Skip to content
Create an RDS instance from a snapshot on a schedule with Kubernetes cronjobs
Python Shell Dockerfile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Dockerfile
LICENSE
README.md
cronjob.yml
docker_build.sh
requirements.txt
snapshot_restore.py

README.md

rds-snapshot-restore

This script looks for the most recent snapshot for a given DBInstanceIdentifier and restores it to a new instance in the same or different VPC.

It is designed to only have one restored instance at once (it will spin up the new one then delete the old). Once the old istance is deleted, it changes the DNS record to point to the new instance. It should only take a 15 or so minutes to run (tested on a 600GB m4.2xlarge).

Use Cases

  • You want to have a staging database with similar or identical data to production to test your applications against
  • You want to test your production snapshots
  • You really like creating new RDS instances
  • Probably others I haven't though of

Running in Kubernetes

To run this in kubernetes:

  • Fill out the container arguments in cronjob.yml to suit your environment - especially if you want to build your own image
  • Create a kubernetes secret called rds-snapshot-restore with your AWS Credentials in it and add it to your cluster
  • kubectl apply -f cronjob.yml

Issues

Please open an issue if you find a bug or have a feature request (or if you think I did something stupid).

Usage

The following targets an RDS instance named mydata and will restore it to an instance called staging-mydata-[some unix timestamp], create a CNAME called mydata.staging.example.com in a Route53 zone with staging in the name (specified by -m). Since -V and -S are specified, the new instance will be in a different VPC. The VPC used matches the Name: staging key/value tag and the database security group is used. Since --noop is used, no action is done.

./snapshot_restore.py -p staging -t mydata -u staging-db-subnet-group -S database -c mydata -m staging -D staging.example.com --noop -V staging

Another scenario would be to restore the snapshot to an instance in the same VPC but with a prefix staging on its name - staging-mydata.example.com:

./snapshot_restore.py -p staging -t mydata -c mydata -z Z9999999999

Requirements

This script assumes:

  • You have a running RDS instance with at least one snapshot
  • You use Route53 hosted zones
  • Your RDS instances are in VPCs

Arguments

usage: snapshot_restore.py [-h] -t TARGET_INSTANCE [-r AWS_REGION]
                           [-i INSTANCE_CLASS] [-p PREFIX]
                           [-u SUBNET_GROUP_NAME]
                           [-S SECURITY_GROUP_NAMES [SECURITY_GROUP_NAMES ...]]
                           [-V VPC_TAG_NAME] -D DNS_SUFFIX -c CNAME_NAME
                           [-m ZONE_MATCH_STRING] [-z ZONE_ID]
                           [-s SNAPSHOT_TYPE] [-n]

Restore the most recent snapshot of a given RDS instance to a new instance

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET_INSTANCE, --target TARGET_INSTANCE
                        Name of the RDS instance to restore the snapshot from
                        - this is the DBInstanceIdentifier of the target
                        instance
  -r AWS_REGION, --region AWS_REGION
                        AWS Region to use. Currently can only target and
                        restore to the same region. Defaults to us-west-2.
  -i INSTANCE_CLASS, --instance-class INSTANCE_CLASS
                        Instance class to use for the new instance. Defaults
                        to db.t2.medium
  -p PREFIX, --prefix PREFIX
                        Prefix for the new instance DBInstanceIdentifier
  -u SUBNET_GROUP_NAME, --subnet-name SUBNET_GROUP_NAME
                        Name of the database subnet group to use for the new
                        instance. Defaults to the subnet group of the target
                        instance if not specified
  -S SECURITY_GROUP_NAMES [SECURITY_GROUP_NAMES ...], --sec-group-names SECURITY_GROUP_NAMES [SECURITY_GROUP_NAMES ...]
                        Names of the VPC security group to use for the new
                        instance. Defaults to the security group of the target
                        instance if not specified. Specify multiple separated
                        by a space. Must also specify --vpc-tag-name
  -V VPC_TAG_NAME, --vpc-tag-name VPC_TAG_NAME
                        VPC "Name" tag value. Required when using --sec-group-names
  -D DNS_SUFFIX, --dns-suffix DNS_SUFFIX
                        DNS Suffix for your private Route53 zone
  -c CNAME_NAME, --cname-name CNAME_NAME
                        Name of the CNAME to create for the new instance
  -m ZONE_MATCH_STRING, --match-zone ZONE_MATCH_STRING
                        String to match a Route53 Hosted Zone name on to
                        determine the zone ID. Useful if you rebuild private
                        DNS zones often. Overrides --zone-id if specified.
  -z ZONE_ID, --zone-id ZONE_ID
                        Route53 Zone ID to use for the new instance CNAME.
                        Defaults to the zone id of the target instance. Is
                        overridden by --match-zone.
  -s SNAPSHOT_TYPE, --snapshot-type SNAPSHOT_TYPE
                        Snapshot type to search filter on. Defaults to 'automated'.
  -n, --noop            Enable NOOP mode - will not perform any restore tasks.

Contributing

Please fork and PR to master if you have something to add

You can’t perform that action at this time.