Add Scheduler Sleep

Instructions for Enabling Sleep Functionality for the InsightCloudSec Internal Scheduler

🚧

INTERNAL NOTE

The content on this page is deprecated per our Production Services team. If you have questions regarding this content reach out to the Docs team through Slack.

📘

Value Names (DivvyCloud vs. InsightCloudSec)

Some components use our former product name (DivvyCloud vs. InsightCloudSec). Updates to the naming of these components will be communicated when changes are made, but note that the name difference does not affect functionality within the product.

The following documentation provides details on enabling scheduler sleep on InsightCloudSec (for versions 20.5.0 and newer). This feature allows users to upgrade InsightCloudSec without manually scaling down to an old version.

Details are included for ECS based deployments using Terraform and CFT, and Docker on EC2-based Deployments for Terraform and CFT. For any questions or issues reach out to us through support.

Note: The content/steps provided on this page apply to self-hosted customers. For hosted customers we recommend that you contact your CSM or through the Customer Support Portal with any questions or concerns.

Configuring ECS based deployments

Terraform

1. Edit your main template and locate the locals / environment section:

locals {
    environment = [
{
    name  = "VIRTUAL_ENV"
    value = "/"
},
{
    name  = "DIVVY_REDIS_HOST"
    value = "${aws_elasticache_replication_group.DivvyCloud-Redis-RG.primary_endpoint_address}"
},
...
...
...
{
    name  = "DIVVY_SECRET_DB_NAME"
    value = "divvykeys"
},
{
    name  = "DIVVY_SECRETS_PROVIDER_CONFIG"
    value = "AWSAssumeRole,region=${var.region},secret_name=${aws_secretsmanager_secret.divvycloud-credentials.name}"
}
    ]
}

2. Add a new local environment variable (SCHEDULER_SLEEP) that will only be applied to the scheduler.

locals {
  environment = [
    {
      name = "VIRTUAL_ENV"
      value = "/"
    },
    {
      name = "DIVVY_REDIS_HOST"
      value = var.redis-endpoint
    },
    ...
    ...
    ...
    {
      name = "DIVVY_SECRET_DB_NAME"
      value = "divvykeys"
    },
    {
      name = "DIVVY_SECRETS_PROVIDER_CONFIG"
      value = "AWSAssumeRole,region=${var.region},secret_name=${var.db_secret}"
    }
  ]
  scheduler_environment = [
  {
    name = "SCHEDULER_SLEEP"
    value = "180"
  }
  ]
}

3. Update the environment parameter for scheduler task definition to use the new environment variable:

resource "aws_ecs_task_definition" "scheduler" {
...
...
...
environment = local.environment
...
...
...
}

Becomes

resource "aws_ecs_task_definition" "scheduler" {
...
...
...
environment = concat(local.environment, local.scheduler_environment)
...
...
...
}

4. Apply the Terraform and ensure all schedulers have restarted to complete the change.

Cloud Formation Template

1. Edit the main template and locate the Environment in the schedulerTask section:

schedulerTask:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      Family: 'scheduler'
      TaskRoleArn: 
        Fn::ImportValue: !Sub '${ParameterIAMStackName}-DivvyCloudStandardRoleARN'   
      ExecutionRoleArn: 
        Fn::ImportValue: !Sub '${ParameterIAMStackName}-AmazonECSTaskExecutionRoleARN'
      Cpu: '256'
      Memory: '512'
      NetworkMode: awsvpc
      RequiresCompatibilities:
        - FARGATE
      ContainerDefinitions:
        # scheduler
        - Image: !Ref ParameterDivvyCloudVersion
          Name: scheduler
          Environment:
            - Name: DIVVY_REDIS_SSL_ENABLED
              Value: true
            - Name: VIRTUAL_ENV
              Value: /
            - Name: DIVVY_ENV
              Value: prod
            - Name: DIVVY_DB_NAME
              Value: !FindInMap [Vars, db, name]
            - Name: DIVVY_SECRET_DB_NAME
              Value: !FindInMap [Vars, db, secureName]
            - Name: DIVVY_SECRETS_PROVIDER_CONFIG
              Value: !Join

2. Add a new environment variable (SCHEDULER_SLEEP) that will only be applied to the scheduler.

schedulerTask:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      Family: 'scheduler'
      TaskRoleArn: 
        Fn::ImportValue: !Sub '${ParameterIAMStackName}-DivvyCloudStandardRoleARN'   
      ExecutionRoleArn: 
        Fn::ImportValue: !Sub '${ParameterIAMStackName}-AmazonECSTaskExecutionRoleARN'
      Cpu: '256'
      Memory: '512'
      NetworkMode: awsvpc
      RequiresCompatibilities:
        - FARGATE
      ContainerDefinitions:
        # scheduler
        - Image: !Ref ParameterDivvyCloudVersion
          Name: scheduler
          Environment:
            - Name: DIVVY_REDIS_SSL_ENABLED
              Value: true
            - Name: VIRTUAL_ENV
              Value: /
            - Name: DIVVY_ENV
              Value: prod
            - Name: DIVVY_DB_NAME
              Value: !FindInMap [Vars, db, name]
            - Name: DIVVY_SECRET_DB_NAME
              Value: !FindInMap [Vars, db, secureName]
            - Name: DIVVY_SECRETS_PROVIDER_CONFIG
              Value: !Join
            - Name: "SCHEDULER_SLEEP"
              Value: "180"

3. Apply the updated CFT to your deployment and ensure all schedulers have restarted to complete the change.

Configuring Docker on EC2-based Deployments

Terraform

1. Scheduler/UI: Find the "user-data" local variable for the scheduler in your terraform file. We want to update the existing user-data to use the latest version of docker-compose.yml

- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml -O /divvycloud/docker-compose.yml
- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/prod-sm.env -O /divvycloud/prod.env

Becomes

- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml -O /divvycloud/docker-compose-v4.yml
- mv docker-compose-v4.yml /divvycloud/docker-compose.yml
- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/prod-sm.env -O /divvycloud/prod.env

2. Worker: Find the "user-data" local variable for the workers in your terraform file. Update the existing user-data to use the latest version of docker-compose.yml.

- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml -O /divvycloud/docker-compose.yml
- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/prod-sm.env -O /divvycloud/prod.env

Becomes

- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml -O /divvycloud/docker-compose-v4.yml
- mv docker-compose-v4.yml /divvycloud/docker-compose.yml
- wget -q https://s3.amazonaws.com/get.divvycloud.com/compose/prod-sm.env -O /divvycloud/prod.env

3. Apply the Terraform and ensure all of your ec2 instances have been recreated.

Cloud Formation Template

1. Scheduler/UI: Find the userdata for the scheduler in your Compute CFT file. We want to update the existing user-data to use the latest version of docker-compose.yml.

- curl -O https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml
- mv docker-compose.cw.yml /divvycloud/docker-compose.yml
- sed -i '47,$d' /divvycloud/docker-compose.yml

Becomes

- curl -O https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose-v4.yml
- mv docker-compose-v4.yml /divvycloud/docker-compose.yml
- sed -i '48,$d' /divvycloud/docker-compose.yml

2. Worker: Find the userdata for the workers in your Compute CFT file. We want to update the existing user-data to use the latest version of docker-compose.yml.

- curl -O https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose.cw.yml
- mv docker-compose.cw.yml /divvycloud/docker-compose.yml
...
...
...
- sed -i '3,47d' /divvycloud/docker-compose.yml

Becomes

- curl -O https://s3.amazonaws.com/get.divvycloud.com/compose/docker-compose-v4.yml
- mv docker-compose-v4.yml /divvycloud/docker-compose.yml
...
...
...
- sed -i '3,48d' /divvycloud/docker-compose.yml

3. Apply the CFT and ensure all of your ec2 instances have been recreated.


Did this page help you?