Girolamo da Schio

Girolamo da Schio

How to restore an Elasticsearch Snapshot locally

Pawel Czerwinski

Introduction:

This guide outlines the process of restoring a copy of an Elasticsearch snapshot on your local machine. This can be especially useful when you need to troubleshoot issues in a database for which you don’t have direct access, without having to create an API for interaction. Since this procedure lacks documentation, we aim to provide you with a clear step-by-step guide.

Procedure:

  1. Copy the Elasticsearch Snapshot:

To begin, retrieve the Elasticsearch snapshot from its repository. If you’re using Google Cloud Platform (GCP), follow these steps:

  • Use the ‘gscopy’ command to copy all files from the repository.
gsutil -m cp -r gs://${BUCKET_NAME}/${SNAPSHOT_NAME}/* ./
  • Compress all the copied files into a zip archive.
zip -r ${ZIP_FILE} ./${SNAPSHOT_NAME}
  • Download the zip file to your local machine.
gcloud compute scp ${ZIP_FILE} YOUR_LOCAL_MACHINE_USERNAME@YOUR_LOCAL_MACHINE_IP:~/ --zone=YOUR_LOCAL_MACHINE_ZONE
  • From your terminal, extract the contents of the zip file.
unzip ${ZIP_FILE} -d ${LOCAL_PATH}
  • Note down the path to the extracted snapshot.
  1. Update Your Elasticsearch Configuration:
  • Locate the Elasticsearch configuration YAML file on your local machine. Depending on your setup, the configuration file is commonly named elasticsearch.yml.
  • Open the configuration file using a text editor of your choice. You may need administrative privileges to modify this file.
  • Find the section where you can specify the Elasticsearch repositories. It often looks like this:
path:
  repositories:
    - /path/to/your/backup/repository
  • Add the path to the extracted snapshot you noted down from step 1. Ensure it matches your Elasticsearch configuration’s expected format. It should resemble something like this:

path:
  repositories:
    - /path/to/your/backup/repository
    - /path/to/the/extracted/snapshot
  • Save and close the configuration file.
  1. Restore the Index: Utilize the Curl command to interact with the Elasticsearch restore index API.
curl -X POST "http://localhost:9200/_snapshot/your_repository_name/snapshot_name/_restore"
  • Replace your_repository_name and snapshot_name with the appropriate values for your snapshot.
  • Monitor the response for success. A successful response indicates that the index has been restored.

Conclusion:

By following these steps, you’ll be able to restore an Elasticsearch snapshot locally on your machine, facilitating troubleshooting and analysis without the need for direct access to the original database.

Ciao :)