From c88dd95a7de4cc1144e24dd3c2518dc8243709cd Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Wed, 31 Jul 2024 16:05:08 -0500 Subject: [PATCH 01/11] Add instance scale-in protection --- plugins/modules/autoscaling_group.py | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/plugins/modules/autoscaling_group.py b/plugins/modules/autoscaling_group.py index 0efd38cc481..91f7f6cad3c 100644 --- a/plugins/modules/autoscaling_group.py +++ b/plugins/modules/autoscaling_group.py @@ -228,6 +228,11 @@ - List of VPC subnets to use type: list elements: str + protected_from_scale_in: + description: + - If V(true), instances will have scale-in protection enabled. + type: bool + default: false tags: description: - A list of tags to add to the Auto Scale Group. @@ -1128,6 +1133,7 @@ def create_autoscaling_group(connection): vpc_zone_identifier = module.params.get("vpc_zone_identifier") set_tags = module.params.get("tags") purge_tags = module.params.get("purge_tags") + protected_from_scale_in = module.params.get("protected_from_scale_in") health_check_period = module.params.get("health_check_period") health_check_type = module.params.get("health_check_type") default_cooldown = module.params.get("default_cooldown") @@ -1186,6 +1192,7 @@ def create_autoscaling_group(connection): HealthCheckType=health_check_type, DefaultCooldown=default_cooldown, TerminationPolicies=termination_policies, + NewInstancesProtectedFromScaleIn=protected_from_scale_in, ) if vpc_zone_identifier: ag["VPCZoneIdentifier"] = vpc_zone_identifier @@ -1483,7 +1490,7 @@ def get_chunks(l, n): yield l[i:i + n] # fmt: skip -def update_size(connection, group, max_size, min_size, dc): +def update_size(connection, group, max_size, min_size, dc, protected_from_scale_in): module.debug("setting ASG sizes") module.debug(f"minimum size: {min_size}, desired_capacity: {dc}, max size: {max_size}") updated_group = dict() @@ -1491,6 +1498,7 @@ def update_size(connection, group, max_size, min_size, dc): updated_group["MinSize"] = min_size updated_group["MaxSize"] = max_size updated_group["DesiredCapacity"] = dc + updated_group["NewInstancesProtectedFromScaleIn"] = protected_from_scale_in update_asg(connection, **updated_group) @@ -1501,6 +1509,7 @@ def replace(connection): group_name = module.params.get("name") max_size = module.params.get("max_size") min_size = module.params.get("min_size") + protected_from_scale_in = module.params.get("protected_from_scale_in") desired_capacity = module.params.get("desired_capacity") launch_config_name = module.params.get("launch_config_name") @@ -1570,7 +1579,7 @@ def replace(connection): # This should get overwritten if the number of instances left is less than the batch size. as_group = describe_autoscaling_groups(connection, group_name)[0] - update_size(connection, as_group, max_size + batch_size, min_size + batch_size, desired_capacity + batch_size) + update_size(connection, as_group, max_size + batch_size, min_size + batch_size, desired_capacity + batch_size, protected_from_scale_in) if wait_for_instances: wait_for_new_inst(connection, group_name, wait_timeout, as_group["MinSize"] + batch_size, "viable_instances") @@ -1598,7 +1607,7 @@ def replace(connection): module.debug("breaking loop") break - update_size(connection, as_group, max_size, min_size, desired_capacity) + update_size(connection, as_group, max_size, min_size, desired_capacity, protected_from_scale_in) as_group = describe_autoscaling_groups(connection, group_name)[0] asg_properties = get_properties(as_group) module.debug("Rolling update complete.") @@ -1902,6 +1911,7 @@ def main(): state=dict(default="present", choices=["present", "absent"]), tags=dict(type="list", default=[], elements="dict"), purge_tags=dict(type="bool", default=False), + protected_from_scale_in=dict(type="bool", default=False), health_check_period=dict(type="int", default=300), health_check_type=dict(default="EC2", choices=["EC2", "ELB"]), default_cooldown=dict(type="int", default=300), From db656fe757a4ba6037b2e5b740649df3860389f1 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 00:35:04 -0500 Subject: [PATCH 02/11] added changelog fragement --- .../fragments/2207_scale_in_protection_auto_scaling_group.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml diff --git a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml new file mode 100644 index 00000000000..4073f2c5c89 --- /dev/null +++ b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml @@ -0,0 +1,2 @@ +minor_changes: + - autoscaling_group: Added a boolean parameter `protected_from_scale_in` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207/files) From 6cd936ad110cc4bdd96f15651bac4973c9e1e0a9 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 00:52:52 -0500 Subject: [PATCH 03/11] add test --- .../ec2_asg/tasks/create_update_delete.yml | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml index bc8373af941..5cd376e1edf 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml @@ -580,3 +580,26 @@ - output.target_group_arns | length == 1 - output.target_group_arns[0] == out_tg1.target_group_arn - output.changed == false + # ============================================================ + - name: Create autosclaing group with instance protection enabled + amazon.aws.autoscaling_group: + name: "{{ resource_prefix }}-asg" + protected_from_scale_in: true + register: output + + - ansible.builtin.assert: + that: + - output.changed == true + + - name: Disable instance protection from asg + amazon.aws.autoscaling_group: + name: "{{ resource_prefix }}-asg" + protected_from_scale_in: false + register: modified_output + - ansible.builtin.assert: + that: + - protected_from_scale_in.changed == true + - name: Destroy asg + amazon.aws.autoscaling_group: + name: "{{ resource_prefix }}-asg" + state: absent \ No newline at end of file From d900a01b0bb797b2876c4473c59ce0b97d6ea939 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 00:54:04 -0500 Subject: [PATCH 04/11] removed /files from url --- .../fragments/2207_scale_in_protection_auto_scaling_group.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml index 4073f2c5c89..ceb6eea14d7 100644 --- a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml +++ b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml @@ -1,2 +1,2 @@ minor_changes: - - autoscaling_group: Added a boolean parameter `protected_from_scale_in` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207/files) + - autoscaling_group: Added a boolean parameter `protected_from_scale_in` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207) From aee3a1753090ff685491c4257d7c5aec8d966177 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 00:55:53 -0500 Subject: [PATCH 05/11] cleanup integration test --- .../roles/ec2_asg/tasks/create_update_delete.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml index 5cd376e1edf..4aa0f5d42a3 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml @@ -587,7 +587,8 @@ protected_from_scale_in: true register: output - - ansible.builtin.assert: + - name: Assert ASG created + ansible.builtin.assert: that: - output.changed == true @@ -596,10 +597,12 @@ name: "{{ resource_prefix }}-asg" protected_from_scale_in: false register: modified_output - - ansible.builtin.assert: + + - name: Assert ASG modification + ansible.builtin.assert: that: - protected_from_scale_in.changed == true - name: Destroy asg amazon.aws.autoscaling_group: name: "{{ resource_prefix }}-asg" - state: absent \ No newline at end of file + state: absent From a8c5dcc046ecbe318988ea62d9964bcb92fdb9cc Mon Sep 17 00:00:00 2001 From: Brayden White <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 01:23:59 -0500 Subject: [PATCH 06/11] change to two back ticks Co-authored-by: Mark Chappell --- .../fragments/2207_scale_in_protection_auto_scaling_group.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml index ceb6eea14d7..816bb307dd2 100644 --- a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml +++ b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml @@ -1,2 +1,2 @@ minor_changes: - - autoscaling_group: Added a boolean parameter `protected_from_scale_in` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207) + - autoscaling_group: Added a boolean parameter ``protected_from_scale_in`` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207) From efd32222160847541bf533fd7316926d92a1c1e3 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 29 Aug 2024 19:51:37 -0500 Subject: [PATCH 07/11] Try removing deletion --- .vscode/settings.json | 3 +++ .../roles/ec2_asg/tasks/create_update_delete.yml | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000000..35401360d3a --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "ansible.python.interpreterPath": "/usr/bin/python3.12" +} \ No newline at end of file diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml index 4aa0f5d42a3..8d258a7d206 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml @@ -602,7 +602,3 @@ ansible.builtin.assert: that: - protected_from_scale_in.changed == true - - name: Destroy asg - amazon.aws.autoscaling_group: - name: "{{ resource_prefix }}-asg" - state: absent From 402c992e03834a4801b8358314888612bb174e08 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Sat, 31 Aug 2024 10:42:05 -0500 Subject: [PATCH 08/11] try n fix assert --- .../roles/ec2_asg/tasks/create_update_delete.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml index 8d258a7d206..0c11b55ec96 100644 --- a/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml +++ b/tests/integration/targets/autoscaling_group/roles/ec2_asg/tasks/create_update_delete.yml @@ -590,7 +590,7 @@ - name: Assert ASG created ansible.builtin.assert: that: - - output.changed == true + - output.changed == true or (output.changed == false and output.protected_from_scale_in == true) - name: Disable instance protection from asg amazon.aws.autoscaling_group: From 867c7c66b6ad1d2e9500b32721f959a462ff7b2b Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Mon, 2 Sep 2024 14:03:10 +0200 Subject: [PATCH 09/11] Minor tweaks Signed-off-by: Alina Buzachis --- .vscode/settings.json | 3 --- .../2207_scale_in_protection_auto_scaling_group.yml | 2 +- plugins/modules/autoscaling_group.py | 10 +++++++++- 3 files changed, 10 insertions(+), 5 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 35401360d3a..00000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "ansible.python.interpreterPath": "/usr/bin/python3.12" -} \ No newline at end of file diff --git a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml index 816bb307dd2..ca7c40c7403 100644 --- a/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml +++ b/changelogs/fragments/2207_scale_in_protection_auto_scaling_group.yml @@ -1,2 +1,2 @@ minor_changes: - - autoscaling_group: Added a boolean parameter ``protected_from_scale_in`` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207) + - autoscaling_group - Added a boolean parameter ``protected_from_scale_in`` to toggle protection from scale-in. This allows users to enable or disable scale-in protection for instances in an autoscaling group. (https://github.com/ansible-collections/amazon.aws/pull/2207) diff --git a/plugins/modules/autoscaling_group.py b/plugins/modules/autoscaling_group.py index 91f7f6cad3c..f3d91bb4db6 100644 --- a/plugins/modules/autoscaling_group.py +++ b/plugins/modules/autoscaling_group.py @@ -233,6 +233,7 @@ - If V(true), instances will have scale-in protection enabled. type: bool default: false + version_added: 8.2.0 tags: description: - A list of tags to add to the Auto Scale Group. @@ -1579,7 +1580,14 @@ def replace(connection): # This should get overwritten if the number of instances left is less than the batch size. as_group = describe_autoscaling_groups(connection, group_name)[0] - update_size(connection, as_group, max_size + batch_size, min_size + batch_size, desired_capacity + batch_size, protected_from_scale_in) + update_size( + connection, + as_group, + max_size + batch_size, + min_size + batch_size, + desired_capacity + batch_size, + protected_from_scale_in, + ) if wait_for_instances: wait_for_new_inst(connection, group_name, wait_timeout, as_group["MinSize"] + batch_size, "viable_instances") From d34bdf2bd390f201773d45d7ad53b1b808ab3306 Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 12 Sep 2024 20:28:07 -0500 Subject: [PATCH 10/11] added to dict --- plugins/modules/autoscaling_group.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/modules/autoscaling_group.py b/plugins/modules/autoscaling_group.py index f3d91bb4db6..0b983bd6de1 100644 --- a/plugins/modules/autoscaling_group.py +++ b/plugins/modules/autoscaling_group.py @@ -1371,6 +1371,7 @@ def create_autoscaling_group(connection): MinSize=min_size, MaxSize=max_size, DesiredCapacity=desired_capacity, + NewInstancesProtectedFromScale=protected_from_scale_in, HealthCheckGracePeriod=health_check_period, HealthCheckType=health_check_type, DefaultCooldown=default_cooldown, From 22c9102060a5cfe67328e253b4c6fb8269156aba Mon Sep 17 00:00:00 2001 From: braydencw1 <50538489+braydencw1@users.noreply.github.com> Date: Thu, 3 Oct 2024 00:20:01 -0500 Subject: [PATCH 11/11] typo --- plugins/modules/autoscaling_group.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/plugins/modules/autoscaling_group.py b/plugins/modules/autoscaling_group.py index 0b983bd6de1..f1bd7e17e91 100644 --- a/plugins/modules/autoscaling_group.py +++ b/plugins/modules/autoscaling_group.py @@ -876,6 +876,7 @@ def get_properties(autoscaling_group): properties["termination_policies"] = autoscaling_group.get("TerminationPolicies") properties["target_group_arns"] = autoscaling_group.get("TargetGroupARNs") properties["vpc_zone_identifier"] = autoscaling_group.get("VPCZoneIdentifier") + properties['protected_from_scale_in'] = autoscaling_group.get('NewInstancesProtectedFromScaleIn') raw_mixed_instance_object = autoscaling_group.get("MixedInstancesPolicy") if raw_mixed_instance_object: properties["mixed_instances_policy_full"] = camel_dict_to_snake_dict(raw_mixed_instance_object) @@ -1207,7 +1208,8 @@ def create_autoscaling_group(connection): ag["TargetGroupARNs"] = target_group_arns if max_instance_lifetime: ag["MaxInstanceLifetime"] = max_instance_lifetime - + if protected_from_scale_in: + ag['NewInstancesProtectedFromScaleIn'] launch_object = get_launch_object(connection, ec2_connection) if "LaunchConfigurationName" in launch_object: ag["LaunchConfigurationName"] = launch_object["LaunchConfigurationName"] @@ -1371,7 +1373,7 @@ def create_autoscaling_group(connection): MinSize=min_size, MaxSize=max_size, DesiredCapacity=desired_capacity, - NewInstancesProtectedFromScale=protected_from_scale_in, + NewInstancesProtectedFromScaleIn=protected_from_scale_in, HealthCheckGracePeriod=health_check_period, HealthCheckType=health_check_type, DefaultCooldown=default_cooldown,