Skip to main content
Table of contents


Backup and restore Elasticsearch indices

GOV.UK uses AWS Managed Elasticsearch which takes daily snapshots of the cluster as part of the managed service. These are stored in a S3 bucket that is not made available to us. Restoration is done by making HTTP requests to the _snapshot endpoint.

To restore a snapshot, follow these steps:

  1. Log into a search machine

    govukcli set-context <environment>
    govukcli ssh search
  2. Query the _snapshot endpoint of Elasticsearch to get the snapshot repository name:

    curl http://elasticsearch6/_snapshot?pretty
  3. Query the _all endpoint to identify the available snapshots in the named repository:

    curl http://elasticsearch6/_snapshot/<repository-name>/_all?pretty
  4. If an index already exists with the same name as the one being restored, delete the existing index:

    curl -XDELETE http://elasticsearch6/<index-name>
  5. Restore the index from the snapshot:

    curl -XPOST 'http://elasticsearch6/_snapshot/<repository-name>/<snapshot-id>/_restore' -d '{"indices": "<index-name>"}' -H 'Content-Type: application/json'

Further information about Elasticsearch snapshots can be found in the AWS documentation

After a restore has taken place, traffic will need to be replayed following the restore, since the index will be out-of-sync with the publishing apps.

This page was last reviewed on 22 August 2019. It needs to be reviewed again on 22 February 2020 by the page owner #govuk-2ndline .
This page was set to be reviewed before 22 February 2020 by the page owner #govuk-2ndline. This might mean the content is out of date.