Contact UsGet started

Maintenance policy management

Written by
Updated at February 12, 2025

To enable and configure a VM maintenance policy, follow these steps:

  1. Create a VM with a configured maintenance policy.
  2. Check maintenance event handling.
  3. Connect to the VM via SSH.
  4. Create a script to track VM maintenance events.
  5. Simulate a VM maintenance event.
  6. Optionally, change the VM maintenance policy type.

Create a VM with a configured maintenance policy

Create a VM with maintenance policies:

FOLDER_ID=$(yc config get folder-id)

yc compute instance create --name mnt-vm1 --hostname mnt-vm1\
  --folder-id $FOLDER_ID \
  --zone ru-central1-a \
  --create-boot-disk image-folder-id=standard-images,image-family=ubuntu-2204-lts \
  --cores=2 --memory=4G --core-fraction=100 \
  --network-interface subnet-name=default-ru-central1-a,ipv4-address=auto,nat-ip-version=ipv4 \
  --ssh-key ~/.ssh/id_ed25519.pub \
  --maintenance-policy restart \
  --maintenance-grace-period 1m

  1. Create a Terraform manifest named mnt-vm.tf:

    terraform {
  required_providers {
    yandex = {
      source  = "yandex-cloud/yandex"
      version = "~> 0.105.0"
    }
  }
}

variable "folder_id" {
  type = string
}

data "yandex_compute_image" "vm_image" {
  family = "ubuntu-2204-lts"
}

data "yandex_vpc_subnet" "vm_subnet" {
  folder_id = var.folder_id
  name      = "default-ru-central1-a"
}

resource "yandex_compute_instance" "vm_instance" {
  name                     = "mnt-vm1"
  folder_id                = var.folder_id
  hostname                 = "mnt-vm1"
  zone                     = "ru-central1-a"
  maintenance_policy       = "restart" # restart| migrate | unspecified
  maintenance_grace_period = "1m"

  resources {
    cores  = 2
    memory = 4
  }

  boot_disk {
    initialize_params {
      image_id = data.yandex_compute_image.vm_image.id
    }
  }

  network_interface {
    subnet_id = data.yandex_vpc_subnet.vm_subnet.id
    nat       = true
  }

  metadata = {
    ssh-keys = "ubuntu:${file("~/.ssh/id_ed25519.pub")}"
  }
}

  2. Apply the Terraform manifest:

    export YC_TOKEN=$(yc iam create-token)
export TF_VAR_folder_id=$(yc config get folder-id)

terraform init
terraform apply

Check maintenance event handling

You can use the CLI to check the maintenance policy configuration for your VM after it is created. Run this command:

yc compute instance get --name=mnt-vm1 --format=json | grep maintenance

Expected result:

  "maintenance_policy": "RESTART",
  "maintenance_grace_period": "60s"

Connect to the VM via SSH

Get the VM IP address and save it to a variable, then connect to the VM via SSH with your username:

VM_IP=$(yc compute instance get --name=mnt-vm1 --format=json | jq -r '.network_interfaces[0].primary_v4_address.one_to_one_nat.address')

ssh <username>@$VM_IP

Create a script to track VM maintenance events

Create a file named mnt-pol.sh and paste the following code into it:

#!/bin/bash

while true
do
  echo -n `date`" : "
  curl \
    --silent \
    --header Metadata-Flavor:Google http://metadata.google.internal/computeMetadata/v1/instance/maintenance-event
  echo
  sleep 1
done

Run the script:

chmod u+x mnt-pol.sh
./mnt-pol.sh

Simulate a VM maintenance event

Simulate a maintenance event using the CLI. Run this command:

yc compute instance simulate-maintenance-event --name=mnt-vm1

Make sure the terminal output includes the event:

yc-user@mnt-vm1:~$ ./mnt-pol.sh
Tue Jan 16 14:14:40 UTC 2024 : NONE
Tue Jan 16 14:14:41 UTC 2024 : NONE
...
Tue Jan 16 14:23:38 UTC 2024 : NONE
Tue Jan 16 14:23:39 UTC 2024 : TERMINATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:23:40 UTC 2024 : TERMINATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:23:41 UTC 2024 : TERMINATE_ON_HOST_MAINTENANCE
...
Tue Jan 16 14:24:48 UTC 2024 : TERMINATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:24:49 UTC 2024 : NONE

Change the VM maintenance policy type

You can change the VM maintenance policy type by specifying a new value for the --maintenance-policy parameter through the following command:

yc compute instance update --name=mnt-vm1 --maintenance-policy=migrate

Simulate a maintenance event using the CLI:

yc compute instance simulate-maintenance-event --name=mnt-vm1

Run the script again and make sure the policy has changed:

yc-user@mnt-vm1:~$ ./mnt-pol.sh
Tue Jan 16 14:32:09 UTC 2024 : NONE
Tue Jan 16 14:32:10 UTC 2024 : NONE
...
Tue Jan 16 14:32:23 UTC 2024 : MIGRATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:32:24 UTC 2024 : MIGRATE_ON_HOST_MAINTENANCE
...
Tue Jan 16 14:33:23 UTC 2024 : MIGRATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:33:24 UTC 2024 : MIGRATE_ON_HOST_MAINTENANCE
Tue Jan 16 14:33:25 UTC 2024 : NONE
Previous
Changing VM security groups
Next
Configuring VM access permissions