For a while now, we've been looking for a solution to a common problem on Amazon EC2 hosting: how do you automatically create regular snapshots of your many EBS (Elastic Block Store) volumes, but also not create so many snapshots that it becomes unmanageable? We might have found the answer.
Creating a snapshot of any given volume is not really a problem, but given that you want to create your snapshots regularly (in our case, once a day), so that if something goes wrong, you always have a very recent copy of your clients' data, you can quickly build up a huge collection, a lot of which is not really needed.
This is where 'The Cloud Walker' obviously encountered the same problem. He has written a very nice PHP script, based on work by Oren Solomianik, that can manage older snapshots for you. It requires that you specify an EBS volume ID, for example, vol-12345678, and it will search for all of the snapshots for that volume. It then deletes any that are older than a week, unless they fall on a Sunday, in which case they're kept for a month, or they fall on the first of the month, in which case they're kept indefintely.
What you're left with is a full week of daily backups, then weekly backups going back a month, then monthly backups after that. This is based on the notion that the more time elapses, the less likely you are to need backups made on a specific date.
The script itself is written in PHP, and comes bundled with Amazon's PHP tools. There are, however, a few requirements:
Firstly, you will need the PHP command line interpreter. Many systems will come with PHP for the web server, say Apache, but not PHP that can be run from a command line. On Ubuntu (and probably Debian too), you can just sudo apt-get install php5-cli to install it, and then you will be able to run PHP scripts by typing php myscript.php from the command line.
Secondly, you will need the PHP XSLT processor, or you will see a message like Fatal error: Class ‘XsltProcessor’ not found. On Ubuntu systems (and probably Debian too) you can simply sudo apt-get install php5-xsl to overcome this.
Thirdly, The Cloud Walker's script, at the time of writing, uses long command line options. These are switches such as --region=foo rather than simply -r foo. Unfortunately, on most systems, prior to PHP 5.3, PHP did not support long options. Because we use Drupal 6 on our production sites, and at the time of writing, Drupal 6 does not work with PHP 5.3, we have had to stay with PHP 5.2 and simply strip the long options out.
We needed to open up The Cloud Walker's script and insert our Amazon access key and secret key, and since we only use one region, we hard-coded that region into the script, but then we were able to supply the volume ID to the script, such as php ec2-manage-snapshots.php -v vol-12345678 and it automatically decided which snaps to keep and which to delete.
Now we just needed an automated way of actually creating the snapshots. In the bundled Amazon PHP tools, in the examples folder, is CreateSnapshotSample.php, which allows you to pass in a volume ID and have a snapshot created for that volume. We made a copy of this, and also a copy of the .config.inc.php in the same folder, because this is where Amazon wants you to put the access key and secret key.
We needed to change the code slightly, because it is not 'region aware' and we needed to instruct it to use a particular region. Luckily, the code for this is inside The Cloud Walker's script, and this worked fine for us:
- $ec2Config = array ('ServiceURL' => '<a href="https://eu-west-1.ec2.amazonaws.com'">https://eu-west-1.ec2.amazonaws.com'</a>);
- $service = new Amazon_EC2_Client(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, $ec2Config);
We tested this by creating a few snapshots from the command line, and things looked like they were ready to rock and roll. The only problem was that now our snapshot creation and our snapshot managements scripts could only operate on one volume ID at a time. We needed a way to manage a whole bunch of EBS volumes in one go, so we put together a bash script that looks a bit like this:
- #!/bin/bash
- DATESTAMP=`date +%Y%m%d`
- TIMESTAMP=`date +%H%M`
- LOGFILE="/var/log/tigerfish_ebs_backup.log"
- VOLUMES=( vol-12345678 vol-23456789 vol-34567890 )
- # Create a snapshot of each volume.
- for volume in ${VOLUMES[@]}
- do
- php CreateSnapshot.php -v $volume 2>&1 | tee -a $LOGFILE
- done
- # Remove older snapshots we don't need to keep any more.
- for volume in ${VOLUMES[@]}
- do
- php ec2-manage-snapshots.php -v $volume 2>&1 | tee -a $LOGFILE
- done
Don't forget to touch your log file before you run this script, because we're using tee in append mode, so it will error if the file does not actually exist!
The last step was simple: set up a cron job to run the bash script daily. There is one thing to note here: we have our databases on an EBS volume, and Amazon's tools make particular mention of the fact that you should shut off your database server while you're performing the snapshot, otherwise the snapshot could become corrupted. This is something we won't cover here, but is reasonably straightforward.
To sum up, a big thanks to The Cloud Walker and Oren Solomianik for doing the work that we based our automatic EBS snapshots upon.
Comments
I am unclear on how you got the CreateSnapshotSample.php script to run via the command line. Can you give an example?
Here is what I got...
$ php CreateSnapshotSample.php -v vol-xxxxxxxx
Caught Exception: The request must contain the parameter volume
Response Status Code: 400
Error Code: MissingParameter
Error Type: Unknown
Request ID: xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
XML: <?xml version="1.0"?>MissingParameterThe request must contain the parameter volumexxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
Hi Otto,
Great thread, I did all my setup following this.
I am also getting the above mentioned error
Caught Exception: The request must contain the parameter volume
Response Status Code: 400
Error Code: MissingParameter
Error Type: Unknown
Request ID: xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
XML: <?xml version="1.0"?>
MissingParameterThe request must contain the parameter volumexxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
Can I hardcode a volume id instead of passing it via prompt? If yes, where should I put it?
Thanks for the great article!
Mahrob
Hi,
I m not able to add the request parameter in the create sanpshop api. Can u guide me how to do it
Caught Exception: The request must contain the parameter volume
Response Status Code: 400
Error Code: MissingParameter
Error Type: Unknown
Request ID: 7aff6baa-863c-4e3a-8e2b-50daca6135f0
XML:
MissingParameterThe request must contain the parameter volume7aff6baa-863c-4e3a-8e2b-50daca6135f0
Hi,
Does any know where to place ec2-manage-snapshots.php file ? And also "Don't forget to touch your log file ....." what does this mean ? Thanks.
Hi
Great work.
However I'm getting the following error trying to execute sudo php createsnapshot.php
Fatal error: Class 'Amazon_EC2_Client' not found in /.../.../createsnapshot.php on line 36
I have already included my ACCESS KEY ID & SECRET ACCESS KEY on the .config.inc.php file. Also this file is in the same directory as createsnapshot.php
Please advise.
I've put together a web-based application to do this, called Ebs2s3. More details are here: http://ajmfulcher.blogspot.com/2011/04/ebs2s3-automated-backup-for-amazo...
Hope this helps out!
Hi,
I get this error. Can you figure out the issue.
# php CreateSnapshotSample.php -v vol-xxxxxxxx
PHP Notice: Undefined variable: request in /var/www/vhosts/ukourt.com/httpdocs/backup/Amazon/EC2/Samples/CreateSnapshotSample.php on line 60
Caught Exception: The request must contain the parameter volume
Response Status Code: 400
Error Code: MissingParameter
Error Type: Unknown
Request ID: xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
XML: <?xml version="1.0" encoding="UTF-8"?>MissingParameterThe request must contain the parameter volumexxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
I could see the -v option is working fine.
Pls advise.
Thx
Bijo
Anyone playing with CreateSnapshotSample.php will need to add a $request array with the volume id and if you are using a different region set the ServiceURL on the connection object.
The $request array is as simple as:
$request = array('VolumeId = > 'vol-12345678');
To use the eu-west-1 region the connection should be something like this:
$ec2Config = array ('ServiceURL' => "https://eu-west-1.ec2.amazonaws.com");
$service = new Amazon_EC2_Client(AWS_ACCESS_KEY_ID,
AWS_SECRET_ACCESS_KEY, $ec2Config);
Hope this helps someone!
Georges script has a small syntax error in it... Here is mine which is for US East:
$request = array('VolumeId' => 'vol-12345678');
$ec2Config = array ('ServiceURL' => "https://us-east-1.ec2.amazonaws.com");
$service = new Amazon_EC2_Client(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, $ec2Config);
Anyone else have problems due to snapshots for AMIs? You can't delete them until ami is deregistered, but I want to keep the ami
If you don't want to set this up yourself, you can use Skeddly to create automatic EC2 snapshots.
http://www.skeddly.com
Does the ec2-manage-snapshots.php script ignore errors on volumes that cannot be deleted due to the fact that they are associated with an AMI? We have a script now that stops due to those volumes and our snapshot list grows unnecessarily.
Regards for sharing the information with us on tiger-fish.com.
I have written a very similar open-source backup tool using bash instead of PHP - it is available at http://awsmissingtools.com - look for the tool "ec2-automate-backups." The tool has a few very cool features - it can backup based on tags and it can backup multiple EBS volumes in one run.
