Back up and restore a database across accounts by using a public endpoint - Database Backup

Database Backup (DBS) allows you to back up and restore databases across accounts. You can back up a database that belongs to an account used for O&M and then store the backup data within another account used for backup. This way, even if the database within the O&M account is deleted, you can restore the data from the backup account. In addition, the data within the two accounts is isolated from each other to avoid the risk of data loss caused by database deletion. This topic describes how to back up and restore an ApsaraDB RDS database across accounts.

How it works

You can back up an ApsaraDB RDS database that belongs to Account A and store the backup data within Account B. If the ApsaraDB RDS database within Account A is deleted, you can restore the data from Account B by using DBS.

The ApsaraDB RDS database is within Account A. A DBS backup schedule is purchased within Account B.
The ApsaraDB RDS database can be accessed by using a public endpoint. The CIDR blocks of DBS servers are added to the IP address whitelist of the ApsaraDB RDS instance.
When you configure the DBS backup schedule, select User-Created Database with Public IP Address <IP Address:Port Number>. The ApsaraDB RDS database is connected to DBS by using the public endpoint.

Step 1: Create a backup schedule

Go to the DBS buy page and purchase a backup schedule. For more information, see Purchase a backup schedule.

Step 2: Configure the backup schedule

Log on to the DBS console.
In the left-side navigation pane, click Backup Schedules. On the Backup Schedules page, select a region in the upper-left corner.
On the Backup Schedules page, find the backup schedule that you created and click Configure Backup Schedule in the Actions column.

In the Configure Backup Source and Destination step of the Configure Backup Schedule wizard, configure the backup source and destination. Then, click Next in the lower-right corner of the page.


Section	Parameter	Description
N/A	Schedule Name	The name of the backup schedule. DBS automatically generates a backup schedule name. We recommend that you set a descriptive name that is easy to identify. Backup schedule names do not need to be unique.
Backup Source Information	Backup Mode	The method that is used to back up data. By default, the backup method that you selected when you purchased the backup schedule is used. In this example, this parameter is set to Logical Backup.
	Database Location	Select User-Created Database with Public IP Address <IP Address:Port Number>.
	Database Type	The type of the database that you want to back up. By default, the database type that you selected when you purchased the backup schedule is used. In this example, this parameter is set to MySQL.
	Address	The endpoint that is used to connect to the database that you want to back up. Note Click Set Whitelist to obtain the CIDR blocks of DBS servers. Go to the details page of the ApsaraDB RDS instance in the ApsaraDB RDS console. In the left-side navigation pane, click Whitelist and SecGroup. On the Whitelist Settings tab, click Create Whitelist. In the dialog box that appears, add the CIDR blocks of DBS servers to the IP address whitelist of the instance. Set this parameter to the public endpoint of the ApsaraDB RDS instance.
	Port Number	The port number that is used to connect to the database that you want to back up. Default value: 3306.
	Database Name	The name of the database that you want to back up.
	Database Account	The username of the account that is used to connect to the source database. The account must have specific permissions to back up the database. For more information, see Account permissions.
	Password	The password of the account that is used to connect to the database that you want to back up. After you enter the username and password of the database account, click Test Connection next to the password to check whether the information of the database that you want to back up is valid. If the specified parameters are valid, the Test Passed message is displayed. If the Test Failed message is displayed, click Check next to Test Failed. Modify the information about the instance that you want to back up based on the check results.
	SSL Encryption	The connection method that is used to transmit the backup data. Valid values: Non-encrypted SSL-encrypted: SSL encrypts network connections at the transport layer to improve the security and integrity of data in transit. However, SSL increases the network connection response time. If you want to select SSL-encrypted, you must enable SSL encryption for the ApsaraDB RDS instance before you configure the backup schedule. In addition, you must upload the root CA certificate. For more information, see What is Certificate Management Service? Note This parameter is displayed only if you set the Database Type parameter to MySQL.
Backup Destination Information	Backup Storage Type	The type of storage that is used to store the backup data. Valid values: DBS Storage (recommended): Backup data is stored in DBS without requiring you to create storage space. You are charged based on the volume of your data that is stored in DBS. For more information about the billing method, see Storage fees. To reduce storage costs, we recommend that you use subscription storage plans. For more information, see Use storage plans. OSS For User: You must create a bucket in the Object Storage Service (OSS) console in advance. For more information, see Create buckets. Note In this example, DBS Storage (recommended) is selected. If you select OSS For User, you must configure the OSS Bucket Name parameter, and only the Standard storage class is supported.
	Storage Encryption	The method that is used to encrypt the stored data. Valid values: Encrypted: recommended. DBS uses AES-256 to encrypt the stored data. AES-256 is one of the advanced encryption standard ciphers. The server-side encryption feature is used in OSS. When you upload an object to OSS, OSS encrypts and stores the object. When you download the encrypted object from OSS, OSS decrypts the object and returns the decrypted object to you. For more information, see Server-side encryption. Non-encrypted: The backup data is not encrypted.
	OSS Bucket Name	The name of the Object Storage Service (OSS) bucket that you want to use to store the backup data. Note This parameter is displayed only if you set the Backup Storage Type parameter to OSS For User.

In the Edit Backup Objects step, find the database or table that you want to back up and add it to the Selected section. Then, click Next.
Note If you selected Logical Backup when you purchased a backup schedule, DBS allows you to back up a single table, a single database, multiple databases, or an entire database instance. You can click Select All in the lower-left corner of the page to select all databases. The database objects that can be backed up vary based on the database types. For more information, see Database engines and features. By default, a backup schedule cannot be used to back up a database that is created after the backup schedule is created. To back up the database, you can add the database to the backup schedule on the Configure Task page of the backup schedule. For more information, see Modify backup objects.
In the Edit Backup Objects step, find the database or table that you want to back up and add it to the Selected section. Then, click Next.
Note If you selected Logical Backup when you purchased a backup schedule, DBS allows you to back up a single table, a single database, multiple databases, or an entire database instance. You can click Select All in the lower-left corner of the page to select all databases. The database objects that can be backed up vary based on the database types. For more information, see Database engines and features. By default, a backup schedule cannot be used to back up a database that is created after the backup schedule is created. To back up the database, you can add the database to the backup schedule on the Configure Task page of the backup schedule. For more information, see Modify backup objects.

In the Configure Backup Time step, configure the parameters that are described in the following table and click Next in the lower-right corner of the page.


Parameter	Description
Full-scale Backup Frequency	The frequency of the backup schedule. Select Periodic Backup or Single Backup as needed. Note If you set this parameter to Periodic Backup, you must set the Full Data Backup Recurrence and Start At parameters.
Full Data Backup Recurrence	The days of the week on which DBS runs the backup schedule. You can select one or more days of a week. Select at least one day of the week.
Start At	The start time of the backup. We recommend that you set a point in time within off-peak hours. Example: 01:00. Note If a previous full data backup is not finished at the start time of the next backup, DBS skips the next backup.
Incremental Backup	Specifies whether to enable incremental backup. If you enable incremental backup, make sure that the binary logging feature is enabled for the database that you want to back up. For example, you must enable the binary logging feature if a MySQL or MariaDB database is used. This parameter is displayed only if you set the Full-scale Backup Frequency parameter to Periodic Backup. This parameter is displayed only if you set the Database Type parameter to MySQL or MariaDB.
Maximum Concurrent Threads for Full Data Backup	The maximum number of concurrent threads available for a full backup. You can set this parameter to adjust the backup speed. For example, reduce the number of backup threads to minimize impacts on the database. The maximum number of actual concurrent threads varies based on backup schedule specifications. For more information, see How do I change the maximum backup speed?
Backup network speed limit	The limit on the network bandwidth. Unit: MB/s. You can set the limit based on your needs. Default value: 0, which indicates that the network bandwidth is unlimited. The limit on the network bandwidth. You can set the limit based on your needs. This can minimize the impact on the network caused by backup. For example, if you set this parameter to 1, the backup speed does not exceed 1 Mbit/s. This parameter is displayed only if you set the Database Type parameter to MySQL.

In the Edit Lifecycle step, configure the lifecycle for full backup data in the Configure Full Data Backup Lifecycle section.
If you set the Incremental Backup parameter to Enable in Step 6, you must configure the lifecycle for incremental backup data. For more information about the lifecycle rules of backup data, see How do I manage the lifecycle rules of backup sets?
After the preceding configurations are complete, click Precheck in the lower-right corner of the page.
If the Precheck Passed message appears, click Start Task.
Note When the state of the backup schedule changes to Running, the backup schedule takes effect.

Step 3: Restore the database

After a full backup is complete, go to the details page of the backup schedule. On the Configure Task page, click Restore Database in the upper-right corner. In the Create Restore Task wizard, specify a point in time accurate to seconds for the restore task and select the objects that you want to restore. For more information, see Restore a database.