Set up Barman for AlloyDB Omni

This page shows you how to protect your data by configuring AlloyDB Omni to work with Barman, an open-source database backup server.

You can protect your AlloyDB Omni data using any database backup technology that works with PostgreSQL. For example, you can configure AlloyDB Omni to allow connections from a Barman server that you control. This enables the Barman server to perform continuous backups of the data stored in your AlloyDB Omni server.

After you configure your Barman and AlloyDB Omni servers to work together, you can subsequently run Barman commands to accomplish a variety of data-protection and disaster-recovery tasks, including the following:

Create an on-demand backup of your data.
Set up synchronous WAL streaming of your data changes to your backup server.
Restore from a specific backup.
Perform a point-in-time restoration.

For more information about the operation of Barman, see the Barman manual.

Before you begin

Before configuring AlloyDB Omni to work with Barman, you need the following:

AlloyDB Omni installed and running on a server that you control.
Barman installed on a separate server. The server that you installed Barman on must be able to communicate with the AlloyDB Omni server over TCP.

Configure AlloyDB Omni to work with Barman

To prepare your AlloyDB Omni server to work with Barman, run the following commands on the server where you have installed AlloyDB Omni.

Create the barman database user, with the appropriate privileges:

docker exec CONTAINER_NAME psql -h localhost -U postgres -c "
CREATE USER barman;
GRANT EXECUTE ON FUNCTION pg_backup_start(text, boolean) to barman;
GRANT EXECUTE ON FUNCTION pg_backup_stop(boolean) to barman;
GRANT EXECUTE ON FUNCTION pg_switch_wal() to barman;
GRANT EXECUTE ON FUNCTION pg_create_restore_point(text) to barman;
GRANT pg_read_all_settings TO barman;
GRANT pg_read_all_stats TO barman;
"

Add the following lines in the DATA_DIR/pg_hba.conf file before the host all all all scram-sha-256 line that exists in the file:
```
host all barman BARMAN_IP/32 AUTHN_METHOD
host replication alloydbreplica BARMAN_IP/32 AUTHN_METHOD
```
Replace the following:
- DATA_DIR: the file system path used for the AlloyDB Omni data directory.
- BARMAN_IP: the IP address of the Barman server.
- AUTHN_METHOD: the PostgreSQL authentication method that your AlloyDB for PostgreSQL server expects from the Barman server. We recommend one of the following values:
  - To allow the Barman server to authenticate without a password, use trust.
  - To require a password from the Barman server, use scram-sha-256.

Add the following lines to the DATA_DIR/postgresql.conf file:

archive_command='/bin/true'
archive_mode=on
listen_addresses='*'
wal_level='replica'

Restart the AlloyDB Omni service:
```
docker restart CONTAINER_NAME
```
Replace CONTAINER_NAME with the name that you assigned to the AlloyDB Omni container when you installed it.

Confirm the necessary parameters are all set appropriately by running the following command:

docker exec CONTAINER_NAME psql -h localhost -U postgres -c "
SELECT name, setting
 FROM pg_catalog.pg_settings
 WHERE name IN ('archive_command',
                'archive_mode',
                'listen_addresses',
                'wal_level')
 ORDER BY name;
 "

The output is as follows:

    name          |  setting
------------------|-----------
archive_command   | /bin/true
archive_mode      | on
listen_addresses  | *
wal_level         | replica
(4 rows)

Set up the Barman backup server

To set up and configure Barman to work with your AlloyDB Omni server, run the following commands on your Barman server.

Verify that the streaming replication connection works:

docker exec CONTAINER_NAME psql -h DATABASE_IP -U alloydbreplica -c "IDENTIFY_SYSTEM" replication=1

The output is similar to the following:

      systemid       | timeline |  xlogpos   | dbname
---------------------+----------+------------+--------
 7265722823667040273 |        1 | 0/1F0AFCD0 |
(1 row)

Ensure that Barman can connect to the AlloyDB Omni server as the barman database user.
```
psql -t -h DATABASE_IP -U barman -d postgres -c "SELECT 'Connected as: '||current_user"
```
Replace DATABASE_IP with the IP address of your AlloyDB Omni server.

The output is similar to the following:
```
      ?column?       
----------------------
Connected as: barman
(1 row)
```
Configure the Barman backup server according to your needs and preferences.

Your configuration must include the following settings:
- Set conninfo to connect to the AlloyDB Omni postgres database as the barman user.
- Set streaming_conninfo to use the alloydbreplica user.
- Configure other directives required to enable WAL streaming, as directed by the Barman documentation.
The following minimal but complete example modifies a streaming-configuration example from the Barman documentation:
```
[CONFIGURATION_TAG]
description =  "Backup settings for my AlloyDB Omni server"
conninfo = host=DATABASE_IP user=barman dbname=postgres
streaming_conninfo = host=DATABASE_IP user=alloydbreplica
backup_method = postgres
streaming_archiver = on
slot_name = barman
```
Replace the following:
- CONFIGURATION_TAG: a short tag to identify this server configuration when running barman commands—for example, omni.
- DATABASE_IP: the IP address of your AlloyDB Omni server.
Switch to the barman user.
```
sudo su - barman
```
Use the barman receive-wal command to create a replication slot, and then begin receiving a WAL stream from the database server:
```
barman receive-wal --create-slot CONFIGURATION_TAG
barman receive-wal CONFIGURATION_TAG &
```
Replace CONFIGURATION_TAG with the configuration tag that you chose in the previous step.

Barman is now configured to work with your AlloyDB Omni server. To check the replication status, create manual backups, and perform other tasks, see General commands.

For example, to create a manual backup, run the barman backup command.

What's next

Restore an AlloyDB Omni cluster using Barman