Skip to content

Latest commit

 

History

History
44 lines (28 loc) · 2.58 KB

update-strategy-periodic.md

File metadata and controls

44 lines (28 loc) · 2.58 KB
Raw

Periodic update strategy

The agent supports a periodic strategy, which allows gating reboots based on "reboot windows", defined on weekly basis.

This strategy is a port of locksmith reboot windows, with a few differences:

  • all times and dates are UTC-based to avoid skews and ambiguities
  • multiple disjoint reboot windows are supported
  • multiple configuration entries are assembled into a single weekly calendar
  • weekdays need to be specified, in either long or abbreviated form
  • length duration is always specified in minutes

Timing and configuration

Window granularity is at the "minutes" level. For this reason, the configuration parameter length_minutes is a plain non-zero integer (instead of a free-form duration string).

In order to ease the case where the same time-window has to be applied on multiple specific days, the days parameter accepts a set of weekdays (instead of a single day).

The start of a reboot window is a single point in time, specified in 24h format with minutes granularity (e.g. 22:30) via the start_time parameter.

A key part of this logic is that all times and dates are UTC-based, in order to guarantee the correctness of maintenance windows. In particular, UTC times are needed to avoid:

  • skipping reboot windows due to Daylight Saving Time time-change
  • overshooting reboot windows due to Daylight Saving Time time-change
  • mixups due to short-notice law changes in time-zone definitions
  • errors due to stale tzdata entries
  • human confusion on machines with different local-timezone configurations

Overall this strategy aims at guaranteeing that the total weekly length for reboot windows is respected, regardless of local timezone laws.

As a side-effect, this also helps when cross-checking configurations across multiple machines located in different places.

Implementation details

Configuration fragments are merged into a single weekly calendar.

In order to avoid too many unwieldy datetime operations to be performed in "modulo 7 days", all times are converted to "minutes since beginning of week". This means that all datetimes are mapped to the range that goes from 0 (00:00 on Monday morning) to MAX_WEEKLY_MINS (23:59 on Sunday night). A reboot window which is specified across week boundary (e.g. starting on Sunday and ending on Monday) gets split into two sub-windows in order to respect the range above.

Reboot windows are internally stored within an Augmented Interval Tree data-structure.