我的任务是开发一种方法,确保我们所有运行的实例都有一个当前快照(通常每天完成(。目前我做以下工作:
- 遍历每个实例
- 将其卷ID与具有该卷ID的任何快照进行交叉引用
- 仅筛选"今天"创建的快照
我的代码工作正常,只是非常慢。。。这不适合拥有数以万计实例的组织有什么方法可以在不达到API调用速率限制的情况下加快速度
代码:
'''
Checks for a current snapshot for every instance, if it has one it is compliant, otherwise non-compliant.
'''
from datetime import datetime, date, timedelta
import boto3
ec2client = boto3.client('ec2', region_name='us-east-1')
# Create a Paginator
paginator = ec2client.get_paginator('describe_instances')
instances = paginator.paginate().build_full_result()
for reservation in instances["Reservations"]:
for instance in reservation["Instances"]:
# Set base value
compliant = "Non-compliant"
# Lists all storage devices attached to instance.
block_device_mappings = instance["BlockDeviceMappings"]
for block in block_device_mappings:
ebs = block.get("Ebs", False)
# Volume ID of instances storage, use to find Snapshots.
volume_id = ebs.get("VolumeId", False)
# Wild card for filtering snapshots that occured today
compliant_time_frame = date.isoformat(date.today()) + '*'
snapshots = ec2client.describe_snapshots(
Filters=[
{'Name': 'volume-id','Values': [volume_id]},
{'Name': 'start-time', 'Values': [compliant_time_frame]}
]
)
snapshots = snapshots.get("Snapshots", [])
# If snapshots exist, instance is compliant
# We have already drilled down for current snapshots in .describe_snapshots() filter
if len(snapshots) > 0:
compliant = "Compliant"
print(instance.get("InstanceId"), compliant)
代码似乎正在为每个实例调用describe_snapshots()。
首先检索在所需时间范围内创建的所有快照列表可能会更快。将它们存储在列表或字典中。
然后,在循环遍历每个实例时,只需查阅列表或字典即可确认快照是否存在。