The script for backing up EC2 instance of AMI

Hello.

I want to share the script for $subj. Perhaps someone will find it useful.

Problem statement: there are a number of EC2 servers on AWS, scattered in different regions. You want to automate backup, so that recovery was easy and fast.

Actually, the script itself: ec2-automate-backup2ami.sh
Description: README.backup2ami.md
The script wrapper to run the cron: ec2-backup-wrapper.sh

The script must:
the
    the
  • to Install the package ec2-api-tools (I have the version 1.6.7.3)
    • the
  • Edit the script editor by specifying the path to ec2-automate-backup2ami.sh and to a log file
    • the
  • to Create individual AWS IAM user for backups and assign a policy like:
    the 
    {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1389911824000",
"Effect": "Allow",
"Action": [
"ec2:CreateImage",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:DeleteSnapshot",
"ec2:DeregisterImage",
"ec2:DescribeRegions",
"ec2:DescribeSnapshotAttribute",
"ec2:ModifySnapshotAttribute",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeSnapshots",
"ec2:DescribeTags",
"ec2:DescribeVolumeAttribute",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes"
],
"Resource": [
"*"
]
}
]
}

    • the
  • to Create a file with the access parameters for the newly created user:
    the 
    [ec2-user@zenoss ~]$ cat .stage
export AWS_ACCESS_KEY=access_key
export AWS_SECRET_KEY=secret_key
export AWS_ACCESS_KEY_ID=access_key
export AWS_SECRET_ACCESS_KEY=secret_key
    • the
  • to Specify EC2_HOME
    • the
  • Tag for every instance that requires backup, with the Backup with value true

Crontab looks like this:
the 
[ec2-user@backup ~]$ crontab-l
PATH=$PATH:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin
EC2_HOME=/usr/local
SHELL=/bin/bash

00 2 * * * ./ec2-backup-wrapper.sh stage "alerts1@mydomain.cc alerts2@mydomain.cc"


The result of the script is logged in the log file view ec2-automate-backup2ami.stage.log. In the case of runtime errors it will be sent to specified e-mail address.

You should pay attention that the settings file is called .stage, and the script is called without a point.

After a successful run in the AWS AMI image will appear with the name ec2ab_server.domain.cc_YYYY-MM-DD with the following tags:
the

    Name — the name of the EC2 instance

    InitiatingHost — the FQDN of backup server

    PurgeAfterFE — date of deletion of the image in the unix time format

    PurgeAfter — date of deletion of the image in the format YYYY-MM-DD (solely for the convenience of the administrator, the script uses PurgeAfterFE)

    PurgeAllow — enables automatic deletion of the image (default is true)

    Instance — the ID of the EC2 instance

    Created — creation date of the image in the format YYYY-MM-DD



PS the Script is created based on the ec2-automate-backup (backup EBS disks, without iteration, by regions) from colinbjohnson, for which many thanks to him!

PPS Perhaps under Mac OS/X, the script will work incorrectly (see the fourth line in the function get_purge_after_date()), but I have the ability to see.

P. p. p. S. Before creating snapshots, the script does not reset the buffers file systems, so a backup can be consistently. To create consistent snapshots better to use ec2-consistent-snapshot

UPD Added the automatic copy created during backup AMIS to other regions. To enable this option in command prompt, run the script, you must specify the key y, and the configuration instance to add an appropriate tag. The region is selected before you create backups at random from all possible or from the list specified in the command line, the key -o (space delimited). In other words, all copies will go to one region within one run of the script.
For example:
the 
/usr/local/bin/ec2-automate-backup2ami.sh -s tag-t "Backup=true" -14d k-p-h-u-n-y "CopyRegion=true" -o "us-west-1 eu-west-1"

In the example, the script:
the
  • zabekapit all instances in which there is Backup tag with the value true (-s, -t)
    • the
  • will remove the backups created more than 13 days ago (-k, -p)
    • the
  • will add to Bacau different information tags (-h, -u, -n)
    • the
  • copy all backups to one randomly chosen at the start of the script region of the two listed (-y, -o)

    • List of names of regions can be retrieved using the command ec2-describe-regions.

    After copying to the source AMI will be attached a tag CopyRegion with a value corresponding to the region where it was copied. And copied AMI — tag SourceRegion that defines a region of the source.
    Article based on information from habrahabr.ru

    Комментарии

    Отправить комментарий

    Популярные сообщения из этого блога

    Python-digest #8. News, interesting projects, articles and interviews [20 Dec 2013 — 27 Dec 2013]

    Изображение
    in a Hurry to congratulate all with coming new year. The gift I really is quite small — all the same latest news about Python and surrounding technologies. But there are interesting things about searching, Android applications, graphical interface for databases, OAuth, TDD, CMS and other letter combinations. The results of the vote previous digest with a lead of as many as six votes I not allowed to do the release on 3 January, we expect the extended version of January 10, Thank you owlman for illustration to the issue. By the way, he also writing about Python but unfortunately, not very often. Dreams patch the day to 30 hours instead of 24. the Articles and interviews the the time series Analysis with python An attempt to describe the process of analyzing time series using the statsmodels module. TDD with Django 1.6 An example implementation of the approach code development based on writing tests and subsequent writing code that passes those tests....
    Далее...

    Performance comparison of hierarchical models, Django and PostgreSQL

    Изображение
    Good day, dear readers. Today's article will be devoted to the comparison of models of working with hierarchical data in PostgreSQL via Django app. In the article I specifically do not use a clean implementation in the database, because I'm interested in is performance in an environment close to combat. All tests were performed on my data and results are relevant for this data on your data the result may differ from that obtained in the article. Model implementation of the hierarchical structures in the database For working with such structures in PostgreSQL you can use the following modely : the Adjacency model (AM) — model, when the column is stored parent; the Nested Sets (NS) model when paired column stores the range of all sub-elements; the Materialised Path model (MP) model, when the column is stored the full path to the element. Also details about the implementation of hierarchical structures in a relational database, you can read here . To imp...
    Далее...

    google life search

    Изображение
    Yesterday Google announced the Live search So, what is it and how to use it? Did it make your search more relevant and convenient for users? How to get it, where to enter a query to see live results? The algorithm is still driven around and while fully works only for English queries. You enter the query and see the results of the search in the middle of the page in the section Latest result for “your request”. Can try enter your query here . For example, a request Obama. About the middle of the page is visible to block the Latest results that are updated in real-time. New results on request Obama constantly updated and added to the search results. If this text is annoying, you can pause by clicking "Pause", but completely remove the "live search" from the results it is impossible. Adam Smith, a Google employee, guiding the development of new search system in real time, says that not all queries can be seen regularly updated information: ...
    Далее...