All Products
Search
Document Center

Database Backup:Add a backup gateway of the bastion host architecture

Last Updated:Feb 19, 2024

Database Backup (DBS) can access databases of the bastion host structure. If servers on which the databases are deployed are in an internal network and cannot be connected to the Internet, the servers can use a bastion host proxy to access the Internet. You must install a proxy gateway on the bastion host and a backup gateway on the database server. This topic describes how to add a backup gateway of the bastion host architecture.

Scenarios

In this example, the database server of a company resides in the internal network and cannot be connected to the Internet. The database server can use a bastion host proxy to access the Internet. To back up and restore data, you must install a proxy gateway on the bastion host and a backup gateway on the database server. The following table describes the installation procedure.

Step

Description

Step 1: Install a proxy gateway

Install a proxy gateway on the bastion host.

During data backup, the proxy gateway receives data from the database server on which the backup gateway is located and forwards the data to DBS cloud storage over the Internet. During restoration or database download, the proxy gateway receives data from DBS cloud storage and forwards the data to the database server.

Step 2: Install a backup gateway

Install a backup gateway on the database server. When you install the backup gateway, specify the IP address of the proxy gateway. The IP address of the proxy gateway is the private IP address of the bastion host.

The backup gateway is the backup software that is installed on the database server. During data backup, the database server connects to and queries the database, and then sends data to the bastion host on which the proxy gateway is installed. During restoration, the database server obtains data over the Internet by using the proxy gateway on the bastion host and writes the data to the database by using the backup gateway.

Note

The procedure that is described in this topic is suitable only for scenarios in which a network topology that contains a bastion host is used. If you want to access data only from on-premises databases, you can install a DBS backup gateway on the servers that host the on-premises databases. For more information, see Install a backup gateway.

Step 1: Install a proxy gateway

This section describes how to install a proxy gateway on a Linux bastion host. DBS supports a variety of installation methods, such as installation by using a CLI and installation by using a GUI. For more information about the installation methods, prerequisites and usage notes, see Install a backup gateway.

Note

For information about how to install a proxy gateway on a Windows bastion host, see the Step 1: Install a proxy gateway on a bastion host section of the "Migrate data from a self-managed SQL Server database to an ApsaraDB RDS for SQL Server instance by using the physical gateway on a bastion host" topic.

  1. Log on to the Database Backup (DBS) console.

  2. In the left-side navigation pane, click Backup Gateways. In the top navigation bar, select a region.

    Select a region to install a backup gateway

    Note

    We recommend that you select a region that is nearest to your database. For example, if your database resides in the China (Hangzhou) region, we recommend that you install the backup gateway in the China (Hangzhou) region.

  3. Click Install Backup Gateway in the upper-right corner of the page.

  4. Configure the Backup Gateway Network Type parameter and copy the command that is used to install the backup gateway. Then, run the command on your database server.

    Note
    • Public Network: You can access DBS by using a public IP address.

    • ECS Private Network/VPC: You can access DBS by using an Express Connect circuit.

    1. Run the installation command in the Linux CLI. The system downloads and runs the installation package. Sample code:

      
      [root@iZbp****** ~]# wget -O aliyunDBSAgentInstaller.jar https://aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com/installer/0.0.141/aliyunDBSAgentInstaller-0.0.141.jar && sudo java -Dregion=cn-hangzhou -jar aliyunDBSAgentInstaller.jar
      --2023-08-25 16:04:52--  https://aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com/installer/0.0.141/aliyunDBSAgentInstaller-0.0.141.jar
      Resolving aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com (aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com)... 100.XXX.XX.XX, 100.XXX.XX.XX, 100.XXX.XX.XX, ...
      Connecting to aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com (aliyun-dbs.oss-cn-hangzhou-internal.aliyuncs.com)|100.XXX.XX.XX|:443... connected.
      HTTP request sent, awaiting response... 200 OK
      Length: 247955671 (236M) [application/x-java-archive]
      Saving to: 'aliyunDBSAgentInstaller.jar'
      
      100%[=======================================================================================================>] 247,955,671 19.9MB/s   in 11s    
      
      2023-08-25 16:05:03 (21.4 MB/s) - 'aliyunDBSAgentInstaller.jar' saved [247955671/247955671] 
    2. Select an installation language. Enter 0 to select Chinese. Enter 1 to select English.

      Select your language
      0  [x] chn
      1  [ ] eng
      Input selection: 
      0
    3. Enter 1 and read the gateway protocol.

      Press 1 to continue, 2 to quit, 3 to redisplay
      1
    4. Enter 1 to agree to the gateway protocol.

      Press 1 to accept, 2 to reject, 3 to redisplay
      1
    5. Select the component that you want to install. If you enter Y, the component is a backup gateway. If you enter N, the component is a proxy gateway. In this example, a proxy gateway is installed. Enter N and then enter Y to confirm the component information.

      Enter Y for Yes, N for No: 
      N
      --
      DG
      --
      Enter Y for Yes, N for No: 
      Y
      Done!
    6. Enter 1 to continue the installation.

      Press 1 to continue, 2 to quit, 3 to redisplay
      1
    7. Select an installation path. If you press the Enter key, the default path /usr/local/aliyun/dbs_agent is used.

      If you want to use a custom path, enter the custom path and enter 1 to confirm it. In this topic, the custom path /usr/local/aliyun/daili_dbs_agent is used in the example to show how to install the proxy gateway.

      Select an installation path: [/usr/local/aliyun/dbs_agent] 
      /usr/local/aliyun/daili_dbs_agent
      
      Press 1 to continue, 2 to quit, 3 to redisplay
      1
    8. Confirm the component and enter 1 to start the installation.

      The installation takes about one to five minutes to complete.

      Select the package that you want to install:
      
        [x] Pack 'Proxy gateway base file' required
      Done!
      
      Press 1 to continue, 2 to quit, 3 to redisplay
      1
      
      ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
      Installing
      ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
      
      ====================
      Installation started
      
      Platform: linux,version=3.10.0-1XXX.XX.X.el7.x86_64,arch=x64,symbolicName=null,javaVersion=1.8.0_372
      [ Starting to unpack ]
      [Processing package: Proxy gateway base file (1/1) ]
      Cleaning up the target folder ...
      [ Unpacking finished ]
      Installation finished
      
      ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
      Installed
      ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
      
      Installation was successful
      Application installed on /usr/local/aliyun/daili_dbs_agent
      [ Writing the uninstaller data ... ]
      [ Console installation done ]
  5. Run the following command to check whether the proxy gateway is installed:

    ps aux | grep app_aliyun_proxy

    A command output that is similar to the following indicates that the proxy gateway is installed. If you have questions about installation, contact technical support in the DingTalk group (ID 35585947).

    [root@iZbp****** ~]# ps aux | grep app_aliyun_proxy
    root     1****  0.0  0.5 7*****  9*** ?        Ssl  16:06   0:00 /usr/local/aliyun/daili_dbs_agent/dist/app_aliyun_proxy/app_aliyun_proxy -addr :9797 -logdir /usr/local/aliyun/daili_dbs_agent/logs
    root     2****  0.0  0.0 1*****   9** pts/1    S+   16:08   0:00 grep --color=auto app_aliyun_proxy

Step 2: Install a backup gateway

You must install a DBS backup gateway on the database server. For more information, see the Installation methods section of the "Install a backup gateway" topic.

Important

Before you install a backup gateway, make sure that the following requirements are met:

  • The link that is used to download the backup gateway must be the same as the download link that is obtained in the Step 1: Install a proxy gateway section of this topic.

  • You must specify backup gateway as the gateway type.

  • You must specify the IP address of the proxy gateway that is installed in Step 1 as the endpoint of the proxy gateway and 9797 as the port number of the proxy gateway. The IP address of the proxy gateway is the private IP address of the bastion host.

After the configuration is complete, the system attempts to connect to the proxy gateway that is installed on the bastion host in Step 1. If the connection fails, the system reports an error. In this case, you must check whether the proxy gateway is successfully installed.

After the backup gateway is installed, backup data is sent to the bastion host on which the proxy gateway is installed. Then, the bastion host forwards the backup data over the Internet.

References

Migrate data from a self-managed SQL Server database to an ApsaraDB RDS for SQL Server instance by using the physical gateway on a bastion host