标签:bin backup 备份 kingbase sys sh securecmdd root
案例说明:
KingbaseES V8R6C6中sys_backup.sh在通用机单实例环境,默认需要通过securecmdd工具以及kingbase和root用户之间的ssh互信,执行备份初始化(init);对于使用ssh环境,如果kingbase和root之间没有建立ssh互信,直接执行脚本初始化会产生错误,需要修改脚本后再执行。
操作系统:
适用版本:
KingbaseES V8R6C6
数据库环境:
[kingbase@node102 bin]$ ./ksql -V
ksql (Kingbase) V008R006C006B0013
[kingbase@node102 bin]$ ./sys_ctl start -D /data/kingbase/v8r6_c6/data
waiting for server to start....2022-07-26 15:33:40.262 CST [7582] LOG: sepapower extension initialized
.......
server started
[kingbase@node102 bin]$ netstat -an |grep 54322
tcp 0 0 0.0.0.0:54322 0.0.0.0:* LISTEN
tcp6 0 0 :::54322 :::* LISTEN
关闭securecmdd服务:
[kingbase@node102 bin]$ ps -ef |grep secure
root 1169 1 0 09:43 ? 00:00:00 sys_securecmdd: /home/kingbase/cluster/R6HA/kha/kingbase/bin/sys_securecmdd -f /etc/.kes/securecmdd_config [listener] 0 of 128-256 startups
kingbase 4711 9114 0 15:15 pts/0 00:00:00 grep --color=auto secure
[root@node102 ~]# systemctl stop securecmdd
[root@node102 ~]# systemctl status securecmdd
● securecmdd.service - KingbaseES - sys_securecmdd daemon
Loaded: loaded (/etc/systemd/system/securecmdd.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2022-07-26 15:24:58 CST; 6s ago
Process: 1169 ExecStart=/home/kingbase/cluster/R6HA/kha/kingbase/bin/sys_securecmdd -f /etc/.kes/securecmdd_config (code=exited, s
Main PID: 1169 (code=exited, status=0/SUCCESS)
Jul 26 09:43:45 node102 systemd[1]: Started KingbaseES - sys_securecmdd daemon.
Jul 26 15:24:58 node102 systemd[1]: Stopping KingbaseES - sys_securecmdd daemon...
Jul 26 15:24:58 node102 systemd[1]: Stopped KingbaseES - sys_securecmdd daemon.
案例1: kingbase和root之间有ssh互信
1、测试kingbase和root直接ssh互信
[kingbase@node102 ~]$ ssh root@127.0.0.1
Last login: Tue Jul 26 15:51:16 2022 from 192.168.1.1
[root@node102 ~]#
2、配置sys_backup.conf
[kingbase@node102 bin]$ cat sys_backup.conf |grep -v ^$|grep -v ^#
_target_db_style="single"
_one_db_ip="127.0.0.1"
_repo_ip="127.0.0.1"
_stanza_name="kingbase"
_os_user_name="kingbase"
_repo_path="/home/kingbase/kbbr6_repo"
_repo_retention_full_count=5
_crond_full_days=7
_crond_diff_days=0
_crond_incr_days=1
_crond_full_hour=2
_crond_diff_hour=3
_crond_incr_hour=4
_band_width=0
_os_ip_cmd="/sbin/ip"
_os_rm_cmd="/bin/rm"
_os_sed_cmd="/bin/sed"
_os_grep_cmd="/bin/grep"
_single_data_dir="/data/kingbase/v8r6_c6/data"
_single_bin_dir="/opt/Kingbase/ES/V8R6_C6/Server/bin"
_single_db_user="system"
_single_db_port="54322"
_use_scmd=off
_start_fast=y
_compress_type=none
_non_archived_space=1024
2、执行sys_backup.sh init
[kingbase@node102 bin]$ ./sys_backup.sh init
./sys_backup.sh: line 1: et!/bin/bash: No such file or directory
# pre-condition: check the non-archived WAL files
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is bb:98:fe:fb:94:fc:cf:3c:99:72:7f:09:91:25:64:23.
Are you sure you want to continue connecting (yes/no)? yes
# generate single sys_rman.conf...DONE
# update single archive_command with sys_rman.archive-push...DONE
# create stanza and check...(maybe 60+ seconds)
# create stanza and check...DONE
# initial first full backup...(maybe several minutes)
# initial first full backup...DONE
# Initial sys_rman OK.
'sys_backup.sh start' should be executed when need back-rest feature.
=如上所示,在kingbase和root之间有ssh互信的环境下,直接可以执行备份的iniit。=
案例2: kingbase和root之间没有ssh互信
1、测试kingbase和root之间ssh互信(无互信)
[kingbase@node102 ~]$ ssh root@127.0.0.1
root@127.0.0.1's password:
Last login: Tue Jul 26 15:24:35 2022 from 127.0.0.1
2、配置sys_backup.conf
[kingbase@node102 bin]$ cat sys_backup.conf |grep -v ^$|grep -v ^#
_target_db_style="single"
_one_db_ip="127.0.0.1"
_repo_ip="127.0.0.1"
_stanza_name="kingbase"
_os_user_name="kingbase"
_repo_path="/home/kingbase/kbbr6_repo"
_repo_retention_full_count=5
_crond_full_days=7
_crond_diff_days=0
_crond_incr_days=1
_crond_full_hour=2
_crond_diff_hour=3
_crond_incr_hour=4
_band_width=0
_os_ip_cmd="/sbin/ip"
_os_rm_cmd="/bin/rm"
_os_sed_cmd="/bin/sed"
_os_grep_cmd="/bin/grep"
_single_data_dir="/data/kingbase/v8r6_c6/data"
_single_bin_dir="/opt/Kingbase/ES/V8R6_C6/Server/bin"
_single_db_user="system"
_single_db_port="54322"
_use_scmd=off
_start_fast=y
_compress_type=none
_non_archived_space=1024
3、执行sys_backup.sh init
[kingbase@node102 bin]$ ./sys_backup.sh init
# pre-condition: check the non-archived WAL files
ERROR: can not access the 127.0.0.1 /tmp/sys_rman by root
=如上所示,执行init报错。=
4、查看具体报错信息
[kingbase@node102 bin]$ sh -x sys_backup.sh init
+++ readlink -f sys_backup.sh
++ dirname /opt/Kingbase/ES/V8R6_C6/KESRealPro/V008R006C006B0013/Server/bin/sys_backup.sh
+ script_locate_folder=/opt/Kingbase/ES/V8R6_C6/KESRealPro/V008R006C006B0013/Server/bin
+ '[' '!' -f /opt/Kingbase/ES/V8R6_C6/KESRealPro/V008R006C006B0013/Server/bin/sys_backup.conf ']'
+ '[' -f /opt/Kingbase/ES/V8R6_C6/KESRealPro/V008R006C006B0013/Server/bin/sys_backup.conf ']'
......
+ '[' X1 == X0 ']'
+ ssh -t -o ConnectTimeout=30 -o PreferredAuthentications=publickey root@127.0.0.1 'ssh root@127.0.0.1 date>/dev/null 2>/dev/null'
+ _remote2local_rt=255
+ ssh -n -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o PreferredAuthentications=publickey -- root@127.0.0.1 mkdir /tmp/sys_rman/
+ ssh -n -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o PreferredAuthentications=publickey -- root@127.0.0.1 touch /tmp/sys_rman/_t-E_s_t
+ '[' X0 '!=' X255 ']'
+ /bin/echo 'ERROR: can not access the 127.0.0.1 /tmp/sys_rman by root'
ERROR: can not access the 127.0.0.1 /tmp/sys_rman by root
+ exit 1
5、分析sys_backup.sh脚本
如下所示:通过ssh连接后root用户创建文件。
默认的ssh认证是通过公钥方式,对于kingbase和root没有建立ssh互信的环境,则无法建立认证,所以需要
修改为password认证。
6、执行sys_backup.sh init(修改脚本后)
[kingbase@node102 bin]$ ./sys_backup.sh init
# pre-condition: check the non-archived WAL files
root@127.0.0.1's password:
root@127.0.0.1's password:
Please input password ...
root@127.0.0.1's password:
root@127.0.0.1's password:
local <-> root@127.0.0.1 remote-login pwd-less OK.
# generate single sys_rman.conf...DONE
# update single archive_command with sys_rman.archive-push...DONE
# create stanza and check...(maybe 60+ seconds)
# create stanza and check...DONE
# initial first full backup...(maybe several minutes)
# initial first full backup...DONE
# Initial sys_rman OK.
'sys_backup.sh start' should be executed when need back-rest feature.
=如上所示,需要输入root用户的密码后,初始化成功。=
案例3:使用securecmdd备份
secucmdd部署参考:
https://www.cnblogs.com/tiany1224/p/16302205.html
KingbaseES V8R6集群部署案例之---部署和配置securecmdd服务
1、启动securecmdd服务
[root@node102 .ssh]# systemctl start securecmdd
[root@node102 .ssh]# systemctl status securecmdd
● securecmdd.service - KingbaseES - sys_securecmdd daemon
Loaded: loaded (/etc/systemd/system/securecmdd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2022-07-26 16:39:16 CST; 6s ago
Main PID: 15628 (sys_securecmdd)
CGroup: /system.slice/securecmdd.service
└─15628 sys_securecmdd: /home/kingbase/cluster/R6HA/kha/kingbase/bin/sys_securecmdd -f /etc/.kes/securecmdd_config [li...
Jul 26 16:39:16 node102 systemd[1]: Started KingbaseES - sys_securecmdd daemon.
2、sys_backup.conf配置
3、执行sys_backup.sh init
[kingbase@node102 bin]$ ./sys_backup.sh init
# pre-condition: check the non-archived WAL files
# generate single sys_rman.conf...DONE
# update single archive_command with sys_rman.archive-push...DONE
# create stanza and check...(maybe 60+ seconds)
# create stanza and check...DONE
# initial first full backup...(maybe several minutes)
# initial first full backup...DONE
# Initial sys_rman OK.
'sys_backup.sh start' should be executed when need back-rest feature.
=如上所示,在部署和启动了securecmdd工具后,可以直接执行备份的init。=
总结:
对于KingbaseES V8R6C6下的sys_backup.sh脚本,在通用机环境单实例下使用时,建议配置和启动securecmdd服务或配置kingbase和root之间ssh互信。
标签:bin,backup,备份,kingbase,sys,sh,securecmdd,root 来源: https://www.cnblogs.com/kingbase/p/16534588.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。