Menu Categories Author

Nubis Novem

Consulting On Cloud Nine

Amazon AWS automated snapshot copy to another region

In our initial post on the AWS topic we explained how to automate regular EBS volume snapshot creation using a small Linux instance as a controlling and automation server. Now it is time to fill in the gap of what happens next: automated copy from region 1 to region 2.

  1. First, let us make sure proper permissions are provisioned for the ec2-admin user:
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "Stmt77563489229234",
                "Effect": "Allow",
                "Action": [
                    "ec2:CopySnapshot",
                    "ec2:CreateSnapshot",
                    "ec2:CreateTags",
                    "ec2:DeleteSnapshot",
                    "ec2:DescribeSnapshots",
                    "ec2:DescribeVolumes"
                ],
                "Resource": [
                    "*"
                ]
            }
        ]
    }
  2. Using new Linux shell script that that would initiate a copy between regions. Let us call it ec2-copy-snapshot.sh:
    # copy latest snapshot
    # Script argument $1 - snapshot description only (to select a latest from group of snapshots for a particular volume)
    owner=356377720441
    snapshots=`aws ec2 describe-snapshots --output text --owner-ids $owner | grep "$1" | wc -l`
    echo "Total snapshots: $snapshots."
    snapid=`aws ec2 describe-snapshots --output text --owner-ids $owner | grep "$1" | sort -k8 | cut -f7 | tail -n1`
    echo "Snap ID to copy: $snapid"
    if [ "$snapid" != "" ]; then
       aws --region us-east-1 ec2 copy-snapshot --source-region us-west-2 --source-snapshot-id "$snapid" --description "$1"
    fi
  3. Crontab schedule (using the new script above and the old ec2-delete-snapshots.sh from our previous post):
    # copy snapshots to another region:
    2 11 * * * ~/bin/ec2-copy-snapshot.sh LinSrv1_vol_data
    4 11 * * 2 ~/bin/ec2-copy-snapshot.sh LinSrv1_vol_root
    5 11 * * 2 ~/bin/ec2-copy-snapshot.sh WinSrv2_vol_C
    6 11 * * 2 ~/bin/ec2-copy-snapshot.sh WinSrv2_vol_F
    # purge snapshots at us-west-2:
    12 12 * * * ~/bin/ec2-delete-snapshots.sh vol-1c45234e LinSrv1_vol_data 6 us-west-2
    14 12 * * 4 ~/bin/ec2-delete-snapshots.sh vol-cce9876e LinSrv1_vol_root 3 us-west-2
    15 12 * * 4 ~/bin/ec2-delete-snapshots.sh vol-d23f6a38 WinSrv2_vol_C 4 us-west-2
    16 22 * * 4 ~/bin/ec2-delete-snapshots.sh vol-1e568d2d WinSrv2_vol_F 6 us-west-2
    # purge snapshots at us-east-1:
    0 23 * * * ~/bin/ec2-delete-snapshots.sh vol-1c45234e LinSrv1_vol_data 2 us-east-1
    1 23 * * 1 ~/bin/ec2-delete-snapshots.sh vol-cce9876e LinSrv1_vol_root 2 us-east-1
    2 23 * * 1 ~/bin/ec2-delete-snapshots.sh vol-d23f6a38 WinSrv2_vol_C 2 us-east-1
    3 23 * * 1 ~/bin/ec2-delete-snapshots.sh vol-1e568d2d WinSrv2_vol_F 2 us-east-1

Voila. It works like magic (most of the time).

Correction: source for Linux shell scripts ec2-delete-snapshots.sh and ec2-copy-snapshot.sh contained a bug in this and previous articles on this topic (that we fixed on January 15th 2016). Please see our comment below if you need more details on that.

Comments

(4)
  • Andrei Spassibojko
    #

    Please note. We learned that our Linux shell scripts ec2-copy-snapshot.sh and ec2-delete-snapshots.sh had a nasty bug in them that had to be addressed:

    When finding a latest snapshot, the listing came out in random order (thanks a bunch, Amazon!). We had to modify certain commands to include “sort -k8” command in the Linux pipe chain, to allow sorting them in historical order and thus obtaining the latest snapshot id correctly:

    snapid=`aws ec2 describe-snapshots –output text –owner-ids $owner | grep “$1” | sort -k8 | cut -f7 | tail -n1`

    We have edited this and previous article with script source adjustment.

    • John V
      #

      Hi Andrei

      Thanks for pointing out the sort option. However it seems to be useful only when the snapshots are not taken on the same day.

      That said, how would you sort an output like this?

      2016-06-22T05:07:57.000Z
      2016-06-22T05:17:58.000Z
      2016-06-22T05:37:59.000Z
      2016-06-22T04:20:37.000Z
      2016-06-22T05:49:43.000Z
      2016-06-22T04:47:58.000Z
      2016-06-22T04:27:58.000Z
      2016-06-22T04:25:37.000Z
      2016-06-22T04:37:58.000Z
      2016-06-22T05:27:59.000Z
      2016-06-22T04:57:59.000Z
      2016-06-22T05:47:58.000Z
      2016-06-22T04:19:45.000Z

      ec2-copy-snapshot.sh will end copying not the latest snapshot to the specified region every time. Wish I could find the trick done when you sort from the console.

      • Andrei Spassibojko
        #

        Hi John, it looks like the ‘sort -k7’ pipe command takes and sorts by date+time just fine because sorting is done alphanumerically. We just have confirmed the output in your case would be:

        2016-06-22T04:19:45.000Z
        2016-06-22T04:20:37.000Z
        2016-06-22T04:25:37.000Z
        2016-06-22T04:27:58.000Z
        2016-06-22T04:37:58.000Z
        2016-06-22T04:47:58.000Z
        2016-06-22T04:57:59.000Z
        2016-06-22T05:07:57.000Z
        2016-06-22T05:17:58.000Z
        2016-06-22T05:27:59.000Z
        2016-06-22T05:37:59.000Z
        2016-06-22T05:47:58.000Z
        2016-06-22T05:49:43.000Z

        Hope this helps.

        • John V
          #

          Your response gave me an extra motivation here for revising the lines. It appeared that the Description field included a space. That made sort -k not useful for the approach.

          After removing the space, it’s now sorting the timestamp correctly.

          Many thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *