從不同的 s3 區域恢復 elasticsearch 快照
[英]restore elasticsearch snapshot from a different s3 region
問題描述
我在eu-west-1區域有一個 AWS ElasticSearch 域,並且已經為也在同一區域的 S3 存儲桶子文件夾拍攝了snapshot 。
我還在另一個 aws 區域 - eu-west-2中部署了第二個 AWS ElasticSearch 域。
在存儲桶之間添加了一個 S3 存儲桶復制,但是當我嘗試在eu-west-2 AWS ES 域上注冊存儲庫時,出現以下錯誤:
500
{"error":{"root_cause":[{"type":"blob_store_exception","reason":"Failed to check if blob [master.dat] exists"}],"type":"blob_store_exception","reason":"Failed to check if blob [master.dat] exists","caused_by":{"type":"amazon_s3_exception","reason":"Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 14F0571DFF522922; S3 Extended Request ID: U1OnlKPOkfCNFzoV9HC5WBHJ+kfhAZDMOG0j0DzY5+jwaRFJvHkyzBacilA4FdIqDHDYWPCrywU=)"}},"status":500}
這是我用來在新集群上注冊存儲庫的代碼(取自https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains-snapshots.html#es-managedomains-快照恢復):
import boto3
import requests
from requests_aws4auth import AWS4Auth
host = 'https://search-**es-elk-prod**.eu-west-2.es.amazonaws.com/' # include https:// and trailing /
region = 'eu-west-2' # e.g. us-west-1
service = 'es'
credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)
# Register repository
path = '_snapshot/es-elk-prod' # the Elasticsearch API endpoint
url = host + path
payload = {
"type": "s3",
"settings": {
"bucket": "es-prod-eu-west-2",
"region": "eu-west-2",
"role_arn": "arn:aws:iam::1234567:role/EsProd-***-snapshotS3role-***"
}
}
headers = {"Content-Type": "application/json"}
r = requests.put(url, auth=awsauth, json=payload, headers=headers)
print(r.status_code)
print(r.text)
從日志中,我得到:
curl -X GET 'https://search-**es-elk-prod**.eu-west-2.es.amazonaws.com/_snapshot/es-mw-elk-prod/_all?pretty'
{
"error" : {
"root_cause" : [
{
"type" : "amazon_s3_exception",
"reason" : "Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 72A59132E2830D81; S3 Extended Request ID: o0XalToNp19HDJKSOVxmna71hx3LkwoSFEobm3HQGH1HEzxOrAtYHg+asnKxJ03iGSDDhUz5GUI=)"
}
],
"type" : "amazon_s3_exception",
"reason" : "Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 72A59132E2830D81; S3 Extended Request ID: o0XalToNp19HDJKSOVxmna71hx3LkwoSFEobm3HQGH1HEzxOrAtYHg+asnKxJ03iGSDDhUz5GUI=)"
},
"status" : 500
}
ARN能夠訪問 S3 存儲桶,就像我用來將eu-west-2域快照到 S3 的ARN一樣,因為eu-west-1快照存儲在 S3 存儲桶的子文件夾中,我添加了一個代碼的路徑,例如:
payload = {
"type": "s3",
"settings": {
"bucket": "es-prod-eu-west-2",
"path": "es-elk-prod",
"region": "eu-west-2",
"role_arn": "arn:aws:iam::1234567:role/EsProd-***-snapshotS3role-***"
}
}
但這也沒有用。
將在一個 aws 區域中創建的快照恢復到另一個 aws 區域的正確方法是什么?
非常感謝任何建議。
1 個解決方案
解決方案1
0 2022-03-10 16:19:20
我收到過關於The bucket is in this region: eu-west-1. Please use this region to retry the request 從 eu-west-1 移動到 us-west-2 時The bucket is in this region: eu-west-1. Please use this region to retry the request 。
根據亞馬遜的文檔(在“將數據遷移到不同的域”下),您需要指定一個端點而不是區域:
如果遇到此錯誤,請嘗試在 PUT 語句中將 "region": "us-east-2" 替換為 "endpoint": "s3.amazonaws.com" 並重試請求。
如何將文件夾(或整個存儲桶)從 Glacier 恢復到 Amazon S3?
[英]How to restore folders (or entire buckets) to Amazon S3 from Glacier?
Restore-AzSqlDatabase FromGeoBackup 到不同的訂閱和區域
[英]Restore-AzSqlDatabase FromGeoBackup to a different subscription and region
Elasticsearch 和 S3 存儲桶:如何獲取 Python 來檢測來自 s3 存儲桶的數據是否已經在 elasticsearch 中?
[英]Elasticsearch and S3 bucket: how do I get Python to detect if data from s3 bucket are already in elasticsearch?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
Elasticsearch:如何給minio s3做快照?
列出來自特定區域的 S3 存儲桶
將 s3 端點創建到與當前區域不同的區域
如何從 Amazon S3 網站端點 url 中刪除區域?
從 S3 備份恢復 Ec2(不是 RDS)上的 MariaDB
如何將文件夾(或整個存儲桶)從 Glacier 恢復到 Amazon S3?
Restore-AzSqlDatabase FromGeoBackup 到不同的訂閱和區域
Elasticsearch 和 S3 存儲桶:如何獲取 Python 來檢測來自 s3 存儲桶的數據是否已經在 elasticsearch 中?
創建跨區域 S3 VPC 端點
S3 同區復制配置問題
相關標簽