This section describes a sample BART managed backup and recovery system consisting of both local and remote database servers. The complete steps to configure and operate the system are provided.
For detailed information about configuring a BART system, see the EDB Backup and Recovery Installation and Upgrade Guide. For detailed information about the operational procedures and BART subcommands, see the EDB Backup and Recovery User Guide. These guides are available at the EDB website.
The environment for this sample system is as follows:
BART on host 192.168.2.22 running with BART user account enterprisedb
Local Advanced Server on host 192.168.2.22 running with user account enterprisedb
Remote Advanced Server on host 192.168.2.24 running with user account enterprisedb
Remote PostgreSQL server on host 192.168.2.24 running with user account postgres
Passwordless SSH/SCP connections are required between the following:
BART on host 192.168.2.22 and the local Advanced Server on the same host 192.168.2.22
BART on host 192.168.2.22 and the remote Advanced Server on host 192.168.2.24
BART on host 192.168.2.22 and the remote PostgreSQL server on host 192.168.2.24
The following sections demonstrate configuring and taking full backups only. To support incremental backups as well, enable the allow_incremental_backups parameter for the desired database servers and use the WAL scanner program.
Taking a Full Backup illustrates taking the first full backup of the database servers.
Using Point-In-Time Recovery demonstrates the point-in-time recovery operation on the remote PostgreSQL database server.
The BART Configuration File
The following code sample shows the settings used in the BART configuration file for the examples that follow:
Establishing SSH/SCP Passwordless Connections
This section demonstrates how passwordless SSH/SCP connections are established with the authorized public keys files.
Generating a Public Key File for the BART User Account
The BART user account is enterprisedb with a home directory of /opt/PostgresPlus/9.6AS.
To generate the public key file, as a root user, first create the .ssh subdirectory in the BART user’s home directory and assign ownership of this directory to the enterprisedb user, ensuring there are no groups or other users that can access the .ssh directory.
Generate the public key file:
The following are the resulting files. id_rsa.pub is the public key file of BART user account enterprisedb.
Configuring Access between Local Advanced Server and the BART Host
Even when the Advanced Server database is on the same host as the BART user account, and the Advanced Server database cluster owner is also the BART user account (enterprisedb is this case), a passwordless SSH/SCP connection must be established from the same user account to itself.
On the BART host where the public key file was just generated (as shown in Generating a Public Key File for the BART User Account), create the authorized keys file by appending the public key file to any existing authorized keys file.
Log into the BART host as the BART user account and append the public key file, id_rsa.pub onto the authorized_keys file in the same .ssh directory.
The authorized_keys file must have file permission 600 as set by the following chmod 600 command, or the passwordless connection will fail:
Test the passwordless connection. Use the ssh command to verify that you can access the same user account as you are currently logged in as (enterprisedb) without being prompted for a password:
Configuring Access from Remote Advanced Server to BART Host
On the remote host 192.168.2.24, create the public key file for the remote database server user account, enterprisedb, for access to the BART user account, enterprisedb, on the BART host 192.168.2.22.
Create the .ssh directory for user account enterprisedb on the remote host:
Generate the public key file on the remote host for user account enterprisedb:
Copy the generated public key file, id_rsa.pub, to the BART user account, enterprisedb, on the BART host, 192.168.2.22:
Log into the BART host as the BART user account and append the temporary public key file, /tmp/tmp.pub onto the authorized_keys file owned by the BART user account.
The authorized_keys file must have file permission 600 as set by the following chmod 600 command, otherwise the passwordless connection fails:
Test the passwordless connection. From the remote host, verify that you can log into the BART host with the BART user account without being prompted for a password:
Configuring Access from the BART Host to a Remote Advanced Server
On the BART host 192.168.2.22, copy the public key file for the BART user account, enterprisedb, for access to the remote database server user account, enterprisedb, on the remote host 192.168.2.24.
The following lists the current SSH keys files in the BART user’s .ssh directory on the BART host:
The public key file, id_rsa.pub, for BART user account enterprisedb on the BART host that was earlier generated in Generating a Public Key File for the BART User Account, is now copied to the remote Advanced Server host on 192.168.2.24:
Log into the enterprisedb user account on the remote host and copy the public key file onto the authorized_keys file of the remote enterprisedb user account under its .ssh directory:
Adjust the file permission on authorized_keys:
While logged into the BART host, test the passwordless connection from the BART host to the remote Advanced Server host:
Configuring Access from a Remote PostgreSQL Server to a BART Host
On the remote host (192.168.2.24), create a public key file owned by the database server user account (postgres), allowing access to the BART user account (enterprisedb) on the BART host (192.168.2.22).
Create the .ssh directory for the postgres user account on the remote host:
Create and copy the generated public key file, id_rsa.pub, to the BART user account (enterprisedb), on the BART host (192.168.2.22):
Log into the BART host as the BART user account and append the temporary public key file, /tmp/tmp.pub, onto the authorized_keys file owned by the BART user account.
Make sure the authorized_keys file has file permission 600 as shown, or the passwordless connection will fail. Test the passwordless connection; from the remote host, while logged in as user account postgres, verify that you can log into the BART host with the BART user account without being prompted for a password:
Configuring Access from the BART Host to Remote PostgreSQL
Copy the public key file on the BART host that is owned by the BART user account (enterprisedb) to the remote database server user account (postgres), on the remote host (192.168.2.24).
The following lists the current SSH keys files in the BART user’s .ssh directory on the BART host:
Log into the postgres user account on the remote host and copy the public key file onto the authorized_keys file of postgres under its .ssh directory:
Adjust the file permissions on authorized_keys:
Test the passwordless connection from the BART host to the remote PostgreSQL host:
Configuring a Replication Database User
This section demonstrates how a replication database user is established.
All database servers must use a superuser as the replication database user.
The replication database user for each database server is specified by the user parameter in the BART configuration file as shown by the following:
Add entries to the .pgpass file on each server to allow the BART user account to initiate a backup without being prompted for credentials. The .pgpass file is located in /opt/PostgresPlus/9.6AS/.pgpass:
While connected to MKTG on 192.168.2.24, execute the following CREATE ROLE command to create the replication database superuser:
Access is granted in the pg_hba.conf file for the local Advanced Server:
Similarly, access is granted in the pg_hba.conf file for the remote Advanced Server installation:
Access is also granted in the pg_hba.conf file for the remote PostgreSQL server:
WAL Archiving Configuration Parameters
Use the following parameters in the postgresql.conf file to enable WAL archiving. The postgresql.conf file for the local Advanced Server database (ACCTG) is set as follows:
When the INIT subcommand is invoked, the Postgres archive_command configuration parameter in the postgresql.auto.conf file will be set based on the BART archive_command parameter located in the BART configuration file.
Note
If the Postgres archive_command is already set, invoke the INIT subcommand with the -- no-configure option to prevent the archive_command from being reset. For details, see INIT.
When the INIT subcommand is invoked, the postgresql.auto.conf file contains the following:
The archive_command uses the cp command instead of scp since the BART backup catalog is local to this database cluster and the BART user account (the account that owns the backup catalog, enterprisedb), is the same user account running Advanced Server. The result is that there is no directory permission conflict during the archive operation.
The postgresql.conf file for the remote Advanced Server, MKTG is set as follows:
When the INIT subcommand is invoked, the Postgres archive_command configuration parameter in the postgresql.auto.conf file will be set by the default BART format of the BART archive_command parameter (since it is not explicitly set for this database server in the BART configuration file).
The default BART archive_command format is:
The postgresql.auto.conf file contains the following after the INIT subcommand is invoked:
The archive_command uses the scp command since the BART backup catalog is remote relative to this database cluster. The BART user account, enterprisedb, is specified on the scp command since this is the user account owning the BART backup catalog where the archived WAL files are to be copied. The result is that there is no directory permission conflict during the archive operation.
The postgresql.conf file for the remote PostgreSQL server (HR) is set as follows:
When the INIT subcommand is invoked, the Postgres archive_command configuration parameter in the postgresql.auto.conf file will be set by the default BART format of the BART archive_command parameter (since it is not explicitly set for this database server in the BART configuration file):
The default BART archive_command format is:
The postgresql.auto.conf file contains the following after the INIT subcommand is invoked:
The archive_command uses the scp command since the BART backup catalog is remote relative to this database cluster. The BART user account, enterprisedb, is specified on the scp command since this is the user account owning the BART backup catalog where the archived WAL files are to be copied. The result is that there is no directory permission conflict during the archive operation.
Creating the BART Backup Catalog (backup_path)
Create the directory specified by the backup_path configuration parameter.
Ensure that the directory is owned by the BART user account:
Use the BART INIT subcommand to complete the directory structure and set the Postgres archive_command configuration parameter.
Before invoking any BART subcommands, set up a profile under the BART user account’s home directory to set the LD_LIBRARY_PATH and PATH environment variables. For more information regarding setting this variable, see the EDB Backup and Recovery Installation and Upgrade Guide available at the EDB website.
The -o option is specified with the INIT subcommand to force the setting of the Postgres archive_command configuration parameter when archive_mode is off or if the Postgres archive_command parameter is already set and needs to be overridden.
The BART SHOW-SERVERS subcommand displays the following:
The ARCHIVE PATH field displays the full directory path to where the WAL files are copied. This directory path must match the directory path specified in the Postgres archive_command parameter of the postgresql.conf file or the postgresql.auto.conf file of each database server.
Starting the Database Servers with WAL Archiving
After the BART backup catalog directory structure has been configured, start the archiving of WAL files from the database servers by restarting each database server.
On BART host 192.168.2.22:
On remote host 192.168.2.24:
In the BART backup catalog, verify that the WAL files are archiving.
Archived WAL files may not appear very frequently depending upon how often WAL archiving is set to switch to a new segment file with the archive_timeout parameter in your database server configuration settings.
Verify that there are no archiving-related errors in the database server log files.
Taking a Full Backup
The following code sample shows the first full backup of the database servers.
The following code sample shows the backup directories created for each backup of each database server. The backup ID is used as the backup directory name.
Using Point-In-Time Recovery
This section demonstrates using the point-in-time recovery operation on the remote PostgreSQL database server.
The following tables were created about two minutes apart with WAL archiving enabled:
In the table name hr_rmt_t<n>_<hhmi>, n represents the active timeline. <hhmi> is the approximate time the table was created. For example, hr_rmt_t1_1356 was created at approximately 1:56 PM while timeline #1 is active.
The PostgreSQL database server was then stopped. WAL files that have been created, but not yet archived must be identified, and then saved. The following archived WAL files are in the BART backup catalog:
The following sample lists the current PostgreSQL server WAL files. The unarchived WAL files are marked with two stars (**).
Copies of the unarchived WAL files are saved to a temporary location:
On the remote host, a directory is created to which the PostgreSQL database cluster is to be restored. This restore path is named /opt/restore_pg96 and is owned by user account postgres.
In the BART configuration file, the remote user and remote host IP address, postgres@192.168.2.24, have been set with the remote_host parameter. If not given in the BART configuration file, this information must then be specified by the --remote-host option when giving the RESTORE subcommand (for example, bart RESTORE --remote-host postgres@192.168.2.24 …).
Use the SHOW-BACKUPS subcommand to identify the backup to use with the RESTORE subcommand.
The -t option with the SHOW-BACKUPS subcommand displays additional backup information:
A recovery is made using timeline 1 to 2017-03-29 14:01:00.
The following example shows the restored backup files in the restore path directory, /opt/restore_pg96:
Copy the saved, unarchived WAL files to the restore path pg_xlog subdirectory (/opt/restore_pg96/pg_xlog):
Inspect the /opt/restore_pg96/postgresql.auto.conf file to verify that it contains the correct recovery settings:
Note that the command restores from the archived_wals subdirectory of /opt/restore_pg96 since the copy_wals_during_restore parameter in the BART configuration file is set to enabled for database server hr.
Start the database server to initiate the point-in-time recovery operation:
Inspect the database server log file to ensure the operation did not result in any errors:
The tables that exist in the recovered database cluster are:
Since recovery was up to and including 2017-03-29 14:01:00, the following tables created after 14:01 are not present:
The BART RESTORE operation stops WAL archiving by adding an archive_mode = off parameter at the very end of the postgresql.conf file. This last parameter in the file overrides any other previous setting of the same parameter in the file. Delete the last setting and restart the database server to start WAL archiving.