This tool assists in AWS RDS Aurora database lifecycle management. It is a companion project to RDS Echo, which deals solely in non-Aurora instances.
Use this tool to automatically restore an Aurora database cluster from a snapshot, promote it to live via DNS updates in Route53, and at EOL destroy the managed cluster.
The five different stages here -- new, clone, modify, promote, retire -- can all be run periodically without regard for timing of the other stages. This is because the commands are idempotent and the lifecycle stages are tracked on the database instances themselves via tags. Thus each command will only operate on a database that is tagged appropriately, and will exit cleanly if there is no database in the appropriate stage.
Have multiple development databases? Aurora Echo allows management of unlimited independent lifecycles; just name them differently in configuration and don't worry about them interfering with each other.
This is our story: On a regular basis, restore the latest production snapshot to a new development instance, promote that instance to replace its former self, and then destroy the old instance.
Each aurora-echo
command progresses a managed instance through a series of stages:
- (non-existent) --
aurora-echo new
|aurora-echo clone
--> new - new --
aurora-echo modify
--> modified - modified --
aurora-echo promote
--> promoted- This also results in any previously promoted instance advancing to retired
- retired --
aurora-echo retire
--> (non-existent)
So in the straightforward case, each command is run in succession after the previous commands stabilize and leave the DB instance in the "available" state.
All state tracking metadata is stored as AWS resource tags on the cluster and instance.
Aurora Echo is a command-line tool that uses Boto. It has been tested on Ubuntu 14.04 with Python 3.4.3.
You will need to set up AWS auth as per the boto documentation.
Grab the latest version and set it to executable like so:
sudo curl -o /usr/local/bin/aurora-echo -L "https://github.com/blacklocus/aurora-echo/releases/download/v2.1.1/aurora-echo" && \
sudo chmod +x /usr/local/bin/aurora-echo
- What: Create a new cluster and instance restored from a snapshot.
- How: Given a cluster name as input, find the latest snapshot of said cluster and use it as a basis for restoring a new cluster.
- When: You may want to run this periodically on a cron job. It includes a safety check to make sure it hasn't restored a cluster in the last (configurable) n hours and aborts if a managed cluster is too new.
- State: Leaves the db in the
new
state
-a, --aws-account-number [required]
- Your AWS account number
-r, --region [required]
- e.g.
us-east-1
- e.g.
-n, --managed-name [required]
- The name of the cluster and instance you want to create/restore to. This will also go into the tag to track managed instances. e.g.
development
- The name of the cluster and instance you want to create/restore to. This will also go into the tag to track managed instances. e.g.
-s, --cluster-snapshot-name [required]
- The cluster name of the snapshot you want to restore from, e.g.
production
- The cluster name of the snapshot you want to restore from, e.g.
-sub, --db-subnet-group-name [required]
- VPC subnet group to restore into
-c, --db-instance-class [required]
- Size of the database instance to create, e.g.
db.r3.2xlarge
- Size of the database instance to create, e.g.
-e, --engine
- Defaults to
aurora
- Defaults to
-az, --availability-zone
- e.g.
us-east-1c
. If not set, AWS defaults this to the region the parent snapshot is in.
- e.g.
-sg, --vpc-security-group-id
- The ID of any security groups to assign to the created instance/cluster
- Allows multiple inputs (use one option flag per input).
-t, --tag
- Any custom tags to assign to the cluster and instance, e.g.
purple=true
- Custom tags will not interfere with, nor should include the Aurora Echo management tags
- Allows multiple inputs (use one option flag per input).
- Any custom tags to assign to the cluster and instance, e.g.
-h, --minimum-age-hours
- If an existing managed instance has been created within the last
-h
hours, abort creation of a new instance. Defaults to 20.
- If an existing managed instance has been created within the last
-i, --interactive
- Prompt the user for confirmation before making changes. Defaults to true.
-sf, --suffix
- An optional suffix to append to the name of new clusters and db instances.
--help
- Show options and exit.
- What: Create a new cluster and instance that is a clone of an existing database. See AWS docs on cloning for more information.
- How: Given a cluster name as input, use the restore_db_cluster_to_point_in_time method with
RestoreType=copy-on-write
to create it as a clone. TheRestoreType=full-copy
is not supported by aurora-echo right now. Usenew
to simulate that. - When: You may want to run this periodically on a cron job. It includes a safety check to make sure it hasn't restored a cluster in the last (configurable) n hours and aborts if a managed cluster is too new.
- State: Leaves the db in the
new
state
-a, --aws-account-number [required]
- Your AWS account number
-r, --region [required]
- e.g.
us-east-1
- e.g.
-n, --managed-name [required]
- The name of the cluster and instance you want to create/restore to. This will also go into the tag to track managed instances. e.g.
development
- The name of the cluster and instance you want to create/restore to. This will also go into the tag to track managed instances. e.g.
-s, --source-cluster-name [required]
- The cluster name to clone, e.g.
production
- The cluster name to clone, e.g.
-sub, --db-subnet-group-name [required]
- VPC subnet group to restore into
-c, --db-instance-class [required]
- Size of the database instance to create, e.g.
db.r3.2xlarge
- Size of the database instance to create, e.g.
-e, --engine
- Defaults to
aurora
- Defaults to
-az, --availability-zone
- e.g.
us-east-1c
. If not set, AWS defaults this to the region the parent snapshot is in.
- e.g.
-sg, --vpc-security-group-id
- The ID of any security groups to assign to the created instance/cluster
- Allows multiple inputs (use one option flag per input).
-t, --tag
- Any custom tags to assign to the cluster and instance, e.g.
purple=true
- Custom tags will not interfere with, nor should include the Aurora Echo management tags
- Allows multiple inputs (use one option flag per input).
- Any custom tags to assign to the cluster and instance, e.g.
-h, --minimum-age-hours
- If an existing managed instance has been created within the last
-h
hours, abort creation of a new instance. Defaults to 20.
- If an existing managed instance has been created within the last
-pgn, --db-parameter-group-name'
- The database parameter group name to use, e.g. 'custom.aurora5.7'
-i, --interactive
- Prompt the user for confirmation before making changes. Defaults to true.
-sf, --suffix
- An optional suffix to append to the name of new clusters and db instances.
--help
- Show options and exit.
- What: Progress a database instance from
new
tomodified
by optionally adding an IAM role. In order to prevent a branching state diagram, all lifecycles must pass through this stage. If no IAM role need be applied, simply leave off the optional parameter and the state will be progressed without actually changing the cluster or instance. - How: Look for a managed instance in RDS that is in the stage
new
. Apply the provided IAM role to it, if any. This stage could be expanded in order to modify other attributes not available via API on creation. - When: You may want to run this periodically on a cron job. It will only operate when an instance is in the
new
stage and its cluster has statusavailable
. - State: Leaves the new db in the
modified
state
-a, --aws-account-number [required]
- Your AWS account number
-r, --region [required]
- e.g.
us-east-1
- e.g.
-n, --managed-name [required]
- The managed name tracking the instance you want to promote. This is the same as the
--managed-name
parameter used in thenew
step.
- The managed name tracking the instance you want to promote. This is the same as the
-iam, --iam-role-name
- The name of the IAM role. This will be converted to an ARN in order to apply it to the cluster.
-i, --interactive
- Prompt the user for confirmation before making changes. Defaults to true.
--help
- Show options and exit.
- What: Progress a database instance from
modified
topromoted
by updating a record set's DNS entry in Route53 to point to the newly promoted database's endpoint. - How: Look for a managed instance in RDS that is in the stage
modified
, and update the supplied record set's DNS entry to its endpoint. Move any appropriate existing instance's stage frompromoted
toretired
, and update this instance's stage frommodified
topromoted
. - When: You may want to run this periodically on a cron job. It will only operate when an instance is in the
modified
stage and has statusavailable
. - State: Leaves the new db in the
promoted
state - State: Leaves the previously promoted db in the
retired
state
-a, --aws-account-number [required]
- Your AWS account number
-r, --region [required]
- e.g.
us-east-1
- e.g.
-n, --managed-name [required]
- The managed name tracking the instance you want to promote. This is the same as the
--managed-name
parameter used in thenew
step.
- The managed name tracking the instance you want to promote. This is the same as the
-z, --hosted-zone-id [required]
- The ID of the hosted zone containing the DNS record set to be updated. You can give this option multiple times to add the same record set in multiple hosted zones.
-rs, --record-set [required]
- Name of the record set to update, e.g.
dev-db.mycompany.com
. Aurora Echo only supports CNAME updates.
- Name of the record set to update, e.g.
--ttl
- TTL in seconds. Defaults to 60.
-i, --interactive
- Prompt the user for confirmation before making changes. Defaults to true.
--help
- Show options and exit.
- What: Delete a managed instance and cluster that is in the
retired
stage. - How: Look for a managed instance in RDS that is in the stage
retired
and delete the instance and its containing cluster. There is no option to make a final snapshot. All automated instance/cluster snapshots will be deleted. - When: You may want to run this periodically on a cron job. It will only operate when a managed instance is in the
retired
stage. - State: Leaves the db in a non-existent state
-a, --aws-account-number [required]
- Your AWS account number
-r, --region [required]
- e.g.
us-east-1
- e.g.
-n, --managed-name [required]
- The managed name tracking the instance you want to retire. This is the same as the
--managed-name
parameter used in previous steps.
- The managed name tracking the instance you want to retire. This is the same as the
-i, --interactive
- Prompt the user for confirmation before making changes. Defaults to true.
--help
- Show options and exit.
- This tool creates instances and clusters with today's date attached, such as
development-2016-10-05
. This combined with the previous-instance freshness check will prevent multiple instances from being created in a cluster. - The boto_monkey and eggsecute packaging helpers came from this project
A binary is provided (see Installation); however, to build your own from source, run make all
. You will need to have virtualenv installed.