Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Prepare janitor for initial version #4

Merged
merged 3 commits into from
Apr 9, 2024
Merged

✨ Prepare janitor for initial version #4

merged 3 commits into from
Apr 9, 2024

Conversation

salasberryfin
Copy link
Contributor

@salasberryfin salasberryfin commented Feb 29, 2024
edited
Loading

Description

This PR adds new functionalities and refactors the rules for deletion:

  • ignore-tag input parameter: name of the tag that indicates a resource should not be deleted. If not provided, it uses a sensible default janitor-ignore.
  • ttl is no longer used for deletion since janitor now manages deletion of resources that do not have a creation time associated with them. The new approach is mark and delete: the initial execution will mark (using tag aws-janitor/marked-for-deletion) for future deletion on all resources that do not have an ignore tag. Next execution will apply deletion on marked resources.
  • Supported resources are (in this strict order): EKS Clusters, Auto Scaling Groups, Load Balancers, Security Groups, CloudFormation Stacks. This order is required because of dependencies between resources.

In some specific scenarios, intermittent failures may occur due to dependent resources but these should be fixed in subsequent iterations.

Comments

After this PR is merged, we'll need to add the janitor to the existing GitHub Action.

Deletion of Security Groups is required for VPC to be deleted from the CloudFormation stack. AWS seems to be slow to delete Security Groups and ingress/egress rules, which can make one Security Group dependent on another. Since there's no way in the SDK to wait for SGs to be deleted, there needs to be a Sleep added between triggered deletions. The number of SGs should always be manageable so this is not expected to noticeably affect time of execution.

@salasberryfin salasberryfin force-pushed the janitor-initial-version branch from a78f59d to 1ee6a54 Compare February 29, 2024 10:45
@salasberryfin salasberryfin changed the title Janitor initial version ✨ Prepare janitor for initial version Feb 29, 2024
@salasberryfin salasberryfin mentioned this pull request Feb 29, 2024
Closed
4 tasks
@salasberryfin salasberryfin force-pushed the janitor-initial-version branch 5 times, most recently from 3d0873d to e23c05b Compare March 1, 2024 14:08
@salasberryfin
feat: use mark and delete instead of ttl
fc7988c 
Signed-off-by: Carlos Salas <carlos.salas@suse.com>
@salasberryfin
feat: add cleanup for other resources
7de4ba6 
clouformation stacks, load balancers and security groups

Signed-off-by: Carlos Salas <carlos.salas@suse.com>
@salasberryfin
docs: update readme
c7d8849 
Signed-off-by: Carlos Salas <carlos.salas@suse.com>
@salasberryfin salasberryfin force-pushed the janitor-initial-version branch from ff49900 to c7d8849 Compare March 4, 2024 18:17
This was referenced Mar 4, 2024
Closed
Merged
@salasberryfin salasberryfin requested a review from a team March 5, 2024 08:13
@cpinjani cpinjani mentioned this pull request Mar 19, 2024
Merged
1 task
@salasberryfin salasberryfin merged commit 68a6919 into rancher:main Apr 9, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richardcase richardcase richardcase approved these changes

@mbologna mbologna mbologna approved these changes

@furkatgofurov7 furkatgofurov7 furkatgofurov7 approved these changes

Assignees
No one assigned
Labels
kind/feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@salasberryfin @richardcase @mbologna @furkatgofurov7