一、背景
生产环境的mongodb数据库是直接购买阿里云的云数据库,但是在公司研发环境,我们是自己手动部署的。开发和测试的数据当然没有生产环境那么重要,但备份也是必要的,只不过容忍一定的数据丢失。
二、备份脚本
- vi /etc/crontab
# 每天的凌晨1点执行备份
0 1 * * * root /usr/bin/bash /data/mongo_bak.sh >/dev/null 2>&1
- vi /data/mongo_bak.sh
#!/bin/bash
#
d=$(date -d "-1 day" "+%F")
# 先把备份数据库保存在本地目录/mongo_bak/
[ -d /mongo_bak/$d ] || mkdir -p /mongo_bak/$d
mongodump --port 3717 -u "{用户名}" -p "{密码}" --authenticationDatabase "admin" -o /mongo_bak/$d/ >/dev/null 2>&1
# 压缩
cd /mongo_bak && tar -czf /mongo_bak/$d.tar.gz $d && cd
# 将备份文件复到远端目录/data/mongo_bak/bak/
scp /mongo_bak/$d.tar.gz mongo_bak@192.168.8.15:/data/mongo_bak/bak/ >/dev/null 2>&1
#删除源目录中的备份文件
rm -rf /mongo_bak/*
#远端保留7天的备份
ssh mongo_bak@192.168.8.15 "find /data/mongo_bak/bak/ -mtime +7 |xargs rm -rf"
- 192.168.8.15 是保存数据库备份的远程机器
- /data/mongo_bak/bak/是远程机器的备份目录
- /mongo_bak/是本地机器的备份目录
三、ssh免密登录
1、生成ssh密钥对
[root@mongodb1 mongo_bak]# ssh-keygen -t rsa -C "mongo" -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:xouv9rIur/REHf88TroIiiupY+uidqHZFPBfUAwftc0 mongo
The key's randomart image is:
+---[RSA 4096]----+
| .+o.. |
| . .... + |
| o .... E |
| o + o |
| o o S . |
| o o o . o |
| .= o + . = |
|== =.+oo . + . |
|X==.o**=+ o.. |
+----[SHA256]-----+
[root@mongodb1 mongo_bak]# ll ~/.ssh/
total 12
-rw------- 1 root root 381 Oct 11 2023 authorized_keys
-rw------- 1 root root 3243 May 28 16:16 id_rsa
-rw-r--r-- 1 root root 731 May 28 16:16 id_rsa.pub
2、发送ssh公钥至远程机器
[root@mongodb1 mongo_bak]# cat ~/.ssh/id_rsa.pub | ssh root@192.168.8.15 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys | chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys"
The authenticity of host '192.168.8.15 (192.168.8.15)' can't be established.
ECDSA key fingerprint is SHA256:kq7eeYGHgUUw1HrymOBVR8amY0Krpv4RZFpBQUMHh2M.
ECDSA key fingerprint is MD5:9b:7d:49:5c:61:18:61:58:23:85:63:46:58:94:f1:23.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.8.15' (ECDSA) to the list of known hosts.
root@192.168.8.15's password:
执行该命令后,最后会提示你输入远程机器的root用户对应的登录密码。
3、登录远程机器,查看authorized_keys
root@EOS6:~/.ssh# vi authorized_keys
4、本机验证
ssh root@192.168.8.15 本地不用输入密码即可登录远程机器192.168.8.15。
四、验证
1、本地备份
在备份的过程中,会在目录/mongo_bak生成如下文件。
[root@mongodb1 mongo_bak]# ll -h
total 2.0G
drwxr-xr-x 17 root root 4.0K May 28 16:32 2024-05-27
-rw-r--r-- 1 root root 1.9G May 28 16:46 2024-05-27.tar.gz
[root@mongodb1 mongo_bak]# pwd
/mongo_bak
2、远程机器
- 备份执行前
root@EOS6:/data/mongo_bak/bak# ll
总用量 8
drwxr-xr-x 2 root root 4096 5月 28 16:33 ./
drwxr-xr-x 3 root root 4096 5月 28 16:33 ../
- 备份执行后
root@EOS6:/data/mongo_bak/bak# ll -h
总用量 3.0G
drwxr-xr-x 2 root root 4.0K 5月 28 17:11 ./
drwxr-xr-x 3 root root 4.0K 5月 28 16:33 ../
-rw-r--r-- 1 root root 3.0G 5月 28 17:12 2024-05-27.tar.gz