I recently had a need to snapshot the data from an Elasticsearch cluster to a Windows share on the network. I encountered some issues so I’ll post the steps that worked for me below. I’m running Elasticsearch on Ubuntu 18.04.
The Elasticsearch instructions for a shared file system repository seem to indicate that you can use a UNC path directly but I didn’t find this to be the case. I ended up mounting the Windows share locally with fstab and then referencing the local mount point. Note that you have to mount the share and modify elasticsearch.yml on each Elasticsearch node in your cluster.
First we need to make sure the necessary packages are installed.
apt install cifs-utils
Now we need to find the User ID of our Elasticsearch user. You will use this in the fstab entry.
id -u elasticsearch. For me this ID is 112.
Let’s create out local mount point.
sudo mkdir /mnt/elastic
Before we modify fstab our Windows share should be accessible. My share name is elastic and I created a new Windows user named esbackup that has write permissions to the share and file system.
Now on the Elasticsearch host we modify fstab.
sudo nano /etc/fstab
Add the following line.
//<windows_server_IP/<share_name> /mnt/elastic cifs user=esbackup,password=password,uid=112,vers=3.0 0 0
Replace the 112 above with the UID of your elasticsearch user.
Now mount the share.
sudo mount -a
Test the mount by navigating to the share and creating a test file.
Add path.repo in elasticsearch.yml.
path.repo: ["/mnt/elastic"]
Restart elasticsearch service (on each node).
systemctl restart elasticsearch
Now login to Kibana and navigate to Dev Tools. We’re going to create a snapshot repository at our new mount point.
PUT /_snapshot/my_backup_repo
{
"type": "fs",
"settings": {
"location": "/mnt/elastic",
"compress": true
}
}
Hopefully acknowledged: true is returned.
Now check to make sure the repository is registered.
GET /_snapshot/_all
You should see essentially the same JSON block that you entered a moment ago returned back to you showing the repository name and location.
Now write your first snapshot.
PUT /_snapshot/my_backup_repo/%3Csnapshot-%7Bnow%2Fd%7D%3E?wait_for_completion=true
If you’re following along in the elasticsearch.log you’ll see the following line.
[INFO ][o.e.s.SnapshotsService ] [snap1] snapshot [my_backup_repo:snapshot-2019.07.26/Bw8UwYFoRcmGvbrTPs7wvw] started
You can check the status of the snapshot with the following command. Note that the way I’m naming the snapshot causes the date to be appended.
GET /_snapshot/my_backup_repo/snapshot-2019.07.26
If you check the Windows folder you should see lots of new files.