暂无图片
暂无图片
1
暂无图片
暂无图片
暂无图片
首页 / TiDB Operator备份TiDB集群到NFS持久卷

TiDB Operator备份TiDB集群到NFS持久卷

原创 严少安 2023-03-05
286

lqbyz 发表于 2023-03-01
原创集群管理安装 & 部署管理与运维故障排查/诊断备份 & 恢复

Kubernetes 上 TiDB 集群的数据备份到持久卷上。本文描述的持久卷,指任何 Kubernetes 支持的持久卷类型。本文以备份数据到网络文件系统 (NFS) 存储为例。
使用场景

如果你对数据备份有以下要求,可考虑使用 BR 将 TiDB 集群数据以 Ad-hoc 备份(只执行一次)或定时快照备份(执行多次)的方式备份至持久卷:

需要备份的数据量较大,而且要求备份速度较快

需要直接备份数据的 SST 文件(键值对)

注意

BR 只支持 TiDB v3.1 及以上版本。

使用 BR 备份出的数据只能恢复到 TiDB 数据库中,无法恢复到其他数据库中。

一、Ad-hoc 备份

Ad-hoc 备份支持快照备份与增量备份。Ad-hoc 备份通过创建一个自定义的 Backup custom resource (CR) 对象来描述一次备份。TiDB Operator 根据这个 Backup 对象来完成具体的备份过程。如果备份过程中出现错误,程序不会自动重试,此时需要手动处理。

本文档对K8S集群中命名空间为tidb下的lqb数据库集群进行备份,具体操作如下:
准备Ad-hoc备份环境
下载backup-rbac.yaml 到master服务器。

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tidb-backup-manager
labels:
app.kubernetes.io/component: tidb-backup-manager
rules:

  • apiGroups: [""]
    resources: [“events”]
    verbs: ["*"]
  • apiGroups: [“pingcap.com”]
    resources: [“backups”, “restores”]
    verbs: [“get”, “watch”, “list”, “update”]

kind: ServiceAccount
apiVersion: v1
metadata:
name: tidb-backup-manager

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tidb-backup-manager
labels:
app.kubernetes.io/component: tidb-backup-manager
subjects:

  • kind: ServiceAccount
    name: tidb-backup-manager
    roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: Role
    name: tidb-backup-manager

创建备份需要的RBAC相关资源在tidb命名空间下

[root@k8s-master backup]# kubectl apply -f backup-rbac.yaml -ntidb
role.rbac.authorization.k8s.io/tidb-backup-manager created
serviceaccount/tidb-backup-manager created
rolebinding.rbac.authorization.k8s.io/tidb-backup-manager created

确保可以从K8S集群中访问用于存储备份数据的NFS服务器,并且配置了TiKV挂载跟备份任务相同的NFS共享目录到相同的本地目录。tikv挂载NFS的具体配置如下:

spec:
tikv:
baseImage: pingcap/tikv
replicas: 4
maxFailoverCount: 6

#下边是配置tikv挂载nfs
additionalVolumes:
- name: nfs
nfs:
server: 172.16.5.194
path: /home/k8s-nfs
additionalVolumeMounts:
- name: nfs
mountPath: /nfs

requests:
  cpu: "100m"
  storage: 12Gi
  memory: "400Mi"
limits:
  cpu: "2000m"
  memory: "4Gi"
mountClusterClientSecret: false
storageClassName: "local-hostpath"

如果TiDB版本低于V4.0.8则执行如下操作,若高于该版本可以省略。

创建secret用于存放Tidb集群的用户名和密码,由于使用v6.5省略该步骤
kubectl create secret generic backup-demo1-tidb-secret --from-literal=password=${password} --namespace=tidb

备份数据到NFS持久卷
创建备份的自定义资源CR,将数据备份到NFS

##以下以备份yz数据库为例
[root@k8s-master backup]# cat backup-nfs.yaml

apiVersion: pingcap.com/v1alpha1
kind: Backup
metadata:
name: demo1-backup-nfs
namespace: tidb
spec:

backupType: full

from:

host:

port:

user:

secretName: backup-yz

tableFilter:

  • “yz.*”

br:
cluster: yz
clusterNamespace: tidb

local:
prefix: backup-nfs
volume:
name: nfs
nfs:
server: 172.16.5.194
path: /home/k8s-nfs
volumeMount:
name: nfs
mountPath: /nfs

创建应用配置

[root@k8s-master backup]# kubectl apply -f backup-nfs.yaml
backup.pingcap.com/demo1-backup-nfs created

查看备份状态和备份文件

[root@k8s-master backup]# kubectl get bk -n tidb -owide -w
NAME TYPE MODE STATUS BACKUPPATH BACKUPSIZE COMMITTS LOGTRUNCATEUNTIL STARTED COMPLETED AGE
demo1-backup-nfs snapshot Running local:///nfs/backup-nfs 57s
demo1-backup-nfs snapshot Complete local:///nfs/backup-nfs 2.8 GB 439178019024666631 68s 0s 72s
^C[root@k8s-master backup]ls /home/k8s-nfs/backup-nfs/de
1 20001 39461 4 backup.lock backupmeta checkpoint.meta checkpoints

备份实例如下:
备份全部集群数据

apiVersion: pingcap.com/v1alpha1
kind: Backup
metadata:
name: demo1-backup-nfs
namespace: test1
spec:

# backupType: full

# Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8

from:

host: ${tidb-host}

port: ${tidb-port}

user: ${tidb-user}

secretName: backup-demo1-tidb-secret

br:
cluster: demo1
clusterNamespace: test1
local:
prefix: backup-nfs
volume:
name: nfs
nfs:
server: ${nfs_server_ip}
path: /home/k8s-nfs
volumeMount:
name: nfs
mountPath: /nfs

备份单个数据库的数据

apiVersion: pingcap.com/v1alpha1
kind: Backup
metadata:
name: demo1-backup-nfs
namespace: test1
spec:

# backupType: full

# Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8

from:

host: ${tidb-host}

port: ${tidb-port}

user: ${tidb-user}

secretName: backup-demo1-tidb-secret

tableFilter:

  • “db1.*”
    br:
    cluster: demo1
    clusterNamespace: test1
    local:
    prefix: backup-nfs
    volume:
    name: nfs
    nfs:
    server: ${nfs_server_ip}
    path: /home/k8s-nfs
    volumeMount:
    name: nfs
    mountPath: /nfs

备份单张表的数据

apiVersion: pingcap.com/v1alpha1
kind: Backup
metadata:
name: demo1-backup-nfs
namespace: test1
spec:

# backupType: full

# Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8

from:

host: ${tidb-host}

port: ${tidb-port}

user: ${tidb-user}

secretName: backup-demo1-tidb-secret

tableFilter:

  • “db1.table1”
    br:
    cluster: demo1
    clusterNamespace: test1
    local:
    prefix: backup-nfs
    volume:
    name: nfs
    nfs:
    server: ${nfs_server_ip}
    path: /home/k8s-nfs
    volumeMount:
    name: nfs
    mountPath: /nfs

使用表库过滤功能备份多张表的数据

apiVersion: pingcap.com/v1alpha1
kind: Backup
metadata:
name: demo1-backup-nfs
namespace: test1
spec:

# backupType: full

# Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8

from:

host: ${tidb-host}

port: ${tidb-port}

user: ${tidb-user}

secretName: backup-demo1-tidb-secret

tableFilter:

  • “db1.table1”
  • “db1.table2”
    br:
    cluster: demo1
    clusterNamespace: test1
    local:
    prefix: backup-nfs
    volume:
    name: nfs
    nfs:
    server: ${nfs_server_ip}
    path: /home/k8s-nfs
    volumeMount:
    name: nfs
    mountPath: /nfs

二、定时快照备份

用户通过设置备份策略来对 TiDB 集群进行定时备份,同时设置备份的保留策略以避免产生过多的备份。定时快照备份通过自定义的 BackupSchedule CR 对象来描述。每到备份时间点会触发一次快照备份,定时快照备份底层通过 Ad-hoc 快照备份来实现。下面是创建定时快照备份的具体步骤:
准备定时快照备份环境(和Ad-hoc备份的第一步一样)略
备份数据到NFS持久卷中
创建备份自定义资源BackupSchedule,将数据备份到NFS中

[root@k8s-master backup]# cat backup-schedule-nfs.yaml
apiVersion: pingcap.com/v1alpha1
kind: BackupSchedule
metadata:
name: demo1-backup-schedule-nfs
namespace: tidb
spec:

maxReservedTime: “3h”
schedule: “*/2 * * * *”
backupTemplate:

br:
  cluster: yz
  clusterNamespace: tidb

local:
  prefix: backup-nfs
  volume:
    name: nfs
    nfs:
      server: 172.16.5.194
      path: /home/k8s-nfs
  volumeMount:
    name: nfs
    mountPath: /nfs

创建应用配置

[root@k8s-master backup]# kubectl apply -f backup-schedule-nfs.yaml
backupschedule.pingcap.com/demo1-backup-schedule-nfs created

查看备份状态和备份文件

[root@k8s-master backup]# kubectl get bks -n tidb -owide
NAME SCHEDULE MAXBACKUPS LASTBACKUP LASTBACKUPTIME AGE
demo1-backup-schedule-nfs */2 * * * * 9s
NAME SCHEDULE MAXBACKUPS LASTBACKUP LASTBACKUPTIME AGE
demo1-backup-schedule-nfs */2 * * * * 46s

demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-16-00 6s 89s
demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-18-00 6s 3m29s
demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-20-00 6s 5m29s
demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-22-00 6s 7m29s
demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-24-00 6s 9m29s

[root@k8s-master ~]# ls /home/k8s-nfs/backup-nfs/yz-pd.tidb-2379-2023-02-02t10-16-00/
1 20001 39461 4 backup.lock backupmeta checkpoint.meta checkpoints

三、删除备份的 Backup CR

kubectl delete backup ${name} -n ${namespace}
kubectl delete backupschedule ${name} -n ${namespace}

版权声明:本文为 TiDB 社区用户原创文章,遵循 CC BY-NC-SA 4.0 版权协议,转载请附上原文出处链接和本声明。
https://tidb.net/blog/958d6099

tidbnfs集群服务器namespacepingcap
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。

文章被以下合辑收录

日常技术分享~TiDB(共181篇)
日常技术分享

评论