Backing up your data regularly is critical for any company with business continuity in mind, whether the company is using an on-premises data center or a public cloud like AWS. Backups should be implemented properly and tested often so that if a disaster occurs, the business doesn’t suffer.
Taking a backup of your infrastructure resources frequently is very important in order to be able to recover from a disaster. It’s important to schedule AWS backups on a timely basis, such as taking backup weekly or monthly on different availability zones. It’s one of the best practices that is followed by DevOps teams all over the world.
So, in this article, we’ll walk you through how to backup EC2 instances using cloud-native technologies such as EBS snapshots, AWS Backup, AWS Data Lifecycle Manager, Amazon EBS snapshots using CloudWatch event and AMIs— to achieve both cost-saving and time-saving benefits while maximizing your data availability.
This step-by-step article presents the various advantages and disadvantages worth considering when looking into automating your EC2 instance backups on AWS.
How to Backup EC2 Instances
When doing an EC2 instance backup, you are essentially backing up the Elastic Block Store (EBS) volume (which contains all the data on it) by creating a snapshot of it. You can also create a new Amazon Machine Image (AMI) from your existing instance or a snapshot if needed.
This method, which was more commonly used in the past, preserves the configuration and deploys new copies of it. Both the EBS snapshot and the AMI are automatically stored on Amazon S3 which is known for being highly durable and reliable. Most of the recently introduced tools, including the ones discussed below, focus on EBS volumes alone.
3 Different Ways to Take EC2 Instance Backups
1) Automate Backups Using Data Lifecycle Manager
In July of 2018, Amazon released Data Lifecycle Manager (DLM), a tool for automating EBS volumes. DLM allows you to use tag-based lifecycle policies to define various backup schedules.
To get started, open LifeCycle Manager under the EC2 instance service and start defining the policy.
Policy works by looking at the desired tags, so make sure your resources are tagged properly before starting. You can also pick the resource type. This is helpful when you only want to look for tagged EBS volumes, rather than finding all the tagged EC2 instances.
Further down, you define the backup schedule. Simply choose the starting time and how often the policy will run (you can choose between 2h and 24h). You will also need to pick the number of snapshots to be retained.
You can have additional tags added to your snapshots, either by checking the option to copy the tags from the original volume or by adding new ones yourself.
You can also exclude the snapshot of the root volume. This is a useful option if you only need additional data volumes to be backed up. For the role, you can keep the default.
It is possible to create the policy without immediately enabling it. If you do this, simply modify the policy later.
After you are done, you can see your newly created policy, as well its status.
If you want more details, you can look at the policy summary. It will tell you exactly how you have defined the backup schedule, and it will show the retention of the backups.
When the defined schedule triggers backups, you will see them under Snapshots.
2) Backup Automation Using AWS Backup
AWS Backup is a fully managed service that is used to automate backups on AWS (though it can be implemented on-premises as well, by using AWS Storage Gateway). Compared to Data Lifecycle Manager, it is a much more powerful tool, and it can serve as a centralized location for configuring and monitoring backups.
AWS Backup can be used not only for EBS volumes, but also for RDS databases, DynamoDB tables, Storage Gateway volumes, and even EFS file systems.
To start, open the AWS Backup service.
Click on Backup plans (or Manage Backup plans), and then Create Backup plan.
There, you have a couple of options.
You can start by using an existing plan and choosing an option such as “Daily 35-day retention” or “Daily Monthly 1yr Retention.” In this example, we are going to start from scratch, so pick Build a new plan.
After naming your plan, you will configure the backup rule—or, more specifically, a schedule that will be followed for creating backups. Make sure you set the desired backup window (if using a custom one, UTC is always used and can’t be changed) and the frequency of execution.
You can also create the life cycle settings and either transition the backups to Amazon Glacier cold storage or expire them completely.
Below that section is the one in which you pick the Backup vault. You can either use the default one or select a custom vault if you’re looking for logical separation. As with the Data Lifecycle Manager, you can add tags to your backups if needed.
After you’re done and your plan is created, it is time to assign resources to it.
Resources can be assigned by using tags or by adding them based on the Resource ID.
With the plan created and the resources assigned, your AWS Backup is ready.
You can go back to the AWS Backup dashboard and actually see the backup (and also restore) jobs. The screenshot below shows that there is a backup job in progress.
After the backup has been completed, the dashboard will be updated accordingly, as shown below.
With AWS Backup, you can easily initiate the restore of your backups. This can be very convenient, especially in a disaster recovery situation when multiple volumes may need to be restored quickly.
3) Schedule Automated Amazon EBS Snapshots Using CloudWatch Events
The last backup method we will examine is EBS Snapshot creation using CloudWatch events. To implement this process, you will use a CloudWatch rule.
Click on Create rule, and pick Schedule under Event Source.
This will give you two options: you can either have this rule triggered using a fixed rate (every X minutes, hours, or days), or you can use a cron expression, which gives you much more flexibility. For example, you can have an event that triggers every Wednesday, Thursday, and Friday at 6pm. You will also see a preview of your next ten trigger dates. Do note that all times are presented in GMT.
After configuring the desired schedule, click on Add Target and chose “EC2 CreateSnapshot API call” from the list. Then, copy the volume ID of the volume you want to backup. You can leave the option to create a new role, unless you have one already.
Click on Configure details, name your rule, and give it description. After that, you are ready to go.