[英]restore elasticsearch snapshot from a different s3 region
我在eu-west-1
區域有一個 AWS ElasticSearch 域,並且已經為也在同一區域的 S3 存儲桶子文件夾拍攝了snapshot
。
我還在另一個 aws 區域 - eu-west-2
中部署了第二個 AWS ElasticSearch 域。
在存儲桶之間添加了一個 S3 存儲桶復制,但是當我嘗試在eu-west-2
AWS ES 域上注冊存儲庫時,出現以下錯誤:
500
{"error":{"root_cause":[{"type":"blob_store_exception","reason":"Failed to check if blob [master.dat] exists"}],"type":"blob_store_exception","reason":"Failed to check if blob [master.dat] exists","caused_by":{"type":"amazon_s3_exception","reason":"Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 14F0571DFF522922; S3 Extended Request ID: U1OnlKPOkfCNFzoV9HC5WBHJ+kfhAZDMOG0j0DzY5+jwaRFJvHkyzBacilA4FdIqDHDYWPCrywU=)"}},"status":500}
這是我用來在新集群上注冊存儲庫的代碼(取自https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains-snapshots.html#es-managedomains-快照恢復):
import boto3
import requests
from requests_aws4auth import AWS4Auth
host = 'https://search-**es-elk-prod**.eu-west-2.es.amazonaws.com/' # include https:// and trailing /
region = 'eu-west-2' # e.g. us-west-1
service = 'es'
credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)
# Register repository
path = '_snapshot/es-elk-prod' # the Elasticsearch API endpoint
url = host + path
payload = {
"type": "s3",
"settings": {
"bucket": "es-prod-eu-west-2",
"region": "eu-west-2",
"role_arn": "arn:aws:iam::1234567:role/EsProd-***-snapshotS3role-***"
}
}
headers = {"Content-Type": "application/json"}
r = requests.put(url, auth=awsauth, json=payload, headers=headers)
print(r.status_code)
print(r.text)
從日志中,我得到:
curl -X GET 'https://search-**es-elk-prod**.eu-west-2.es.amazonaws.com/_snapshot/es-mw-elk-prod/_all?pretty'
{
"error" : {
"root_cause" : [
{
"type" : "amazon_s3_exception",
"reason" : "Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 72A59132E2830D81; S3 Extended Request ID: o0XalToNp19HDJKSOVxmna71hx3LkwoSFEobm3HQGH1HEzxOrAtYHg+asnKxJ03iGSDDhUz5GUI=)"
}
],
"type" : "amazon_s3_exception",
"reason" : "Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 72A59132E2830D81; S3 Extended Request ID: o0XalToNp19HDJKSOVxmna71hx3LkwoSFEobm3HQGH1HEzxOrAtYHg+asnKxJ03iGSDDhUz5GUI=)"
},
"status" : 500
}
ARN
能夠訪問 S3 存儲桶,就像我用來將eu-west-2
域快照到 S3 的ARN
一樣,因為eu-west-1
快照存儲在 S3 存儲桶的子文件夾中,我添加了一個代碼的路徑,例如:
payload = {
"type": "s3",
"settings": {
"bucket": "es-prod-eu-west-2",
"path": "es-elk-prod",
"region": "eu-west-2",
"role_arn": "arn:aws:iam::1234567:role/EsProd-***-snapshotS3role-***"
}
}
但這也沒有用。
將在一個 aws 區域中創建的快照恢復到另一個 aws 區域的正確方法是什么?
非常感謝任何建議。
我收到過關於The bucket is in this region: eu-west-1. Please use this region to retry the request
從 eu-west-1 移動到 us-west-2 時The bucket is in this region: eu-west-1. Please use this region to retry the request
。
根據亞馬遜的文檔(在“將數據遷移到不同的域”下),您需要指定一個端點而不是區域:
如果遇到此錯誤,請嘗試在 PUT 語句中將 "region": "us-east-2" 替換為 "endpoint": "s3.amazonaws.com" 並重試請求。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.