2011-06-07

EC2 snapshots as backups

Today I did something silly, and changed the password to one of our AWS EC2 Windows servers to an empty string. I was gonna change it in the same RDP session to a generated password, but somehow forgot about it. My connection broke up due to a timeout (of course) and upon my next login I got this love note:

Logon failure user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced.

Now, on one hand this is pretty cool, because it won't let me stupidly set no password on any of my instances. But it also pretty much means good-bye to that instance. Up until now, I have not found a way to change the administrator password say, through ec2config. So, I imagine the best I can do is make sure that this or something similar does not surprise me again.



It's a good thing that I occasionally make snapshots of all my EC2 volumes. Unfortunately the last snapshot did not include a few changes to the OS that I did, but these were logged off-site, so I was able to reproduce the work done since the backup was made.

It might be a good idea to even automate backing up your instances, but of course then you'll also have to deal with cleaning up old backups.

I hastily wrote the below script to create a backup for each day of the week (scheduled to run daily via cron). This is written in PHP and assumes that you have AWSSDKforPHP included and your AWS credentials set. It cleans up last week's backups for the actual day before creating the snapshots for today. It's not much, and no comments this time, but it's pretty straightforward anyway.

The commented line can be used to filter the instances that you want to create backups for. I use a "Kind" tag to back up only those instances that have a Kind value of "service", "template" or "other".

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
$today = date("l");
 
$ec2 = new AmazonEC2();
 
$snapshots = $ec2->describe_snapshots(array(
    'Filter' => array(
        array('Name' => 'status', 'Value' => 'completed'),
        array('Name' => 'description', 'Value' => 'autosnap for * created on '.$today)
    )
));
$snaps = $snapshots->body->snapshotSet->children();
foreach($snaps as $snap) {
   $snap = $snap->to_array();
   $ec2->delete_snapshot($snap["snapshotId"]);
}
 
$instances = $ec2->describe_instances(array(
    'Filter' => array(
        //array('Name' => 'tag:Kind', 'Value' => array('service', 'template', 'other')),
    )
));
foreach($instances->body->reservationSet->children() as $insts) {
   foreach($insts->instancesSet->children() as $inst) {
      $instanceName = "???";
      foreach($inst->tagSet->children() as $tag)
         if ($tag->key == "Name") {
            $instanceName = $tag->value;
            break;
         }
      foreach($inst->blockDeviceMapping->children() as $vol) {
         $vol = $vol->ebs->to_array();
         $volumeId = $vol["volumeId"];
         $ec2->create_snapshot($volumeId, "autosnap for ".$instanceName." created on ".$today);
      }
   }
}

No comments:

Post a Comment