Two simple scripts to backup and restore CosmosDB

At my current company, we use Azure to manage our cloud infrastructure and they provide a lot of great resources and cloud solutions. However, creating a backup from a MongoDB based CosmosDB instance isn't very straight forward (if it is I missed it and please tell me where to look :). If you have a SQL instance easy peasy just go the export tab within in the DB, set a destination, provide login credentials and boom done. NoSql not so much. This is a quick and simple post on the two commands you can run to grab the data from your remote CosmosDB instance (running mongo) and then restore it to another/new CosmosDB instance

The problem

  1. We needed to quickly make a copy of a specific CosmosDb production DB instance
  2. We needed to restore a new CosmosDB instance

What you need

  1. Mongodb installed, as the tool we are using, mongodump comes with mongodb
  2. The Azure cli (and you will need to be logged in az login)

Create a backup

Run the script below to create a backup of all of the collections in your specified db instance to your local machine


$ mongodump --host "$HOST_NAME" -u "$SOURCE_DB_ACCOUNT" 
-p "$SOURCE_PASSWORD" --ssl --<type-of-ssl-required> 
--out ./backup --db="$SOURCE_DB"

$ mongodump --host yourdbname.documents.azure.com --port 10255 
-u <your-username> -p <password> --ssl 
--<type-of-ssl-required> --out ./backup --db=<your-db-name>
  • Figure 1 below shows where to get your HOST_NAME, SOURCE_DB_ACCOUNT andSOURCE_PASSWORD.
  • One way you can find your SOURCE_DB is by navigating to the Data Explorer tab (figure 2 below)

Restore to a new CosmosDB

Run the command below for each collection in your db instance and specifically pointing to the bson files for restoring

$ mongorestore --host "$DESTINATION_HOST_NAME" -u "$DESTINATION_DB_ACCOUNT" 
-p "$DESTINATION_PRIMARY_PASSWORD" --db="$NEWLY_CREATED_DB_NAME" 
--collection="$COLLECTION_NAME" 
<PATH_TO_YOUR_LOCAL_FILE>/lms-seeds/"$COLLECTION_NAME".bson 
--ssl --<type-of-ssl-required>

IMPORTANT NOTES:

  • Note that my db requires ssl as seen by the --ssl flag. As such you need to pass that parameter and a second one to specify what type ssl configuration to use to authenticate. See the Mongo SSL Docs for more information.
  • If there is absolutely no possible way for intrusion and you system is highly secure you can use the sslAllowInvalidCertificates, but it is discouraged.


--figure 1: Azure Cosmos DB


-- figure 2: Azure Data Explorer


Shout Outs