More questions from AWS course students.
- EC2 instances in auto scaling groups have a warmup period that you can specify (so that the EC2 instance can be fully ready to take traffic directed to it). I retold a story from another consultant about the warmup period for an ASG increasing over time (due to increasing numbers of security patches against the base AMI) and one student asked: “Can you set an alarm on instances overrunning the the warmup period?”
- Since you can create custom metrics in cloudwatch and create alarms on those, you can definitely capture the warmup period. All you’d need to do is, as the last step before an EC2 instance was fully configured, subtract the current time from the launch time (obtained via the API). Store that number as your ‘warmup’ metric and set an alert if it ever gets close to your ASG health check value, and you’ll avoid ASG thrashing.
- Update 4/6/2017: Another instructor pointed out a flaw in the above statements. Upon further research, warmup time settings only apply if you are using step scaling, and cooldown periods only apply if you are using simple scaling. They are both trying to solve similar problems–making sure that you don’t start up or shut down instances before the instances have a chance to affect the situation that triggered the Auto Scaling Group action. More on policy types.
- “Can the minimum and maximum number of instances of an ASG be changed after initial configuration?”
- Yes.
- “Can you point Amazon inspector at non aws resources? In your own data center, for example?”
- Amazon is a security tool that looks for vulnerabilities in your EC2 instances. It requires installing an agent on the instances that it will be monitoring, and thus doesn’t work outside of AWS.
Follow me on Twitter
Follow me on Blue Sky