Enable the application-consistent backup feature - Hybrid Backup Recovery

Hybrid Backup Recovery (HBR) provides the application-consistent backup feature based on Cloud Assistant and the backup service. The application-consistent backup feature helps prevent unexpected startup operations during data restore, for example, log restore operations at the startup of database applications. This way, all applications start in a consistent state.

Prerequisites

Your ECS instance runs one of the following operating systems:
- Windows: Windows Server 2019, Windows Server 2016, and Windows Server 2012.
- Linux: CentOS version 7.6 and later, Ubuntu version 18.04 and later, and Alibaba Cloud Linux version 2 (2.1903 LTS 64-bit).
All disks that are attached to your ECS instance are enhanced SSDs (ESSDs) and the file systems are ext3, ext4, XFS, or New Technology File System (NTFS).
Your ECS instance is created in the Singapore (Singapore) or China (Hong Kong) region.

Background information

By default, Hybrid Backup Recovery (HBR) creates crash-consistent backup files based on the Alibaba Cloud snapshot service. If you enable the application-consistent backup feature when you create a backup file for an ECS instance, HBR creates an application-consistent backup file based on the actual scenario.

The application-consistent backup feature helps back up in-memory data and in-progress database transactions when backup files are being created. This way, the consistency between the application data and database transactions is ensured. The application-consistent backup feature helps prevent data corruption, data loss, and log restore operations at the startup of database applications. This way, all applications start in a consistent state.

Step 1: Configure a RAM role for the ECS instance

Before you enable the application-consistent backup feature, you must configure a RAM role for the ECS instance.

Log on to the RAM console by using your Alibaba Cloud account.
Create a RAM role for the application-consistent backup feature. For more information, see Create a RAM role for a trusted Alibaba Cloud service.
The following figure shows how to create the AppSnapshotRoleName RAM role.

Create a policy for the application-consistent backup feature. For more information, see Create a custom policy.

Create the AppSnapshotPolicy policy, which grants the permissions to query snapshot details, create snapshots, configure tags, and query disk details. You can use the following policy:

{
    "Version": "1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ecs:DescribeSnapshot*",
                "ecs:CreateSnapshot*",
                "ecs:TagResources",
                "ecs:DescribeDisks"
            ],
            "Resource": [
                "*"
            ],
            "Condition": {}
        }
    ]
}

Attach the AppSnapshotPolicy policy to the AppSnapshotRoleName RAM role. For more information, see Grant permissions to a RAM role.
Attach the AppSnapshotRoleName RAM role to the ECS instance. For more information, see Attach an instance RAM role to an ECS instance.

Step 2: Enable the application-consistent backup feature

For Windows ECS instances, you can use Volume Shadow Copy Service (VSS) to implement application consistency.

For Linux ECS instances, you must configure shell scripts (pre-freeze and post-thaw scripts) based on the applications deployed on the instances to implement application consistency.

Log on to the HBR console.
In the left-side navigation pane, choose Back Up > ECS Server Backup.
In the top navigation bar, select a region.
In the upper-right corner of the page, click Add ECS Backup.

In the Create ECS Protection Plan dialog box, configure the following settings:

Specify the backup objects and click Next.
Important
- You must select the ECS instances and disks that you want to back up. Protect All Disks is turned on by default. If you want to protect all disks of an ECS instance, turn on Protect All Disks. In this case, the disks that are later attached to the ECS instance are also protected. If you want to protect only specific disks, turn off Protect All Disks.
- You can associate up to 99 ECS instances with a backup policy.
- Hybrid Backup Recovery (HBR) automatically checks whether the selected ECS instances support snapshot-consistent groups. HBR automatically creates a snapshot-consistent group for the ECS instances that support snapshot-consistent groups. If an ECS instance does not support snapshot-consistent groups, HBR ensures only the crash consistency of disks. For more information, see Create a snapshot-consistent group.

Configure the backup settings and click OK.

Configure the backup mode.

You can select Manual Backup or Auto Backup. The following list describes the parameters.

Manual Backup
- Only one backup file is created for the selected ECS instances at the current point in time.
- You must specify the retention period of the backup data, whether to enable application-consistent backup, and whether to enable cross-region replication.

Auto Backup

If you select a region that supports backup policies, associate a backup policy with the ECS instances that you want to back up. Hybrid Backup Recovery (HBR) periodically backs up the ECS instances.
To view the regions that support backup policies, click Policy Center in the left-side navigation pane of the console. For more information, see Create a backup policy.

If you select a region that does not support backup policies, configure the following parameters to create a backup plan.


Parameter	Description
Start Time	The start time of the scheduled backup plan. The time is accurate to seconds.
Backup Interval	The interval at which HBR runs backup jobs. Unit: hours, days, or weeks.
Retention Period	The retention period of the backup data. Unit: days, weeks, months, or years.

If you select a single ECS instance, you can turn on Application Consistent Backup to enable the application-consistent backup feature.
For more information, see Enable the application-consistent backup feature.

Optional:Turn on Replication to Other Region to enable the cross-region replication feature, and then configure the parameters. The following table describes the parameters.


Parameter	Description
Destination Region	If you enable the cross-region replication feature, the backup files that are created by the backup plan are automatically replicated to the specified destination region. If an ECS instance is infected with viruses or data is lost due to accidental deletion, you can use the backup files replicated to the destination region to create another instance to restore data.
Retention Period	The retention period of the backup data in the destination region. Unit: days, weeks, months, or years.

Select Application Consistent Backup.
- Enable the application-consistent backup feature for a Windows ECS instance
  Note If you select Application Consistent Backup, you must install a Cloud Assistant client on the ECS instance. In Windows, the process of a Cloud Assistant client is named AliyunService. For more information, see Overview.
- Enable the application-consistent backup feature for a Linux ECS instance
  Write the application pre-freeze and post-thaw scripts based on the applications deployed on the ECS instance and upload the scripts to the ECS instance.
  You can use the FTP service or Cloud Assistant to upload the application pre-freeze and post-thaw scripts to the ECS instance.
  - Application pre-freeze scripts: Run the chmod 700 /tmp/prescript.sh command to grant the read, write, and execute permissions on the scripts only to the root user. /tmp/prescript.sh is the save path of the scripts.
  - Application post-thaw scripts: Run the chmod 700 /tmp/postscript.sh command to grant the read, write, and execute permissions on the scripts only to the root user. /tmp/postscript.sh is the save path of the scripts.
  Important
  If Application Consistent Backup is selected and the scripts are configured as expected, HBR creates application-consistent backup files.
  If Application Consistent Backup is selected but no scripts are configured or the scripts are not configured as expected, HBR creates file system-consistent backup files.
  Sample scripts for the application-consistent feature:
  - Download the application-consistent scripts for MySQL.
    After you download and deploy the scripts, you must specify the password of a MySQL database in the scripts.
  - Download the application-consistent scripts for Oracle.
    After you download and deploy the scripts, you must specify the installation path of an Oracle database in the scripts.
  Note If you select Application Consistent Backup, you must install a Cloud Assistant client on the ECS instance. In Linux, the process of a Cloud Assistant client is named aliyun.service. You can run the ps aux|grep aliyun.service command to check whether a Cloud Assistant client is installed. For more information, see Overview.
Click OK.