Restoring backups

To learn about creating Looker backups, see the Creating backups documentation page.

To restore a customer-hosted Looker instance to a new host, complete only these steps of the Looker installation instructions:

  • Verify that the new server complies with the minimum server specifications.
  • Enable ntpd or chronyd.
  • Create the looker user, group, and home directory.
  • Skip downloading the Looker application and all remaining installation steps.

Once the new host is prepared:

  • Restore the files from backup.

  • Start Looker:

    sudo su - looker
cd looker
./looker start

Clustered environments

To restore the MySQL database for a clustered environment:

  • Stop any running Lookers in the cluster.
  • Restore the database.
  • Start the Looker instances one at a time.

See the MySQL documentation for more details on how to restore MySQL databases.

Restoring a keystore-independent backup

Customer-hosted installations that have migrated to AES-256 GCM encryption and generated a keystore-independent backup need to update Looker's internal database after performing a restore.

After restoring a keystore-independent backup, follow this procedure to decrypt the KEK, re-encrypt it using the new local keystore, and update the key entry in the internal database:

  1. Stop Looker:

    cd looker
./looker stop

    If Looker is clustered, make sure to stop every node before proceeding.

    If any nodes are still running when you later issue the restore_dr_backup command, the command will fail with the message, "There are other live nodes connected to this backend Looker database. If Looker was shutdown within the last minute, try again shortly, otherwise verify all nodes in the cluster are shut down."

  2. Ensure that Looker can access the CMK used for the local keystore of the location where you restored Looker. If the CMK of the restore location is stored in a file, you can use the environment variable LKR_MASTER_KEY_FILE to point to the path of the CMK file:

    export LKR_MASTER_KEY_FILE=<path_to_CMK_file>

    or, if you want to provide the CMK of the restore location directly in an environment variable, you can use the LKR_MASTER_KEY_ENV environment variable:

    export LKR_MASTER_KEY_ENV=<CMK_value>

  3. Update the internal database:

    ./looker restore_dr_backup <path_to_CMK_file>

    where <path_to_CMK_file> is the path and filename of the plain text key file created when the keystore-independent backup was made. The key file has the following format:

    {"dbmk":"vr1LUwO3q6weY8iS3JykVljSjiD4m6eGk227Cs7Qu9Q=\n","backup_uid":"XCXvRa38mNeqT6+HRBCo2Q=="}

    where the value for dbmk is a Base64 encoding 256-bit encryption key and backup_uid is a unique name used when saving the key to the database.

After you have updated Looker's internal database, you can start Looker normally. Once Looker is running, we recommend that you delete the plaintext key file used to create the keystore-independent backup.