#!/bin/bash # inspired by https://stackoverflow.com/questions/45020323/ecs-asg-scaling-down-policy-recommendations # needs jq, awscli, root, IAM autoscaling:DescribeAutoScalingInstances, SetInstanceProtection echo "--------------------------------" echo "[$(date)] Starting script " set -x ## self EC2 instance ID instance_id=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) ## self region az=$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone) region=${az:0:${#az} - 1} ## self ASG ID asg_name=$(aws autoscaling describe-auto-scaling-instances --region $region --instance-ids $instance_id | jq .AutoScalingInstances[].AutoScalingGroupName -r) ## number of containers running (except ecs-agent and dd-agent) containers_running=$(docker ps --format "{{.Image}}" | grep -v "amazon/amazon-ecs-agent" | grep -v "datadog/docker-dd-agent" | wc -l) ## current protection state scale_protection=$(aws autoscaling describe-auto-scaling-instances --region ${region} --instance-ids ${instance_id} | jq '.AutoScalingInstances[].ProtectedFromScaleIn' -r) if [ ${containers_running} -ge 1 ]; then if [ ${scale_protection} == "true" ]; then echo "Containers are running and scale protection is on. Doing nothing." else aws autoscaling set-instance-protection --region ${region} --instance-ids ${instance_id} --auto-scaling-group-name ${asg_name} --protected-from-scale-in echo "Containers are running and scale protection is off. Enabling scale-in protection" fi elif [ ${containers_running} == 0 ]; then if [ ${scale_protection} == "true" ]; then echo "No containers running and scale protection is on. Disabling scale-in protection." aws autoscaling set-instance-protection --region ${region} --instance-ids ${instance_id} --auto-scaling-group-name ${asg_name} --no-protected-from-scale-in else echo "No containers running and scale protection is off. Doing nothing." fi fi set +x echo "[$(date)] Script finished running successfully." echo "--------------------------------" echo