Install pip if necessarynode
python get-pip.py
|
Install Curator for Elasticsearchpython
Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots by:json
pip
install
elasticsearch-curator
pip
install
click==6.7
|
Configure curatorbootstrap
mkdir
-p
/var/log/elastic
touch
/var/log/elastic/curator
.log
mkdir
~/.curator
vi
~/.curator
/curator
.yml
|
# Remember, leave a key empty if there is no value. None will be a string,
## not a Python "NoneType"
client:
hosts: [Elasticsearch Server IP]
port: 9200
url_prefix:
use_ssl: False
certificate:
client_cert:
client_key:
ssl_no_validate: False
http_auth:
timeout: 30
master_only: False
logging:
loglevel: INFO
logfile: /var/log/elastic/curator.log
logformat: default
blacklist: ['elasticsearch', 'urllib3']
|
Have a test, now you can get the indices list
curator_cli show_indicesbash
Create repositoryapp
Configure elasticseach.yml default in /etc/elasticsearch/elasticsearch.ymlcurl
path.repo:
/u01/elasticsearch/backup
http.max_header_size: 16kb
|
Restart elasticsearch service (service elasticsearch restart) to make the configurations work.elasticsearch
Create repository elasticsearch. Ensure location points to a valid path which is configured in path.repo, accesable from all nodes.ui
curl -XPUT http:
//localhost
:9200
/_snapshot/es_backup
-H
"Content-Type: application/json"
-d @repository.json
|
{
"type"
:
"fs"
,
"settings"
: {
"compress"
:
true
,
"location"
:
"/u01/elasticsearch/backup"
}
}
|
Have a testthis
curl -XGET
'localhost:9200/_snapshot/_all?pretty=true'
|
Create curator yaml action files
daily_backup.yml
Customize the snapshot name in name option
action 1: backup all indices before today to repository elasticsearch with specified snapshot name
action 2: delete indices older than 185 days
---
actions:
1:
action: snapshot
description: >-
Snapshot selected all indices to repository
'elasticsearch'
with the snapshot name
options:
repository: es_backup
name:
'<c4cert-{now/d-1d}>'
wait_for_completion: True
max_wait: 4800
wait_interval: 30
filters:
- filtertype: age
source
: name
direction: older
unit: days
unit_count: 1
timestring:
"%Y.%m.%d"
2:
action: delete_indices
description: >-
Delete indices
which
is older than 185 days
filters:
- filtertype: age
source
: name
direction: older
unit: days
unit_count: 185
timestring:
"%Y.%m.%d"
|
del_snapshot.yml
action 1: Delete snapshots from repository elasticsearch which is older than 185 days
---
actions:
1:
action: delete_snapshots
description: >-
Delete snapshots from repository
which
is older than 185 days
options:
repository: es_backup
retry_interval: 120
retry_count: 3
filters:
- filtertype: age
source
: creation_date
direction: older
unit: days
unit_count: 185
|
restore.yml
action 1: Restore all indices in the most recent snapshot with state SUCCESS.
---
actions:
1:
action: restore
description: >-
Restore all indices
in
the most recent snapshot with state SUCCESS. Wait
for
the restore to complete before continuing. Do not skip the repository
filesystem access check. Use the other options to define the index
/shard
settings
for
the restore.
options:
repository: es_backup
# If name is blank, the most recent snapshot by age will be selected
name:
# If indices is blank, all indices in the snapshot will be restored
indices:
wait_for_completion: True
max_wait: 3600
wait_interval: 10
filters:
- filtertype: state
state: SUCCESS
|
Note: use --dry-run option to verify your action without any change. Find the dry run results in log path.
Curator --dry-run daily_backup.yml
Shell script and crontab
#!/bin/sh
curator
/u01/curator/del_snapshot
.yml
curator
/u01/curator/daily_backup
.yml
|
crontab -e
Here configured the job run on every 3 AM
0 3 * * *
/bin/sh
/u01/curator/run
.sh
|
Restore
Curator restore.yml
Tested OK in CERT env.
Some useful API
# get all repositories
curl -XGET
'localhost:9200/_snapshot/_all?pretty=true'
# delete repository
curl -XDELETE
'localhost:9200/_snapshot/es-snapshot?pretty=true'
# show snapshots
curator_cli show_snapshots --repository es_backup
# show indices
curator_cli show_indices
|