How to make AWS ASG do nothing when instance count is between min and max

amazon ec2amazon-web-servicesterraform

We're using Terraform to launch ASGs for most of our AWS EC2 instances. The problem is that once in awhile we want to do some extra work before terminating an instance; for example: decommissioning a node from a cluster before the EC2 instance it was running on is terminated. If we were just to lower min == max (our default) then an instance gets terminated and we can't run a graceful decommission.

Instead what I've tried is lowering min to the new desired value (example: 6) and keeping the max at the old value (example: 10), what happens in this case is that the desired value stays at 10 (the max) and terminating the EC2 instance causes a new one to be launched by the ASG. NOTE: we are not setting the Terraform desired_capacity setting at all.

If I set desired_capacity manually, I risk the ASG terminating a node that has not been gracefully decommissioned so I don't think that's an option for me.

What I'd ideally like is for the ASG to do nothing when the current EC2 Instance count for that ASG is between min and max and let me manually terminate instances. Obviously if the count goes below min I'd still like the ASG to launch a new EC2 Instance.

Is there any way to achieve this?

Best Answer

Supposed solutions:

Option 1: Your ASG should be created with instance protection ON - Terraform docs

In this case, we could have next sequence of operations for instance decommission:

Perform decommission of particular instance(s)(remove data from it(them))
Reduce count of ASG's size by desirable value
Apply Terraform state
Remove protection flag from decommissioned instances: aws autoscaling set-instance-protection --instance-ids <instances_ids> --auto-scaling-group-name <asg_name> --no-protected-from-scale-in

Option 2: Your ASG was not created with instance protection.

In this case, we could have next sequence of operations for instance decommission:

Add protection flag on all instances of ASG: aws autoscaling set-instance-protection --instance-ids <instances_ids> --auto-scaling-group-name <asg_name> --protected-from-scale-in
Perform decommission of particular instance(s)(remove data from it(them))
Reduce count of ASG's size by desirable value
Apply Terraform state
Remove protection flag from decommissioned instances: aws autoscaling set-instance-protection --instance-ids <instances_ids> --auto-scaling- group-name <asg_name> --no-protected-from-scale-in
(Optionally) Wait until ASG shrinks to desirable size and remove protection flag from other instances

Update

Our bid price is high, and I don't think the instances should have been terminated due to spot price (based on spot pricing history)

Spot price contention is not the only possible cause for an Amazon EC2 Spot Instance being terminated by AWS, another notable one is capacity contention:

The capacity of available spot instances depends on the demand for regular instances, and if there aren't any instances of a specific type available for users requesting regular on demand instances, AWS will start terminating spot instances to fulfill those requests.
In fact I've encountered that in us-east-1 more often than elsewhere so far, and much more frequently in recent month for the new m3/c3/i3 instance type families (an understandable effect of ramping up capacity over time).

You can verify the actual cause of a spot request termination manually in the AWS Management Console or e.g. via the AWS CLI's describe-spot-instance-requests. For advanced spot instance usage I'd recommend to start Tracking Spot Requests with Bid Status Codes and correlate these with your instance terminations for the best operational insight. See the Life Cycle of a Spot Requests and the Spot Bid Status Code Reference for more details, specifically the following reasons for spot termination by AWS:

instance-terminated-by-price

The Spot Price rose above your bid price. If your request is a persistent bid, the process—or life cycle—restarts and your bid will again be pending evaluation.
instance-terminated-no-capacity

There is no longer any Spot capacity available for the instance.
instance-terminated-capacity-oversubscribed

Your instance was terminated because the number of Spot requests with bid prices equal to or higher than your bid price has exceeded the available capacity in this pool. This means that your instance was interrupted even though the Spot Price may not have changed because your bid was at the Spot Price.
instance-terminated-launch-group-constraint

One of the instances in your launch group was terminated, so the launch group constraint is no longer fulfilled.

Initial Answer

"At 2014-05-07T18:06:45Z an instance was taken out of service in response to a system health-check."

This misleading message simply is the one reported when the Amazon EC2 Spot Instance has been terminated due to spot price contention, see e.g. the AWS team's response to Auto Scaling Message & Spot Instance Termination:

You are correct the instance was terminated due to spot pricing.

The instance terminated right before the health-check so it was taken out of service since it was still associated to the AS group.

While it escapes me why AWS hasn't managed to come up with a better integration between Auto Scaling and Amazon EC2 yet in this regard, it makes more sense when considering that these are two separate services in fact, so if the 'external' spot market backend terminates an EC2 instance, it will simply become 'unhealthy' from an Auto Scaling point of view - this is sort of documented in Obtaining Information About the Instances Launched by Auto Scaling:

Cause: At 2012-06-01T00:47:51Z an instance was taken out of service in response to a system health-check. Description: Terminating EC2 instance: i-88ce28f1

Auto Scaling maintains the desired number of instances by monitoring the health status of the instances in the Auto Scaling group. When Auto Scaling receives notification that an instance is unhealthy or terminated, Auto Scaling launches another instance to take the place of the unhealthy instance. [...]

Note
Auto Scaling provides the cause of instance termination that is not the result of a scaling activity. This includes instances that have been terminated because the Spot Price exceeded their bid price. [emphasis mine]

Best Answer

Related Solutions

How to launch an amazon ec2 spot instance with UserData

Spot instances frequently terminated in AWS auto scaling group (failing system health check)

Update

Initial Answer

Related Topic