This chapter highlights the new features in MySQL Enterprise Backup 8.0, as well as any significant changes made to MySQL Enterprise Backup with the release of this series.
Offline backups are no longer supported. Using the old
--connect-if-onlineoptions with MySQL Enterprise Backup will result in an error. The proper connection options must be supplied to MySQL Enterprise Backup when making a backup. The following options, used during offline backups, have also been removed :
The binary log for a backed-up server, instead of being restored always to the data directory on the target server, is now restored by default to the same location it was found on the backed-up server. It can also be restored to a different location specified with the new
The relay log for a backed-up replica server, instead of being restored always to the data directory on the target replica server, is now restored by default to the same location it was found on the backed-up replica server. It can also be restored to a different location specified with the new
A new option,
--tls-version, specifies the protocols mysqlbackup permits for encrypted connections to MySQL servers.
MySQL Enterprise Firewall Overview is now supported.
--ssl-verify-server-cert, already deprecated in MySQL Enterprise Backup 4.1, have now been removed. Use the
--ssl-modeoption instead to configure the security mode of your connection to the server.
HTTP Basic Authentication and non-chunked transfer are now supported for backup and restore using OpenStack Swift-compatible object storage services. See Section 19.15, “Cloud Storage Options” for details.
Servers' use of the keyring_encrypted_file and the keyring_aws plugins is now supported. Also, irrespective of the keyring plugin type that is used on the server, the keyring data is now stored in the backup in an encrypted file. See Chapter 6, Working with Encrypted InnoDB Tablespaces for details.
The server option
--secure-auth, deprecated since MySQL 5.7.5, is no longer supported by mysqlbackup.
backup_historytable now includes a
server_uuidcolumn, which stores the value of the
server_uuidof the backed up server.
Due to the new features and functions of MySQL Enterprise Backup 8.0, more privileges are now required for the user by which mysqlbackup connects to the MySQL Server. See Section 4.1.2, “Grant MySQL Privileges to Backup Administrator” for details.
For MySQL Enterprise Backup 8.0.12 and later:
When working with a Group Replication setup, mysqlbackup now makes the backup history available to all members of the server group by making sure that the
backup_historytable is updated on a primary node after each mysqlbackup operation. See Chapter 9, Using MySQL Enterprise Backup with Group Replication for details, including the resulting new user privilege requirement for mysqlbackup to connect to a server, regardless of whether the server belongs to a Group Replication setup.
OAuth is now supported for Oracle Cloud Infrastructure Object Storage client authentication. Two new options,
--cloud-oauth-token, have been introduced for the purpose. See Section 19.15, “Cloud Storage Options” for details.
The storage engine of the
mysql.backup_historytable on a backed-up server has switched from CSV to InnoDB. See here for the special user privileges now required by mysqlbackup that are related to this change.
For MySQL Enterprise Backup 8.0.13 and later:
mysqlbackup now supports transparent page compression for InnoDB tables. The support is enabled by setting the mysqlbackup option
--compress-method=punch-hole; see description for the option for details.
mysqlbackup now supports backup compression (i.e., the use of the
--uncompressoptions) for incremental backups (except for incremental backups created with the
For MySQL Enterprise Backup 8.0.14 and later:
mysqlbackup now supports encrypted binary and relay log. See Section 8.4, “Working with Encrypted Binary and Relay Logs” for details.
For MySQL Enterprise Backup 8.0.16 and later:
Near the end of the backup process, instead of locking the whole server instance for a brief period of time, mysqlbackup now applies these locks consecutively:
A backup lock on the server instance, which blocks DDLs (except those on user-created temporary tables), but not DMLs on InnoDB tables.
FLUSH TABLESoperation on all non-InnoDB tables, for copying the relevant ones among them into the backup. This step is skipped if no user created non-InnoDB tables exist.
tbl_name [, tbl_name]... WITH READ LOCK
A brief blocking of logging activities on the server, for collecting logging-related information.
See Section 1.4, “The Backup Process” for details. The removal of the lock on the whole server instance reduces disruption to the database service by the backup operation.Important
The change requires that the
SELECTprivileges on all tables be granted to the user by which mysqlbackup connects to the server (the
BACKUP_ADMINprivilege is automatically granted to users with the
RELOADprivilege when an in-place upgrade to MySQL Server 8.0 from an earlier version is performed).
In addition to the requirement that the target data directory for a restore specified by
--datadirmust be non-existent or empty, mysqlbackup now enforces the same rule for the
--forceoption cannot be used to override the requirement on the three options).
mysqlbackup now supports dynamic changes to undo tablespaces on the server being backed up. During a restore, the default undo tablespaces, as well as any non-default undo tablespaces resided in the backed-up server's data directory, are restored to the location pointed to by the mysqlbackup option
innodb_undo_directory. Non-default, external undo tablespaces are restored to the locations they were found on the backed-up server. See descriptions for the undo log files for details.
mysqlbackup now supports encrypted InnoDB undo logs. The encrypted undo tablespaces are handled the same way as the encrypted tablespaces for InnoDB tables. See Chapter 6, Working with Encrypted InnoDB Tablespaces for details.
For MySQL Enterprise Backup 8.0.17 and later:
mysqlbackup now supports encrypted InnoDB redo logs. The encrypted redo tablespaces are handled the same way as the encrypted tablespaces for InnoDB tables. See Chapter 6, Working with Encrypted InnoDB Tablespaces for details.
To avoid mysqlbackup failing to catch up with the growing redo log during a backup operation and missing redo log data, mysqlbackup now utilizes redo log archiving, a new feature available on MySQL Server 8.0.17. Redo log archiving can be skipped using the new
--no-redo-log-archive. See Chapter 7, Backing up Using Redo Log Archiving for details.
For MySQL Enterprise Backup 8.0.18 and later:
mysqlbackup now supports a faster way to create incremental backups by using the page tracking functionality on MySQL Servers. To use this new feature, set
--incremental=page-track. See Incremental Backup Using Page Tracking for details.
Two new options,
--zstd-compression-level, have been introduced for configuring compression for server connections. See Section 19.2, “Connection Options” and Command Options for Connection Compression for details.
For MySQL Enterprise Backup 8.0.19 and later:
It is now safe to have DDL operations (CREATE TABLE, RENAME TABLE, DROP TABLE, ALTER TABLE, and operations that map to ALTER TABLE like CREATE INDEX) happening on the server in parallel with a backup operation; see details described here for some limitations. Due to this new feature, the user by which mysqlbackup connects to the MySQL server must now be granted the
SELECT ON *.*privilege; see Section 4.1.2, “Grant MySQL Privileges to Backup Administrator”.
Master key rotation for binary log encryption on the server in between a full and an incremental backup, as well as between two incremental backups performed by mysqlbackup, is now supported. During an incremental backup, mysqlbackup now records encryption information for all the encrypted binary log files (including those already backed up in earlier full or incremental backups) unless the
--skip-binlogoption is used, in which case a warning is given that the older binary log files might become unrestorable.
--skip-binlogoption now makes binary log to be skipped not just for the current backup operation, but also for all subsequent incremental backups that are based on the current backup.
The logging for backup restore has been improved: at the steps for setting the sizes of the log files, the names of the log files are now included.
mysqlbackup now prints a stack trace after being terminated by a signal.
When mysqlbackup fails to connect to a server, the warning returned by mysqlbackup now includes the hostname and port number for TCP connections, and the socket information for socket connections. This is particularly helpful for a Group Replication setup, for which mysqlbackup might attempt to connect to more than one host.
The storage engine for the
mysql.backup_progresstable on a backed-up server has switched from CSV to InnoDB, and a composite index is now created on the table's
current_timestampcolumns. Also, when working with a Group Replication setup, mysqlbackup now makes the
backup_progresstable available to all members of the server group by making sure that the table is updated on a primary node during each mysqlbackup operation.
When MySQL Enterprise Backup 8.0.19 or later tries to perform its first full backup on a database, it automatically checks the format of the
mysql.backup_progresstable. If it detects that the table is in the old format (which means the server has been upgraded from 8.0.18 or earlier and has been backed up by MySQL Enterprise Backup before), it attempts to perform an update on the table automatically. New privileges for the
mysqlbackupuser on the server are required for the table upgrade; see Appendix F, Backup Progress Table Update for details.
mysqlbackup now includes the configuration files
mysqld-auto.cnffrom a server in its backup (except for a TTS backup). They are restored to the target server's data directory as
backup-mysqld-auto.cnfrespectively. To use those files to configure your restored server, rename them to their original names before starting the server.
copy-back-and-apply-logcommands, any relative path specified with
--backup-imageis now taken to be relative to the current directory in which the command is run.
For MySQL Enterprise Backup 8.0.20 and later:
The tablespace_tracker file has been simplified: it now contains only two fields for each external tablespace:
space_id. mysqlbackup no longer relies on the file for information on the
backup_file_pathand the tablespace type, which means that users no longer need to update the tablespace_tracker file when they move a directory backup to a new location.
Table-Level Recovery (TLR) now allows selective restores of tables or schemas from full backups; see Section 5.1.4, “Table-Level Recovery (TLR)” for details.
The legacy option
--includeis now deprecated. A deprecation warning is now issued by mysqlbackup whenever the option is used. The
--exclude-tablesoptions should be used instead for partial backups and restores.
For MySQL Enterprise Backup 8.0.21 and later:
Encrypted InnoDB tables can now be included in partial backups and restores using transportable tablespaces (TTS).
Encrypted InnoDB tables are now being verified in
The storage engine for the
mysql.backup_sbt_historytable on a backed-up server has switched from CSV to InnoDB. Also, an auto-increment primary key
idcolumn has been added to the table. When working with a Group Replication setup, mysqlbackup now makes the
backup_sbt_historytable available to all members of the server group by making sure that the table is updated on a primary node during each mysqlbackup operation.
When MySQL Enterprise Backup 8.0.21 or later tries to perform its first full backup on a database using the SBT API, it automatically checks the format of the
mysql.backup_sbt_historytable. If it detects that the table is in the old format (which means the server has been upgraded from 8.0.20 or earlier and has been backed up by MySQL Enterprise Backup before using the SBT API), it attempts to perform an update on the table automatically. New privileges for the
mysqlbackupuser on the server are required for the table upgrade; see Appendix E, SBT Backup History Table Update for details.
Commands for operations on compressed backups (
apply-log, etc.) have been simplified: the
--uncompressoption is no longer needed, except for
image-to-backup-diroperations that do not use the
A backup now fails when a binary or relay log file is purged while the backup is going on; it also fails when
mysqlbackupfinds a binary log file missing on the server (however, if a relay log file is missing, the backup continues).
tool_namecolumn of the
backup_progresstable on the MySQL server is now populated with the full mysqlbackup command that invoked a backup operation.
backup_gtid_executed.sqlwas not included in a TTS backup for a replica server using GTIDs. The file is now included in a TTS backup as long as the
--slave-infooption is used.