1BARMAN-CLOUD-WAL-ARCHIVE(1) Version 3.9.0 BARMAN-CLOUD-WAL-ARCHIVE(1)
2
6 barman-cloud-wal-archive - Archive PostgreSQL WAL files in the Cloud
7 using archive_command
8
10 barman-cloud-wal-archive [OPTIONS] DESTINATION_URL SERVER_NAME WAL_PATH
11
13 This script can be used in the archive_command of a PostgreSQL server
14 to ship WAL files to the Cloud. Currently AWS S3, Azure Blob Storage
15 and Google Cloud Storage are supported.
16 Note: If you are running python 2 or older unsupported versions of
18 python 3 then avoid the compression options --gzip or --bzip2 as bar‐
19 man-cloud-wal-restore is unable to restore gzip-compressed WALs on
20 python < 3.2 or bzip2-compressed WALs on python < 3.3.
21 This script and Barman are administration tools for disaster recovery
23 of PostgreSQL servers written in Python and maintained by EnterpriseDB.
24
26 usage: barman-cloud-wal-archive [-V] [--help] [-v | -q] [-t]
27 [--cloud-provider {aws-s3,azure-blob-storage,google-cloud-storage}]
28 [--endpoint-url ENDPOINT_URL] [-P AWS_PROFILE]
29 [--profile AWS_PROFILE]
30 [--read-timeout READ_TIMEOUT]
31 [--azure-credential {azure-cli,managed-identity}]
32 [-z | -j | --snappy]
33 [--tags [TAGS [TAGS ...]]]
34 [--history-tags [HISTORY_TAGS [HISTORY_TAGS ...]]]
35 [--kms-key-name KMS_KEY_NAME] [-e ENCRYPTION]
36 [--sse-kms-key-id SSE_KMS_KEY_ID]
37 [--encryption-scope ENCRYPTION_SCOPE]
38 [--max-block-size MAX_BLOCK_SIZE]
39 [--max-concurrency MAX_CONCURRENCY]
40 [--max-single-put-size MAX_SINGLE_PUT_SIZE]
41 destination_url server_name [wal_path]
42 This script can be used in the `archive_command` of a PostgreSQL server to
44 ship WAL files to the Cloud. Currently AWS S3, Azure Blob Storage and Google
45 Cloud Storage are supported.
46 positional arguments:
48 destination_url URL of the cloud destination, such as a bucket in AWS
49 S3. For example: `s3://bucket/path/to/folder`.
50 server_name the name of the server as configured in Barman.
51 wal_path the value of the '%p' keyword (according to
52 'archive_command').
53 optional arguments:
55 -V, --version show program's version number and exit
56 --help show this help message and exit
57 -v, --verbose increase output verbosity (e.g., -vv is more than -v)
58 -q, --quiet decrease output verbosity (e.g., -qq is less than -q)
59 -t, --test Test cloud connectivity and exit
60 --cloud-provider {aws-s3,azure-blob-storage,google-cloud-storage}
61 The cloud provider to use as a storage backend
62 -z, --gzip gzip-compress the WAL while uploading to the cloud
63 (should not be used with python < 3.2)
64 -j, --bzip2 bzip2-compress the WAL while uploading to the cloud
65 (should not be used with python < 3.3)
66 --snappy snappy-compress the WAL while uploading to the cloud
67 (requires optional python-snappy library)
68 --tags [TAGS [TAGS ...]]
69 Tags to be added to archived WAL files in cloud
70 storage
71 --history-tags [HISTORY_TAGS [HISTORY_TAGS ...]]
72 Tags to be added to archived history files in cloud
73 storage
74 Extra options for the aws-s3 cloud provider:
76 --endpoint-url ENDPOINT_URL
77 Override default S3 endpoint URL with the given one
78 -P AWS_PROFILE, --aws-profile AWS_PROFILE
79 profile name (e.g. INI section in AWS credentials
80 file)
81 --profile AWS_PROFILE
82 profile name (deprecated: replaced by --aws-profile)
83 --read-timeout READ_TIMEOUT
84 the time in seconds until a timeout is raised when
85 waiting to read from a connection (defaults to 60
86 seconds)
87 -e ENCRYPTION, --encryption ENCRYPTION
88 The encryption algorithm used when storing the
89 uploaded data in S3. Allowed values:
90 'AES256'|'aws:kms'.
91 --sse-kms-key-id SSE_KMS_KEY_ID
92 The AWS KMS key ID that should be used for encrypting
93 the uploaded data in S3. Can be specified using the
94 key ID on its own or using the full ARN for the key.
95 Only allowed if `-e/--encryption` is set to `aws:kms`.
96 Extra options for the azure-blob-storage cloud provider:
98 --azure-credential {azure-cli,managed-identity}, --credential {azure-cli,managed-identity}
99 Optionally specify the type of credential to use when
100 authenticating with Azure. If omitted then Azure Blob
101 Storage credentials will be obtained from the
102 environment and the default Azure authentication flow
103 will be used for authenticating with all other Azure
104 services. If no credentials can be found in the
105 environment then the default Azure authentication flow
106 will also be used for Azure Blob Storage.
107 --encryption-scope ENCRYPTION_SCOPE
108 The name of an encryption scope defined in the Azure
109 Blob Storage service which is to be used to encrypt
110 the data in Azure
111 --max-block-size MAX_BLOCK_SIZE
112 The chunk size to be used when uploading an object via
113 the concurrent chunk method (default: 4MB).
114 --max-concurrency MAX_CONCURRENCY
115 The maximum number of chunks to be uploaded
116 concurrently (default: 1).
117 --max-single-put-size MAX_SINGLE_PUT_SIZE
118 Maximum size for which the Azure client will upload an
119 object in a single request (default: 64MB). If this is
120 set lower than the PostgreSQL WAL segment size after
121 any applied compression then the concurrent chunk
122 upload method for WAL archiving will be used.
123 Extra options for google-cloud-storage cloud provider:
126 --kms-key-name KMS_KEY_NAME
127 The name of the GCP KMS key which should be used for
128 encrypting the uploaded data in GCS.
129
131 For Boto:
132 • https://boto3.amazonaws.com/v1/documentation/api/latest/guide/config‐
134 uration.html
135 For AWS:
137 • https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-get‐
139 ting-set-up.html
140 • https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-get‐
142 ting-started.html.
143 For Azure Blob Storage:
145 • https://docs.microsoft.com/en-us/azure/storage/blobs/authorize-da‐
147 ta-operations-cli#set-environment-variables-for-authorization-parame‐
148 ters
149 • https://docs.microsoft.com/en-us/python/api/azure-stor‐
151 age-blob/?view=azure-python
152 For Google Cloud Storage: * Credentials:
154 https://cloud.google.com/docs/authentication/getting-started#set‐
155 ting_the_environment_variable
156 Only authentication with GOOGLE_APPLICATION_CREDENTIALS env is support‐
158 ed at the moment.
159
161 If using --cloud-provider=aws-s3:
162 • boto3
164 If using --cloud-provider=azure-blob-storage:
166 • azure-storage-blob
168 • azure-identity (optional, if you wish to use DefaultAzureCredential)
170 If using --cloud-provider=google-cloud-storage * google-cloud-storage
172
174 0 Success
175 1 The WAL archive operation was not successful
177 2 The connection to the cloud provider failed
179 3 There was an error in the command input
181 Other non-zero codes
183 Failure
184
186 This script can be used in conjunction with pre_archive_retry_script to
187 relay WAL files to S3, as follows:
188 pre_archive_retry_script = 'barman-cloud-wal-archive [*OPTIONS*] *DESTINATION_URL* ${BARMAN_SERVER}'
190
192 Barman has been extensively tested, and is currently being used in sev‐
193 eral production environments. However, we cannot exclude the presence
194 of bugs.
195 Any bug can be reported via the GitHub issue tracker.
197
199 • Homepage: <https://www.pgbarman.org/>
200 • Documentation: <https://docs.pgbarman.org/>
202 • Professional support: <https://www.enterprisedb.com/>
204
206 Barman is the property of EnterpriseDB UK Limited and its code is dis‐
207 tributed under GNU General Public License v3.
208 © Copyright EnterpriseDB UK Limited 2011-2023
210
212 EnterpriseDB <https://www.enterprisedb.com>.
213Barman User manuals October 3, 2023 BARMAN-CLOUD-WAL-ARCHIVE(1)