Creating index snapshots in Amazon OpenSearch Service
Snapshots in Amazon OpenSearch Service are backups of a cluster's indexes and state. State includes cluster settings, node information, index settings, and shard allocation.
OpenSearch Service snapshots come in the following forms:
-
Automated snapshots are only for cluster recovery. You can use them to restore your domain in the event of red cluster status or data loss. For more information, see Restoring snapshots below. OpenSearch Service stores automated snapshots in a preconfigured Amazon S3 bucket at no additional charge.
-
Manual snapshots are for cluster recovery or for moving data from one cluster to another. You have to initiate manual snapshots. These snapshots are stored in your own Amazon S3 bucket and standard S3 charges apply. If you have a snapshot from a self-managed OpenSearch cluster, you can use that snapshot to migrate to an OpenSearch Service domain. For more information, see Migrating to Amazon OpenSearch Service.
All OpenSearch Service domains take automated snapshots, but the frequency differs in the following ways:
-
For domains running OpenSearch or Elasticsearch 5.3 and later, OpenSearch Service takes hourly automated snapshots and retains up to 336 of them for 14 days. Hourly snapshots are less disruptive because of their incremental nature. They also provide a more recent recovery point in case of domain problems.
-
For domains running Elasticsearch 5.1 and earlier, OpenSearch Service takes daily automated snapshots during the hour you specify, retains up to 14 of them, and doesn't retain any snapshot data for more than 30 days.
If your cluster enters red status, all automated snapshots fail while the cluster status persists. If you don't correct the problem within two weeks, you can permanently lose the data in your cluster. For troubleshooting steps, see Red cluster status.
Prerequisites
To create snapshots manually, you need to work with IAM and Amazon S3. Make sure you meet the following prerequisites before you attempt to take a snapshot:
Prerequisite | Description |
---|---|
S3 bucket | Create an S3 bucket to store manual snapshots for your OpenSearch Service domain. For instructions, see Create a Bucket in the Amazon Simple Storage Service User Guide. Remember the name of the bucket to use it in the following places:
ImportantDo not apply an S3 Glacier lifecycle rule to this bucket. Manual snapshots don't support the S3 Glacier storage class. |
IAM role | Create an IAM role to delegate permissions to OpenSearch Service. For
instructions, see Creating an IAM role (console) in the IAM User Guide. The rest of this
chapter refers to this role as Attach an IAM policy Attach the following policy to
For instructions to attach a policy to a role, see Adding IAM Identity Permissions in the IAM User Guide. Edit the trust relationship Edit the trust relationship of
For instructions to edit the trust relationship, see Modifying a role trust policy in the IAM User Guide. |
Permissions |
In order to register the snapshot repository, you need to be able
to pass
If your user or role doesn't have
|
Deleting manual snapshots
To delete a manual snapshot, run the following command:
DELETE _snapshot/
repository-name
/snapshot-name
Automating snapshots with Index State Management
You can use the Index State Management (ISM) snapshot
operation to automatically trigger snapshots of indexes
based on changes in their age, size, or number of documents. ISM is best when you need
one snapshot per index. If you need to snapshot of a group of indices, see Automating snapshots with Snapshot
Management.
To use SM in OpenSearch Service, you need to register your own Amazon S3 repository. For an example ISM
policy using the snapshot
operation, see Sample
Policies.
Using Curator for snapshots
If ISM doesn't work for index and snapshot management, you can use Curator instead. It
offers advanced filtering functionality that can help simplify management tasks on
complex clusters. Use pip
pip install elasticsearch-curator
You can use Curator as a command line interface (CLI) or Python API. If you use the
Python API, you must use version 7.13.4 or earlier of the legacy elasticsearch-py
If you use the CLI, export your credentials at the command line and configure
curator.yml
as follows:
client: hosts: search-
my-domain
.us-west-1
.es.amazonaws.com port: 443 use_ssl: True aws_region:us-west-1
aws_sign_request: True ssl_no_validate: False timeout: 60 logging: loglevel: INFO