Skip to content
logo
Percona Backup for MongoDB
Remote backup storage options
Initializing search
    percona/pbm-docs
    percona/pbm-docs
    • Home
      • How PBM works
      • Components
      • Supported MongoDB versions
      • Supported MongoDB deployments
      • Install
      • Set up and configure
      • Overview
      • Physical backups
      • Incremental physical backups
      • Logical backups
      • Selective backups
      • Point-in-Time Recovery
      • Start a backup
      • List backups
      • Restore a backup
      • View restore progress
      • Cancel a backup
      • Delete backups
      • View backup logs
      • Replay oplog from arbitrary start time
      • Architecture
      • Authentication
        • Overview
        • Remote backup configuration examples
      • Schedule backups
      • Configure PBM remotely
      • Upgrade PBM
      • Troubleshoot PBM
      • Automate access to S3 buckets for PBM
      • Remove PBM
    • FAQ
      • PBM commands
        • Configuration file
        • Remote backup storage options
          • Common options
            • storage.type
          • S3 type storage options
            • storage.s3.provider
            • storage.s3.bucket
            • storage.s3.region
            • storage.s3.prefix
            • storage.s3.endpointUrl
            • storage.s3.credentials.access-key-id
            • storage.s3.credentials.secret-access-key
            • storage.s3.uploadPartSize
            • storage.s3.maxUploadParts
            • storage.s3.storageClass
            • storage.s3.debugLogLevels
            • storage.s3.insecureSkipTLSVerify
          • Server-side encryption options
            • serverSideEncryption.sseAlgorithm
            • serverSideEncryption.kmsKeyID
            • serverSideEncryption.sseCustomerAlgorithm
            • serverSideEncryption.sseCustomerKey
          • Upload retry options
            • retryer.numMaxRetries
            • retryer.minRetryDelay
            • retryer.maxRetryDelay
          • Filesystem storage options
            • storage.filesystem.path
          • Microsoft Azure Blob storage options
            • storage.azure.account
            • storage.azure.container
            • storage.azure.prefix
            • storage.azure.credentials.key
        • Point-in-time recovery options
        • Backup options
        • Restore options
      • Glossary
      • Release notes index
      • Percona Backup for MongoDB 2.0.5 (2023-03-23)
      • Percona Backup for MongoDB 2.0.4 (2023-02-21)
      • Percona Backup for MongoDB 2.0.3 (2023-01-11)
      • Percona Backup for MongoDB 2.0.2 (2022-10-27)
      • Percona Backup for MongoDB 2.0.1 (2022-10-12)
      • Percona Backup for MongoDB 2.0.0 (2022-09-21)
      • Percona Backup for MongoDB 1.8.1 (2022-07-12)
      • Percona Backup for MongoDB 1.8.0 (2022-06-09)
      • Percona Backup for MongoDB 1.7.0 (2022-04-18)
      • Percona Backup for MongoDB 1.6.1 (2021-11-04)
      • Percona Backup for MongoDB 1.6.0 (2021-08-16)
      • Percona Backup for MongoDB 1.5.0 (2021-05-10)
      • Percona Backup for MongoDB 1.4.1 (2021-01-28)
      • Percona Backup for MongoDB 1.4.0 (2020-12-24)
      • Percona Backup for MongoDB 1.3.4 (2020-11-19)
      • Percona Backup for MongoDB 1.3.3 (2020-11-04)
      • Percona Backup for MongoDB 1.3.2 (2020-10-14)
      • Percona Backup for MongoDB 1.3.1 (2020-09-03)
      • Percona Backup for MongoDB 1.3.0 (2020-08-26)
      • Percona Backup for MongoDB 1.2.1 (2020-07-27)
      • Percona Backup for MongoDB 1.2.0 (2020-05-13)
      • Percona Backup for MongoDB 1.1.3 (2020-04-14)
      • Percona Backup for MongoDB 1.1.1 (2020-01-31)
      • Percona Backup for MongoDB 1.1.0 (2020-01-16)
      • Percona Backup for MongoDB 1.0.0 (2019-09-19)
      • Percona Backup for MongoDB 0.5.0 (2019-06-17)
    • Submitting bug reports or feature requests
    • Copyright and Licensing
    • Trademark policy

    • Common options
      • storage.type
    • S3 type storage options
      • storage.s3.provider
      • storage.s3.bucket
      • storage.s3.region
      • storage.s3.prefix
      • storage.s3.endpointUrl
      • storage.s3.credentials.access-key-id
      • storage.s3.credentials.secret-access-key
      • storage.s3.uploadPartSize
      • storage.s3.maxUploadParts
      • storage.s3.storageClass
      • storage.s3.debugLogLevels
      • storage.s3.insecureSkipTLSVerify
    • Server-side encryption options
      • serverSideEncryption.sseAlgorithm
      • serverSideEncryption.kmsKeyID
      • serverSideEncryption.sseCustomerAlgorithm
      • serverSideEncryption.sseCustomerKey
    • Upload retry options
      • retryer.numMaxRetries
      • retryer.minRetryDelay
      • retryer.maxRetryDelay
    • Filesystem storage options
      • storage.filesystem.path
    • Microsoft Azure Blob storage options
      • storage.azure.account
      • storage.azure.container
      • storage.azure.prefix
      • storage.azure.credentials.key

    Remote backup storage options¶

    Common options¶

    storage.type¶

    Type: string
    Required: YES

    Remote backup storage type. Supported values: s3, filesystem, azure.

    S3 type storage options¶

    storage:
      type: s3
      s3:
        region: <string>
        bucket: <string>
        prefix: <string>
        endpointUrl: <string>
        credentials:
          access-key-id: <your-access-key-id-here>
          secret-access-key: <your-secret-key-here>
        uploadPartSize: <int>
        maxUploadParts: <int>
        storageClass: <string>
        serverSideEncryption:
          sseAlgorithm: aws:kms
          kmsKeyID: <your-kms-key-here>
          sseCustomerAlgorithm: AES256
          sseCustomerKey: <your_encryption_key>
        retryer:
          numMaxRetries: 3
          minRetryDelay: 30
          maxRetryDelay: 5
    

    storage.s3.provider¶

    Type: string
    Required: NO

    The storage provider’s name.

    Supported values: aws, gcs

    storage.s3.bucket¶

    Type: string
    Required: YES

    The name of the storage bucket. See the AWS Bucket naming rules and GCS bucket naming guidelines for bucket name requirements

    storage.s3.region¶

    Type: string
    Required: YES (for AWS and GCS)

    The location of the storage bucket. Use the AWS region list and GCS region list to define the bucket region

    storage.s3.prefix¶

    Type: string
    Required: NO

    The path to the data directory on the bucket. If undefined, backups are stored in the bucket root directory

    storage.s3.endpointUrl¶

    Type: string
    Required: YES (for MinIO and GCS)

    The URL to access the bucket. The default value for GCS is https://storage.googleapis.com

    storage.s3.credentials.access-key-id¶

    Type: string
    Required: YES

    Your access key to the storage bucket. This option can be omitted when you run Percona Backup for MongoDB using an EC2 instance profile. To learn more, refer to Automate access to S3 buckets for Percona Backup for MongoDB

    storage.s3.credentials.secret-access-key¶

    Type: string
    Required: YES

    The key to sign your programmatic requests to the storage bucket. This option can be omitted when you run Percona Backup for MongoDB using an EC2 instance profile. To learn more, refer to Automate access to S3 buckets for Percona Backup for MongoDB

    storage.s3.uploadPartSize¶

    Type: int
    Required: NO

    The size of data chunks in bytes to be uploaded to the storage bucket. Default: 10MB

    Percona Backup for MongoDB automatically increases the uploadPartSize value if the size of the file to be uploaded exceeds the max allowed file size. (The max allowed file size is calculated with the default values of uploadPartSize * maxUploadParts and is appr. 97,6 GB).

    The uploadPartSize value is printed in the pbm-agent log.

    By setting this option, you can manually adjust the size of data chunks if Percona Backup for MongoDB failed to do it for some reason. The defined uploadPartSize value overrides the default value and is used for calculating the max allowed file size

    storage.s3.maxUploadParts¶

    Type: int
    Required: NO
    Default: 10,000

    The maximum number of data chunks to be uploaded to the storage bucket. Default: 10,000

    By setting this option, you can override the value defined in the AWS SDK.

    It can be useful when using an S3 provider that supports a smaller number of chunks for multipart uploads.

    The maxUploadParts value is printed in the pbm-agent log.

    storage.s3.storageClass¶

    Type: string
    Required: NO

    The storage class assigned to objects stored in the S3 bucket. If not provided, the STANDARD storage class will be used. This option is available in Percona Backup for MongoDB as of v1.7.0.

    storage.s3.debugLogLevels¶

    Type: string
    Required: NO

    Enables S3 debug logging for different types of S3 requests. S3 log messages are printed in the pbm logs output.

    Supported values are: LogDebug, Signing, HTTPBody, RequestRetries, RequestErrors, EventStreamBody.

    To specify several event types, separate them by comma. To lean more about the event types, see the documentation

    When undefined, no S3 debug logging is performed.

    storage.s3.insecureSkipTLSVerify¶

    Type: bool
    Required: NO
    Default: False

    Disables the TLS verification of the S3 storage. This allows Percona Backup for MongoDB to upload data to S3-like storages that use self-issued TLS certificates. Available in Percona Backup for MongoDB as of version 1.7.0.

    Warning

    Use this option with caution as it might leave a hole for man-in-the-middle attacks.

    Server-side encryption options¶

    serverSideEncryption.sseAlgorithm¶

    Type: string
    Required: NO

    The key management mode used for server-side encryption with the encryption keys stored in AWS KMS.

    Supported value: aws:kms

    serverSideEncryption.kmsKeyID¶

    Type: string
    Required: NO

    Your customer-managed key stored in the AWS KMS.

    serverSideEncryption.sseCustomerAlgorithm¶

    Type: string
    Required: NO

    The key management mode for server-side encryption with customer-provided keys (SSE-C).

    Supported value: AES256

    serverSideEncryption.sseCustomerKey¶

    Type: string
    Required: NO

    Your custom encryption key. This key is not stored on the S3 storage side. Thus, it is your responsibility to track what data is encrypted with what key and for storing the key.

    Upload retry options¶

    retryer.numMaxRetries¶

    Type: int
    Required: NO
    Default: 3

    The maximum number of retries to upload data to S3 storage. A zero value means no retries will be performed. Available in Percona Backup for MongoDB as of 1.7.0.

    retryer.minRetryDelay¶

    Type: time.Duration
    Required: NO
    Default: 30

    The minimum time (in ms) to wait till the next retry. Available in Percona Backup for MongoDB as of 1.7.0.

    retryer.maxRetryDelay¶

    Type: time.Duration
    Required: NO
    Default: 5

    The maximum time (in minutes) to wait till the next retry. Available in Percona Backup for MongoDB as of 1.7.0.

    Filesystem storage options¶

    storage:
      type: filesystem
      filesystem:
        path: <string>
    

    storage.filesystem.path¶

    Type: string
    Required: YES

    The path to the backup directory

    Microsoft Azure Blob storage options¶

    storage:
      type: azure
      azure:
        account: <string>
        container: <string>
        prefix: <string>
        credentials:
          key: <your-access-key>
    

    storage.azure.account¶

    Type: string
    Required: YES

    The name of your storage account.

    storage.azure.container¶

    Type: string
    Required: YES

    The name of the storage container. See the Container names for naming conventions.

    storage.azure.prefix¶

    Type: string
    Required: NO

    The path (sub-folder) to the backups inside the container. If undefined, backups are stored in the container root directory.

    storage.azure.credentials.key¶

    Type: string
    Required: YES

    Your access key to authorize access to data in your storage account.

    Contact Us

    For free technical help, visit the Percona Community Forum.

    To report bugs or submit feature requests, open a JIRA ticket.

    For paid support and managed or consulting services , contact Percona Sales.


    Last update: March 23, 2023
    Created: March 23, 2023
    Percona LLC and/or its affiliates, © 2023
    Made with Material for MkDocs

    Cookie consent

    We use cookies to recognize your repeated visits and preferences, as well as to measure the effectiveness of our documentation and whether users find what they're searching for. With your consent, you're helping us to make our documentation better.