Cassandra 備份與復原

本節將說明如何為在 Apigee 混合式執行階段平面中安裝的 Apache Cassandra 資料庫環,設定資料備份和復原功能。另請參閱 Cassandra 資料儲存庫

關於 Cassandra 備份的注意事項

Cassandra 是複製資料庫,可在每個區域或資料中心中至少複製三份資料。Cassandra 會使用串流複製和讀取修復功能,在任何時間點維護各個區域或資料中心的資料副本。

在混合式架構中,Cassandra 備份預設為「未啟用」。不過,建議您啟用 Cassandra 備份功能,以防資料意外刪除。

系統會備份哪些內容?

本主題所述的備份設定會備份下列實體:

  • Cassandra 結構定義,包括使用者結構定義 (Apigee 鍵值空間定義)
  • 每個節點的 Cassandra 分區符記資訊
  • Cassandra 資料的快照

備份資料儲存在何處?

備份的資料會儲存在您必須建立的 Google Cloud Storage 值區中。本主題將說明如何建立及設定 bucket。

排定 Cassandra 備份時間

備份會在執行時間平面中排程為 cron 工作。如要排定 Cassandra 備份作業時間,請按照下列步驟操作:

  1. 執行下列 create-service-account 指令,建立具有標準 roles/storage.objectAdmin 角色的 Google Cloud 服務帳戶 (SA)。這個 SA 角色可讓您將備份資料寫入 Cloud Storage。在混合式安裝根目錄中執行下列指令:
    ./tools/create-service-account apigee-cassandra OUTPUT_DIR
     例如: 
    ./tools/create-service-account apigee-cassandra ./service-accounts
     如要進一步瞭解 Google Cloud 服務帳戶,請參閱「建立及管理服務帳戶」。
  2. create-service-account 指令會儲存含有服務帳戶私密金鑰的 JSON 檔案。檔案會儲存在執行指令所在的目錄中。您將在後續步驟中需要這個檔案的路徑。
  3. 建立 Cloud Storage 值區。 為值區指定合理的資料 保留政策。Apigee 建議的資料保留政策為 15 天。
  4. 開啟 overrides.yaml 檔案。
  5. 新增下列 cassandra.backup 屬性即可啟用備份功能。請勿移除任何已設定的屬性。

    參數

    cassandra:
  ...

  backup:
    enabled: true
    serviceAccountPath: SA_JSON_FILE_PATH
    dbStorageBucket: CLOUD_STORAGE_BUCKET_PATH
    schedule: BACKUP_SCHEDULE_CODE

  ...

    範例

    ...

cassandra:
  storage:
    type: gcepd
    capacity: 50Gi
    gcepd:
      replicationType: regional-pd
  sslRootCAPath: "/Users/myhome/ssh/cassandra.crt"
  sslCertPath: "/Users/myhome/ssh/cassandra.crt"
  sslKeyPath: "/Users/myhome/ssh/cassandra.key"
  auth:
    default:
      password: "abc123"
    admin:
      password: "abc234"
    ddl:
      password: "abc345"
    dml:
      password: "abc456"
  nodeSelector:
    key: cloud.google.com/gke-nodepool
    value: apigee-data
  backup:
    enabled: true
    serviceAccountPath: "/Users/myhome/.ssh/my_cassandra_backup.json"
    dbStorageBucket: "gs://myname-cassandra-backup"
    schedule: "45 23 * * 6"

  ...
    6. 其中:
    屬性 說明
    backup:enabled 備份功能預設為停用。您必須將這項屬性設為 true
    backup:serviceAccountPath

    SA_JSON_FILE_PATH

    您在執行 ./tools/create-service-account 時下載的服務帳戶 JSON 檔案在檔案系統中的路徑
    backup:dbStorageBucket

    CLOUD_STORAGE_BUCKET_PATH

    Cloud Storage 值區路徑的格式為 gs://BUCKET_NAME。必須使用 gs://
    backup:schedule

    BACKUP_SCHEDULE_CODE

    備份作業開始的時間,以 標準 crontab 語法指定。預設值:0 2 * * *
  6. 將設定變更套用至新叢集。例如: 
    ./apigeectl apply -f overrides.yaml

還原備份

還原作業會從備份位置取得資料,並將資料還原至具有相同節點數量的新 Cassandra 叢集。不會從舊 Cassandra 叢集擷取任何資料。

下方的還原操作說明適用於使用 Google Cloud Storage 備份的單一區域部署作業。如需其他部署方式,請參閱以下說明:

如要還原 Cassandra 備份,請按照下列步驟操作:

  1. 在現有 Kubernetes 叢集中建立新命名空間,用於還原混合式執行階段部署。請勿使用原始命名空間名稱建立新命名空間。請勿使用舊命名空間還原。
  2. 在根混合安裝目錄中,建立新的 overrides-restore.yaml 檔案。
  3. 將完整的 Cassandra 設定從原始 overrides.yaml 檔案複製到新的 overrides-restore.yaml 檔案中。請參考以下指令示例。 
    cp ./overrides.yaml ./overrides-restore.yaml
  4. 在新的 overrides-restore.yaml 檔案中新增命名空間元素。請勿使用原始叢集使用的命名空間。

    參數

    namespace: YOUR_RESTORE_NAMESPACE
cassandra:
  ...
  restore:
    enabled: true
    snapshotTimestamp: TIMESTAMP
    serviceAccountPath: SA_JSON_FILE_PATH
    dbStorageBucket: CLOUD_STORAGE_BUCKET_PATH
         image:
           pullPolicy: Always
  ...

    範例

    ...
    namespace: cassandra-restore
    cassandra:
      storage:
        type: gcepd
        capacity: 50Gi
        gcepd:
          replicationType: regional-pd
      sslRootCAPath: "/Users/myhome/ssh/cassandra.crt"
      sslCertPath: "/Users/myhome/ssh/cassandra.crt"
      sslKeyPath: "/Users/myhome/ssh/cassandra.key"
      auth:
        default:
          password: "abc123"
        admin:
          password: "abc234"
        ddl:
          password: "abc345"
        dml:
          password: "abc456"
      nodeSelector:
        key: cloud.google.com/gke-nodepool
        value: apigee-data

      restore:
        enabled: true
        snapshotTimestamp: "20210203213003"
        serviceAccountPath: "/Users/myhome/.ssh/my_cassandra_backup.json"
        dbStorageBucket: "gs://myname-cassandra-backup"
        image:
          pullPolicy: Always
    ...

    其中:

    屬性 說明
    namespace

    YOUR_RESTORE_NAMESPACE

    您在步驟 1 為新 Cassandra 叢集建立的新命名空間名稱。請勿使用原始叢集的命名空間。
    restore:enabled 還原功能預設為停用。您必須將這項屬性設為 true
    restore:snapshotTimestamp

    TIMESTAMP

    要還原的備份快照時間戳記。如要查看可使用的時間戳記,請前往 dbStorageBucket,查看值區中的檔案。每個檔案名稱都包含時間戳記值,例如:

    backup_20210203213003_apigee-cassandra-default-0.tgz

    其中 20210203213003 是您要還原當時建立的備份時,會使用的 snapshotTimestamp 值。
    restore:serviceAccountPath

    SA_JSON_FILE_PATH

    您為備份作業建立的服務帳戶在檔案系統中的路徑。
    restore:dbStorageBucket

    CLOUD_STORAGE_BUCKET_PATH

    備份資料儲存位置的 Cloud Storage 值區路徑,格式如下:

    gs://BUCKET_NAME

    必須使用 gs://
  5. 執行下列指令,變更舊命名空間中任何 Cassandra 節點的 app 標籤:
    kubectl label pods --overwrite --namespace=OLD_NAMESPACE -l app=apigee-cassandra app=apigee-cassandra-old
  6. 建立新的混合式執行階段部署作業。這會建立新的 Cassandra 叢集,並開始將備份資料還原至叢集:
    ./apigeectl init  -f ../overrides-restore.yaml

    ./apigeectl apply  -f ../overrides-restore.yaml

  7. 還原作業完成後,流量必須切換為使用新命名空間中的 Cassandra 叢集。執行下列指令來切換流量:

    kubectl get rs -n OLD_NAMESPACE # look for the 'apigee-connect' replicaset

    kubectl patch rs -n OLD_NAMESPACE APIGEE_CONNECT_RS_NAME -p '{"spec":{"replicas" : 0}}'
  8. 流量切換完成後,您可以移除 restore 設定,並將 backup 設定新增至 overrides-restore.yaml 檔案,藉此重新設定還原叢集中的備份。將 YOUR_RESTORE_NAMESPACE 替換為在步驟 1 中建立的新命名空間名稱。
    namespace: YOUR_RESTORE_NAMESPACE
cassandra:
  ...
   backup:
    enabled: true
    serviceAccountPath: SA_JSON_FILE_PATH
    dbStorageBucket: CLOUD_STORAGE_BUCKET_PATH
    schedule: BACKUP_SCHEDULE_CODE
  ...

    然後使用下列指令套用 backup 設定:

    ./apigeectl apply  -f ../overrides-restore.yaml

查看還原記錄

您可以檢查還原工作記錄,並使用 grep 檢查 error,確保還原記錄沒有錯誤。

確認還原作業已完成

使用下列指令檢查復原作業是否已完成:

kubectl get pods

輸出結果會與下列內容相似:

NAME                           READY     STATUS      RESTARTS   AGE
apigee-cassandra-default-0     1/1       Running     0          1h
apigee-cassandra-default-1     1/1       Running     0          1h
apigee-cassandra-default-2     1/1       Running     0          59m
apigee-cassandra-restore-b4lgf 0/1       Completed   0          51m

查看還原記錄檔

使用下列指令查看還原記錄:

kubectl logs -f apigee-cassandra-restore-b4lgf

輸出結果會與下列內容相似:

Restore Logs:

Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
to download file gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1/backup_20190405011309_schema.tgz
INFO: download successfully extracted the backup files from gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
finished downloading schema.cql
to create schema from 10.32.0.28

Warnings :
dclocal_read_repair_chance table option has been deprecated and will be removed in version 4.0

dclocal_read_repair_chance table option has been deprecated and will be removed in version 4.0


Warnings :
dclocal_read_repair_chance table option has been deprecated and will be removed in version 4.0

dclocal_read_repair_chance table option has been deprecated and will be removed in version 4.0

INFO: the schema has been restored
starting apigee-cassandra-default-0 in default
starting apigee-cassandra-default-1 in default
starting apigee-cassandra-default-2 in default
84 95 106
waiting on waiting nodes $pid to finish  84
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
INFO: restore downloaded  tarball and extracted the file from  gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
INFO: restore downloaded  tarball and extracted the file from  gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
INFO: restore downloaded  tarball and extracted the file from  gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
INFO  12:02:28 Configuration location: file:/etc/cassandra/cassandra.yaml
...

INFO  12:02:41 [Stream #e013ee80-5863-11e9-8458-353e9e3cb7f9] All sessions completed

Summary statistics:
   Connections per host    : 3
   Total files transferred : 2
   Total bytes transferred : 0.378KiB
   Total duration          : 5048 ms
   Average transfer rate   : 0.074KiB/s
   Peak transfer rate      : 0.075KiB/s

progress: [/10.32.1.155]0:1/1 100% 1:1/1 100% [/10.32.0.28]1:1/1 100% 0:1/1 100% [/10.32.3.220]0:1/1 100% 1:1/1 100% total: 100% 0.000KiB/s (avg: 0.074KiB/s)
INFO  12:02:41 [Stream #e013ee80-5863-11e9-8458-353e9e3cb7f9] All sessions completed
progress: [/10.32.1.155]0:1/1 100% 1:1/1 100% [/10.32.0.28]1:1/1 100% 0:1/1 100% [/10.32.3.220]0:1/1 100% 1:1/1 100% total: 100% 0.000KiB/s (avg: 0.074KiB/s)
INFO  12:02:41 [Stream #e013ee80-5863-11e9-8458-353e9e3cb7f9] All sessions completed
INFO  12:02:41 [Stream #e013ee80-5863-11e9-8458-353e9e3cb7f9] All sessions completed
INFO: ./apigee/data/cassandra/data/ks1/user-9fbae960571411e99652c7b15b2db6cc restored successfully
INFO: Restore 20190405011309 completed
INFO: ./apigee/data/cassandra/data/ks1/user-9fbae960571411e99652c7b15b2db6cc restored successfully
INFO: Restore 20190405011309 completed
waiting on waiting nodes $pid to finish  106
Restore finished

驗證備份工作

您也可以在安排備份 Cron 工作後驗證備份工作。排定 cron 工作後,您應該會看到類似下方的內容:

kubectl get pods

輸出結果會與下列內容相似:

NAME                                       READY     STATUS      RESTARTS   AGE
apigee-cassandra-default-0                 1/1       Running     0          2h
apigee-cassandra-default-1                 1/1       Running     0          2h
apigee-cassandra-default-2                 1/1       Running     0          2h
apigee-cassandra-backup-1554515580-pff6s   0/1       Running     0          54s

檢查備份記錄

備份工作:

  • 建立 schema.cql 檔案。
  • 將其上傳至儲存體值區。
  • 會回應節點,同時備份及上傳資料。
  • 等待所有資料上傳完畢。
kubectl logs -f apigee-cassandra-backup-1554515580-pff6s

輸出結果會與下列內容相似:

myusername-macbookpro:cassandra-backup-utility myusername$ kubectl logs -f apigee-cassandra-backup-1554577680-f9sc4
starting apigee-cassandra-default-0 in default
starting apigee-cassandra-default-1 in default
starting apigee-cassandra-default-2 in default
35 46 57
waiting on process  35
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
Requested creating snapshot(s) for [all keyspaces] with snapshot name [20190406190808] and options {skipFlush=false}
Snapshot directory: 20190406190808
INFO: backup created cassandra snapshot 20190406190808
tar: Removing leading `/' from member names
/apigee/data/cassandra/data/ks1/mytest3-37bc2df0587811e98e8d875b0ed64754/snapshots/
/apigee/data/cassandra/data/ks1/mytest3-37bc2df0587811e98e8d875b0ed64754/snapshots/20190406190808/
/apigee/data/cassandra/data/ks1/mytest3-37bc2df0587811e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Data.db
Requested creating snapshot(s) for [all keyspaces] with snapshot name [20190406190808] and options {skipFlush=false}
Requested creating snapshot(s) for [all keyspaces] with snapshot name [20190406190808] and options {skipFlush=false}
Snapshot directory: 20190406190808
INFO: backup created cassandra snapshot 20190406190808
tar: Removing leading `/' from member names
/apigee/data/cassandra/data/system/hints-2666e20573ef38b390fefecf96e8f0c7/snapshots/
/apigee/data/cassandra/data/system/hints-2666e20573ef38b390fefecf96e8f0c7/snapshots/20190406190808/
/apigee/data/cassandra/data/system/hints-2666e20573ef38b390fefecf96e8f0c7/snapshots/20190406190808/manifest.json
/apigee/data/cassandra/data/system/prepared_statements-18a9c2576a0c3841ba718cd529849fef/snapshots/
/apigee/data/cassandra/data/system/prepared_statements-18a9c2576a0c3841ba718cd529849fef/snapshots/20190406190808/
/apigee/data/cassandra/data/system/prepared_statements-18a9c2576a0c3841ba718cd529849fef/snapshots/20190406190808/manifest.json
/apigee/data/cassandra/data/system/range_xfers-55d764384e553f8b9f6e676d4af3976d/snapshots/
/apigee/data/cassandra/data/system/range_xfers-55d764384e553f8b9f6e676d4af3976d/snapshots/20190406190808/
/apigee/data/cassandra/data/system/range_xfers-55d764384e553f8b9f6e676d4af3976d/snapshots/20190406190808/manifest.json
/apigee/data/cassandra/data/system/peer_events-59dfeaea8db2334191ef109974d81484/snapshots/
/apigee/data/cassandra/data/system/peer_events-59dfeaea8db2334191ef109974d81484/snapshots/20190406190808/
/apigee/data/cassandra/data/system/peer_events-59dfeaea8db2334191ef109974d81484/snapshots/20190406190808/manifest.json
/apigee/data/cassandra/data/system/built_views-4b3c50a9ea873d7691016dbc9c38494a/snapshots/
/apigee/data/cassandra/data/system/built_views-4b3c50a9ea873d7691016dbc9c38494a/snapshots/20190406190808/
/apigee/data/cassandra/data/system/built_views-4b3c50a9ea873d7691016dbc9c38494a/snapshots/20190406190808/manifest.json
……
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Filter.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-CompressionInfo.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Index.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Statistics.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Data.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Index.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Statistics.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-TOC.txt
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Statistics.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Summary.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Filter.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Summary.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Index.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/manifest.json
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Filter.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-2-big-Digest.crc32
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Summary.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Data.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-TOC.txt
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/schema.cql
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-CompressionInfo.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Digest.crc32
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-TOC.txt
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-Data.db
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-3-big-Digest.crc32
/apigee/data/cassandra/data/ks2/user-d6d39d70586311e98e8d875b0ed64754/snapshots/20190406190808/mc-1-big-CompressionInfo.db
……
/tmp/tokens.txt
/ [1 files][    0.0 B/    0.0 B]
Operation completed over 1 objects.
/ [1 files][    0.0 B/    0.0 B]
Operation completed over 1 objects.
INFO: backup created tarball and transferred the file to gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
INFO: removing cassandra snapshot
INFO: backup created tarball and transferred the file to gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
INFO: removing cassandra snapshot
Requested clearing snapshot(s) for [all keyspaces]
INFO: Backup 20190406190808 completed
waiting on process  46
Requested clearing snapshot(s) for [all keyspaces]
INFO: Backup 20190406190808 completed
Requested clearing snapshot(s) for [all keyspaces]
waiting on process  57
INFO: Backup 20190406190808 completed
waiting result
to get schema from 10.32.0.28
INFO: /tmp/schema.cql has been generated
Activated service account credentials for: [apigee-cassandra-backup-svc@gce-myusername.iam.gserviceaccount.com]
tar: removing leading '/' from member names
tmp/schema.cql
Copying from <TDIN>...
/ [1 files][    0.0 B/    0.0 B]
Operation completed over 1 objects.
INFO: backup created tarball and transferred the file to gs://gce-myusername-apigee-cassandra-backup/apigeecluster/dc-1
finished uploading schema.cql