Skip to main content

Hashicorp Consul Refresher - Backups

Shenzhen, China

Consul Snapshots are exposed as gzipped tar archives which internally contain the Raft metadata required to restore, as well as a binary serialized version of the Consul server state. The contents are covered internally by SHA-256 hashes. These hashes are verified during snapshot restore operations. The structure of the archive is internal to Consul and not intended to be used other than for restore operations. The archives are not designed to be modified before a restore.

Snapshot Include:

  • Key/Value entries
  • Service catalogue
  • Prepared queries
  • Sessions
  • ACLs

Backup and Restoring through the CLI

consul snapshot command:

  • inspect: View metadata of existing snapshot
  • restore: Restore state from existing snapshot
  • save: Create new snapshot

If you have ACLs enabled you need to provide your Consul token:

export CONSUL_HTTP_TOKEN=sfsdfg-agdsf23-fszdsd-234sdgfv

Backup

consul snapshot save backup.snap
Saved and verified snapshot to index 12749

Inspect

consul snapshot inspect backup.snap
ID           290-12749-1630854104373
Size         16350
Index        12749
Term         290
Version      1

Restore

consul snapshot restore backup.snap
Restored snapshot

Snapshot HTTP Endpoint

The /snapshot endpoint save and restore the state of the Consul servers for disaster recovery.

Backup

curl --header "X-Consul-Token: sfsdfg-agdsf23-fszdsd-234sdgfv" http://192.168.2.110:8500/v1/snapshot?dc=instaryun -o snapshot.tgz

Restore

curl \
    --header "X-Consul-Token: sfsdfg-agdsf23-fszdsd-234sdgfv" \
    --request PUT \
    --data-binary @snapshot.tgz \
    http://192.168.2.110:8500/v1/snapshot