写点什么

TiDB Operator 备份 TiDB 集群到 NFS 持久卷

  • 2023-03-03
    北京
  • 本文字数:4498 字

    阅读完需:约 15 分钟

作者: lqbyz 原文来源:https://tidb.net/blog/958d6099


Kubernetes 上 TiDB 集群的数据备份到持久卷上。本文描述的持久卷,指任何 Kubernetes 支持的持久卷类型。本文以备份数据到网络文件系统 (NFS) 存储为例。

使用场景

如果你对数据备份有以下要求,可考虑使用 BR 将 TiDB 集群数据以 Ad-hoc 备份(只执行一次) 或定时快照备份(执行多次) 的方式备份至持久卷:


  • 需要备份的数据量较大,而且要求备份速度较快

  • 需要直接备份数据的 SST 文件(键值对)


注意


  • BR 只支持 TiDB v3.1 及以上版本。

  • 使用 BR 备份出的数据只能恢复到 TiDB 数据库中,无法恢复到其他数据库中。

一、Ad-hoc 备份

Ad-hoc 备份支持快照备份与增量备份。Ad-hoc 备份通过创建一个自定义的 Backup custom resource (CR) 对象来描述一次备份。TiDB Operator 根据这个 Backup 对象来完成具体的备份过程。如果备份过程中出现错误,程序不会自动重试,此时需要手动处理。


本文档对 K8S 集群中命名空间为 tidb 下的 lqb 数据库集群进行备份,具体操作如下:

准备 Ad-hoc 备份环境

下载backup-rbac.yaml 到 master 服务器。

---kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata:  name: tidb-backup-manager  labels:    app.kubernetes.io/component: tidb-backup-managerrules:- apiGroups: [""]  resources: ["events"]  verbs: ["*"]- apiGroups: ["pingcap.com"]  resources: ["backups", "restores"]  verbs: ["get", "watch", "list", "update"]
---kind: ServiceAccountapiVersion: v1metadata: name: tidb-backup-manager
---kind: RoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata: name: tidb-backup-manager labels: app.kubernetes.io/component: tidb-backup-managersubjects:- kind: ServiceAccount name: tidb-backup-managerroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: tidb-backup-manager
复制代码

创建备份需要的 RBAC 相关资源在 tidb 命名空间下

[root@k8s-master backup]# kubectl apply -f backup-rbac.yaml -ntidbrole.rbac.authorization.k8s.io/tidb-backup-manager createdserviceaccount/tidb-backup-manager createdrolebinding.rbac.authorization.k8s.io/tidb-backup-manager created
复制代码

确保可以从 K8S 集群中访问用于存储备份数据的 NFS 服务器,并且配置了 TiKV 挂载跟备份任务相同的 NFS 共享目录到相同的本地目录。tikv 挂载 NFS 的具体配置如下:

spec:  tikv:    baseImage: pingcap/tikv    replicas: 4    maxFailoverCount: 6
#下边是配置tikv挂载nfs additionalVolumes: - name: nfs nfs: server: 172.16.5.194 path: /home/k8s-nfs additionalVolumeMounts: - name: nfs mountPath: /nfs
requests: cpu: "100m" storage: 12Gi memory: "400Mi" limits: cpu: "2000m" memory: "4Gi" mountClusterClientSecret: false storageClassName: "local-hostpath"
复制代码

如果 TiDB 版本低于 V4.0.8 则执行如下操作,若高于该版本可以省略。

创建secret用于存放Tidb集群的用户名和密码,由于使用v6.5省略该步骤kubectl create secret generic backup-demo1-tidb-secret --from-literal=password=${password} --namespace=tidb
复制代码

备份数据到 NFS 持久卷

创建备份的自定义资源 CR,将数据备份到 NFS

##以下以备份yz数据库为例[root@k8s-master backup]# cat backup-nfs.yaml---apiVersion: pingcap.com/v1alpha1kind: Backupmetadata:  name: demo1-backup-nfs  namespace: tidbspec:#  backupType: full#  from:#    host:#    port:#    user:#    secretName: backup-yz
tableFilter: - "yz.*"
br: cluster: yz clusterNamespace: tidb
local: prefix: backup-nfs volume: name: nfs nfs: server: 172.16.5.194 path: /home/k8s-nfs volumeMount: name: nfs mountPath: /nfs
复制代码

创建应用配置

[root@k8s-master backup]# kubectl apply -f backup-nfs.yamlbackup.pingcap.com/demo1-backup-nfs created
复制代码

查看备份状态和备份文件

[root@k8s-master backup]# kubectl get bk -n tidb -owide -wNAME               TYPE   MODE       STATUS    BACKUPPATH                BACKUPSIZE   COMMITTS   LOGTRUNCATEUNTIL   STARTED   COMPLETED   AGEdemo1-backup-nfs          snapshot   Running   local:///nfs/backup-nfs                                                                    57sdemo1-backup-nfs          snapshot   Complete   local:///nfs/backup-nfs   2.8 GB       439178019024666631                      68s       0s          72s^C[root@k8s-master backup]ls /home/k8s-nfs/backup-nfs/de1  20001  39461  4  backup.lock  backupmeta  checkpoint.meta  checkpoints
复制代码

备份实例如下:

备份全部集群数据
---apiVersion: pingcap.com/v1alpha1kind: Backupmetadata:  name: demo1-backup-nfs  namespace: test1spec:  # # backupType: full  # # Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8  # from:  #   host: ${tidb-host}  #   port: ${tidb-port}  #   user: ${tidb-user}  #   secretName: backup-demo1-tidb-secret  br:    cluster: demo1    clusterNamespace: test1  local:    prefix: backup-nfs    volume:      name: nfs      nfs:        server: ${nfs_server_ip}        path: /home/k8s-nfs    volumeMount:      name: nfs      mountPath: /nfs
复制代码
备份单个数据库的数据
---apiVersion: pingcap.com/v1alpha1kind: Backupmetadata:  name: demo1-backup-nfs  namespace: test1spec:  # # backupType: full  # # Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8  # from:  #   host: ${tidb-host}  #   port: ${tidb-port}  #   user: ${tidb-user}  #   secretName: backup-demo1-tidb-secret  tableFilter:  - "db1.*"  br:    cluster: demo1    clusterNamespace: test1  local:    prefix: backup-nfs    volume:      name: nfs      nfs:        server: ${nfs_server_ip}        path: /home/k8s-nfs    volumeMount:      name: nfs      mountPath: /nfs
复制代码
备份单张表的数据
---apiVersion: pingcap.com/v1alpha1kind: Backupmetadata:  name: demo1-backup-nfs  namespace: test1spec:  # # backupType: full  # # Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8  # from:  #   host: ${tidb-host}  #   port: ${tidb-port}  #   user: ${tidb-user}  #   secretName: backup-demo1-tidb-secret  tableFilter:  - "db1.table1"  br:    cluster: demo1    clusterNamespace: test1  local:    prefix: backup-nfs    volume:      name: nfs      nfs:        server: ${nfs_server_ip}        path: /home/k8s-nfs    volumeMount:      name: nfs      mountPath: /nfs
复制代码
使用表库过滤功能备份多张表的数据
---apiVersion: pingcap.com/v1alpha1kind: Backupmetadata:  name: demo1-backup-nfs  namespace: test1spec:  # # backupType: full  # # Only needed for TiDB Operator < v1.1.10 or TiDB < v4.0.8  # from:  #   host: ${tidb-host}  #   port: ${tidb-port}  #   user: ${tidb-user}  #   secretName: backup-demo1-tidb-secret  tableFilter:  - "db1.table1"  - "db1.table2"  br:    cluster: demo1    clusterNamespace: test1  local:    prefix: backup-nfs    volume:      name: nfs      nfs:        server: ${nfs_server_ip}        path: /home/k8s-nfs    volumeMount:      name: nfs      mountPath: /nfs
复制代码

二、定时快照备份

用户通过设置备份策略来对 TiDB 集群进行定时备份,同时设置备份的保留策略以避免产生过多的备份。定时快照备份通过自定义的 BackupSchedule CR 对象来描述。每到备份时间点会触发一次快照备份,定时快照备份底层通过 Ad-hoc 快照备份来实现。下面是创建定时快照备份的具体步骤:

准备定时快照备份环境(和 Ad-hoc 备份的第一步一样)略

备份数据到 NFS 持久卷中

创建备份自定义资源 BackupSchedule,将数据备份到 NFS 中

[root@k8s-master backup]# cat backup-schedule-nfs.yamlapiVersion: pingcap.com/v1alpha1kind: BackupSchedulemetadata:  name: demo1-backup-schedule-nfs  namespace: tidbspec:
maxReservedTime: "3h" schedule: "*/2 * * * *" backupTemplate:
br: cluster: yz clusterNamespace: tidb
local: prefix: backup-nfs volume: name: nfs nfs: server: 172.16.5.194 path: /home/k8s-nfs volumeMount: name: nfs mountPath: /nfs
复制代码

创建应用配置

[root@k8s-master backup]# kubectl apply -f backup-schedule-nfs.yamlbackupschedule.pingcap.com/demo1-backup-schedule-nfs created
复制代码

查看备份状态和备份文件

[root@k8s-master backup]# kubectl get bks -n tidb -owideNAME                        SCHEDULE      MAXBACKUPS   LASTBACKUP   LASTBACKUPTIME   AGEdemo1-backup-schedule-nfs   */2 * * * *                                              9sNAME                        SCHEDULE      MAXBACKUPS   LASTBACKUP   LASTBACKUPTIME   AGEdemo1-backup-schedule-nfs   */2 * * * *                                              46s

demo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-16-00 6s 89sdemo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-18-00 6s 3m29sdemo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-20-00 6s 5m29sdemo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-22-00 6s 7m29sdemo1-backup-schedule-nfs */2 * * * * demo1-backup-schedule-nfs-2023-02-02t10-24-00 6s 9m29s
[root@k8s-master ~]# ls /home/k8s-nfs/backup-nfs/yz-pd.tidb-2379-2023-02-02t10-16-00/1 20001 39461 4 backup.lock backupmeta checkpoint.meta checkpoints
复制代码

三、删除备份的 Backup CR

kubectl delete backup ${name} -n ${namespace}kubectl delete backupschedule ${name} -n ${namespace}
复制代码


发布于: 刚刚阅读数: 4
用户头像

TiDB 社区官网:https://tidb.net/ 2021-12-15 加入

TiDB 社区干货传送门是由 TiDB 社区中布道师组委会自发组织的 TiDB 社区优质内容对外宣布的栏目,旨在加深 TiDBer 之间的交流和学习。一起构建有爱、互助、共创共建的 TiDB 社区 https://tidb.net/

评论

发布
暂无评论
TiDB Operator备份TiDB集群到NFS持久卷_集群管理_TiDB 社区干货传送门_InfoQ写作社区