Amazon EBSã®ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆ(ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—)ã‚’å–å¾—ã—ã¤ã¤ä¸–ä»£ç®¡ç†ã‚‚è¡Œã†ã‚¹ã‚¯ãƒªãƒ—ãƒˆ

by Waleed Alzuhair

# ã‚¿ã‚¤ãƒˆãƒ«é•·ã„ã€‚

Amazon EBS(Elastic Block Store)ã§ã¯ã€ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆæ©Ÿèƒ½ã¨å‘¼ã°ã‚Œã‚‹ã€ãƒœãƒªãƒ¥ãƒ¼ãƒ (ãƒ‡ã‚£ã‚¹ã‚¯)ã‚’çž¬æ™‚ã«ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ã™ã‚‹æ©Ÿèƒ½ã‚’APIçµŒç”±ã§ç°¡å˜ã«ä½¿ã†ã“ã¨ãŒã§ãã¾ã™ã€‚

å‚è€ƒ

ãã‚“ãªä¾¿åˆ©æ©Ÿèƒ½ãªEBSã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆå›ã§ã™ãŒã€ãã®ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ã‚¿ã®ä¿å˜å…ˆã¯Amazon S3ã¨ã„ã†ã“ã¨ã§ã€S3ã®åˆ©ç”¨å®¹é‡ç„¡åˆ¶é™ï¼ã¨ã„ã†ç´ æ™´ã‚‰ã—ã„æ©æµã‚’å—ã‘ã¡ã‚ƒã£ã¦ã„ã¦ã€å½“ç„¶ã€ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ã‚¿ã®ä¸–ä»£ç®¡ç†ã¯ä½¿ã„æ‰‹è‡ªèº«ã«å§”ãã‚‰ã‚Œã¦ã„ã¾ã™ã€‚

ã¨ã„ã†ã“ã¨ã§ã€æŒ‡å®šã—ãŸEBSãƒœãƒªãƒ¥ãƒ¼ãƒ ã«å¯¾ã—ã¦ã€ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆ(ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—)å–å¾—ã—ã¤ã¤ã€ä¸–ä»£ç®¡ç†(æŒ‡å®šä¸–ä»£æ•°ã«åŸºã¥ã„ã¦å¤ã„ãƒ‡ãƒ¼ã‚¿ã‚’å‰Šé™¤)ã‚‚ã™ã‚‹ã‚ˆã†ãªã‚¹ã‚¯ãƒªãƒ—ãƒˆã‚’æ˜”ã«æ›¸ã„ãŸã®ã§ã€ãã‚Œã¨ãªãå…¬é–‹ã—ã¾ã™ã€‚

ã“ã‚Œã‹ã‚‰Amazon EC2ã§é‹ç”¨ã™ã‚‹ã®ã ãƒ¼ã€ã¨ã„ã†æ–¹ã«ã¯é–“é•ã„ãªãå½¹ã«ç«‹ã¤ã¯ãšã€‚

å‰æ

ec2-api-toolsãŒå‹•ãã“ã¨
EC2ã®X.509è¨¼æ˜Žæ›¸ãŒæ‰‹å…ƒ(ã‚µãƒ¼ãƒ)ã«ã‚ã‚‹ã“ã¨

ã‚¹ã‚¯ãƒªãƒ—ãƒˆã®ä¸èº«

ä»¥ä¸‹ã®ã‚ˆã†ãªæ„Ÿã˜ã§ã™ã€‚

#!/bin/sh
export JAVA_HOME=/usr
export EC2_HOME=/opt/ec2-api-tools
export PATH=${PATH}:/bin:/usr/bin:${EC2_HOME}/bin

# ----- config
AWS_PRIVATE_KEY=/etc/ec2_keys/pk.pem
AWS_CERTIFICATE=/etc/ec2_keys/cert.pem

EBS_VOLUME_ID="vol-ead8e482"
EBS_GENERATION_COUNT=3

AWS_REGION=`curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed -e 's/[a-z]$//'`
# -----

# ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã®å–å¾—
echo -n "[creating...] "
ec2-create-snapshot --private-key ${AWS_PRIVATE_KEY} --cert ${AWS_CERTIFICATE} --region ${AWS_REGION} ${EBS_VOLUME_ID}

# ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã®ä¸€è¦§ã‚’å–å¾—
SNAPSHOTS=`ec2-describe-snapshots --private-key ${AWS_PRIVATE_KEY} --cert ${AWS_CERTIFICATE} --region ${AWS_REGION} | grep ${EBS_VOLUME_ID} | sort -k5 -r | awk '{print $2}'`

# ä¸–ä»£ä¿ç®¡åˆ†ã®èª¿æ•´(éŽåŽ»ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã®ã‚¯ãƒªã‚¢)
COUNT=1
for SNAPSHOT in ${SNAPSHOTS}; do
  if [ ${COUNT} -le ${EBS_GENERATION_COUNT} ]; then
    # ä¿ç®¡å¯¾è±¡ãªã®ã§N/A
    echo "[keeping] " ${SNAPSHOT}
  else
    # ä¿ç®¡å¯¾è±¡å¤–ãªã®ã§å‰Šé™¤
    echo -n "[deleting...] "
    ec2-delete-snapshot --private-key ${AWS_PRIVATE_KEY} --cert ${AWS_CERTIFICATE} --region ${AWS_REGION} ${SNAPSHOT}
  fi
  COUNT=`expr ${COUNT} + 1`
done

ã“ã®ã‚¹ã‚¯ãƒªãƒ—ãƒˆã¯ã€ã‚µãƒ¼ãƒãŒè‡ªåˆ†è‡ªèº«ã«æŽ¥ç¶šã•ã‚Œã¦ã„ã‚‹EBSãƒœãƒªãƒ¥ãƒ¼ãƒ ã«å¯¾ã—ã¦å–å¾—ã™ã‚‹ã“ã¨ã‚’æƒ³å®šã—ãŸç°¡å˜ãªå®Ÿè£…ä¾‹ã§ã™ã€‚

ä¸Šéƒ¨ã®PATHã‚„è¨å®šéƒ¨åˆ†ã¯ã€é©å®œæ›¸ãæ›ãˆã‚‹ã‚ˆã†ã«ã—ã¦ãã ã•ã„ã€‚
- ec2-api-toolsã‚„X.509è¨¼æ˜Žæ›¸ã¯ã€ã‚µãƒ¼ãƒã«é…ç½®ã®ä¸Šã€è¨å®šã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ»ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ‘ã‚¹ã‚’æ›¸ãæ›ãˆã¦ãã ã•ã„ã€‚
"EBS_VOLUME_ID"ã«ã¯ã€å–å¾—ã—ãŸã„EBSãƒœãƒªãƒ¥ãƒ¼ãƒ ã®IDã‚’å…¥ã‚Œã¦ãã ã•ã„ã€‚
- è¤‡æ•°ã®EBSãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’å¯¾è±¡ã«ã—ãŸã„ã¨ãã¯ã€é©å½“ã«ãƒ«ãƒ¼ãƒ—ã§ã¾ã‚ã™ã‚ˆã†ã«æ›¸ãæ›ãˆã¦ãã ã•ã„ã€‚
"EBS_GENERATION_COUNT"ã«ã¯ã€ä¿æŒã—ã¦ãŠããŸã„ä¸–ä»£æ•°ã‚’å…¥ã‚Œã¦ãã ã•ã„ã€‚
"AWS_REGION"ã®éƒ¨åˆ†ã¯ã€ä¸Šè¨˜ã§ã¯è‡ªå‹•ã§ã‚µãƒ¼ãƒè‡ªèº«ãŒå‹•ã„ã¦ã„ã‚‹RegionãŒå…¥ã‚‹ã‚ˆã†ã«ã—ã¦ã„ã¾ã™ã€‚
- EC2å¤–ã®ã‚µãƒ¼ãƒã‚„ã€åˆ¥Regionã®ã‚µãƒ¼ãƒ(EC2ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹)ã‹ã‚‰å®Ÿè¡Œã—ãŸã„å ´åˆã¯ã€æ‰‹å‹•ã§Region("us-west-1"ãªã©)ã‚’å…¥ã‚Œã‚‹ã‚ˆã†ã«ã—ã¦ãã ã•ã„ã€‚

ã‚ã¨ã€ã“ã®ã‚¹ã‚¯ãƒªãƒ—ãƒˆã‚’ä½¿ã£ã¦ä½•ã‹ã‚ã£ã¦ã‚‚(ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ãŒå–ã‚Œã¦ãªã‹ã£ãŸï¼ã¨ã‹)è²¬ä»»ã¯å–ã‚Œã¾ã›ã‚“ã®ã§ã€ãã¡ã‚“ã¨ãƒ†ã‚¹ãƒˆã—ãŸä¸Šã§ã€ãã—ã¦è‡ªå·±è²¬ä»»ã§ã”åˆ©ç”¨ãã ã•ã„ã€‚ã‚ˆã‚ã—ããŠé¡˜ã„ã—ã¾ã™ã€‚