
EBS-SnapShooter – Python script to snapshot EBS volumes - smile0x90
https://github.com/smileisak/ebs-snapshooter
======
eropple
CloudWatch Events can already do this for you. I wish it were exposed through
automation; that's still coming, but in the interim it's still a solution that
minimizes your own failure surface. Do AWS tasks with AWS's tools whenever you
can--it minimizes points of failure that _you_ have to manage. Check it:
[http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/Ta...](http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/TakeScheduledSnapshot.html)

I've also seen people use Lambda, which is halfway to "do AWS tasks with AWS's
tools"; it's only a few lines of code and can be flexibly triggered without
this much bulk. (Same code can usually be tossed in cron.)

If you want to go the persistent-daemon approach, there's something like
automated-ebs-snapshots (which I used before CloudWatch Events came along),
which is reasonably bulletproofed and is already used in anger:
[https://github.com/skymill/automated-ebs-
snapshots](https://github.com/skymill/automated-ebs-snapshots)

Writing stuff like this is decent practice to get comfortable with the AWS
APIs, but these are generally solved problems. I'd be real uncomfortable with
k8s's "secrets? what's that? is that something I store unencrypted?" approach
to anything remotely sensitive when I'm throwing AWS credentials around; AWS
already provides a _better_ ACL method for this sort of thing in IAM. (If you
have insisted on a k8s cluster and you aren't able to leverage IAM, this is a
problem on your end that should be rectified sooner than soon.)

~~~
paulddraper
Don't your solutions give you potentially corrupted snapshots?

For this reason, for my backups, I run a cronjob on the EC2 instance and call
fsfreeze
([https://linux.die.net/man/8/fsfreeze](https://linux.die.net/man/8/fsfreeze)).
Is this unnecessary?

~~~
zwily
An EBS-snapshot _should_ give a crash-consistent image. However, it's probably
better to freeze if you can. If you're doing RAID across multiple volumes, you
almost definitely need to freeze your volumes while all the snapshots start.

------
manojlds
EBS Snapshot (and purge) is like building the todo app for the Devops world :)

Here's my AWS Lambda implementation that snapshots and purges -
[https://github.com/manojlds/ebs-snapshot-
lambda](https://github.com/manojlds/ebs-snapshot-lambda)

~~~
machbio
Yes, the next step from Todo App is to do Incremental backups, and delete the
old ones beyond certain version.. :)

~~~
paulddraper
EBS snapshots are incremental already....

------
tschellenbach
Similar to:
[https://github.com/tschellenbach/Snaptastic](https://github.com/tschellenbach/Snaptastic)

------
psypher246
AWS has released a best practice guide and pre-built automated template
solution for this on their AWS Answers site:
[https://aws.amazon.com/answers/infrastructure-
management/ebs...](https://aws.amazon.com/answers/infrastructure-
management/ebs-snapshot-scheduler/)

------
robmoorman
What should be the advantage of this script, why just not use the AWS
Scheduled backups service

~~~
smile0x90
It can be done within k8s ecosystem using periodic job. That is the pupose of
this repo.

------
smile0x90
This too make AWS - EBS snapshot periodically and more easy. Docker image can
also be found in quay .

It's an OpenSource project so feel free to contribute :)

~~~
rad_gruchalski
Why not a Lambda function?

~~~
smile0x90
The purpose of this repo is to prepare a Kubernetes Periodic Job to make ebs
snapshots. It can be done with different manner ;)

~~~
eropple
What is the benefit of assuming additional risk by inserting this into _your_
infrastructure instead of using AWS's existing stuff?

(I will admit: am being a little hard on you because I think this is a _bad
idea_. On the scale of bad ideas, it's only a bad idea and not a really bad
idea, but it's a bad idea.)

