本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
使用前置和后置脚本自动生成应用程序一致性快照
您可以通过在以实例为目标的快照生命周期策略中启用前置和后置脚本,使用 Amazon Data Lifecycle Manager 自动生成应用程序一致性快照。
Amazon Data Lifecycle Manager 与 AWS Systems Manager (Systems Manager)集成,以支持应用程序一致性快照。Amazon Data Lifecycle Manager 使用 Systems Manager(SSM)命令文档(包括前置和后置脚本)来自动执行完成应用程序一致性快照所需的操作。在 Amazon Data Lifecycle Manager 启动快照创建之前,其会运行前置脚本中的命令来冻结和刷新 I/O。在 Amazon Data Lifecycle Manager 启动快照创建后,其会运行后置脚本中的命令来解冻 I/O。
使用 Amazon Data Lifecycle Manager,您可以自动生成以下内容的应用程序一致性快照:
-
使用卷影复制服务(VSS)的 Windows 应用程序
-
SAP HANA 使用 AWS 托管 SSDM 文档。有关更多信息,请参阅 Amazon EBS snapshots for SAP HANA。
-
使用 SSM 文档模板自行管理的数据库,例如 MySQL、PostgreSQL InterSystems 或 IRIS
应用程序一致性快照入门
本节介绍使用 Amazon Data Lifecycle Manager 自动生成应用程序一致性快照所需遵循的步骤。
您需要使用 Amazon Data Lifecycle Manager 为应用程序一致性快照准备目标实例。根据您的用例执行以下操作之一。
- Prepare for VSS Backups
-
为 VSS 备份准备目标实例
-
在目标实例上安装 SSM Agent(如果尚未安装)。如果目标实例上已安装 SSM Agent,请跳过此步骤。
有关更多信息,请参阅在适用于 Windows 的 Amazon EC2 实例上手动安装 SSM Agent。
-
确保 SSM Agent 正在运行。有关更多信息,请参阅正在检查 SSM Agent 状态并启动代理。
-
为 Amazon EC2 实例设置 Systems Manager。有关更多信息,请参阅《AWS Systems Manager 用户指南》中的为 Amazon EC2 实例设置 Systems Manager。
-
- Prepare for SAP HANA backups
-
为 SAP HANA 备份准备目标实例
-
在目标实例上准备 SAP HANA 环境。
-
使用 SAP HANA 设置实例。如果您还没有现成的 SAP HANA 环境,则可以参考 SAP HANA Environment Setup on AWS。
-
以合适的管理员用户身份登录 SystemDB。
-
创建要与 Amazon Data Lifecycle Manager 一起使用的数据库备份用户。
CREATE USERusernamePASSWORDpasswordNO FORCE_FIRST_PASSWORD_CHANGE;例如,以下命令创建了一个名为
dlm_user并且密码为password的用户。CREATE USER dlm_user PASSWORD password NO FORCE_FIRST_PASSWORD_CHANGE; -
将
BACKUP OPERATOR角色分配给您在上一步中创建的数据库备份用户。GRANT BACKUP OPERATOR TOusername例如,以下命令将角色分配给名为
dlm_user的用户。GRANT BACKUP OPERATOR TO dlm_user -
以管理员身份登录操作系统,例如
sidadm -
创建一个
hdbuserstore条目来存储连接信息,这样 SAP HANA SSM 文档就可以连接到 SAP HANA,而无需用户输入信息。hdbuserstore set DLM_HANADB_SNAPSHOT_USER localhost:3hana_instance_number13usernamepassword例如:
hdbuserstore set DLM_HANADB_SNAPSHOT_USER localhost:30013 dlm_user password -
测试连接。
hdbsql -U DLM_HANADB_SNAPSHOT_USER "select * from dummy"
-
-
在目标实例上安装 SSM Agent(如果尚未安装)。如果目标实例上已安装 SSM Agent,请跳过此步骤。
有关更多信息,请参阅在适用于 Linux 的 Amazon EC2 实例上手动安装 SSM Agent。
-
确保 SSM Agent 正在运行。有关更多信息,请参阅正在检查 SSM Agent 状态并启动代理。
-
为 Amazon EC2 实例设置 Systems Manager。有关更多信息,请参阅《AWS Systems Manager 用户指南》中的为 Amazon EC2 实例设置 Systems Manager。
-
- Prepare for custom SSM documents
-
为 SSM 文档准备目标实例
-
在目标实例上安装 SSM Agent(如果尚未安装)。如果目标实例上已安装 SSM Agent,请跳过此步骤。
-
(Windows 实例)在适用于 Windows 的 Amazon EC2 实例上手动安装 SSM Agent
-
确保 SSM Agent 正在运行。有关更多信息,请参阅正在检查 SSM Agent 状态并启动代理。
-
为 Amazon EC2 实例设置 Systems Manager。有关更多信息,请参阅《AWS Systems Manager 用户指南》中的为 Amazon EC2 实例设置 Systems Manager。
-
注意
只有自定义 SSM 文档才需要执行此步骤。VSS 备份或 SAP HANA 不需要执行此步骤。对于 VSS 备份和 SAP HANA,Amazon Data Lifecycle Manager 使用 AWS 托管 SSM 文档。
如果要为自管理的数据库(例如 MySQL、PostgreSQL 或 InterSystems IRIS)自动生成应用程序一致性快照,则必须创建一个 SSM 命令文档,其中包含用于在启动快照创建之前冻结和刷新 I/O 的预脚本,以及用于在启动快照创建后解冻 I/O 的后置脚本。
如果您的 MySQL、PostgreSQL InterSystems 或 IRIS 数据库使用标准配置,则可以使用下面的示例 SSM 文档内容创建 SSM 命令文档。如果您的 MySQL、PostgreSQL InterSystems 或 IRIS 数据库使用非标准配置,则可以使用以下示例内容作为 SSM 命令文档的起点,然后对其进行自定义以满足您的要求。或者,如果想要从头开始创建新的 SSM 文档,则可以使用下面的 SSM 文档空白模板,并在相应的文档部分中添加前置和后置命令。
请注意以下几点:
-
您负责确保 SSM 文档为数据库配置执行正确且必需的操作。
-
只有当 SSM 文档中的前置和后置脚本能够成功冻结、刷新和解冻 I/O 时,才能保证快照具有应用程序一致性。
-
SSM 文档必须包含
allowedValues的必填字段,包括pre-script、post-script和dry-run。Amazon Data Lifecycle Manager 将根据这些部分的内容在您的实例上执行命令。如果您的 SSM 文档没有这些部分,则 Amazon Data Lifecycle Manager 会将其视为执行失败。
- MySQL sample document content
-
###===============================================================================### # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # Permission is hereby granted, free of charge, to any person obtaining a copy of this # software and associated documentation files (the "Software"), to deal in the Software # without restriction, including without limitation the rights to use, copy, modify, # merge, publish, distribute, sublicense, and/or sell copies of the Software, and to # permit persons to whom the Software is furnished to do so. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ###===============================================================================### schemaVersion: '2.2' description: Amazon Data Lifecycle Manager Pre/Post script for MySQL databases parameters: executionId: type: String default: None description: (Required) Specifies the unique identifier associated with a pre and/or post execution allowedPattern: ^(None|[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$ command: # Data Lifecycle Manager will trigger the pre-script and post-script actions during policy execution. # 'dry-run' option is intended for validating the document execution without triggering any commands # on the instance. The following allowedValues will allow Data Lifecycle Manager to successfully # trigger pre and post script actions. type: String default: 'dry-run' description: (Required) Specifies whether pre-script and/or post-script should be executed. allowedValues: - pre-script - post-script - dry-run mainSteps: - action: aws:runShellScript description: Run MySQL Database freeze/thaw commands name: run_pre_post_scripts precondition: StringEquals: - platformType - Linux inputs: runCommand: - | #!/bin/bash ###===============================================================================### ### Error Codes ###===============================================================================### # The following Error codes will inform Data Lifecycle Manager of the type of error # and help guide handling of the error. # The Error code will also be emitted via AWS Eventbridge events in the 'cause' field. # 1 Pre-script failed during execution - 201 # 2 Post-script failed during execution - 202 # 3 Auto thaw occurred before post-script was initiated - 203 # 4 Pre-script initiated while post-script was expected - 204 # 5 Post-script initiated while pre-script was expected - 205 # 6 Application not ready for pre or post-script initiation - 206 ###=================================================================### ### Global variables ###=================================================================### START=$(date +%s) # For testing this script locally, replace the below with OPERATION=$1. OPERATION={{ command }} FS_ALREADY_FROZEN_ERROR='freeze failed: Device or resource busy' FS_ALREADY_THAWED_ERROR='unfreeze failed: Invalid argument' FS_BUSY_ERROR='mount point is busy' # Auto thaw is a fail safe mechanism to automatically unfreeze the application after the # duration specified in the global variable below. Choose the duration based on your # database application's tolerance to freeze. export AUTO_THAW_DURATION_SECS="60" # Add all pre-script actions to be performed within the function below execute_pre_script() { echo "INFO: Start execution of pre-script" # Check if filesystem is already frozen. No error code indicates that filesystem # is not currently frozen and that the pre-script can proceed with freezing the filesystem. check_fs_freeze # Execute the DB commands to flush the DB in preparation for snapshot snap_db # Freeze the filesystem. No error code indicates that filesystem was succefully frozen freeze_fs echo "INFO: Schedule Auto Thaw to execute in ${AUTO_THAW_DURATION_SECS} seconds." $(nohup bash -c execute_schedule_auto_thaw >/dev/null 2>&1 &) } # Add all post-script actions to be performed within the function below execute_post_script() { echo "INFO: Start execution of post-script" # Unfreeze the filesystem. No error code indicates that filesystem was successfully unfrozen. unfreeze_fs thaw_db } # Execute Auto Thaw to automatically unfreeze the application after the duration configured # in the AUTO_THAW_DURATION_SECS global variable. execute_schedule_auto_thaw() { sleep ${AUTO_THAW_DURATION_SECS} execute_post_script } # Disable Auto Thaw if it is still enabled execute_disable_auto_thaw() { echo "INFO: Attempting to disable auto thaw if enabled" auto_thaw_pgid=$(pgrep -f execute_schedule_auto_thaw | xargs -i ps -hp {} -o pgid) if [ -n "${auto_thaw_pgid}" ]; then echo "INFO: execute_schedule_auto_thaw process found with pgid ${auto_thaw_pgid}" sudo pkill -g ${auto_thaw_pgid} rc=$? if [ ${rc} != 0 ]; then echo "ERROR: Unable to kill execute_schedule_auto_thaw process. retval=${rc}" else echo "INFO: Auto Thaw has been disabled" fi fi } # Iterate over all the mountpoints and check if filesystem is already in freeze state. # Return error code 204 if any of the mount points are already frozen. check_fs_freeze() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous and pre-script does not freeze these filesystems. # Hence, we will skip the root and boot mountpoints while checking if filesystem is in freeze state. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi error_message=$(sudo mount -o remount,noatime $target 2>&1) # Remount will be a no-op without a error message if the filesystem is unfrozen. # However, if filesystem is already frozen, remount will fail with busy error message. if [ $? -ne 0 ];then # If the filesystem is already in frozen, return error code 204 if [[ "$error_message" == *"$FS_BUSY_ERROR"* ]];then echo "ERROR: Filesystem ${target} already frozen. Return Error Code: 204" exit 204 fi # If the check filesystem freeze failed due to any reason other than the filesystem already frozen, return 201 echo "ERROR: Failed to check_fs_freeze on mountpoint $target due to error - $errormessage" exit 201 fi done } # Iterate over all the mountpoints and freeze the filesystem. freeze_fs() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous. Hence, skip filesystem freeze # operations for root and boot mountpoints. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi echo "INFO: Freezing $target" error_message=$(sudo fsfreeze -f $target 2>&1) if [ $? -ne 0 ];then # If the filesystem is already in frozen, return error code 204 if [[ "$error_message" == *"$FS_ALREADY_FROZEN_ERROR"* ]]; then echo "ERROR: Filesystem ${target} already frozen. Return Error Code: 204" sudo mysql -e 'UNLOCK TABLES;' exit 204 fi # If the filesystem freeze failed due to any reason other than the filesystem already frozen, return 201 echo "ERROR: Failed to freeze mountpoint $targetdue due to error - $errormessage" thaw_db exit 201 fi echo "INFO: Freezing complete on $target" done } # Iterate over all the mountpoints and unfreeze the filesystem. unfreeze_fs() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous and pre-script does not freeze these filesystems. # Hence, will skip the root and boot mountpoints during unfreeze as well. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi echo "INFO: Thawing $target" error_message=$(sudo fsfreeze -u $target 2>&1) # Check if filesystem is already unfrozen (thawed). Return error code 204 if filesystem is already unfrozen. if [ $? -ne 0 ]; then if [[ "$error_message" == *"$FS_ALREADY_THAWED_ERROR"* ]]; then echo "ERROR: Filesystem ${target} is already in thaw state. Return Error Code: 205" exit 205 fi # If the filesystem unfreeze failed due to any reason other than the filesystem already unfrozen, return 202 echo "ERROR: Failed to unfreeze mountpoint $targetdue due to error - $errormessage" exit 202 fi echo "INFO: Thaw complete on $target" done } snap_db() { # Run the flush command only when MySQL DB service is up and running sudo systemctl is-active --quiet mysqld.service if [ $? -eq 0 ]; then echo "INFO: Execute MySQL Flush and Lock command." sudo mysql -e 'FLUSH TABLES WITH READ LOCK;' # If the MySQL Flush and Lock command did not succeed, return error code 201 to indicate pre-script failure if [ $? -ne 0 ]; then echo "ERROR: MySQL FLUSH TABLES WITH READ LOCK command failed." exit 201 fi sync else echo "INFO: MySQL service is inactive. Skipping execution of MySQL Flush and Lock command." fi } thaw_db() { # Run the unlock command only when MySQL DB service is up and running sudo systemctl is-active --quiet mysqld.service if [ $? -eq 0 ]; then echo "INFO: Execute MySQL Unlock" sudo mysql -e 'UNLOCK TABLES;' else echo "INFO: MySQL service is inactive. Skipping execution of MySQL Unlock command." fi } export -f execute_schedule_auto_thaw export -f execute_post_script export -f unfreeze_fs export -f thaw_db # Debug logging for parameters passed to the SSM document echo "INFO: ${OPERATION} starting at $(date) with executionId: ${EXECUTION_ID}" # Based on the command parameter value execute the function that supports # pre-script/post-script operation case ${OPERATION} in pre-script) execute_pre_script ;; post-script) execute_post_script execute_disable_auto_thaw ;; dry-run) echo "INFO: dry-run option invoked - taking no action" ;; *) echo "ERROR: Invalid command parameter passed. Please use either pre-script, post-script, dry-run." exit 1 # return failure ;; esac END=$(date +%s) # Debug Log for profiling the script time echo "INFO: ${OPERATION} completed at $(date). Total runtime: $((${END} - ${START})) seconds." - PostgreSQL sample document content
-
###===============================================================================### # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # Permission is hereby granted, free of charge, to any person obtaining a copy of this # software and associated documentation files (the "Software"), to deal in the Software # without restriction, including without limitation the rights to use, copy, modify, # merge, publish, distribute, sublicense, and/or sell copies of the Software, and to # permit persons to whom the Software is furnished to do so. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ###===============================================================================### schemaVersion: '2.2' description: Amazon Data Lifecycle Manager Pre/Post script for PostgreSQL databases parameters: executionId: type: String default: None description: (Required) Specifies the unique identifier associated with a pre and/or post execution allowedPattern: ^(None|[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$ command: # Data Lifecycle Manager will trigger the pre-script and post-script actions during policy execution. # 'dry-run' option is intended for validating the document execution without triggering any commands # on the instance. The following allowedValues will allow Data Lifecycle Manager to successfully # trigger pre and post script actions. type: String default: 'dry-run' description: (Required) Specifies whether pre-script and/or post-script should be executed. allowedValues: - pre-script - post-script - dry-run mainSteps: - action: aws:runShellScript description: Run PostgreSQL Database freeze/thaw commands name: run_pre_post_scripts precondition: StringEquals: - platformType - Linux inputs: runCommand: - | #!/bin/bash ###===============================================================================### ### Error Codes ###===============================================================================### # The following Error codes will inform Data Lifecycle Manager of the type of error # and help guide handling of the error. # The Error code will also be emitted via AWS Eventbridge events in the 'cause' field. # 1 Pre-script failed during execution - 201 # 2 Post-script failed during execution - 202 # 3 Auto thaw occurred before post-script was initiated - 203 # 4 Pre-script initiated while post-script was expected - 204 # 5 Post-script initiated while pre-script was expected - 205 # 6 Application not ready for pre or post-script initiation - 206 ###===============================================================================### ### Global variables ###===============================================================================### START=$(date +%s) OPERATION={{ command }} FS_ALREADY_FROZEN_ERROR='freeze failed: Device or resource busy' FS_ALREADY_THAWED_ERROR='unfreeze failed: Invalid argument' FS_BUSY_ERROR='mount point is busy' # Auto thaw is a fail safe mechanism to automatically unfreeze the application after the # duration specified in the global variable below. Choose the duration based on your # database application's tolerance to freeze. export AUTO_THAW_DURATION_SECS="60" # Add all pre-script actions to be performed within the function below execute_pre_script() { echo "INFO: Start execution of pre-script" # Check if filesystem is already frozen. No error code indicates that filesystem # is not currently frozen and that the pre-script can proceed with freezing the filesystem. check_fs_freeze # Execute the DB commands to flush the DB in preparation for snapshot snap_db # Freeze the filesystem. No error code indicates that filesystem was succefully frozen freeze_fs echo "INFO: Schedule Auto Thaw to execute in ${AUTO_THAW_DURATION_SECS} seconds." $(nohup bash -c execute_schedule_auto_thaw >/dev/null 2>&1 &) } # Add all post-script actions to be performed within the function below execute_post_script() { echo "INFO: Start execution of post-script" # Unfreeze the filesystem. No error code indicates that filesystem was successfully unfrozen unfreeze_fs } # Execute Auto Thaw to automatically unfreeze the application after the duration configured # in the AUTO_THAW_DURATION_SECS global variable. execute_schedule_auto_thaw() { sleep ${AUTO_THAW_DURATION_SECS} execute_post_script } # Disable Auto Thaw if it is still enabled execute_disable_auto_thaw() { echo "INFO: Attempting to disable auto thaw if enabled" auto_thaw_pgid=$(pgrep -f execute_schedule_auto_thaw | xargs -i ps -hp {} -o pgid) if [ -n "${auto_thaw_pgid}" ]; then echo "INFO: execute_schedule_auto_thaw process found with pgid ${auto_thaw_pgid}" sudo pkill -g ${auto_thaw_pgid} rc=$? if [ ${rc} != 0 ]; then echo "ERROR: Unable to kill execute_schedule_auto_thaw process. retval=${rc}" else echo "INFO: Auto Thaw has been disabled" fi fi } # Iterate over all the mountpoints and check if filesystem is already in freeze state. # Return error code 204 if any of the mount points are already frozen. check_fs_freeze() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous and pre-script does not freeze these filesystems. # Hence, we will skip the root and boot mountpoints while checking if filesystem is in freeze state. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi error_message=$(sudo mount -o remount,noatime $target 2>&1) # Remount will be a no-op without a error message if the filesystem is unfrozen. # However, if filesystem is already frozen, remount will fail with busy error message. if [ $? -ne 0 ];then # If the filesystem is already in frozen, return error code 204 if [[ "$error_message" == *"$FS_BUSY_ERROR"* ]];then echo "ERROR: Filesystem ${target} already frozen. Return Error Code: 204" exit 204 fi # If the check filesystem freeze failed due to any reason other than the filesystem already frozen, return 201 echo "ERROR: Failed to check_fs_freeze on mountpoint $target due to error - $errormessage" exit 201 fi done } # Iterate over all the mountpoints and freeze the filesystem. freeze_fs() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous. Hence, skip filesystem freeze # operations for root and boot mountpoints. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi echo "INFO: Freezing $target" error_message=$(sudo fsfreeze -f $target 2>&1) if [ $? -ne 0 ];then # If the filesystem is already in frozen, return error code 204 if [[ "$error_message" == *"$FS_ALREADY_FROZEN_ERROR"* ]]; then echo "ERROR: Filesystem ${target} already frozen. Return Error Code: 204" exit 204 fi # If the filesystem freeze failed due to any reason other than the filesystem already frozen, return 201 echo "ERROR: Failed to freeze mountpoint $targetdue due to error - $errormessage" exit 201 fi echo "INFO: Freezing complete on $target" done } # Iterate over all the mountpoints and unfreeze the filesystem. unfreeze_fs() { for target in $(lsblk -nlo MOUNTPOINTS) do # Freeze of the root and boot filesystems is dangerous and pre-script does not freeze these filesystems. # Hence, will skip the root and boot mountpoints during unfreeze as well. if [ $target == '/' ]; then continue; fi if [[ "$target" == *"/boot"* ]]; then continue; fi echo "INFO: Thawing $target" error_message=$(sudo fsfreeze -u $target 2>&1) # Check if filesystem is already unfrozen (thawed). Return error code 204 if filesystem is already unfrozen. if [ $? -ne 0 ]; then if [[ "$error_message" == *"$FS_ALREADY_THAWED_ERROR"* ]]; then echo "ERROR: Filesystem ${target} is already in thaw state. Return Error Code: 205" exit 205 fi # If the filesystem unfreeze failed due to any reason other than the filesystem already unfrozen, return 202 echo "ERROR: Failed to unfreeze mountpoint $targetdue due to error - $errormessage" exit 202 fi echo "INFO: Thaw complete on $target" done } snap_db() { # Run the flush command only when PostgreSQL DB service is up and running sudo systemctl is-active --quiet postgresql if [ $? -eq 0 ]; then echo "INFO: Execute Postgres CHECKPOINT" # PostgreSQL command to flush the transactions in memory to disk sudo -u postgres psql -c 'CHECKPOINT;' # If the PostgreSQL Command did not succeed, return error code 201 to indicate pre-script failure if [ $? -ne 0 ]; then echo "ERROR: Postgres CHECKPOINT command failed." exit 201 fi sync else echo "INFO: PostgreSQL service is inactive. Skipping execution of CHECKPOINT command." fi } export -f execute_schedule_auto_thaw export -f execute_post_script export -f unfreeze_fs # Debug logging for parameters passed to the SSM document echo "INFO: ${OPERATION} starting at $(date) with executionId: ${EXECUTION_ID}" # Based on the command parameter value execute the function that supports # pre-script/post-script operation case ${OPERATION} in pre-script) execute_pre_script ;; post-script) execute_post_script execute_disable_auto_thaw ;; dry-run) echo "INFO: dry-run option invoked - taking no action" ;; *) echo "ERROR: Invalid command parameter passed. Please use either pre-script, post-script, dry-run." exit 1 # return failure ;; esac END=$(date +%s) # Debug Log for profiling the script time echo "INFO: ${OPERATION} completed at $(date). Total runtime: $((${END} - ${START})) seconds." - InterSystems IRIS sample document content
-
###===============================================================================### # MIT License # # Copyright (c) 2024 InterSystems # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. ###===============================================================================### schemaVersion: '2.2' description: SSM Document Template for Amazon Data Lifecycle Manager Pre/Post script feature for InterSystems IRIS. parameters: executionId: type: String default: None description: Specifies the unique identifier associated with a pre and/or post execution allowedPattern: ^(None|[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$ command: type: String # Data Lifecycle Manager will trigger the pre-script and post-script actions. You can also use this SSM document with 'dry-run' for manual testing purposes. default: 'dry-run' description: (Required) Specifies whether pre-script and/or post-script should be executed. #The following allowedValues will allow Data Lifecycle Manager to successfully trigger pre and post script actions. allowedValues: - pre-script - post-script - dry-run mainSteps: - action: aws:runShellScript description: Run InterSystems IRIS Database freeze/thaw commands name: run_pre_post_scripts precondition: StringEquals: - platformType - Linux inputs: runCommand: - | #!/bin/bash ###===============================================================================### ### Global variables ###===============================================================================### DOCKER_NAME=iris LOGDIR=./ EXIT_CODE=0 OPERATION={{ command }} START=$(date +%s) # Check if Docker is installed # By default if Docker is present, script assumes that InterSystems IRIS is running in Docker # Leave only the else block DOCKER_EXEC line, if you run InterSystems IRIS non-containerised (and Docker is present). # Script assumes irissys user has OS auth enabled, change the OS user or supply login/password depending on your configuration. if command -v docker &> /dev/null then DOCKER_EXEC="docker exec $DOCKER_NAME" else DOCKER_EXEC="sudo -i -u irissys" fi # Add all pre-script actions to be performed within the function below execute_pre_script() { echo "INFO: Start execution of pre-script" # find all iris running instances iris_instances=$($DOCKER_EXEC iris qall 2>/dev/null | tail -n +3 | grep '^up' | cut -c5- | awk '{print $1}') echo "`date`: Running iris instances $iris_instances" # Only for running instances for INST in $iris_instances; do echo "`date`: Attempting to freeze $INST" # Detailed instances specific log LOGFILE=$LOGDIR/$INST-pre_post.log #check Freeze status before starting $DOCKER_EXEC irissession $INST -U '%SYS' "##Class(Backup.General).IsWDSuspendedExt()" freeze_status=$? if [ $freeze_status -eq 5 ]; then echo "`date`: ERROR: $INST IS already FROZEN" EXIT_CODE=204 else echo "`date`: $INST is not frozen" # Freeze # Docs: https://docs.intersystems.com/irislatest/csp/documatic/%25CSP.Documatic.cls?LIBRARY=%25SYS&CLASSNAME=Backup.General#ExternalFreeze $DOCKER_EXEC irissession $INST -U '%SYS' "##Class(Backup.General).ExternalFreeze(\"$LOGFILE\",,,,,,600,,,300)" status=$? case $status in 5) echo "`date`: $INST IS FROZEN" ;; 3) echo "`date`: $INST FREEZE FAILED" EXIT_CODE=201 ;; *) echo "`date`: ERROR: Unknown status code: $status" EXIT_CODE=201 ;; esac echo "`date`: Completed freeze of $INST" fi done echo "`date`: Pre freeze script finished" } # Add all post-script actions to be performed within the function below execute_post_script() { echo "INFO: Start execution of post-script" # find all iris running instances iris_instances=$($DOCKER_EXEC iris qall 2>/dev/null | tail -n +3 | grep '^up' | cut -c5- | awk '{print $1}') echo "`date`: Running iris instances $iris_instances" # Only for running instances for INST in $iris_instances; do echo "`date`: Attempting to thaw $INST" # Detailed instances specific log LOGFILE=$LOGDIR/$INST-pre_post.log #check Freeze status befor starting $DOCKER_EXEC irissession $INST -U '%SYS' "##Class(Backup.General).IsWDSuspendedExt()" freeze_status=$? if [ $freeze_status -eq 5 ]; then echo "`date`: $INST is in frozen state" # Thaw # Docs: https://docs.intersystems.com/irislatest/csp/documatic/%25CSP.Documatic.cls?LIBRARY=%25SYS&CLASSNAME=Backup.General#ExternalFreeze $DOCKER_EXEC irissession $INST -U%SYS "##Class(Backup.General).ExternalThaw(\"$LOGFILE\")" status=$? case $status in 5) echo "`date`: $INST IS THAWED" $DOCKER_EXEC irissession $INST -U%SYS "##Class(Backup.General).ExternalSetHistory(\"$LOGFILE\")" ;; 3) echo "`date`: $INST THAW FAILED" EXIT_CODE=202 ;; *) echo "`date`: ERROR: Unknown status code: $status" EXIT_CODE=202 ;; esac echo "`date`: Completed thaw of $INST" else echo "`date`: ERROR: $INST IS already THAWED" EXIT_CODE=205 fi done echo "`date`: Post thaw script finished" } # Debug logging for parameters passed to the SSM document echo "INFO: ${OPERATION} starting at $(date) with executionId: ${EXECUTION_ID}" # Based on the command parameter value execute the function that supports # pre-script/post-script operation case ${OPERATION} in pre-script) execute_pre_script ;; post-script) execute_post_script ;; dry-run) echo "INFO: dry-run option invoked - taking no action" ;; *) echo "ERROR: Invalid command parameter passed. Please use either pre-script, post-script, dry-run." # return failure EXIT_CODE=1 ;; esac END=$(date +%s) # Debug Log for profiling the script time echo "INFO: ${OPERATION} completed at $(date). Total runtime: $((${END} - ${START})) seconds." exit $EXIT_CODE有关更多信息,请参阅GitHub 存储库
。 - Empty document template
-
###===============================================================================### # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # Permission is hereby granted, free of charge, to any person obtaining a copy of this # software and associated documentation files (the "Software"), to deal in the Software # without restriction, including without limitation the rights to use, copy, modify, # merge, publish, distribute, sublicense, and/or sell copies of the Software, and to # permit persons to whom the Software is furnished to do so. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ###===============================================================================### schemaVersion: '2.2' description: SSM Document Template for Amazon Data Lifecycle Manager Pre/Post script feature parameters: executionId: type: String default: None description: (Required) Specifies the unique identifier associated with a pre and/or post execution allowedPattern: ^(None|[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$ command: # Data Lifecycle Manager will trigger the pre-script and post-script actions during policy execution. # 'dry-run' option is intended for validating the document execution without triggering any commands # on the instance. The following allowedValues will allow Data Lifecycle Manager to successfully # trigger pre and post script actions. type: String default: 'dry-run' description: (Required) Specifies whether pre-script and/or post-script should be executed. allowedValues: - pre-script - post-script - dry-run mainSteps: - action: aws:runShellScript description: Run Database freeze/thaw commands name: run_pre_post_scripts precondition: StringEquals: - platformType - Linux inputs: runCommand: - | #!/bin/bash ###===============================================================================### ### Error Codes ###===============================================================================### # The following Error codes will inform Data Lifecycle Manager of the type of error # and help guide handling of the error. # The Error code will also be emitted via AWS Eventbridge events in the 'cause' field. # 1 Pre-script failed during execution - 201 # 2 Post-script failed during execution - 202 # 3 Auto thaw occurred before post-script was initiated - 203 # 4 Pre-script initiated while post-script was expected - 204 # 5 Post-script initiated while pre-script was expected - 205 # 6 Application not ready for pre or post-script initiation - 206 ###===============================================================================### ### Global variables ###===============================================================================### START=$(date +%s) # For testing this script locally, replace the below with OPERATION=$1. OPERATION={{ command }} # Add all pre-script actions to be performed within the function below execute_pre_script() { echo "INFO: Start execution of pre-script" } # Add all post-script actions to be performed within the function below execute_post_script() { echo "INFO: Start execution of post-script" } # Debug logging for parameters passed to the SSM document echo "INFO: ${OPERATION} starting at $(date) with executionId: ${EXECUTION_ID}" # Based on the command parameter value execute the function that supports # pre-script/post-script operation case ${OPERATION} in pre-script) execute_pre_script ;; post-script) execute_post_script ;; dry-run) echo "INFO: dry-run option invoked - taking no action" ;; *) echo "ERROR: Invalid command parameter passed. Please use either pre-script, post-script, dry-run." exit 1 # return failure ;; esac END=$(date +%s) # Debug Log for profiling the script time echo "INFO: ${OPERATION} completed at $(date). Total runtime: $((${END} - ${START})) seconds."
获得 SSM 文档内容后,请参照以下过程之一创建自定义 SSM 文档。
- Console
-
创建 SSM 命令文档
-
打开 AWS Systems Manager 控制台,网址为 https://console.aws.amazon.com//systems-manager/
。 -
在导航窗格中,选择文档,然后选择创建文档、命令或会话。
-
对于名称,为文档输入一个描述性名称。
-
对于目标类型,选择/AWS::EC2::Instance。
-
对于文档类型,请选择命令。
-
在内容字段中,选择 YAML,然后粘贴文档内容。
-
在文档标签部分,添加标签键为
DLMScriptsAccess、标签值为true的标签。重要
该
DLMScriptsAccess:true标签是步骤 3:准备 Amazon Data Lifecycle Manager IAM 角色中使用的AWSDataLifecycleManagerSSMFullAccess AWS 托管策略所必需的。该策略使用aws:ResourceTag条件键来限制对带有此标签的 SSM 文档的访问权限。 -
选择创建文档。
-
- AWS CLI
-
创建 SSM 命令文档
使用 create-document 命令。对于
--name,请为文档指定一个描述性名称。对于--document-type,请指定Command。对于--content,请指定包含 SSM 文档内容的.yaml 文件的路径。对于--tags,请指定"Key=DLMScriptsAccess,Value=true"。$aws ssm create-document \ --content file://path/to/file/documentContent.yaml\ --name "document_name" \ --document-type "Command" \ --document-format YAML \ --tags "Key=DLMScriptsAccess,Value=true"
注意
如果出现以下情况,则需要执行此步骤:
-
创建或更新使用自定义 IAM 角色的启用前置/后置脚本的快照策略。
-
使用命令行创建或更新使用默认值的启用前置/后置脚本的快照策略。
如果您使用控制台创建或更新启用脚本前/后脚本的快照策略,该策略使用默认角色管理快照(AWSDataLifecycleManagerDefaultRole),请跳过此步骤。在这种情况下,我们会自动将AWSDataLifecycleManagerSSMFullAccess策略附加到该角色。
您必须确保您用于策略的 IAM 角色授予 Amazon Data Lifecycle Manager 权限,以执行在策略作为目标的实例上运行前置和后置脚本所需的 SSM 操作。
Amazon Data Lifecycle Manager 提供了包含所需权限的托管策略 (AWSDataLifecycleManagerSSMFullAccess)。您可以将此策略附加到您的 IAM 角色以管理快照,从而确保其包含这些权限。
重要
使用前脚本和后置脚本时, AWSDataLifecycleManagerSSMFullAccess 托管策略使用aws:ResourceTag条件键来限制对特定 SSM 文档的访问。要允许 Amazon Data Lifecycle Manager 访问 SSM 文档,您必须确保您的 SSM 文档带有 DLMScriptsAccess:true 标签。
或者,您可以手动创建自定义策略或将所需权限直接分配给您使用的 IAM 角色。您可以使用 AWSDataLifecycleManagerSSMFullAccess 托管策略中定义的相同权限,但是,aws:ResourceTag条件密钥是可选的。如果您决定不包含该条件键,则无需用 DLMScriptsAccess:true 标记您的 SSM 文档。
使用以下方法之一将AWSDataLifecycleManagerSSMFullAccess策略添加到您的 IAM 角色。
- Console
-
将托管策略附加到您的自定义角色
-
通过 https://console.aws.amazon.com/iam/
打开 IAM 控制台。 -
在导航面板中,选择 Roles(角色)。
-
搜索并选择用于管理快照的自定义角色。
-
在权限选项卡上,选择添加权限、附加策略。
-
搜索并选择AWSDataLifecycleManagerSSMFullAccess托管策略,然后选择添加权限。
-
- AWS CLI
-
将托管策略附加到您的自定义角色
使用 attach-role-policy 命令。对于
---role-name,请指定您自定义角色的名称。对于--policy-arn,请指定arn:aws:iam::aws:policy/AWSDataLifecycleManagerSSMFullAccess。$aws iam attach-role-policy \ --policy-arn arn:aws:iam::aws:policy/AWSDataLifecycleManagerSSMFullAccess \ --role-nameyour_role_name
要自动生成应用程序一致性快照,您必须创建以实例为目标的快照生命周期策略,并为该策略配置前置和后置脚本。
- Console
-
创建快照生命周期策略
通过以下网址打开 Amazon EC2 控制台:https://console.aws.amazon.com/ec2/
。 -
在导航窗格中,依次选择 Elastic Block Store 和 Lifecycle Manager (生命周期管理器),然后选择 Create lifecycle policy (创建生命周期策略)。
-
在选择策略类型页面上,选择 EBS 快照策略,然后选择下一步。
-
在目标资源部分中,执行以下操作:
-
对于目标资源类型,请选择
Instance。 -
对于目标资源标签,请指定识别要备份的实例的资源标签。仅备份具有指定标签的资源。
-
-
对于 IAM 角色,可以选择 AWSDataLifecycleManagerDefaultRole(用于管理快照的默认角色),也可以选择您创建并准备使用前脚本和发布脚本的自定义角色。
-
根据需要配置计划和其他选项。我们建议您将快照创建时间计划在与您工作负载相匹配的时间段,例如在维护窗口期间。
对于 SAP HANA,我们建议您启用“快速快照还原”。
注意
如果您为 VSS 备份启用计划,则无法启用排除特定数据卷或从源中复制标签。
-
在前置和后置脚本部分中,选择启用前置和后置脚本,然后根据您的工作负载执行以下操作:
-
要创建 Windows 应用程序的应用程序一致性快照,请选择 VSS 备份。
-
要创建您的 SAP HANA 工作负载的应用程序一致性快照,请选择 SAP HANA。
-
要使用自定义 SSM 文档为所有其他数据库和工作负载(包括自行管理的 MySQL、PostgreSQL InterSystems 或 IRIS 数据库)创建应用程序一致的快照,请选择自定义 SSM 文档。
-
对于自动化选项,请选择前置和后置脚本。
-
对于 SSM 文档,请选择您准备的 SSM 文档。
-
-
-
根据您所选的选项,配置以下其他选项:
-
脚本超时 –(仅限自定义 SSM 文档)如果脚本运行尝试尚未完成,则在此超时期间后,Amazon Data Lifecycle Manager 的尝试失败。如果脚本未在其超时期间内完成,Amazon Data Lifecycle Manager 的尝试失败。超时期间分别适用于前置和后置脚本。最小的默认超时期间为 10 秒。最长超时期间为 120 秒。
-
重试失败的脚本 – 选择此选项可重试未在其超时期间内完成的脚本。如果前置脚本失败,则 Amazon Data Lifecycle Manager 会重试整个快照创建过程,包括运行前置和后置脚本。如果后置脚本失败,则 Amazon Data Lifecycle Manager 将仅重试后置脚本;在这种情况下,前置脚本将完成并且可能已创建快照。
-
默认创建崩溃一致性快照 – 如果前置脚本运行失败,则选择此选项以默认创建崩溃一致性快照。如果未启用前置和后置脚本,则这是 Amazon Data Lifecycle Manager 的默认快照创建行为。如果您启用了重试,则只有在所有重试尝试都用尽之后,Amazon Data Lifecycle Manager 才会默认创建崩溃一致性快照。如果前置脚本失败并且您没有默认创建崩溃一致性快照,则 Amazon Data Lifecycle Manager 将不会在该计划运行期间为实例创建快照。
注意
如果您要为 SAP HANA 创建快照,则可能需要禁用此选项。无法以相同的方式还原 SAP HANA 工作负载的崩溃一致性快照。
-
-
选择创建默认策略。
注意
如果发生
Role with name AWSDataLifecycleManagerDefaultRole already exists错误,请参阅 故障排除 来了解更多信息。
- AWS CLI
-
创建快照生命周期策略
使用 create-lifecycle-policy 命令,并将
Scripts参数包含在CreateRule中。有关参数的更多信息,请参阅 Amazon Data Lifecycle Manager API Reference。$aws dlm create-lifecycle-policy \ --description "policy_description" \ --state ENABLED \ --execution-role-arniam_role_arn\ --policy-details file://policyDetails.json其中
policyDetails.json包含以下内容之一,具体取决于您的用例:-
VSS 备份
{ "PolicyType": "EBS_SNAPSHOT_MANAGEMENT", "ResourceTypes": [ "INSTANCE" ], "TargetTags": [{ "Key": "tag_key", "Value": "tag_value" }], "Schedules": [{ "Name": "schedule_name", "CreateRule": { "CronExpression": "cron_for_creation_frequency", "Scripts": [{ "ExecutionHandler":"AWS_VSS_BACKUP", "ExecuteOperationOnScriptFailure":true|false, "MaximumRetryCount":retries (0-3)}] }, "RetainRule": { "Count":retention_count} }] } -
SAP HANA 备份
{ "PolicyType": "EBS_SNAPSHOT_MANAGEMENT", "ResourceTypes": [ "INSTANCE" ], "TargetTags": [{ "Key": "tag_key", "Value": "tag_value" }], "Schedules": [{ "Name": "schedule_name", "CreateRule": { "CronExpression": "cron_for_creation_frequency", "Scripts": [{ "Stages": ["PRE","POST"], "ExecutionHandlerService":"AWS_SYSTEMS_MANAGER", "ExecutionHandler":"AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA", "ExecuteOperationOnScriptFailure":true|false, "ExecutionTimeout":timeout_in_seconds (10-120), "MaximumRetryCount":retries (0-3)}] }, "RetainRule": { "Count":retention_count} }] } -
自定义 SSM 文档
{ "PolicyType": "EBS_SNAPSHOT_MANAGEMENT", "ResourceTypes": [ "INSTANCE" ], "TargetTags": [{ "Key": "tag_key", "Value": "tag_value" }], "Schedules": [{ "Name": "schedule_name", "CreateRule": { "CronExpression": "cron_for_creation_frequency", "Scripts": [{ "Stages": ["PRE","POST"], "ExecutionHandlerService":"AWS_SYSTEMS_MANAGER", "ExecutionHandler":"ssm_document_name|arn", "ExecuteOperationOnScriptFailure":true|false, "ExecutionTimeout":timeout_in_seconds (10-120), "MaximumRetryCount":retries (0-3)}] }, "RetainRule": { "Count":retention_count} }] }
-
使用 Amazon Data Lifecycle Manager 进行 VSS 备份的注意事项
借助 Amazon Data Lifecycle Manager,您可以备份和还原在 Amazon EC2 实例上运行的启用 VSS(卷影复制服务)的 Windows 应用程序。如果应用程序已在 Windows VSS 中注册了 VSS 写入器,则 Amazon Data Lifecycle Manager 会为该应用程序创建具有应用程序一致性的快照。
注意
Amazon Data Lifecycle Manager 目前仅支持在 Amazon EC2 上运行的资源的应用程序一致性快照,特别适用于可以通过将现有实例替换为从备份创建的新实例来还原应用程序数据的备份场景。并非所有实例类型或应用程序都支持 VSS 备份。有关更多信息,请参阅什么是 AWS VSS? 在 Amazon EC2 用户指南中。
不支持的实例类型
以下 Amazon EC2 实例类型不支持 VSS 备份。如果您的策略以这些实例类型之一为目标,则 Amazon Data Lifecycle Manager 可能仍会创建 VSS 备份,但快照可能不会使用所需的系统标签进行标记。没有这些标签,快照在创建后将无法由 Amazon Data Lifecycle Manager 进行管理。您可能需要手动删除这些快照。
-
T3:
t3.nano|t3.micro -
T3a:
t3a.nano|t3a.micro -
T2:
t2.nano|t2.micro
应用程序一致性快照的共同责任
您必须确保:
-
SSM 代理已安装并在您的目标实例上运行 up-to-date
-
Systems Manager 有权在目标实例上执行所需操作
-
Amazon Data Lifecycle Manager 有权执行在目标实例上运行前置和后置脚本所需的 Systems Manager 操作。
-
对于自定义工作负载,例如自行管理的 MySQL、PostgreSQL InterSystems 或 IRIS 数据库,您使用的 SSM 文档包含用于冻结、刷新和解冻 I/O 的正确和必需的操作。
-
快照创建时间与您的工作负载计划保持一致。例如,请尝试在计划的维护窗口期内安排快照创建。
Amazon Data Lifecycle Manager 应确保:
-
快照创建将在计划快照创建时间的 60 分钟内启动。
-
在启动快照创建之前运行前置脚本。
-
在前置脚本成功且快照创建已启动后运行前置脚本。只有在前置脚本成功的情况下,Amazon Data Lifecycle Manager 才会运行后置脚本。如果前置脚本失败,Amazon Data Lifecycle Manager 将不会运行后置脚本。
-
快照在创建时会用相应的标签进行标记。
-
CloudWatch 当脚本启动时,以及脚本失败或成功时,都会发出指标和事件。
使用前置和后置脚本的要求
前置和后置脚本的其他用例