Updating an instance group under load
Using this step-by-step guide, you will configure an instance group and check its operation when updating the configuration. To do this:
- Prepare your cloud.
- Prepare the environment.
- Create an instance group from a Container Optimized Image.
- Create a load on an instance.
- Update the instance group under load.
- Stop the load and get the results.
If you no longer need the resources you created, delete them.
Prepare your cloud
-
If you don't have the Yandex Cloud command line interface yet, install it.
-
For the scripts from the tutorial to run correctly, download and install the jq
utility. -
To check auto scaling, install the wrk
benchmarking tool.
Required paid resources
The cost of support for the Yandex Cloud instance group includes a fee for:
- Disks and continuously running VMs: Yandex Compute Cloud pricing.
- Using a dynamic or static public IP address: Yandex Virtual Private Cloud pricing.
Prepare the environment
-
Create a service account named
for-load
and assign it theeditor
role:Management consoleCLIAPI- In the management console
, select the folder where you want to create your service account. - In the list of services, select Identity and Access Management.
- Click Create service account.
- In the Name field, specify
for-load
. - Click
Add role and select theeditor
role. - Click Create.
-
Create a service account:
The folder specified in the CLI profile is used by default. You can specify a different folder using the
--folder-name
or--folder-id
parameter.yc iam service-account create --name for-load
Command result:
id: ajeab0cnib1p******** folder_id: b0g12ga82bcv******** created_at: "2021-02-09T17:31:32.561702Z" name: for-load
-
Assign the role to the service account:
yc resource-manager folder add-access-binding b0g12ga82bcv******** \ --role editor \ --subject serviceAccount:ajeab0cnib1p********
- Create a service account named
for-load
:
Use the create REST API method for the ServiceAccount resource or the ServiceAccountService/Create gRPC API call. - Assign the service account the
editor
role for the current folder:
Use the setAccessBindings REST API method for the Folder resource or the FolderService/SetAccessBindings gRPC API call.
- In the management console
-
Create a network named
yc-auto-network
and subnets in two availability zones:Management consoleCLIAPI- In the management console
, select the folder where you want to create a network. - In the list of services, select Virtual Private Cloud.
- Click Create network.
- In the Name field, specify
yc-auto-network
. - Select Create subnets.
- Click Create network.
-
Create a network:
yc vpc network create --name yc-auto-network
Command result:
id: enpabce123hd******** folder_id: b0g12ga82bcv******** created_at: "2021-02-09T17:33:32.561702Z" name: yc-auto-network
-
Create a subnet in the
ru-central1-a
availability zone:yc vpc subnet create --network-id enpabce123hd******** --range 192.168.1.0/24 --zone ru-central1-a
Command result:
id: e1lnabc23r1c******** folder_id: b0g12ga82bcv******** created_at: "2021-02-09T17:34:32.561702Z" network_id: enpabce123hd******** zone_id: ru-central1-a v4_cidr_blocks: - 192.168.1.0/24
-
Create a subnet in the
ru-central1-b
availability zone:yc vpc subnet create --network-id enpabce123hd******** --range 192.168.2.0/24 --zone ru-central1-b
Command result:
id: b1csa2b3clid******** folder_id: b0g12ga82bcv******** created_at: "2021-02-09T17:35:32.561702Z" network_id: enpabce123hd******** zone_id: ru-central1-b v4_cidr_blocks: - 192.168.2.0/24
- Create a network:
Use the create REST API method for the Network resource or the NetworkService/Create gRPC API call. - Create subnets in the
ru-central1-a
andru-central1-b
availability zones:
Use the create REST API method for the Subnet resource or the SubnetService/Create gRPC API call.
- In the management console
Create an instance group from a Container Optimized Image
-
All instance groups are created from Container Optimized Image. Each instance contains a Docker container running a web server that emulates the service utilization.
Management consoleCLIAPI- In the management console
, select a folder to host your instance group. - In the list of services, select Compute Cloud.
- In the left-hand panel, select
Instance groups. - Click Create group of virtual machines.
- Under Basic parameters:
- In the Name field, specify
group-for-load
. - Select Service account
for-load
.
- In the Name field, specify
- Under Allocation, select
ru-central1-a
andru-central1-b
in the Availability zone field. - Under Instance template, click Define and do the following in the window that opens:
- Under Boot disk image, select the Container Solution tab.
- Click Configure.
- In the Docker container settings window:
- In the Name field, specify
nginx
. - In the Docker image field, click Enter link and enter
cr.yandex/yc/demo/autoscaling-example-app:v1
. - Click Apply.
- In the Name field, specify
- Under Disks:
- For the boot disk, specify the Size of
30 GB
.
- For the boot disk, specify the Size of
- Under Network settings:
- In the Network field, select
for-load
.
- In the Network field, select
- Under Access:
- In the Service account field, select
for-load
. - In the Login field, enter the name of the user to be created on the VM.
- In the SSH key field, paste the contents of the public key file.
- In the Service account field, select
- Click Save.
- Under Allow when creating and updating:
- In the Reduce below target value field, enter
4
.
- In the Reduce below target value field, enter
- Under Scaling:
- In the Type field, select
Fixed
. - Set Size to
6
.
- In the Type field, select
- Under Integration with Network Load Balancer:
- Enable Create target group.
- In the Name of the target group field, specify
load-generator
.
- Click Create.
-
Find out the ID of the latest version of the public Container Optimized Image.
A Container Optimized Image in a Yandex Container Registry registry may be updated and changed with new releases. This will not automatically update the VM image to the latest version. To create an instance group with the latest Container Optimized Image version, you should check its availability yourself:
yc compute image get-latest-from-family container-optimized-image --folder-id standard-images
Command result:
id: fd8iv792kira******** folder_id: standard-images created_at: "2021-01-29T13:30:22Z" ... status: READY os: type: LINUX
-
Save the specification of the instance group with network load balancer to the
specification.yaml
file:name: group-for-load # The instance group name that must be unique within the folder. service_account_id: ajeab0cnib1p******** # Service account ID. allocation_policy: # VM allocation policy in the group. zones: - zone_id: ru-central1-a - zone_id: ru-central1-b instance_template: service_account_id: ajeab0cnib1p******** # ID of the service account for access to private Docker images. platform_id: standard-v1 # Platform ID. resources_spec: memory: 2G # Amount of memory (RAM). cores: 2 # Number of processor cores (vCPUs). boot_disk_spec: mode: READ_WRITE # Disk access mode (read and write). disk_spec: image_id: <ID_of_the_latest_COI_version> type_id: network-ssd # Disk type. size: 30G # Disk size. network_interface_specs: - network_id: enplhg4nncc7******** # Network ID. subnet_ids: - e1lnabc23r1c******** # Subnet ID. - b1csa2b3clid******** primary_v4_address_spec: { one_to_one_nat_spec: { ip_version: IPV4 # IPv4 specification for public access to the VM. } } metadata: # Values to be delivered to the VM metadata. docker-container-declaration: |- # Key in the VM metadata that is used with the Docker Container specification. spec: containers: - image: cr.yandex/yc/demo/autoscaling-example-app:v1 name: nginx securityContext: privileged: false restartPolicy: Always tty: false stdin: false ssh-keys: | # Parameter for sending an SSH key to the VM. yc-user:ssh-ed25519 ABC...d01 user@desktop.ru # Username for the VM connection. deploy_policy: # Deployment policy for instances in the group. max_unavailable: 4 scale_policy: # Scaling policy for instances in the group. fixed_scale: size: 6 load_balancer_spec: # Network load balancer. target_group_spec: name: load-generator
Note
You can provide an SSH key in the VM metadata using the
ssh-keys
parameter or in theuser-data
string with the user metadata. This tutorial uses the first option. -
Create an instance group named
group-for-load
using thespecification.yaml
specification:yc compute instance-group create --file=specification.yaml
Command result:
done (2m18s) id: cl0kabcquk1g******** folder_id: b0g12ga82bcv******** ... service_account_id: ajeab0cnib1p******** status: ACTIVE application_load_balancer_state: {}
-
Get the ID of the latest
container-optimized-image
version in thestandard-images
family:
Use the getLatestByFamily REST API method for the Image resource or the ImageService/GetLatestByFamily gRPC API call. -
Create an instance group based on the following specification:
name: group-for-load # The instance group name that must be unique within the folder. service_account_id: ajeab0cnib1p******** # Service account ID. allocation_policy: # VM allocation policy in the group. zones: - zone_id: ru-central1-a - zone_id: ru-central1-b instance_template: service_account_id: ajeab0cnib1p******** # ID of the service account for access to private Docker images. platform_id: standard-v1 # Platform ID. resources_spec: memory: 2G # Amount of memory (RAM). cores: 2 # Number of processor cores (vCPUs). boot_disk_spec: mode: READ_WRITE # Disk access mode (read and write). disk_spec: image_id: <ID_of_the_latest_COI_version> type_id: network-ssd # Disk type. size: 30G # Disk size. network_interface_specs: - network_id: enplhg4nncc7******** # Network ID. subnet_ids: - e1lnabc23r1c******** # Subnet ID. - b1csa2b3clid******** primary_v4_address_spec: { one_to_one_nat_spec: { ip_version: IPV4 # IPv4 specification for public access to the VM. } } metadata: # Values to be delivered to the VM metadata. docker-container-declaration: |- # Key in the VM metadata that is used with the Docker Container specification. spec: containers: - image: cr.yandex/yc/demo/autoscaling-example-app:v1 name: nginx securityContext: privileged: false restartPolicy: Always tty: false stdin: false ssh-keys: | # Parameter for sending an SSH key to the VM. yc-user:ssh-ed25519 ABC...d01 user@desktop.ru # Username for the VM connection. deploy_policy: # Deployment policy for instances in the group. max_unavailable: 4 scale_policy: # Scaling policy for instances in the group. fixed_scale: size: 6 load_balancer_spec: # Network load balancer. target_group_spec: name: load-generator
Use the createFromYaml REST API method for the InstanceGroup resource or the InstanceGroupService/CreateFromYaml gRPC API call.
- In the management console
-
Make sure that the instance group was created:
Management consoleCLIAPI- In the management console
, select the folder where you created the instance group. - In the list of services, select Compute Cloud.
- In the left-hand panel, select
Instance groups. - Click the
group-for-load
instance group name.
yc compute instance-group list-instances group-for-load
Command result:
+----------------------+---------------------------+-----------------+-------------+----------------------+----------------+ | INSTANCE ID | NAME | EXTERNAL IP | INTERNAL IP | STATUS | STATUS MESSAGE | +----------------------+---------------------------+-----------------+-------------+----------------------+----------------+ ... | fhmab0cfsfd1******** | cl0kabcquk1g********-oxig | 178.154.226.108 | 10.130.0.8 | RUNNING_ACTUAL [49m] | | | epdabchpdef0******** | cl0kabcquk1g********-aqyg | 130.193.40.55 | 10.129.0.20 | RUNNING_ACTUAL [43m] | | +----------------------+---------------------------+-----------------+-------------+----------------------+----------------+
To view the list of created instance groups, use the list REST API method for the InstanceGroup resource or the InstanceGroupService/List gRPC API call.
- In the management console
Add a network load balancer to the created instance group
-
Create a network load balancer named
load-generator
and connect it to the instance group you created:Management consoleCLIAPI- In the management console
, select the folder you want to create a load balancer in. - In the list of services, select Network Load Balancer.
- Click Create a network load balancer.
- In the Name field, specify
load-generator
. - In the Public address field, select
Auto
. - Under Listeners, click Add listener.
- In the window that opens:
- In the Name field, specify
http
. - In the Port field, enter
80
: the balancer will use this port to accept incoming traffic. - In the Target port field, enter
80
: the balancer will redirect traffic to this port. - Click Add.
- In the Name field, specify
- Under Target groups, click Add target group.
- In the Target group list, select
load-generator
. - Under Health check, click Configure:
- In the window that opens, enter the Path
/hello
: the load balancer will use this path to send health check requests to target group VMs. - Click Apply.
- In the window that opens, enter the Path
- Click Create.
-
Get the ID of the
load-generator
target group:yc load-balancer target-group get load-generator | grep "^id"
Command result:
id: enpsa475ej51********
-
Create a network load balancer:
yc load-balancer network-load-balancer create \ --name load-generator \ --listener external-ip-version=ipv4,name=http,port=80,protocol=tcp,target-port=80 \ --target-group healthcheck-http-port=80,healthcheck-http-path=/hello,target-group-id=<target_group_ID>
Command result:
done (14s) id: b0ruab1ccvpd******** folder_id: b1csa2b3clid******** ... healthy_threshold: "2" http_options: port: "80" path: /hello
- Create a load balancer using the create REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Create gRPC API call.
- Add a listener to the load balancer using the addListener REST API method for the
NetworkLoadBalancer
resource or the NetworkLoadBalancerService/AddListener gRPC API call. - Connect the target group to the load balancer using the attachTargetGroup REST API method for the
NetworkLoadBalancer
resource or the NetworkLoadBalancerService/AttachTargetGroup gRPC API call. - Add the load balancer to the instance group using the addTargets REST API method for the TargetGroup resource or the TargetGroupService/AddTargets gRPC API call.
- In the management console
-
Check that the network load balancer named
load-generator
has been created and linked to the instance group:Management consoleCLIAPI- In the management console
, select the folder where you created the load balancer. - In the list of services, select Network Load Balancer.
- Click the name of the
load-generator
network load balancer.
yc load-balancer network-load-balancer list
Command result:
+----------------------+----------------+-----------------+----------+----------------+------------------------+--------+ | ID | NAME | REGION ID | TYPE | LISTENER COUNT | ATTACHED TARGET GROUPS | STATUS | +----------------------+----------------+-----------------+----------+----------------+------------------------+--------+ | b0ruab1ccvpd******** | load-generator | ru-central1 | EXTERNAL | 1 | b0r1tabcphde******** | ACTIVE | +----------------------+----------------+-----------------+----------+----------------+------------------------+--------+
Use the list REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/List gRPC API call.
- In the management console
Create a load on an instance
-
Get the IP address of the load balancer that you created:
Management consoleCLIAPI- In the management console
, select the folder containing the load balancer. - In the list of services, select Network Load Balancer.
- Copy the IP address of the
load-generator
load balancer.
yc load-balancer network-load-balancer get load-generator | grep "address"
Command result:
address: 84.252.133.110
Use the get REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Get gRPC API call.
- In the management console
-
Run the command to create a load:
wrk -t20 -c20 -d20m --timeout 20s http://<load_balancer_IP_address>/sleep
The command will launch the
wrk
utility that will send requests to 20 threads using 20 connections to the network load balancer for 20 minutes. The request timeout is 20 seconds. The load balancer will distribute the resulting load among the VMs from the group.After you launch
wrk
, a testing start message will appear on the screen:Running 20m test @ http://84.252.133.110/sleep 20 threads and 20 connections
Proceed to the next step without waiting for the command to complete.
Update the instance group under load
- In the management console
, select the folder where you created the instance group. - Select Compute Cloud.
- In the left-hand panel, select
Instance groups. - Click the
group-for-load
instance group name. - Click
Edit. - Under Instance template, click
and select Edit.- Under Disks, enter the new disk size of
35 GB
. - Click Save.
- Under Disks, enter the new disk size of
- Click Save.
- Under VM states, you will see disk size changes for all VM instances in the group, step-by-step.
-
In the
specification.yaml
specification, enter the new disk size of 35 GB and save the file:... size: 35G ...
-
Update the instance group:
yc compute instance-group update --name=group-for-load --file=specification.yaml
Command result:
done (9m24s) id: cl10kktrjcn8******** folder_id: b1g7gvsi89m3******** ... name: load-generator service_account_id: ajehbk07uus3******** status: ACTIVE
-
In the specification, enter the new disk size of 35 GB:
... size: 35G ...
-
To update the
load-generator
instance group based on the new specification, use the updateFromYaml REST API method for the InstanceGroup resource or the InstanceGroupService/UpdateFromYaml gRPC API call.
Stop the load and get the results
Stop wrk
by pressing Ctrl + C.
Command result:
Thread Stats Avg Stdev Max +/- Stdev
Latency 10.00s 1.70ms 10.01s 68.21%
Req/Sec 0.00 0.00 0.00 100.00%
1148 requests in 17.47m, 211.89KB read
Requests/sec: 1.09
Transfer/sec: 206.94B
If there is no error line, e.g., Socket errors
, in the result, it means all requests were processed.
How to delete the resources you created
To delete the created resources:
- Delete the load balancer:
- In the management console
, select the folder you created the load balancer in. - In the list of services, select Network Load Balancer.
- To the right of the
load-generator
line, click and select Delete. - In the window that opens, click Delete.
- In the management console
- Delete the instance group:
- In the management console
, select the folder where you created the instance group. - In the list of services, select Compute Cloud.
- In the left-hand panel, select
Instance groups. - To the right of the
load-generator
line, click and select Delete. - In the window that opens, click Delete.
- In the management console
- Delete the service account:
- In the management console
, select the folder where you created the service account. - In the list of services, select Identity and Access Management.
- In the left-hand panel, select
Service accounts. - In the list that opens, click
and select Delete in the row with theyc-auto-sa
service account. - In the window that opens, click Delete.
- In the management console
- Delete the network and subnets:
- In the management console
, select the folder where you created the network and subnets. - In the list of services, select Virtual Private Cloud.
- Select the
yc-auto-network
network. - Under Subnets:
- To the right of the
yc-auto-subnet-1
line, click and select Delete. - In the window that opens, click Delete.
- Delete the
yc-auto-subnet-2
subnet as well.
- To the right of the
- In the top-right corner, click Delete.
- In the management console
Run the following commands one by one:
yc load-balancer network-load-balancer delete load-generator
yc compute instance-group delete load-generator
yc iam service-account delete yc-auto-sa
yc vpc subnet delete yc-auto-subnet-1
yc vpc subnet delete yc-auto-subnet-2
yc vpc network delete yc-auto-network
- Delete the
load-generator
load balancer using the delete REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Delete gRPC API call. - Delete the
load-generator
instance group using the delete REST API method for the InstanceGroup resource or the InstanceGroupService/Delete gRPC API call. - Delete the
yc-auto-sa
service account using the delete REST API method for the ServiceAccount resource or the ServiceAccountService/Delete gRPC API call. - Delete the
yc-auto-subnet-1
andyc-auto-subnet-2
subnets using the delete REST API method for the Subnet resource or the SubnetService/Delete gRPC API call. - Delete the
yc-auto-network
network using the delete REST API method for the Network resource or the NetworkService/Delete gRPC API call.