Backup Preparations
On this page
- OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.
- The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.
Before backing up your cluster or replica set, decide how to back up the data and what data to back up. This page describes items you must consider before starting a backup.
Backup Sizing Recommendation
When sizing the backup of your data, keep the replica set size to 2 TB or less of uncompressed data. If your database increases beyond 2 TB of uncompressed data:
Shard the database
Keep each shard to 2 TB or less of uncompressed data
These size recommendations are a best practice. They are not a limitation of the MongoDB database or Cloud Manager.
Backup and restore can use large amounts of CPU, memory, storage, and network bandwidth.
Example
Your stated network throughput, such as 10 Gbps or 100 Gbps, is a theoretical maximum. That value doesn't account for sharing or throttling of network traffic.
Consider the following scenario:
You want to back up a 2 TB database.
Your hosts support a 10 Gbps TCP connection from Cloud Manager to its backup storage.
The network connection has very low packet loss and a low round trip delay time.
A full backup of your data would take more than 30 hours to complete. [1]
This doesn't account for disk read and write speeds, which can be, at most, 3 Gbps reads and 1 Gbps writes for a single or mirrored NVMe storage device.
The time required to complete each successive incremental backup depends on write load.
If you shard this database into 4 shards, each shard runs its backup separately. This results in a backup that takes less than 8 hours to complete.
[1] | These throughput figures were calculated using the Network Throughput Calculator and assume no additional network compression. |
Snapshot Frequency and Retention Policy
By default, Cloud Manager takes a base snapshot of your data every 6 hours.
If desired, administrators can change the frequency of base snapshots to 6, 8, 12, or 24 hours. Cloud Manager creates snapshots automatically on a schedule; you cannot take snapshots on demand.
Cloud Manager retains snapshots for the time periods listed in the following table.
If you terminate a deployment's backup, Cloud Manager immediately deletes the snapshots that are within the dates of the current retention policy.
If you stop a deployment's backup, Cloud Manager stops taking new snapshots but retains existing snapshots until their listed expiration date.
Snapshot | Default Retention Policy | Maximum Retention Policy |
---|---|---|
Base snapshot | 2 days | 5 days (30 days if frequency is 24 hours) |
Daily snapshot | 7 days | 1 year |
Weekly snapshot | 4 weeks | 1 year |
Monthly snapshot | 13 months | 7 years |
Changes to the snapshot schedule affect your snapshot storage costs.
You can change a backed-up deployment's schedule through its Edit Snapshot Schedule menu option, available through the Backup page. Administrators can change snapshot frequency and retention through the snapshotSchedule resource in the API.
You can't change the reference time for a snapshot in Cloud Manager.
Limits
Cloud Manager does not backup deployments where the total number of collections on the deployment meets or exceeds
100,000
.Cloud Manager does not replicate index collection options.
Encryption
You can't store backups using WiredTiger encryption. You can store backups using the WiredTiger storage engine if you don't enable encryption. If you restore from a backup, you restore unencrypted files.
Backup Considerations
Consistency and Snapshots
For clusters running MongoDB version 4.2 or and later:
Cloud Manager maintains causal consistency when taking snapshots except for size statistics reported by collStats and
db.[collection].count()
. Size statistics reported by collStats anddb.[collection].count()
may be inccurate.Cloud Manager coordinates the time across all shards for sharded clusters. This ensures that snapshots include all documents written to every shard and node as of the scheduled snapshot time.
For clusters running MongoDB version 4.0 and earlier:
Cloud Manager maintains crash-consistent snapshots.
Cloud Manager takes snapshots from each of the shards for sharded clusters and the Config Server Replica Sets at approximately the same time.
Databases Running FCV 4.2 and Later
Backup Features Supported at Present
Feature | Databases running FCV 4.2 and later | Databases running FCV 4.0 and earlier |
---|---|---|
Backs up Data using WiredTiger Snapshots | ||
Backs up Data using the Backup Daemon | ||
Backs up Replica Sets | ||
Backs up Sharded Clusters | ||
Can Filter using Namespaces [2] | ||
Can Specify Sync Source Database | ||
Can Restore Data to Specific Point in Time [3] | ||
Can Perform Incremental Backups [4] | ||
Supports Snapshots that use KMIP Encryption [5] | ||
Supports Snapshots that use Local Key Encryption [6] | ||
Supports Saving to S3 Snapshot Storage | ||
Supports Databases running MongoDB Enterprise | ||
Supports Databases running MongoDB Community | ||
Requires a MongoDB Agent with
backup enabled on every |
[2] | Namespace filtering is supported only for Cloud Manager versions
6.0.8 and later. Your MongoDB deployments must have
featureCompatibilityVersion values of 4.0 and earlier,
or 6.0.1 and later. |
[3] | Performing a PIT restore requires Ops Manager 4.2.13 or later. |
[4] | Cloud Manager requires a full backup for your first backup, after a
snapshot has been deleted, and if the blockstore block size has
been changed. Incremental backups reduce network transfer and
storage costs.This feature works with:
|
[5] | Querying an encrypted snapshot requires MongoDB Enterprise 4.2.9 and later or 4.4.0 and later. |
[6] | FCV 4.2 and later backups don't support
local key encryption. |
[7] | Backups to a FCV 4.2 or later database to a File
System Store ignore
File System Store Gzip Compression Level . |
Requirements and Limitations
To run backups and restores if you are running MongoDB 4.2 or later
with FCV
4.2 or later, you:
Must run MongoDB Enterprise.
Must account for the change in blockstore block size. If you didn't set your block size and used the default, that block size changes from 64 KB to 1 MB. This can impact storage usage.
Must ensure the hostnames in your replica set configuration match the hostnames that the MongoDB Agent uses, or that your host mappings contain the correct hostnames. You can use rs.conf() to verify your replica set configuration.
Can use namespace filter lists to define the namespaces included in a backup only if you are running MongoDB 6.0 or later. Snapshots taken on versions MongoDB 4.2 through 5.0 always include all namespaces.
Don't need a sync source database. When taking a Snapshot, Cloud Manager selects the replica set member with the least performance impact and greatest storage-level duplication of Snapshot data.
Must deploy a MongoDB Agent with every
mongod
node in the cluster.
Note
If Cloud Manager doesn't manage your cluster:
Grant the
backup
andclusterAdmin
roles to the MongoDB user that runs backups.Ensure that the operating system user that runs the MongoDB Agent has read permission for all data files (including journal files) of the deployment.
Databases Running FCV 4.0 and Earlier
Important
Only sharded clusters or replica sets can be backed up. To back up a standalone mongod process, you must convert it to a single-member replica set.
The following considerations apply when your databases run any version
of MongoDB 4.0 or earlier or when they run MongoDB 4.2 with
"featureCompatibilityVersion" : 4.0
Garbage Collection of Expired Snapshots
Cloud Manager manages expired snapshots using groom jobs. These groom jobs act differently depending upon which snapshot store contains the snapshots:
Snapshot Store | How Groom Jobs Work |
---|---|
MongoDB Blockstore | Uses additional disk space up to the amount of living blocks for each job. |
Filesystem Snapshot stores | Deletes expired snapshots |
S3 snapshot stores | May use additional disk space if Cloud Manager creates a snapshot while the groom job runs. Cloud Manager can run concurrent groom jobs on S3 snapshot stores. |
Note
Snapshot jobs and groom jobs can't run concurrently. If you initiate a groom job while a snapshot job is running, the groom job fails, and Ops Manager logs an error and automatically retries the groom job after the snapshot job completes. If you initiate a snapshot job while a groom job is running, the snapshot job fails, and Ops Manager logs an error and retries the snapshot job after the groom job completes.
Namespaces Filter
The namespaces filter lets you specify which databases and collections to back up. You create either a Deny List of those to exclude or a Whitelist of those to include. You make your selections when starting a backup and can later edit them as needed. If you change the filter in a way that adds data to your backup, a resync is required.
Use the deny list to prevent backup of collections that contain logging data, caches, or other ephemeral data. Excluding these kinds of databases and collections will allow you to reduce backup time and costs. Using a deny list is often preferable to using a whitelist as a whitelist requires you to intentionally opt in to every namespace you want backed up.
Note
Namespace filtering is supported only for Cloud Manager versions
6.0.8
and later. Your MongoDB deployments must have
featureCompatibilityVersion
values of 4.0
and earlier,
or 6.0.1
and later.
Storage Engine
To back up MongoDB clusters, use the WiredTiger storage engine storage engine.
If your current backing databases use MMAPv1, upgrade to WiredTiger:
With WiredTiger, Cloud Manager limits backups to deployments with fewer than 100,000 files. Files includes collections and indexes.
MongoDB 4.2 removes MMAPv1 storage. To learn more about storage engines, see Storage in the MongoDB manual.
Resyncing Production Deployments
For production deployments, resync all backed up replica sets periodically, such as once a year. When you resync, data is read from a secondary in each replica set. During resync, no new snapshots are generated.
You may also want to resync your backup if you:
Reduce the size of the data, such that the size of Cloud Manager's copy of the data on disk is also reduced.
Create a TTL index, which periodically deletes documents.
Drop a collection (MMAPv1 only).
Run a sharded cluster, and move chunks from a particular shard.
Switch storage engines, if you want Cloud Manager to provide snapshots in the new storage engine format.
Checkpoints
Important
You may use checkpoints for clusters that run MongoDB with
Feature Compatibility Version
of 4.0 or earlier. Checkpoints were removed from
MongoDB instances with FCV 4.2 or later.
For sharded clusters, checkpoints provide additional restore points between snapshots. With checkpoints enabled, Cloud Manager creates restoration points at configurable intervals of every 15, 30 or 60 minutes between snapshots. To enable checkpoints, see enable checkpoints.
To create a checkpoint, Cloud Manager stops the balancer and inserts a token into the oplog of each shard and config server in the cluster. These checkpoint tokens are lightweight and don't affect performance or disk use.
Backup doesn't require checkpoints, and they are disabled by default.
Restoring from a checkpoint requires Cloud Manager to apply the oplog of each shard and config server to the last snapshot captured before the checkpoint. Restoration from a checkpoint takes longer than restoration from a snapshot.
Snapshots when Agent Can't Stop Balancer
For sharded clusters running with FCV 4.0 or earlier, Cloud Manager disables the balancer before taking a cluster snapshot. In certain situations, such as a long migration or no running mongos, Cloud Manager tries to disable the balancer but cannot. In such cases, Cloud Manager continues to take cluster snapshots but flags the snapshots that may have incomplete or inconsistent data. Cluster snapshots taken during an active balancing operation run the risk of data loss or orphaned data.
Snapshots when Agent Can't Contact a mongod
For sharded clusters, if the Backup can't reach a mongod process, whether a shard or config server, then the agent can't insert a synchronization oplog token. In these cases, Cloud Manager doesn't create the snapshot and displays a warning message.