备份策略
本指南涵盖了自托管 Langfuse 部署的备份策略。请按照其中一个部署指南开始操作。
适当的备份策略对于保护您的 Langfuse 数据和确保业务连续性至关重要。本指南涵盖了自托管 Langfuse 部署的所有组件的备份方法。
ClickHouse
ClickHouse 存储您的可观测性数据,包括跟踪、观察和评分。备份策略因您使用的是托管服务还是自托管部署而异。
ClickHouse Cloud (托管服务)
自动备份:ClickHouse Cloud 通过以下方式自动为您管理备份:
- 持续增量备份
- 时间点恢复功能
- 跨区域复制选项
- 企业级耐用性保证
无需操作:如果您使用的是 ClickHouse Cloud, 备份将自动处理。有关备份保留策略和恢复程序,请参阅 ClickHouse Cloud 文档。
自托管 ClickHouse
对于自托管的 ClickHouse 实例,您需要实施自己的备份策略。
Kubernetes 部署
- 卷快照 (推荐)
大多数云提供商支持持久卷的卷快照。请确保您也为 clickhouse Zookeeper 卷添加了快照。
# Create a VolumeSnapshot for each ClickHouse replica
kubectl apply -f - <<EOF
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: clickhouse-backup-$(date +%Y%m%d-%H%M%S)
namespace: langfuse
spec:
source:
persistentVolumeClaimName: data-langfuse-clickhouse-0
volumeSnapshotClassName: csi-hostpath-snapclass
EOF- Velero 用于完整的集群备份
Velero 提供全面的 Kubernetes 备份解决方案:
# Install Velero
velero install --provider aws --plugins velero/velero-plugin-for-aws:v1.8.0 \
--bucket langfuse-backups --secret-file ./credentials-velero
# Create a backup schedule
velero schedule create langfuse-daily \
--schedule="0 2 * * *" \
--include-namespaces langfuse \
--ttl 720h0m0s- ClickHouse 本地备份
使用 ClickHouse 的内置备份功能。请按照 ClickHouse 的备份指南了解所有详细信息。
-- Create a backup
BACKUP DATABASE default TO S3('s3://backup-bucket/clickhouse-backup-{timestamp}', 'access_key', 'secret_key');
-- Restore from backup
RESTORE DATABASE default FROM S3('s3://backup-bucket/clickhouse-backup-{timestamp}', 'access_key', 'secret_key');Docker 部署
对于基于 Docker 的部署,实施常规卷备份:
#!/bin/bash
# Backup script for ClickHouse Docker volumes
BACKUP_DIR="/backups/clickhouse"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
CONTAINER_NAME="clickhouse-server"
# Create backup directory
mkdir -p "$BACKUP_DIR"
# Stop ClickHouse temporarily for consistent backup
docker stop "$CONTAINER_NAME"
# Create tar archive of data volume
docker run --rm \
-v clickhouse_data:/source:ro \
-v "$BACKUP_DIR":/backup \
alpine tar czf "/backup/clickhouse-backup-$TIMESTAMP.tar.gz" -C /source .
# Restart ClickHouse
docker start "$CONTAINER_NAME"
# Clean up old backups (keep last 7 days)
find "$BACKUP_DIR" -name "clickhouse-backup-*.tar.gz" -mtime +7 -deletePostgres
Postgres 存储关键的事务数据,包括用户、组织、项目和 API 密钥。我们强烈建议在生产部署中使用托管数据库服务。
托管数据库服务 (推荐)
云提供商服务:使用提供自动备份的托管 PostgreSQL 服务。
自主 Postgres 备份
如果必须自托管 Postgres, 请实施全面的备份策略。
Kubernetes 通用备份解决方案
- 使用 CronJob 的 pg_dump
apiVersion: batch/v1
kind: CronJob
metadata:
name: postgres-backup
namespace: langfuse
spec:
schedule: "0 2 * * *" # Daily at 2 AM
jobTemplate:
spec:
template:
spec:
containers:
- name: postgres-backup
image: postgres:15
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: password
command:
- /bin/bash
- -c
- |
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
pg_dump -h postgres-service -U langfuse -d langfuse > /backup/langfuse-backup-$TIMESTAMP.sql
# Upload to S3 (optional)
aws s3 cp /backup/langfuse-backup-$TIMESTAMP.sql s3://langfuse-backups/postgres/
# Clean up local files older than 3 days
find /backup -name "langfuse-backup-*.sql" -mtime +3 -delete
volumeMounts:
- name: backup-storage
mountPath: /backup
volumes:
- name: backup-storage
persistentVolumeClaim:
claimName: postgres-backup-pvc
restartPolicy: OnFailure- 卷快照
# Create snapshot of Postgres PVC
kubectl apply -f - <<EOF
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: postgres-backup-$(date +%Y%m%d-%H%M%S)
namespace: langfuse
spec:
source:
persistentVolumeClaimName: postgres-data-pvc
volumeSnapshotClassName: csi-hostpath-snapclass
EOFDocker 部署
#!/bin/bash
# Postgres backup script for Docker
BACKUP_DIR="/backups/postgres"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
CONTAINER_NAME="postgres"
DB_NAME="langfuse"
DB_USER="langfuse"
mkdir -p "$BACKUP_DIR"
# Create SQL dump
docker exec "$CONTAINER_NAME" pg_dump -U "$DB_USER" "$DB_NAME" > "$BACKUP_DIR/langfuse-backup-$TIMESTAMP.sql"
# Compress backup
gzip "$BACKUP_DIR/langfuse-backup-$TIMESTAMP.sql"
# Upload to cloud storage (optional)
aws s3 cp "$BACKUP_DIR/langfuse-backup-$TIMESTAMP.sql.gz" s3://langfuse-backups/postgres/
# Clean up old backups
find "$BACKUP_DIR" -name "langfuse-backup-*.sql.gz" -mtime +7 -deleteMinIO
MinIO 已被云存储淘汰:如果您正在使用 AWS S3、Azure Blob Storage 或 Google Cloud Storage 等云存储服务,则不需要 MinIO, 备份策略应专注于云存储提供商的原生备份功能。
MinIO 仅适用于不使用云存储服务的自托管部署。对于大多数生产部署,我们建议改用托管云存储。
当使用 MinIO 时
MinIO 通常用于:
- 气隙环境
- 无云访问的本地部署
- 开发环境
- 特定合规性要求
- MinIO 备份策略
云存储复制 (推荐)
配置 MinIO 以复制到云存储:
# Configure MinIO client
mc alias set myminio http://localhost:9000 minio miniosecret
mc alias set s3backup https://s3.amazonaws.com ACCESS_KEY SECRET_KEY
# Set up bucket replication
mc replicate add myminio/langfuse --remote-bucket s3backup/langfuse-backupKubernetes MiniIO 备份
- 卷快照
# Snapshot MinIO data volumes
kubectl apply -f - <<EOF
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: minio-backup-$(date +%Y%m%d-%H%M%S)
namespace: langfuse
spec:
source:
persistentVolumeClaimName: data-minio-0
volumeSnapshotClassName: csi-hostpath-snapclass
EOF- 计划同步到外部存储
apiVersion: batch/v1
kind: CronJob
metadata:
name: minio-backup-sync
namespace: langfuse
spec:
schedule: "0 3 * * *" # Daily at 3 AM
jobTemplate:
spec:
template:
spec:
containers:
- name: minio-backup
image: minio/mc:latest
command:
- /bin/sh
- -c
- |
mc alias set source http://minio:9000 $MINIO_ACCESS_KEY $MINIO_SECRET_KEY
mc alias set backup s3://backup-bucket $AWS_ACCESS_KEY $AWS_SECRET_KEY
mc mirror source/langfuse backup/langfuse-backup/$(date +%Y%m%d)
env:
- name: MINIO_ACCESS_KEY
valueFrom:
secretKeyRef:
name: minio-credentials
key: access-key
- name: MINIO_SECRET_KEY
valueFrom:
secretKeyRef:
name: minio-credentials
key: secret-key
- name: AWS_ACCESS_KEY
valueFrom:
secretKeyRef:
name: aws-credentials
key: access-key
- name: AWS_SECRET_KEY
valueFrom:
secretKeyRef:
name: aws-credentials
key: secret-key
restartPolicy: OnFailure作者:Jeebiz 创建时间:2025-10-30 18:09
最后编辑:Jeebiz 更新时间:2025-10-30 18:16
最后编辑:Jeebiz 更新时间:2025-10-30 18:16
