Snapshot automation on Amazon (Linux) LightSail instances

by

If you manage any light sail instances you've probably run into the realization that there's no obvious automated way to schedule your snapshots. In EC2 you have the Snapshot Lifecycle Policy Manager. And if you've done some exploring like I have, you've probably realized that your LightSail volumes aren't available in this tool. What this means is that we will have to automate the snapshots on the lightsail instances themselves. To do this we will need to install some tools, and then set up a schedule using crontab. 

1: Fire up the terminal, you're gonna need it.

You can either use your own terminal, or use the web based one that AWS provides for managing your lightsail instances. For our article we used the web based AWS terminal.

2: Install AWS Client Software

From the terminal, check to make sure you have the aws client installed on your instance. To do this simply type the following.

sudo apt install awscli

3: Create and Configure IAM user

Once you've ran through the installation process for the aws client tools you're ready to configure. Before you go too far however, you'll need an IAM user with permissions for managing your light sail instances during your client configuration process. To do this, create a new IAM user and then save the csv file with the access key and secret key to that user. You'll need to attach the following policy to that user.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "lightsail:*" ], "Resource": "*" } ] }

4: Configure AWS Client Software  

Now, we begin the aws client configuration process. Below is a screenshot of the configuration process. You kick off this process by simply typing aws configure

You'll be asked for your access key, secret access key, region name, and output format. 

 

5: Test the AWS Client Software

Okay now you've got the aws client tools installed and configured. Let's try this command.

aws lightsail get-instance-snapshots

If it lists your existing snapshots, or a screen showing that you have no snapshots then great! You can skip down to section 6. If not then we need to upgrade our aws client software to handle lightsail commands. To do that we needed pip (there is probably a better way, but this is what we did). To check and see if you have pip installed type the following command.

pip3 --version

This should let you know if pip is installed on your instance. If it's not, you can simply type.

sudo apt install python3-pip

 This should take you through the installation process for pip, and at it's conclusion you will be ready to upgrade the aws client software. To do that you simply type in the following command.

$pip3 install awscli --upgrade --user

Once you've run through the upgrade process, you should be able to try your aws lightsail get-instance-snapshots again and get a json result listing your snapshots.

6: Install the JQ package for processing json from the command line.

Finally, we have one more dependency to install, that dependency is JQ. JQ is a tool for command line processing of json files. To install jq simply type. sudo apt install jq. This should take you through the installation process for jq.

7: Create, deploy, and test our automation script

Okay now you've got the proper software installed, now we need to use a script that will be responsible for kicking off the snapshot, and managing the old snapshots. To do this we found an existing script on github for doing this that works very well. You can download that script here. For the purposes of this blog post, I simply uploaded the script to my home directory. In production I'd suggest putting it somewhere a little more hidden. Finally we're going to test the script by navigating to the directory where your script is and typing 

sudo bash lightsail-backup.sh [instance] [region] [backups kept]

 [instance] is the name of your instance, [region] is the region where your instance is running (ie: us-east-1), and [backupskept] is the number of backups that you want to keep on hand. It's up to you to decide how many backups you want to keep. If all was successfuly you should see a result like this.

And in your light sail instance management screen, under the snapshots tab.

8: Now we schedule our snapshots

Okay, so we've successfully run our script. Now time to schedule it. For the purposes of this article, I've decided to run a snapshot once a week. To schedule this we type sudo crontab -e and edit your crontab file. To schedule a once a week backup, simply add this line to the file.

0 0 * * 0 sudo bash /home/bitnami/lightsail-backup-and-cleanup.sh [instance] [region] [backupskept]

Replace [instance] with your instance name, replace [region] with the region, and replace [backupskept] with the number of backups you want to keep.

Now save and close your crontab file, and you should be good to go! You now have regularly scheduled snapshots being taken of your lightsail instance.

If anyone has any improvement to this process to suggest, I'd be very open to hearing them. This is the process we came up with by piecing together different articles on the subject.

 

 

 

Jeff Turner

Jeff Turner

Jeff is a solutions architect with experience in software development and DevOps.