM SYS.DBA_OB_BACKUP_STORAGE_INFO;
     

     For more information about the columns in the CDB_OB_BACKUP_STORAGE_INFO and DBA_OB_BACKUP_STORAGE_INFO views, see CDB_OB_BACKUP_STORAGE_INFO and DBA_OB_BACKUP_STORAGE_INFO, respectively.