1

We have a couple of environments in Engine Yard. Each of them runs the same application, but on different stages: production, staging, etc. In total about 10 environments. Now, we want to dump the production database every night, and restore it on the rest of environments to have the latest data.

The problem is, an instance from one environment can't access instances in other environments. There are two ways to connect that are suitable for us:

  • SSH.
  • Specify the RDS host as the --host parameter to mysqldump. The RDS host is of the form environment.random_string.region.rds.amazonaws.com as opposed to a regular EC2 host name.

Neither of them works out of box. The straightforward solution would be to generate RSA keys on all the servers that want access, and add them to authorized_hosts to all the servers that should allow access. However, this solution isn't scalable: once we add or recreate an environment we'd need to repeat process.

Is there any better solution?

shock_one
  • 5,845
  • 3
  • 28
  • 39

3 Answers3

1

There is a way to setup a special backup configuration file on your other instances that would allow you to directly access the Production S3 bucket from another environment within the same account. There is some risk involved with this since it would also technically allow your non-production environment the ability to edit the contents of the production bucket.

There may be some other options depending on the specifics of your configuration. Your best option would be to open a ticket with the Engine Yard Support team so we can discuss your needs further.

tpol
  • 301
  • 1
  • 6
  • [eyrestore](https://support.cloud.engineyard.com/hc/en-us/articles/205408058-Restore-or-Load-a-Database#topic3) is a recently released tool designed to help address this use case within Engine Yard in a safe fashion. Its available on recent versions of the Stable-v4 and Stable-v5 stacks. – tpol May 22 '17 at 17:08
0

Is it possible to set up a separate HUB server with FTP or SFTP service only?

  • open inbound port 21/22 from all environments to that HUB server, so all clients can download the database dump.
  • open inbound port 3306 or other database port from Hub Server to RDS/Database.
  • run cron job on Hub server to get the db dump, push the dump to other environment and so on.
BMW
  • 42,880
  • 12
  • 99
  • 116
0

Backup your production to a S3 bucket created for this purpose. Use IAM roles to control how your other environments can connect to the same bucket.

Since the server of your Production environment should be known you can use a script to mysqldump that one server to the shared S3 bucket. Once complete, your other servers can collect the data from that S3 bucket using a properly authorized IAM role.

greg_diesel
  • 2,955
  • 1
  • 15
  • 24