Navigation

Query a Backup Snapshot

Cloud Manager provides queryable backups. This functionality allows you to query specific backup snapshot. You can use the queryable backups to:

  • Restore a subset of data within the MongoDB deployment.
  • Compare previous versions of data against the current data.
  • Identify the best point in time to restore a system by comparing data from multiple snapshots.

Considerations

Read-Only Instance

Cloud Manager provisions these queryable snapshots as read-only MongoDB instances.

Important

These instances are available for up to 24 hours.

Query Restrictions on the Queryable Snapshots

  • You cannot run map-reduce operations.
  • You cannot run queries that requires disk usage, such as running aggregation with the allowDiskUse option to perfrom large sort operations.

Connection Methods

Connections to these instances are over TLS/SSL and require a X.509 authentication. Cloud Manager provides:

  • An executable that creates a tunnel which handles the connection, including the client TLS/SSL and the X.509 authentication.
  • X.509 certificates if you want to handle the connection details manually, including the TLS/SSL and the X.509 authentication.

Query Backup (Use Tunnel to Connect)

Note

The tunnel handles the security (TLS/SSL and X.509 authentication) for connecting to the instance.

1

Go to Backup view and click the Overview tab.

For the deployment whose backup you want to query, click the ellipsis button under Options column and select Query.

You can also click the deployment to view its snapshots and click the Query button under the Actions column.

2

Follow the prompts to query a backup snapshot.

  1. Select the snapshot to query and click Next.

  2. Start the process to query a snapshot. You will be prompted for 2-factor verification.

  3. Select Backup Tunnel as the connection method to the queryable snapshot.

  4. Select your Platform and download.

  5. Uncompress the downloaded file.

  6. Open a terminal or command prompt and go to the uncompressed <tunnel> directory. Run the executable to start the tunnel.

    The default port for the tunnel is 27017. To change the port, use the --local flag, as in the following example:

    ./<tunnel executable> --local localhost:27020
    

    Note

    If you change the port, you must include the port information when connecting.

    For the full list of options you can pass to the tunnel, run the tunnel exectuable with the -h option:

    ./<tunnel executable> -h
    
  7. Use the mongo shell or a MongoDB driver to connect to the backup via the tunnel.

    • If connecting locally from the same machine as where the tunnel is running, you do not need to specify a connection string or host information. Otherwise, specify a connection string or host information for the machine where the tunnel is running.
    • If you have changed the port that the tunnel is listening on, you must specify the port information when connecting.

Tip

Once you have finished querying this snapshot, you can terminate the queryable instance:

  1. Go to the Restore History and hover over the Status column for the deployment item.
  2. Click Cancel.

Query Backup (Handle TLS and Authentication Manually)

Note

The X.509 certificates are valid for 24 hours.

1

Go to Backup view and click the Overview tab.

For the deployment whose backup you want to query, click the ellipsis button under Options column and select Query.

You can also click the deployment to view its snapshots and click the Query button under the Actions column.

2

Follow the prompts to query a backup snapshot.

  1. Select the snapshot to query and click Next.

  2. Start the process to query a snapshot. If prompted for your password, enter your password to verify.

  3. Select Connect Manually as the connection method to the queryable snapshot.

  4. Download the X.509 client PEM file.

  5. Download the Certificate Authority (CA) PEM file.

  6. Use the mongo shell or a MongoDB driver to connect to the queryable backup host. To connect, you must specify the hostname and port, the TLS/SSL option, and the X.509 certificates.

    For example, if using the mongo shell to connect to the instance:

    mongo my-queryable-backup-host.mongodb.com:27217 --ssl --sslPEMKeyFile <client certificate> --sslCAFile mms-backup-ca.pem
    

Tip

Once you have finished querying this snapshot, you can terminate the queryable instance:

  1. Go to the Restore History and hover over the Status column for the deployment item.
  2. Click Cancel.

Next Steps

To restore a database or a collection using the queryable backup MongoDB instance, see Restore a Database or Collection from Queryable Backup.