SET DATA_BACKUP_DEST

Purpose

The ALTER SYSTEM SET DATA_BACKUP_DEST statement specifies the backup destination for a user tenant, which indicates the path for data backup.

Limitations and considerations

• The system tenant and meta tenant do not support backup and restore, so you do not need to configure a backup destination for them.

• At present, OceanBase Database supports the following backup media: Network File System (NFS), Alibaba Cloud Object Storage Service (OSS), Azure Blob Storage (For OceanBase Database V4.3.5, supported starting from V4.3.5 BP3), Amazon Simple Storage Service (S3), and object storage services that are compatible with the S3 protocol, such as Huawei Object Storage Service (OBS), Google Cloud Storage (GCS), and Tencent Cloud Object Storage (COS). To use some backup media, you may need to meet certain basic requirements. For more information about the requirements for each backup media, see the Backup media requirements section in Overview of physical backup and restore.

Privileges required

The operation must be performed by the root user of the sys tenant (root@sys) or the administrator of each tenant. Where:

• In MySQL mode, the default administrator is the root user.
• In Oracle mode, the default administrator is the SYS user.

Syntax

ALTER SYSTEM SET DATA_BACKUP_DEST = 'data_backup_path' [TENANT = tenant_name];

Parameters

data_backup_path

Specifies the path for data backup. The following descriptions explain the format of the data_backup_path for different media types.

NFS

ALTER SYSTEM SET DATA_BACKUP_DEST = 'file://your-nfs-server/your-backup-path';

Here, file://your-nfs-server/your-backup-path specifies the path of the NFS server from which OceanBase Database can obtain data backups.

Object storage

# Alibaba Cloud OSS
ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://your-bucket-name/your-archive-path?host=oss-your-region.aliyuncs.com&access_id=your-access-id&access_key=your-access-key[&delete_mode={delete | tagging}][&checksum_type={md5 | no_checksum}][&enable_worm={true | false}]';

# AWS S3
ALTER SYSTEM SET DATA_BACKUP_DEST = 's3://your-bucket-name/your-archive-path?host=s3.your-region.amazonaws.com&access_id=your-access-id&access_key=your-access-key&s3_region=your-s3-region[&delete_mode={delete | tagging}][&checksum_type={md5 | crc32}]';

# Object storage compatible with the S3 protocol
ALTER SYSTEM SET DATA_BACKUP_DEST = 's3://your-bucket-name/your-archive-path?host=your-service.com&access_id=your-access-id&access_key=your-access-key[&addressing_model={virtual_hosted_style | path_style}][&checksum_type=md5]';

# Azure Blob Storage
ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://your-bucket-name/your-archive-path?host=oss-your-region.aliyuncs.com&access_id=your-access-id&access_key=your-access-key[&delete_mode={delete | tagging}][&checksum_type={md5 | no_checksum}][&enable_worm={true | false}]';

The related parameter are described as follows:

• host: the access domain name of the object storage service.

  For Azure Blob Storage storage, the value of the host parameter can be obtained by concatenating the container attribute or the connection string of the storage account, and must start with http:// or https://. By default, Azure Blob Storage storage enables secure transmission, and is accessed through https://. If you want to access it through http://, you need to disable the secure transmission option for Azure Blob Storage storage. For more information, see Azure Blob Storage documentation.

• access_id=your-access-id: the access key ID of the object storage.

• access_key=your-access-key: the access key of the object storage.

• delete_mode: the backup cleanup mode configured at the end of the backup path. It is an optional parameter for Alibaba Cloud OSS, AWS S3, Tencent Cloud COS (when accessed through the S3 protocol), and Azure Blob Storage. The parameter is connected to other parameters by the & character. The parameter supports the following values:

  • delete: the backup file is directly deleted when it meets the conditions for deletion.

    If you set this mode, the system will directly delete the backup file that meets the conditions for deletion when you perform automatic backup file cleanup.

  • tagging: tags are added to the backup file that meets the conditions for deletion. The backup file will still be retained.

    If you set this mode, the system will add tags to the backup file that meets the conditions for deletion when you perform automatic backup file cleanup. The key of the tag is "delete_mode" and the value is "tagging". This way, you can manage the lifecycle of these files in object storage based on the tags.

• checksum_type: the check algorithm used to check the integrity of backup data. If you do not specify this parameter, MD5 check is performed by default for all object storage types. The following table describes the values supported by this parameter for different object storage types.

  • md5: MD5 check is performed to check the integrity of backup data.

    Notice

    MD5 check does not apply to the GetObject interface.

  • no_checksum: no check is performed to check the integrity of backup data. This value is supported only for Alibaba Cloud OSS and Azure Blob Storage. For object storage services that use the S3 protocol, including Amazon S3, OBS, GCS, and Tencent Cloud COS, this value is not supported because of the limitations of the S3 SDK.

  • crc32: CRC32 check is performed to check the integrity of backup data. This value is supported only for Amazon S3.

• enable_worm: specifies whether to enable compliance retention for the destination bucket of backup data. The parameter is required only when the destination bucket is an Alibaba Cloud OSS bucket.

  The retention policy of Alibaba Cloud OSS has the Write Once Read Many (WORM) feature, which allows you to save and use data in an irreversible and unalterable way. When you enable and lock a retention policy for a bucket, you can only upload and read objects in the bucket until the retention period specified in the policy expires for the objects. Once the retention period expires, you can modify or delete the objects.

  Notice

  • In V4.3.5, the enable_worm parameter is supported starting from V4.3.5 BP2.
  • At present, OceanBase Database does not replace the compliance retention policy that you set. Make sure that a compliance retention policy is correctly set and locked for the destination bucket before you set the backup path.
  • If the path you want to set corresponds to a bucket that has a locked compliance retention policy, and you do not specify enable_worm=true when you set the backup destination, the system returns an error after the statement is executed, indicating that you must set enable_worm=true.
  • The enable_worm parameter, once specified, cannot be modified.
  • After you set the backup path, if you enable a WORM policy for the bucket corresponding to the path, the backup task may fail and return error code -9140 (which can be queried in the CDB_OB_BACKUP_DELETE_JOB_HISTORY view in the sys tenant or the DBA_OB_BACKUP_DELETE_JOB_HISTORY view in a user tenant) with the error message the object is locked by worm. In this case, you need to configure a new backup path and set enable_worm=true.

  The following table describes the values supported by the enable_worm parameter.

  • true: Yes. Indicates that OceanBase Database will perform write and deletion operations on the path based on the WORM specifications. If you set this parameter to true, you must explicitly set checksum_type=md5.

  • false: No. If this parameter is not specified, the default value false applies.

• s3_region: the region in which the Amazon S3 bucket resides. This parameter is required when the backup media is AWS S3.

• addressing_model: the URL format for accessing object storage. It is an optional parameter for object storage services that use the S3 protocol, and is connected to other parameters by the & character. This parameter supports the following values:

  • virtual_hosted_style: the default value, which indicates that Virtual-hosted-style access is used for object storage.
  • path_style: indicates that Path-style access is used for object storage.

  For example, you can use the following statement to set the backup destination to OBS for your tenant and access OBS in Virtual-hosted-style:

  ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=obs.****.myhuaweicloud.com&access_id=****&access_key=****&addressing_model=virtual_hosted_style';
  

Examples

• System tenant

  • Configure the backup path for the mysql_tenant tenant with NFS as the backup medium.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'file:///data/nfs/backup/data' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the backup data is verified using the MD5 algorithm.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=md5' TENANT = mysql_tenant;
    

    • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the backup data is not verified.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=no_checksum' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the archived files is verified using the MD5 algorithm. If the enable_worm=true parameter is configured for this path, the system will perform write and delete operations on this path according to the WORM specifications.

    Notice

    OceanBase Database currently does not replace the compliance retention policy you set. Make sure that the OSS bucket has a correct retention policy (WORM policy) configured and locked before you set the backup path.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=md5&enable_worm=true' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with AWS S3 as the backup medium. The backup file cleanup mode is tagging, and the integrity of the backup data is verified using the CRC32 algorithm.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=s3.<region>.amazonaws.com&access_id=xxx&access_key=xxx&s3_region=xxx&delete_mode=tagging&checksum_type=crc32' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with OBS, and access it through the S3 protocol.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=obs.****.myhuaweicloud.com&access_id=****&access_key=****' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with GCS, and access it through the S3 protocol.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=https://storage.googleapis.com&access_id=****&access_key=****' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with COS, set the backup file cleanup mode to delete, and access it through the S3 protocol.

    Notice

    When you use COS as the backup medium, you must set the cluster-level parameter ob_storage_s3_url_encode_type. For more information, see Backup preparation.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test/backup/data?host=cos.ap-xxxx.myqcloud.com&access_id=***&access_key=***&delete_mode=delete' TENANT = mysql_tenant;
    

  • Configure the backup path for the mysql_tenant tenant with Azure Blob Storage as the backup medium, set the cleanup mode to delete, and specify the verification algorithm as md5.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='azblob://oceanbase-test-bucket/backup/data?host=http://****.blob.core.windows.net&access_id=****&access_key=****&delete_mode=delete&checksum_type=md5' TENANT = mysql_tenant;
    

• User tenant

  • Configure the backup path for the mysql_tenant tenant with NFS as the backup medium.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'file:///data/nfs/backup/data';
    

  • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the backup data is verified using the MD5 algorithm.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=md5';
    

  • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the backup data is not verified.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=no_checksum';
    

  • Configure the backup path for the mysql_tenant tenant with OSS as the backup medium. The backup file cleanup mode is delete, and the integrity of the archived files is verified using the MD5 algorithm. If the enable_worm=true parameter is configured for this path, the system will perform write and delete operations on this path according to the WORM specifications.

    Notice

    OceanBase Database currently does not replace the compliance retention policy you set. Make sure that the OSS bucket has a correct retention policy (WORM policy) configured and locked before you set the backup path.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST = 'oss://oceanbase-test-bucket/backup/?host=xxx.aliyun-inc.com&access_id=xxx&access_key=xxx&delete_mode=delete&checksum_type=md5&enable_worm=true';
    

  • Configure the backup path for the mysql_tenant tenant with AWS S3 as the backup medium. The backup file cleanup mode is tagging, and the integrity of the backup data is verified using the CRC32 algorithm.

    obclient [oceanbase]> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=s3.<region>.amazonaws.com&access_id=xxx&access_key=xxx&s3_region=xxx&delete_mode=tagging&checksum_type=crc32';
    

  • Configure the backup path for the mysql_tenant tenant with OBS, and access it through the S3 protocol.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=obs.****.myhuaweicloud.com&access_id=****&access_key=****';
    

  • Configure the backup path for the mysql_tenant tenant with GCS, and access it through the S3 protocol.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test-bucket/backup/data?host=https://storage.googleapis.com&access_id=****&access_key=****';
    

  • Configure the backup path for the mysql_tenant tenant with COS, set the backup file cleanup mode to delete, and access it through the S3 protocol.

    Notice

    When you use COS as the backup medium, you must set the cluster-level parameter ob_storage_s3_url_encode_type. For more information, see Backup preparation.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='s3://oceanbase-test/backup/data?host=cos.ap-xxxx.myqcloud.com&access_id=***&access_key=***&delete_mode=delete';
    

  • The backup path for the user tenant mysql_tenant is configured to use Azure Blob Storage, with the cleanup mode set to delete and the verification algorithm set to md5.

    obclient> ALTER SYSTEM SET DATA_BACKUP_DEST='azblob://oceanbase-test-bucket/backup/data?host=http://****.blob.core.windows.net&access_id=****&access_key=****&delete_mode=delete&checksum_type=md5';
    

References

• BACKUP KEY

• BACKUP

• Prepare for backup