Backup MySQL to S3 (supports periodic backups & mutli files)
$ docker run -e S3_ACCESS_KEY_ID=key -e S3_SECRET_ACCESS_KEY=secret -e S3_BUCKET=my-bucket -e S3_PREFIX=backup -e MYSQL_USER=user -e MYSQL_PASSWORD=password -e MYSQL_HOST=localhost itbm/mysql-backup-s3
apiVersion: v1
kind: Namespace
metadata:
name: backup
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: backup
spec:
selector:
matchLabels:
app: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: itbm/mysql-backup-s3
imagePullPolicy: Always
env:
- name: MULTI_FILES
value: ""
- name: MYSQL_HOST
value: ""
- name: MYSQL_PASSWORD
value: ""
- name: MYSQL_USER
value: ""
- name: S3_ACCESS_KEY_ID
value: ""
- name: S3_SECRET_ACCESS_KEY
value: ""
- name: S3_BUCKET
value: ""
- name: S3_ENDPOINT
value: ""
- name: S3_PREFIX
value: ""
- name: SCHEDULE
value: ""
MYSQLDUMP_OPTIONS
mysqldump options (default: --quote-names --quick --add-drop-table --add-locks --allow-keywords --disable-keys --extended-insert --single-transaction --create-options --comments --net_buffer_length=16384)MYSQLDUMP_DATABASE
list of databases you want to backup (default: --all-databases)MYSQL_HOST
the mysql host requiredMYSQL_PORT
the mysql port (default: 3306)MYSQL_USER
the mysql user requiredMYSQL_PASSWORD
the mysql password requiredS3_ACCESS_KEY_ID
your AWS access key requiredS3_SECRET_ACCESS_KEY
your AWS secret key requiredS3_BUCKET
your AWS S3 bucket path requiredS3_PREFIX
path prefix in your bucket (default: 'backup')S3_FILENAME
a consistent filename to overwrite with your backup. If not set will use a timestamp.S3_REGION
the AWS S3 bucket region (default: us-west-1)S3_ENDPOINT
the AWS Endpoint URL, for S3 Compliant APIs such as minio (default: none)S3_S3V4
set toyes
to enable AWS Signature Version 4, required for minio servers (default: no)MULTI_FILES
Allow to have one file per database if setyes
default: no)SCHEDULE
backup schedule time, see explainatons belowENCRYPTION_PASSWORD
password to encrypt the backup. Can be decrypted usingopenssl aes-256-cbc -d -in backup.sql.gz.enc -out backup.sql.gz
DELETE_OLDER_THAN
delete old backups, see explanation and warning below
You can additionally set the SCHEDULE
environment variable like -e SCHEDULE="@daily"
to run the backup automatically.
More information about the scheduling can be found here.
You can additionally set the DELETE_OLDER_THAN
environment variable like -e DELETE_OLDER_THAN="30 days ago"
to delete old backups.
WARNING: this will delete all files in the S3_PREFIX path, not just those created by this script.
You can additionally set the ENCRYPTION_PASSWORD
environment variable like -e ENCRYPTION_PASSWORD="superstrongpassword"
to encrypt the backup. It can be decrypted using openssl aes-256-cbc -d -in backup.sql.gz.enc -out backup.sql.gz
.