配置RMAN备份脚本

将RMAN备份脚本放置/home/oracle/scripts中

全量备份

1
vi /home/oracle/scripts/rmanlevel0.sh

脚本内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/sh
source ~/.bash_profile
DATE=`date +%Y-%m-%d`

if [ ! -d "/home/oracle/scripts/${ORACLE_SID}_logs" ]; then
  mkdir -p "/home/oracle/scripts/${ORACLE_SID}_logs"
fi

LOGF="/home/oracle/scripts/${ORACLE_SID}_logs/rmanl0_${ORACLE_SID}_${DATE}.log"

rman log $LOGF append <<EOF

connect  target /;
crosscheck backup;
delete noprompt expired backup;
delete noprompt obsolete;
run{
backup as compressed backupset incremental level=0 database format 'db_level0_%T_%U' tag='level0';
sql 'alter system archive log current';
backup format 'db_arch_%T_%U' archivelog all delete input; 
backup format 'db_ctl_level0_%U' current controlfile;
}

run
{
delete noprompt obsolete;
crosscheck archivelog all;
crosscheck backup;
delete noprompt expired archivelog all;
delete noprompt expired backup;
}
EOF

增量备份

1
vi /home/oracle/scripts/rmanlevel1.sh

脚本内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/sh
source ~/.bash_profile
DATE=`date +%Y-%m-%d`

if [ ! -d "/home/oracle/scripts/${ORACLE_SID}_logs" ]; then
  mkdir -p "/home/oracle/scripts/${ORACLE_SID}_logs"
fi

LOGF="/home/oracle/scripts/${ORACLE_SID}_logs/rmanl0_${ORACLE_SID}_${DATE}.log"

rman log $LOGF append <<EOF

connect  target /;
crosscheck backup;
delete noprompt expired backup;
delete noprompt obsolete;
run{
backup as compressed backupset incremental level=1 database format 'db_level1_%T_%U' tag='level1';
sql 'alter system archive log current';
backup format 'db_arch_%T_%U' archivelog all delete input; 
backup format 'db_ctl_level1_%U' current controlfile;
}

run
{
delete noprompt obsolete;
crosscheck archivelog all;
crosscheck backup;
delete noprompt expired archivelog all;
delete noprompt expired backup;
}
EOF

检查磁盘空间

检查/home所在文件系统剩余空间,剩余空间应大于5GB且利用率低于70%。如果不满足,需要提前申请扩容磁盘空间,或清理文件系统不需要保留的文件,满足要求

收集备份前的rman信息

1
2
3
4
rman target / << EOF > "/home/oracle/${ORACLE_SID}-rman-showall-`date +%Y-%m-%d`.txt"
show all;
exit;
EOF

创建IAM策略

创建AWS IAM 策略 用来读写S3 RMAN备份桶

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "osbS3RolePermissions",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:ListBucket"
            ],
            "Resource": "arn:aws-cn:s3:::oracle-rman-backup-nonsap-study*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:List*",
                "s3:Create*",
                "s3:PutObject",
                "s3:Get*"
            ],
            "Resource": "arn:aws-cn:s3:::*"
        }
    ]
}

"Resource": "arn:aws-cn:s3:::oracle-rman-backup-nonsap-study*"替换为实际的备份桶名称

配置策略详细信息

将策略绑定到EC2 instance角色中

在EC2详细界面中点击安全,找到绑定的IAM角色,跳转到详细界面

点击添加权限 – 附加策略

找到刚刚创建的策略,点击添加权限

配置obs模块

Hardware/Software Version
Java 需要JDK的版本:Java 1.7 or later
Supported Platforms • Linux x86-64
• Microsoft Windows (64-bit)
• Oracle Solaris on SPARC (64–bit)
• Oracle Solaris X64
• ZLinux-64
• AIX (PPC64)
• HP-UX IA64
Note: HP-UX PA-RISC 64–bit is not supported.
Oracle Database • Oracle Database 9i Release 2 or later
• Operating system files cannot be backed up with RMAN or the RMAN SBT interface
S3 Backup Installer File https://www.oracle.com/database/technologies/secure-backup-s3.html
Oracle Wallet Directory 需要在安装之前创建wallet目录,建议的位置为:$ORACLE_HOME/dbs/osbws_wallet
System Time
NetWork 数据库所在EC2需要能够访问外网(安装方式一)
IMDS 数据库所在EC2需要使用IMDSv1进行实例元数据管理,OSB暂不支持IMDSv2
IAM Role 创建IAM role,赋予S3桶的访问权限,并挂载到此EC2上

下载Oracle Secure Backup Cloud Module for Amazon S3

官方链接:https://www.oracle.com/database/technologies/secure-backup-s3.html

安装JDK1.8或更高版本

通过以下命令查看可用的openjdk版本

1
yum list java* | grep java-1.8.0-openjdk

安装操作系统对应版本

可以通过uname -m查看操作系统架构

1
yum install -y java-1.8.0-openjdk.x86_64

创建备份目录

1
mkdir -p $ORACLE_HOME/dbs/osbws_wallet

安装OSB软件包

使用官方的安装包生成配置文件,密码文件,下载lib包

1
java -jar osbws_install.jar -IAMRole AmazonSSMRoleForInstancesQuickSetup -IAMRoleMetaUri http://169.254.169.254/latest/meta-data/iam/security-credentials/AmazonSSMRoleForInstancesQuickSetup -awsEndPoint s3.cn-northwest-1.amazonaws.com.cn -location cn-northwest-1 -walletDir $ORACLE_HOME/dbs/osbws_wallet -libDir $ORACLE_HOME/lib/

使用aws aksk

1
java -jar osbws_install.jar -AWSID AKIAZ5USB5II7VLRD2NK -AWSKey FqirHL1H7y/F2wQi+w6Rpo0rvte3yOEkoWHu/Q5f -awsEndPoint s3.cn-northwest-1.amazonaws.com.cn -location cn-northwest-1 -walletDir $ORACLE_HOME/dbs/osbws_wallet -libDir $ORACLE_HOME/lib/

输出内容如下:

1
2
3
4
5
6
7
[oracle@chqwxh01dt ~]$ java -jar osbws_install.jar -IAMRole AmazonSSMRoleForInstancesQuickSetup -IAMRoleMetaUri http://169.254.169.254/latest/meta-data/iam/security-credentials/AmazonSSMRoleForInstancesQuickSetup -awsEndPoint s3.cn-northwest-1.amazonaws.com.cn -location cn-northwest-1 -walletDir $ORACLE_HOME/dbs/osbws_wallet -libDir $ORACLE_HOME/lib/
Oracle Secure Backup Web Service Install Tool, build 12.2.0.1.0DBBKPCSBP_2018-06-12
AWS credentials are valid.
Oracle Secure Backup Web Service wallet created in directory /u01/app/oracle/product/11.2.0.4/db_1/dbs/osbws_wallet.
Oracle Secure Backup Web Service initialization file /u01/app/oracle/product/11.2.0.4/db_1/dbs/osbwsWXH.ora created.
Downloading Oracle Secure Backup Web Service Software Library from file osbws_linux64.zip.
Download complete.

修改RMAN配置

1
2
3
4
5
rman target /
CONFIGURE DEFAULT DEVICE TYPE TO SBT;
configure channel device type sbt parms "SBT_LIBRARY=/u01/app/oracle/product/11.2.0.4/db_1/lib/libosbws.so ENV=(OSB_WS_PFILE=/u01/app/oracle/product/11.2.0.4/db_1/dbs/osbwsWXH.ora,OSB_WS_BUCKET=oracle-rman-backup-nonsap-study)";
configure device type sbt parallelism 4;
CONFIGURE CONTROLFILE AUTOBACKUP ON;

将上述路径修改为实际路径

输出内容如下所示:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
[oracle@chqwxh01dt ~]$ rman target /

Recovery Manager: Release 11.2.0.4.0 - Production on Sun Feb 18 13:05:21 2024

Copyright (c) 1982, 2011, Oracle and/or its affiliates.  All rights reserved.

connected to target database: WXH (DBID=349028346)

RMAN> CONFIGURE DEFAULT DEVICE TYPE TO SBT;

using target database control file instead of recovery catalog
new RMAN configuration parameters:
CONFIGURE DEFAULT DEVICE TYPE TO 'SBT_TAPE';
new RMAN configuration parameters are successfully stored

RMAN> configure channel device type sbt parms "SBT_LIBRARY=/u01/app/oracle/product/11.2.0.4/db_1/lib/libosbws.so ENV=(OSB_WS_PFILE=/u01/app/oracle/product/11.2.0.4/db_1/dbs/osbwsWXH.ora,OSB_WS_BUCKET=oracle-rman-backup-nonsap-study)";

new RMAN configuration parameters:
CONFIGURE CHANNEL DEVICE TYPE 'SBT_TAPE' PARMS  "SBT_LIBRARY=/u01/app/oracle/product/11.2.0.4/db_1/lib/libosbws.so ENV=(OSB_WS_PFILE=/u01/app/oracle/product/11.2.0.4/db_1/dbs/osbwsWXH.ora,OSB_WS_BUCKET=oracle-rman-backup-nonsap-study)";
new RMAN configuration parameters are successfully stored

RMAN> configure device type sbt parallelism 4;

new RMAN configuration parameters:
CONFIGURE DEVICE TYPE 'SBT_TAPE' PARALLELISM 4 BACKUP TYPE TO BACKUPSET;
new RMAN configuration parameters are successfully stored

RMAN> CONFIGURE CONTROLFILE AUTOBACKUP ON;

new RMAN configuration parameters:
CONFIGURE CONTROLFILE AUTOBACKUP ON;
new RMAN configuration parameters are successfully stored

验证备份是否可行

1
2
sh /home/oracle/scripts/rmanlevel0.sh
sh /home/oracle/scripts/rmanlevel1.sh

创建备份定时任务

1
crontab -e

输入以下内容:

1
2
30 21 * * 3,6 /home/oracle/scripts/rmanlevel0.sh
30 21 * * 1,2,4,5,0 /home/oracle/scripts/rmanlevel1.sh

可以按照实际备份需求调整时间以及策略