Skip to content

Commit

Permalink
Merge pull request #7180 from mikesplain/automated-cherry-pick-of-#71…
Browse files Browse the repository at this point in the history
…77-origin-release-1.14

Automated cherry pick of #7177: Instance protection
  • Loading branch information
k8s-ci-robot authored Jun 22, 2019
2 parents cd43099 + a279a29 commit ed45f1f
Show file tree
Hide file tree
Showing 13 changed files with 70 additions and 2 deletions.
21 changes: 21 additions & 0 deletions docs/instance_groups.md
Original file line number Diff line number Diff line change
Expand Up @@ -474,6 +474,27 @@ spec:
- AZRebalance
```

## Protect new instances from scale in

Autoscaling groups may scale up or down automatically to balance types of instances, regions, etc.
[Instance protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) prevents the ASG from being scaled in.

```
# Example for nodes
apiVersion: kops.k8s.io/v1alpha2
kind: InstanceGroup
metadata:
labels:
kops.k8s.io/cluster: k8s.dev.local
name: nodes
spec:
machineType: m4.xlarge
maxSize: 20
minSize: 2
role: Node
instanceProtection: true
```

## Attaching existing Load Balancers to Instance Groups

Instance groups can be linked to up to 10 load balancers. When attached, any instance launched will
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/instancegroup.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,8 @@ type InstanceGroupSpec struct {
IAM *IAMProfileSpec `json:"iam,omitempty"`
// SecurityGroupOverride overrides the default security group created by Kops for this IG (AWS only).
SecurityGroupOverride *string `json:"securityGroupOverride,omitempty"`
// InstanceProtection makes new instances in an autoscaling group protected from scale in
InstanceProtection *bool `json:"instanceProtection,omitempty"`
}

const (
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha1/instancegroup.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,8 @@ type InstanceGroupSpec struct {
IAM *IAMProfileSpec `json:"iam,omitempty"`
// SecurityGroupOverride overrides the default security group created by Kops for this IG (AWS only).
SecurityGroupOverride *string `json:"securityGroupOverride,omitempty"`
// InstanceProtection makes new instances in an autoscaling group protected from scale in
InstanceProtection *bool `json:"instanceProtection,omitempty"`
}

const (
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha1/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha2/instancegroup.go
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,8 @@ type InstanceGroupSpec struct {
IAM *IAMProfileSpec `json:"iam,omitempty"`
// SecurityGroupOverride overrides the default security group created by Kops for this IG (AWS only).
SecurityGroupOverride *string `json:"securityGroupOverride,omitempty"`
// InstanceProtection makes new instances in an autoscaling group protected from scale in
InstanceProtection *bool `json:"instanceProtection,omitempty"`
}

const (
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha2/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions pkg/apis/kops/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions pkg/model/awsmodel/autoscalinggroup.go
Original file line number Diff line number Diff line change
Expand Up @@ -315,6 +315,8 @@ func (b *AutoscalingGroupModelBuilder) buildAutoScalingGroupTask(c *fi.ModelBuil
}
t.SuspendProcesses = &processes

t.InstanceProtection = ig.Spec.InstanceProtection

// @step: are we using a mixed instance policy
if ig.Spec.MixedInstancesPolicy != nil {
spec := ig.Spec.MixedInstancesPolicy
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ spec:
maxSize: 2
minSize: 2
role: Node
instanceProtection: true
subnets:
- us-test-1b
mixedInstancesPolicy:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -228,8 +228,9 @@ resource "aws_autoscaling_group" "nodes-mixedinstances-example-com" {
propagate_at_launch = true
}

metrics_granularity = "1Minute"
enabled_metrics = ["GroupDesiredCapacity", "GroupInServiceInstances", "GroupMaxSize", "GroupMinSize", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
metrics_granularity = "1Minute"
enabled_metrics = ["GroupDesiredCapacity", "GroupInServiceInstances", "GroupMaxSize", "GroupMinSize", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
protect_from_scale_in = true
}

resource "aws_ebs_volume" "us-test-1a-etcd-events-mixedinstances-example-com" {
Expand Down
18 changes: 18 additions & 0 deletions upup/pkg/fi/cloudup/awstasks/autoscalinggroup.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ type AutoscalingGroup struct {

// Granularity specifys the granularity of the metrics
Granularity *string
// InstanceProtection makes new instances in an autoscaling group protected from scale in
InstanceProtection *bool
// LaunchConfiguration is the launch configuration for the autoscaling group
LaunchConfiguration *LaunchConfiguration
// LaunchTemplate is the launch template for the asg
Expand Down Expand Up @@ -171,6 +173,10 @@ func (e *AutoscalingGroup) Find(c *fi.Context) (*AutoscalingGroup, error) {
// Avoid spurious changes
actual.Lifecycle = e.Lifecycle

if g.NewInstancesProtectedFromScaleIn != nil {
actual.InstanceProtection = g.NewInstancesProtectedFromScaleIn
}

return actual, nil
}

Expand Down Expand Up @@ -315,6 +321,11 @@ func (v *AutoscalingGroup) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *Autos
return fmt.Errorf("error suspending processes: %v", err)
}
}

if e.InstanceProtection != nil {
request.NewInstancesProtectedFromScaleIn = e.InstanceProtection
}

} else {
// @logic: else we have found a autoscaling group and we need to evaluate the difference
request := &autoscaling.UpdateAutoScalingGroupInput{
Expand Down Expand Up @@ -451,6 +462,11 @@ func (v *AutoscalingGroup) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *Autos
changes.SuspendProcesses = nil
}

if changes.InstanceProtection != nil {
request.NewInstancesProtectedFromScaleIn = e.InstanceProtection
changes.InstanceProtection = nil
}

empty := &AutoscalingGroup{}
if !reflect.DeepEqual(empty, changes) {
klog.Warningf("cannot apply changes to AutoScalingGroup: %v", changes)
Expand Down Expand Up @@ -628,6 +644,7 @@ type terraformAutoscalingGroup struct {
MetricsGranularity *string `json:"metrics_granularity,omitempty"`
EnabledMetrics []*string `json:"enabled_metrics,omitempty"`
SuspendedProcesses []*string `json:"suspended_processes,omitempty"`
InstanceProtection *bool `json:"protect_from_scale_in,omitempty"`
}

// RenderTerraform is responsible for rendering the terraform codebase
Expand All @@ -638,6 +655,7 @@ func (_ *AutoscalingGroup) RenderTerraform(t *terraform.TerraformTarget, a, e, c
MaxSize: e.MaxSize,
MetricsGranularity: e.Granularity,
EnabledMetrics: aws.StringSlice(e.Metrics),
InstanceProtection: e.InstanceProtection,
}

for _, s := range e.Subnets {
Expand Down

0 comments on commit ed45f1f

Please sign in to comment.