Created
March 20, 2013 22:41
-
-
Save kixorz/5209217 to your computer and use it in GitHub Desktop.
Running cron jobs in AWS Auto Scaling group is tricky. When you deploy the same code and configuration to all instances in the group, cron job would run on all of them. You may not want that. This script detects the first instance in the group and allows only this instance to run the job. IAM user used by this script needs to have permissions to…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'syslog' | |
| require 'net/http' | |
| require 'aws-sdk' | |
| Syslog.open | |
| AWS.config({ | |
| :access_key_id => '<iam user key>', | |
| :secret_access_key => '<iam user secret>' | |
| }) | |
| metadata_endpoint = 'http://169.254.169.254/latest/meta-data/' | |
| instance_id = Net::HTTP.get( URI.parse( metadata_endpoint + 'instance-id' ) ) | |
| auto_scaling = AWS::AutoScaling.new | |
| auto_scaling.groups.each { |group| | |
| instance = group.ec2_instances.filter('instance-state-name', 'running').first | |
| if( instance.instance_id == instance_id ) | |
| command = ARGV * ' ' | |
| Syslog.alert( 'running cron on ' + instance_id + ': ' + command ) | |
| `#{command}` | |
| end | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| source "/usr/local/rvm/scripts/rvm" | |
| cd "$(dirname "$0")" | |
| ./aws_autoscaling_cron.rb "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Statement": [ | |
| { | |
| "Action": [ | |
| "autoscaling:DescribeAutoScalingGroups", | |
| "autoscaling:DescribeAutoScalingInstances", | |
| "ec2:DescribeInstanceAttribute", | |
| "ec2:DescribeInstanceStatus", | |
| "ec2:DescribeInstances" | |
| ], | |
| "Effect": "Allow", | |
| "Resource": [ | |
| "*" | |
| ] | |
| } | |
| ] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #run a command every day at midnight | |
| 0 0 * * * ubuntu /aws_autoscaling_cron.sh <command> <parameters> > /dev/null 2> /dev/null |
Author
kixorz
commented
May 6, 2020
via email
You may need to change the username to ec2-user.
…On Wed, May 6, 2020 at 1:55 AM hetul99 ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
I am running this on Amazon Linux EC2. Will I need to change anything in
crontab commands? Also what to pass in and in crontab?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://gist.github.com/5209217#gistcomment-3292050>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEFQWR3K27GZSQ4M27RKWTRQECUVANCNFSM4M2FXB5A>
.
I have configured everything accordingly still showing me following error in /var/spool/mail/ec2-user
/aws_autoscaling_cron.sh: line 4: ./aws_autoscaling_cron.rb: Permission denied
I have used my user's Acces key and Secret access key also with required permission. But still showing this error.
Try chmod +x ./aws_autoscaling_cron.rb
That file has to be executable.
…On Thu, May 7, 2020 at 12:24 AM hetul99 ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
I have configured everything accordingly still showing me following error
in /var/spool/mail/ec2-user
/aws_autoscaling_cron.sh: line 4: ./aws_autoscaling_cron.rb: Permission
denied
I have used my user's Acces key and Secret access key also with required
permission. But still showing this error.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://gist.github.com/5209217#gistcomment-3293715>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEFQWWIYSBTYRKJLEW3PW3RQJAZPANCNFSM4M2FXB5A>
.
Tried. Still showing the same error !! Also when I am running ruby aws_autoscaling_cron.rb it is showing the following error:
/usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- aws-sdk (LoadError) from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in require'
from aws_autoscaling_cron.rb:4:in `
I tried to download ruby SDK from following command sudo gem install aws-sdk but it seems that package is not being found and so not getting downloaded. Can this be the reason?(I think Access denied permission should not be shown for this sdk missing error)
It's been a while since I wrote this script. The logic should still work,
you need to update the aws-sdk gem or install it in the system or under
ec2-user.
…On Thu, May 7, 2020 at 8:01 AM hetul99 ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
Tried. Still showing the same error !! Also when I am running ruby
aws_autoscaling_cron.rb it is showing the following error: ```
/usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in require':
cannot load such file -- aws-sdk (LoadError) from
/usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in require'
from aws_autoscaling_cron.rb:4:in `
'
I tried to download ruby SDK from following command `sudo gem install aws-sdk` but it seems that package is not being found and so not getting downloaded. Can this be the reason?(I think Access denied permission should not be shown for this sdk missing error)
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://gist.github.com/5209217#gistcomment-3294269>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEFQWSK47UHRDP7SIOR3BDRQKWLXANCNFSM4M2FXB5A>
.
Just in case anyone else finds this useful - I didn't want to install Ruby on an instance, and so ported the logic to bash (requiring the same IAM policy).
/opt/asg-cron.sh
#!/bin/bash
# Collect some information about this instance
MY_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
MY_REGION=$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed 's/.$//')
MY_ASG=$(aws autoscaling describe-auto-scaling-instances --region $MY_REGION --instance-ids $MY_ID --query "AutoScalingInstances[].AutoScalingGroupName" --output text)
# Query the ASG
FIRST_ID=$(aws autoscaling describe-auto-scaling-groups --region $MY_REGION --auto-scaling-group-name $MY_ASG --query "AutoScalingGroups[].Instances[0].InstanceId" --output text)
if [ "$FIRST_ID" == "$MY_ID" ]; then
exit 0
else
exit 1
fiThen in a CRON, you can configure:
* * * * * /bin/bash /opt/asg-cron.sh && /path/to/your/cron/task --and params
Prerequisites:
- The
curlandawsbinaries are installed and executable. (You might need to update the paths for your system)- The configured EC2 Instance Profile uses an IAM role with the correct policy attached
- ...or
~/.aws/configcontains credentials for an IAM user or role which has the correct policy attached
Thanks @leytonreed -- for anyone else who ran into an issue with the bash script, your auto scaling group name may have spaces in it. You'll want to wrap $MY_ASG in quotes:
FIRST_ID=$(aws autoscaling describe-auto-scaling-groups --region $MY_REGION --auto-scaling-group-name "${MY_ASG}" --query "AutoScalingGroups[].Instances[0].InstanceId" --output text)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment