MySQL ZRM Installation Revision as of Friday, 27 December 2024 at 23:30 UTC
Pre-flight
Generated random passwords for backup user with this small script:
#!/bin/bash
for i in $(seq 20); do
password=$(tr -dc A-Za-z0-9_ < /dev/urandom | head -c 20)
echo -e "GRANT LOCK TABLES, SELECT, RELOAD, SUPER ON *.* TO 'backupuser'@'backup.example.com' IDENTIFIED BY '$password';"
done
CentOS/RHEL
On client
The MySQL user’s homedir is /var/lib/mysql
. This is nice.
cd /var/lib/mysql
mkdir .ssh
chmod 700 .ssh
chown mysql:mysql .ssh
cd .ssh
touch authorized_keys
chmod 600 authorized_keys
chown mysql:mysql authorized_keys
echo "ssh-rsa {public key here} root@backup.example.com" >> authorized_keys
- Tested connection by issuing
ssh mysql@client.example.com
on
backup server. - Logged onto MySQL server on client and issued one of the GRANT
statements above. - Created list of databases to back up.
- Saved password in book.
On backup server
Created a backup config for client in
/etc/mysql-zrm/backupset-client/mysql-zrm.conf
. Here’s a sample
compressed, encrypted, selective backup that is rotated every 30 days.
The passphrase is not the SQL backup password.
# MySQL connection params
host=pbackup.example.com
user=backupuser
password=xAhganJiakstZ
databases="drupal_ddd redmine"
# Host connection params and options
copy-plugin="/usr/share/mysql-zrm/plugins/ssh-copy.pl"
# Backup params
backup-mode=logical
compress=1
encrypt=1
passfile=/etc/mysql-zrm/backupset-pdb/passphrase
# Retention policy
retention-policy="30D"
OS X Server
On Client
-
Created a local account called
mysqlbackupuser
in System
Preferences -> Accounts with password. -
Added user to System Preferences > Sharing > Remote Login
-
SSH-ed in as user, then
cd ~ mkdir .ssh chmod 700 .ssh chown mysql:mysql .ssh cd .ssh touch authorized_keys chmod 600 authorized_keys chown mysql:mysql authorized_keys echo "ssh-rsa {public key here} root@backup.example.com" >> authorized_keys
-
Tested connection from backup server
-
Logged on to MySQL instance to add
backupuser
GRANT statement.
On backup server
Config was the same as CentOS/RHEL, except that I added the ssh-user
param:
 ssh-user=mysqlbackupuser
Problems
MySQL v5.0.95 is not compiled with support for profiling (the “SHOW
PROFILES” command.) This is the --enable-profiling
tag at
compile-time. Strange, considering that the previous version (v5.0.77)
had support for profiling. The upshot is that you can’t select
individual databases to be backed up if you’re running 5.0.95. The
Webtatic and Remi repos have MySQL 5.5+ if you’re desperate.