Remote influxdb backups

mpaul · December 6, 2017, 10:12pm

Trying to do remote backup but its not working out!

Do we need to provide auth credentials for the remote influxdb instance ?

what am i missing … any help appreciated!
command used

 /usr/bin/influxd backup -database myremoteDB -host <MYIP?:8088 /opt/influxdb/backups/remote_backup_influx_dbs/myremotehost/06Dec2017/myremoteDB
2017/12/06 22:14:12 backing up db=myremoteDB since 0001-01-01 00:00:00 +0000 UTC
2017/12/06 22:14:12 backup failed: dial tcp IP.IP.IP.IP:8088: getsockopt: connection refused
backup: dial tcp <IP>:8088: getsockopt: connection refused

actual backup on remotehost :


myremotehost:/opt/influxdb/backups/backup_influx_dbs/06Dec2017/mydb $ ll
total 993984
-rw-r--r-- 1 influxdb influxdb    34131 Dec  6 21:52 meta.00
-rw-r--r-- 1 influxdb influxdb 82073088 Dec  6 21:52 mydb.autogen.03933.00
-rw-r--r-- 1 influxdb influxdb 78328320 Dec  6 21:52 mydb.autogen.03962.00
-rw-r--r-- 1 influxdb influxdb 78999040 Dec  6 21:52 mydb.autogen.03991.00
-rw-r--r-- 1 influxdb influxdb 30470144 Dec  6 21:52 mydb.autogen.04020.00
-rw-r--r-- 1 influxdb influxdb 28937216 Dec  6 21:52 mydb.autogen.04049.00
-rw-r--r-- 1 influxdb influxdb 82207744 Dec  6 21:52 mydb.autogen.04078.00
-rw-r--r-- 1 influxdb influxdb 82966528 Dec  6 21:52 mydb.autogen.04107.00
-rw-r--r-- 1 influxdb influxdb 83372544 Dec  6 21:52 mydb.autogen.04136.00
-rw-r--r-- 1 influxdb influxdb 83589632 Dec  6 21:52 mydb.autogen.04165.00
-rw-r--r-- 1 influxdb influxdb 83168768 Dec  6 21:52 mydb.autogen.04194.00
-rw-r--r-- 1 influxdb influxdb 20535296 Dec  6 21:52 mydb.autogen.04223.00
-rw-r--r-- 1 influxdb influxdb 28866048 Dec  6 21:52 mydb.autogen.04252.00
-rw-r--r-- 1 influxdb influxdb 81377280 Dec  6 21:52 mydb.autogen.04281.00
-rw-r--r-- 1 influxdb influxdb 82700288 Dec  6 21:52 mydb.autogen.04310.00
-rw-r--r-- 1 influxdb influxdb 90182656 Dec  6 21:52 mydb.autogen.04339.00
myremotehost:/opt/influxdb/backups/backup_influx_dbs/06Dec2017/mydb $

mpaul · December 6, 2017, 10:56pm

thought it has to do with the “bind-address” could not even find one !

/etc/influxdb $ grep bind-address influxdb.conf
  bind-address = ":8083"
  # bind-address = ":8086"
  # bind-address = ":2003"
  # bind-address = ":25826"
  # bind-address = ":4242"
  # bind-address = ":8089"

so under which section is really the remote RPC port configured my influxdb version : 1.4.2

any sample will help !

mpaul · December 6, 2017, 11:34pm

Tried putting

activate RPC port !

bind-address = “127.0.0.1:8088”

before and after the [meta] section still same error :

backup: dial tcp :8088: getsockopt: connection refused

mpaul · December 7, 2017, 4:35pm

when I run it netstat -nlpt it doies show influxdb is listening on that port !

netstat -nlpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:8088          0.0.0.0:*               LISTEN      2298/influxd
tcp        0      0 :::8086                 :::*                    LISTEN      2298/influxd

mpaul · December 7, 2017, 4:47pm

Solved the riddle
I wish the influxdb documentation is a better on this,

the activate RPC port should be !

# activate RPC port !
#bind-address = "127.0.0.1:8088"
bind-address = ":8088"

Local host will not be able to let remote backup connections work !

now the remote backups are working perfectly!

nicolas17 · December 10, 2017, 4:15am

Are you also providing authentication?

mpaul · December 11, 2017, 7:35pm

I did not find a good documentation about RPC authentication , my servers do need auth but RPC works without it …
May be some one from Engg can help here with how to ! ( I am trying to make myself believe tick data is not critical security info so works ! )

noahcrowley · December 11, 2017, 8:00pm

For remote backups we recommend restricting access to the port at the OS or network level.

From the InfluxDB > Administration > Security Best Practices documentation:

InfluxDB uses port 8088 for remote backups and restores. We highly recommend closing that port and, if performing a remote backup, giving specific permission only to the remote machine.

nicolas17 · December 11, 2017, 8:05pm

If you just open that port to 0.0.0.0, anyone can get your data (by doing a backup) and anyone can overwrite your data (by doing a restore). I would limit it to 127.0.0.1 and use a ssh tunnel to connect.

mpaul · December 11, 2017, 9:59pm

Checking with network admin , how to grant perms to specific hosts to connect to port 8088 running on localhost!

I seems that all the ssh tunneling and firewalls are pretty kludge for a database infrastructure!

I seems that the best possible solution would be influxdb to support login/password on the RPC port so we can use this port for setting up manual DR !

Topic		Replies	Views
Remote backup for influxdb InfluxDB 2 backup	0	669	October 27, 2020
How to take back up of remote influx db?	1	906	April 7, 2020
How to backup a huge remote db, the tcp may disconnect backup	0	474	October 16, 2019
I cannot do a remote backup between 2 Influxdb containers	0	368	April 21, 2020
Restore failed: "restore: dial tcp [::1]:8088: connect: connection refused" InfluxDB 1	1	155	February 18, 2024

Remote influxdb backups

activate RPC port !

Related Topics