kan du få data tilbake igjen fra dine elasticsearch snapshots?
TRANSCRIPT
KAN DU FÅ DATA TILBAKE IGJENFRA DINE ELASTICSEARCH
SNAPSHOTS?
JavaZone 2016Jan Fredrik Wedén
WHAT ISSNAPSHOT/RESTORE?
PUT/_snapshot/my_repo{"type":"fs|url |s3|azure|hdfs",settings…
}
PUT/_snapshot/my_repo/snap_1
PUT/_snapshot/my_repo{"type":"fs|url |s3|azure|hdfs",settings…
}
PUT/_snapshot/my_repo/snap_1
GET/_snapshot/my_repo/snap_1
DELETE/_snapshot/my_repo/snap_1
Trusted dev
Elasticsearch
UTV
Elasticsearch
PROD
Evil hacker Trusted dev Internalforgivinggateway
Elasticsearch
UTV
Elasticsearch
PROD
FIND THESNAPSHOT TO
RESTORE
GET_snapshot/my_repo/_all
GET_snapshot/_all
GET_snapshot/my_repo/_all
GET_snapshot/my_repo/snap_1
GET_snapshot/my_repo/snap_1/_status
GET_snapshot/_all
RESTOREEVERYTHING
INTO THE FIERYCLUSTER FROM
WHENCE ITCAME
POST_all/_close
POST_all/_close
POST/_snapshot/my_repo/snap_1/_restore{"indices":"config",…
}
RESTORE TO ANENTIRELY NEW
CLUSTER
PUT/_snapshot/my_utv_repo{"type":"url","settings":{"url":"location/of/prod"
}}
DELETE_all
PUT/_snapshot/my_utv_repo{"type":"url","settings":{"url":"location/of/prod"
}}
Setting to allow DELETE<*|_all> should always be disabled in PROD, and preferably in all envs.
DELETE_all
PUT/_snapshot/my_utv_repo{"type":"url","settings":{"url":"location/of/prod"
}}
POST/_snapshot/my_utv_repo/snap_1/_restore{"indices":"config,…",…
}
Setting to allow DELETE<*|_all> should always be disabled in PROD, and preferably in all envs.
RESTORE TOTHE SAME
CLUSTER WITHRENAMING
POST/_snapshot/my_repo/snap_1/_restore{"indices":"config","include_global_state":false,"rename_pattern":"(.+)","rename_replacement":"restored_$1”
}
POST/_snapshot/my_repo/snap_1/_restore{"indices":"config","include_global_state":false,"rename_pattern":"(.+)","rename_replacement":"restored_$1”
}
GET/restored_config/global_type/super_important_doc
POST/_snapshot/my_repo/snap_1/_restore{"indices":"config","include_global_state":false,"rename_pattern":"(.+)","rename_replacement":"restored_$1”
}
GET/restored_config/global_type/super_important_doc
PUT/config/global_type/super_important_doc{theGETdataabove}
POST/_snapshot/my_repo/snap_1/_restore{"indices":"config","include_global_state":false,"rename_pattern":"(.+)","rename_replacement":"restored_$1”
}
GET/restored_config/global_type/super_important_doc
PUT/config/global_type/super_important_doc{theGETdataabove}
DELETE/restored_config
CARRY ON…
Jan Fredrik Wedén
@jfweden