Skip to content

Elasticsearch 7.x.0 service and private s3 bucket setup on 'space'

Jun Li edited this page Dec 1, 2020 · 19 revisions

1. Create ES 7.x.0 service instance (~15 minutes)

cf create-service aws-elasticsearch <service_plan_name> <fec_instance_name>
ex: cf create-service aws-elasticsearch es-medium-ha fec-api-elasticsearch

2. Setup private S3 bucket

(1)Create private s3 bucket (It will store the ES snapshot files)
cf create-service s3 basic <s3_bucket_instance_name>
ex: cf create-service s3 basic fec-s3-snapshot

(2)Get S3 bucket name
a)Create a service key to access S3 credentials
cf create-service-key <service_instance_name> <service_key_name>
ex: cf create-service-key fec-s3-snapshot fec-s3-snapshot-key

b)Get s3 credentials
cf service-key <service_instance_name> <service_key_name>
ex: cf service-key fec-s3-snapshot fec-s3-snapshot-key

c)Install jq(Lightweight command-line JSON processor) to get s3 bucket name (keep in same terminal)
brew list
brew install jq

s3_credentials=$(cf service-key fec-s3-snapshot fec-s3-snapshot-key | tail -n +3)
check env s3_credentials value: echo "${s3_credentials}"

s3_bucket=$(echo "${s3_credentials}" | jq -r '.bucket')
check env s3_bucket value: echo "${s3_bucket}"

d)Upload the CORS policy to private s3 bucket
Create a cors.json on local and copy below rules into cors.json
{"CORSRules": [
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["HEAD", "GET"],
"ExposeHeaders": ["ETag"]
}
]
}

upload to s3 bucket on space
['dev' space]:


['stage' space]:
aws s3api put-bucket-cors --bucket cg-52c16ed3-879b-4163-951a-50b1c8b79f8b --cors-configuration file://cors.json --profile s3-stage-snapshot

['feature' space]:
aws s3api put-bucket-cors --bucket cg-1a47b3a6-7351-4414-9ad8-cbe8a8949569 --cors-configuration file://cors.json --profile s3-feature-snapshot


['prod' space]:

3. Bind private S3 bucket to ES7 service and get snapshotRoleARN

(1)Assign the new s3 bucket to Elasticsearch instance (keep in the same terminal)
cf create-service-key <fec_es_instance_name> <fec_es_instance_name_key> -c '{"bucket":"${s3_bucket}"}'
ex: cf create-service-key fec-api-elasticsearch fec-api-elasticsearch-key -c '{"bucket":"${s3_bucket}"}'

(2)Get service key for fec es instance
cf service-key <fec_es_instance_name> <fec_es_instance_name_key>
ex: cf service-key fec-api-elasticsearch fec-api-elasticsearch-key

(3)Get Elasticsearch service snapshotRoleARN
es_arn=$(cf service-key fec-api-elasticsearch fec-api-elasticsearch-key | tail -n +3)
echo "${es_arn}"
snapshotRoleARN=$(echo "${es_arn}" | jq -r '.snapshotRoleARN')
echo "${snapshotRoleARN}"

(4)Add ES_SNAPSHOT_ROLE_ARN to env variable on space
follow this instruction: Switch out cf environment variables

4. Create repository and test snapshot, restore

follow this:Elasticsearch 7.x.0 management instruction