1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
22 "git.arvados.org/arvados.git/lib/cloud"
23 "git.arvados.org/arvados.git/sdk/go/arvados"
24 "github.com/aws/aws-sdk-go/aws"
25 "github.com/aws/aws-sdk-go/aws/awserr"
26 "github.com/aws/aws-sdk-go/aws/credentials"
27 "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
28 "github.com/aws/aws-sdk-go/aws/ec2metadata"
29 "github.com/aws/aws-sdk-go/aws/request"
30 "github.com/aws/aws-sdk-go/aws/session"
31 "github.com/aws/aws-sdk-go/service/ec2"
32 "github.com/sirupsen/logrus"
33 "golang.org/x/crypto/ssh"
36 // Driver is the ec2 implementation of the cloud.Driver interface.
37 var Driver = cloud.DriverFunc(newEC2InstanceSet)
40 throttleDelayMin = time.Second
41 throttleDelayMax = time.Minute
44 type ec2InstanceSetConfig struct {
46 SecretAccessKey string
48 SecurityGroupIDs arvados.StringSet
49 SubnetID sliceOrSingleString
53 IAMInstanceProfile string
54 SpotPriceUpdateInterval arvados.Duration
57 type sliceOrSingleString []string
59 // UnmarshalJSON unmarshals an array of strings, and also accepts ""
60 // as [], and "foo" as ["foo"].
61 func (ss *sliceOrSingleString) UnmarshalJSON(data []byte) error {
64 } else if data[0] == '[' {
66 err := json.Unmarshal(data, &slice)
77 err := json.Unmarshal(data, &str)
90 type ec2Interface interface {
91 DescribeKeyPairs(input *ec2.DescribeKeyPairsInput) (*ec2.DescribeKeyPairsOutput, error)
92 ImportKeyPair(input *ec2.ImportKeyPairInput) (*ec2.ImportKeyPairOutput, error)
93 RunInstances(input *ec2.RunInstancesInput) (*ec2.Reservation, error)
94 DescribeInstances(input *ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)
95 DescribeInstanceStatusPages(input *ec2.DescribeInstanceStatusInput, fn func(*ec2.DescribeInstanceStatusOutput, bool) bool) error
96 DescribeSpotPriceHistoryPages(input *ec2.DescribeSpotPriceHistoryInput, fn func(*ec2.DescribeSpotPriceHistoryOutput, bool) bool) error
97 CreateTags(input *ec2.CreateTagsInput) (*ec2.CreateTagsOutput, error)
98 TerminateInstances(input *ec2.TerminateInstancesInput) (*ec2.TerminateInstancesOutput, error)
101 type ec2InstanceSet struct {
102 ec2config ec2InstanceSetConfig
103 currentSubnetIDIndex int32
104 instanceSetID cloud.InstanceSetID
105 logger logrus.FieldLogger
108 keys map[string]string
109 throttleDelayCreate atomic.Value
110 throttleDelayInstances atomic.Value
112 prices map[priceKey][]cloud.InstancePrice
113 pricesLock sync.Mutex
114 pricesUpdated map[priceKey]time.Time
117 func newEC2InstanceSet(config json.RawMessage, instanceSetID cloud.InstanceSetID, _ cloud.SharedResourceTags, logger logrus.FieldLogger) (prv cloud.InstanceSet, err error) {
118 instanceSet := &ec2InstanceSet{
119 instanceSetID: instanceSetID,
122 err = json.Unmarshal(config, &instanceSet.ec2config)
127 sess, err := session.NewSession()
131 // First try any static credentials, fall back to an IAM instance profile/role
132 creds := credentials.NewChainCredentials(
133 []credentials.Provider{
134 &credentials.StaticProvider{Value: credentials.Value{AccessKeyID: instanceSet.ec2config.AccessKeyID, SecretAccessKey: instanceSet.ec2config.SecretAccessKey}},
135 &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(sess)},
138 awsConfig := aws.NewConfig().WithCredentials(creds).WithRegion(instanceSet.ec2config.Region)
139 instanceSet.client = ec2.New(session.Must(session.NewSession(awsConfig)))
140 instanceSet.keys = make(map[string]string)
141 if instanceSet.ec2config.EBSVolumeType == "" {
142 instanceSet.ec2config.EBSVolumeType = "gp2"
144 return instanceSet, nil
147 func awsKeyFingerprint(pk ssh.PublicKey) (md5fp string, sha1fp string, err error) {
148 // AWS key fingerprints don't use the usual key fingerprint
149 // you get from ssh-keygen or ssh.FingerprintLegacyMD5()
150 // (you can get that from md5.Sum(pk.Marshal())
152 // AWS uses the md5 or sha1 of the PKIX DER encoding of the
153 // public key, so calculate those fingerprints here.
159 if err := ssh.Unmarshal(pk.Marshal(), &rsaPub); err != nil {
160 return "", "", fmt.Errorf("agent: Unmarshal failed to parse public key: %v", err)
162 rsaPk := rsa.PublicKey{
163 E: int(rsaPub.E.Int64()),
166 pkix, _ := x509.MarshalPKIXPublicKey(&rsaPk)
167 md5pkix := md5.Sum([]byte(pkix))
168 sha1pkix := sha1.Sum([]byte(pkix))
171 for i := 0; i < len(md5pkix); i++ {
172 md5fp += fmt.Sprintf(":%02x", md5pkix[i])
174 for i := 0; i < len(sha1pkix); i++ {
175 sha1fp += fmt.Sprintf(":%02x", sha1pkix[i])
177 return md5fp[1:], sha1fp[1:], nil
180 func (instanceSet *ec2InstanceSet) Create(
181 instanceType arvados.InstanceType,
182 imageID cloud.ImageID,
183 newTags cloud.InstanceTags,
184 initCommand cloud.InitCommand,
185 publicKey ssh.PublicKey) (cloud.Instance, error) {
187 ec2tags := []*ec2.Tag{}
188 for k, v := range newTags {
189 ec2tags = append(ec2tags, &ec2.Tag{
191 Value: aws.String(v),
196 for sg := range instanceSet.ec2config.SecurityGroupIDs {
197 groups = append(groups, sg)
200 rii := ec2.RunInstancesInput{
201 ImageId: aws.String(string(imageID)),
202 InstanceType: &instanceType.ProviderType,
203 MaxCount: aws.Int64(1),
204 MinCount: aws.Int64(1),
206 NetworkInterfaces: []*ec2.InstanceNetworkInterfaceSpecification{
208 AssociatePublicIpAddress: aws.Bool(false),
209 DeleteOnTermination: aws.Bool(true),
210 DeviceIndex: aws.Int64(0),
211 Groups: aws.StringSlice(groups),
213 DisableApiTermination: aws.Bool(false),
214 InstanceInitiatedShutdownBehavior: aws.String("terminate"),
215 TagSpecifications: []*ec2.TagSpecification{
217 ResourceType: aws.String("instance"),
220 UserData: aws.String(base64.StdEncoding.EncodeToString([]byte("#!/bin/sh\n" + initCommand + "\n"))),
223 if publicKey != nil {
224 keyname, err := instanceSet.getKeyName(publicKey)
228 rii.KeyName = &keyname
231 if instanceType.AddedScratch > 0 {
232 rii.BlockDeviceMappings = []*ec2.BlockDeviceMapping{{
233 DeviceName: aws.String("/dev/xvdt"),
234 Ebs: &ec2.EbsBlockDevice{
235 DeleteOnTermination: aws.Bool(true),
236 VolumeSize: aws.Int64((int64(instanceType.AddedScratch) + (1<<30 - 1)) >> 30),
237 VolumeType: &instanceSet.ec2config.EBSVolumeType,
241 if instanceType.Preemptible {
242 rii.InstanceMarketOptions = &ec2.InstanceMarketOptionsRequest{
243 MarketType: aws.String("spot"),
244 SpotOptions: &ec2.SpotMarketOptions{
245 InstanceInterruptionBehavior: aws.String("terminate"),
246 MaxPrice: aws.String(fmt.Sprintf("%v", instanceType.Price)),
250 if instanceSet.ec2config.IAMInstanceProfile != "" {
251 rii.IamInstanceProfile = &ec2.IamInstanceProfileSpecification{
252 Name: aws.String(instanceSet.ec2config.IAMInstanceProfile),
256 var rsv *ec2.Reservation
258 subnets := instanceSet.ec2config.SubnetID
259 currentSubnetIDIndex := int(atomic.LoadInt32(&instanceSet.currentSubnetIDIndex))
260 for tryOffset := 0; ; tryOffset++ {
262 if len(subnets) > 0 {
263 tryIndex = (currentSubnetIDIndex + tryOffset) % len(subnets)
264 rii.NetworkInterfaces[0].SubnetId = aws.String(subnets[tryIndex])
266 rsv, err = instanceSet.client.RunInstances(&rii)
267 if isErrorSubnetSpecific(err) &&
268 tryOffset < len(subnets)-1 {
269 instanceSet.logger.WithError(err).WithField("SubnetID", subnets[tryIndex]).
270 Warn("RunInstances failed, trying next subnet")
273 // Succeeded, or exhausted all subnets, or got a
274 // non-subnet-related error.
276 // We intentionally update currentSubnetIDIndex even
277 // in the non-retryable-failure case here to avoid a
278 // situation where successive calls to Create() keep
279 // returning errors for the same subnet (perhaps
280 // "subnet full") and never reveal the errors for the
281 // other configured subnets (perhaps "subnet ID
283 atomic.StoreInt32(&instanceSet.currentSubnetIDIndex, int32(tryIndex))
286 err = wrapError(err, &instanceSet.throttleDelayCreate)
291 provider: instanceSet,
292 instance: rsv.Instances[0],
296 func (instanceSet *ec2InstanceSet) getKeyName(publicKey ssh.PublicKey) (string, error) {
297 instanceSet.keysMtx.Lock()
298 defer instanceSet.keysMtx.Unlock()
299 md5keyFingerprint, sha1keyFingerprint, err := awsKeyFingerprint(publicKey)
301 return "", fmt.Errorf("Could not make key fingerprint: %v", err)
303 if keyname, ok := instanceSet.keys[md5keyFingerprint]; ok {
306 keyout, err := instanceSet.client.DescribeKeyPairs(&ec2.DescribeKeyPairsInput{
307 Filters: []*ec2.Filter{{
308 Name: aws.String("fingerprint"),
309 Values: []*string{&md5keyFingerprint, &sha1keyFingerprint},
313 return "", fmt.Errorf("Could not search for keypair: %v", err)
315 if len(keyout.KeyPairs) > 0 {
316 return *(keyout.KeyPairs[0].KeyName), nil
318 keyname := "arvados-dispatch-keypair-" + md5keyFingerprint
319 _, err = instanceSet.client.ImportKeyPair(&ec2.ImportKeyPairInput{
321 PublicKeyMaterial: ssh.MarshalAuthorizedKey(publicKey),
324 return "", fmt.Errorf("Could not import keypair: %v", err)
326 instanceSet.keys[md5keyFingerprint] = keyname
330 func (instanceSet *ec2InstanceSet) Instances(tags cloud.InstanceTags) (instances []cloud.Instance, err error) {
331 var filters []*ec2.Filter
332 for k, v := range tags {
333 filters = append(filters, &ec2.Filter{
334 Name: aws.String("tag:" + k),
335 Values: []*string{aws.String(v)},
339 dii := &ec2.DescribeInstancesInput{Filters: filters}
341 dio, err := instanceSet.client.DescribeInstances(dii)
342 err = wrapError(err, &instanceSet.throttleDelayInstances)
347 for _, rsv := range dio.Reservations {
348 for _, inst := range rsv.Instances {
349 if *inst.State.Name != "shutting-down" && *inst.State.Name != "terminated" {
350 instances = append(instances, &ec2Instance{
351 provider: instanceSet,
354 if aws.StringValue(inst.InstanceLifecycle) == "spot" {
360 if dio.NextToken == nil {
363 dii.NextToken = dio.NextToken
365 if needAZs && instanceSet.ec2config.SpotPriceUpdateInterval > 0 {
366 az := map[string]string{}
367 err := instanceSet.client.DescribeInstanceStatusPages(&ec2.DescribeInstanceStatusInput{
368 IncludeAllInstances: aws.Bool(true),
369 }, func(page *ec2.DescribeInstanceStatusOutput, lastPage bool) bool {
370 for _, ent := range page.InstanceStatuses {
371 az[*ent.InstanceId] = *ent.AvailabilityZone
376 instanceSet.logger.Warnf("error getting instance statuses: %s", err)
378 for _, inst := range instances {
379 inst := inst.(*ec2Instance)
380 inst.availabilityZone = az[*inst.instance.InstanceId]
382 instanceSet.updateSpotPrices(instances)
384 return instances, err
387 type priceKey struct {
390 availabilityZone string
393 // Refresh recent spot instance pricing data for the given instances,
394 // unless we already have recent pricing data for all relevant types.
395 func (instanceSet *ec2InstanceSet) updateSpotPrices(instances []cloud.Instance) {
396 if len(instances) == 0 {
400 instanceSet.pricesLock.Lock()
401 defer instanceSet.pricesLock.Unlock()
402 if instanceSet.prices == nil {
403 instanceSet.prices = map[priceKey][]cloud.InstancePrice{}
404 instanceSet.pricesUpdated = map[priceKey]time.Time{}
407 updateTime := time.Now()
408 staleTime := updateTime.Add(-instanceSet.ec2config.SpotPriceUpdateInterval.Duration())
410 allTypes := map[string]bool{}
412 for _, inst := range instances {
413 ec2inst := inst.(*ec2Instance).instance
414 if aws.StringValue(ec2inst.InstanceLifecycle) == "spot" {
416 instanceType: *ec2inst.InstanceType,
418 availabilityZone: inst.(*ec2Instance).availabilityZone,
420 if instanceSet.pricesUpdated[pk].Before(staleTime) {
423 allTypes[*ec2inst.InstanceType] = true
429 var typeFilterValues []*string
430 for instanceType := range allTypes {
431 typeFilterValues = append(typeFilterValues, aws.String(instanceType))
433 // Get 3x update interval worth of pricing data. (Ideally the
434 // AWS API would tell us "we have shown you all of the price
435 // changes up to time T", but it doesn't, so we'll just ask
436 // for 3 intervals worth of data on each update, de-duplicate
437 // the data points, and not worry too much about occasionally
438 // missing some data points when our lookups fail twice in a
440 dsphi := &ec2.DescribeSpotPriceHistoryInput{
441 StartTime: aws.Time(updateTime.Add(-3 * instanceSet.ec2config.SpotPriceUpdateInterval.Duration())),
442 Filters: []*ec2.Filter{
443 &ec2.Filter{Name: aws.String("instance-type"), Values: typeFilterValues},
444 &ec2.Filter{Name: aws.String("product-description"), Values: []*string{aws.String("Linux/UNIX")}},
447 err := instanceSet.client.DescribeSpotPriceHistoryPages(dsphi, func(page *ec2.DescribeSpotPriceHistoryOutput, lastPage bool) bool {
448 for _, ent := range page.SpotPriceHistory {
449 if ent.InstanceType == nil || ent.SpotPrice == nil || ent.Timestamp == nil {
453 price, err := strconv.ParseFloat(*ent.SpotPrice, 64)
459 instanceType: *ent.InstanceType,
461 availabilityZone: *ent.AvailabilityZone,
463 instanceSet.prices[pk] = append(instanceSet.prices[pk], cloud.InstancePrice{
464 StartTime: *ent.Timestamp,
467 instanceSet.pricesUpdated[pk] = updateTime
472 instanceSet.logger.Warnf("error retrieving spot instance prices: %s", err)
475 expiredTime := updateTime.Add(-64 * instanceSet.ec2config.SpotPriceUpdateInterval.Duration())
476 for pk, last := range instanceSet.pricesUpdated {
477 if last.Before(expiredTime) {
478 delete(instanceSet.pricesUpdated, pk)
479 delete(instanceSet.prices, pk)
482 for pk, prices := range instanceSet.prices {
483 instanceSet.prices[pk] = cloud.NormalizePriceHistory(prices)
487 func (instanceSet *ec2InstanceSet) Stop() {
490 type ec2Instance struct {
491 provider *ec2InstanceSet
492 instance *ec2.Instance
493 availabilityZone string // sometimes available for spot instances
496 func (inst *ec2Instance) ID() cloud.InstanceID {
497 return cloud.InstanceID(*inst.instance.InstanceId)
500 func (inst *ec2Instance) String() string {
501 return *inst.instance.InstanceId
504 func (inst *ec2Instance) ProviderType() string {
505 return *inst.instance.InstanceType
508 func (inst *ec2Instance) SetTags(newTags cloud.InstanceTags) error {
509 var ec2tags []*ec2.Tag
510 for k, v := range newTags {
511 ec2tags = append(ec2tags, &ec2.Tag{
513 Value: aws.String(v),
517 _, err := inst.provider.client.CreateTags(&ec2.CreateTagsInput{
518 Resources: []*string{inst.instance.InstanceId},
525 func (inst *ec2Instance) Tags() cloud.InstanceTags {
526 tags := make(map[string]string)
528 for _, t := range inst.instance.Tags {
529 tags[*t.Key] = *t.Value
535 func (inst *ec2Instance) Destroy() error {
536 _, err := inst.provider.client.TerminateInstances(&ec2.TerminateInstancesInput{
537 InstanceIds: []*string{inst.instance.InstanceId},
542 func (inst *ec2Instance) Address() string {
543 if inst.instance.PrivateIpAddress != nil {
544 return *inst.instance.PrivateIpAddress
549 func (inst *ec2Instance) RemoteUser() string {
550 return inst.provider.ec2config.AdminUsername
553 func (inst *ec2Instance) VerifyHostKey(ssh.PublicKey, *ssh.Client) error {
554 return cloud.ErrNotImplemented
557 // PriceHistory returns the price history for this specific instance.
559 // AWS documentation is elusive about whether the hourly cost of a
560 // given spot instance changes as the current spot price changes for
561 // the corresponding instance type and availability zone. Our
562 // implementation assumes the answer is yes, based on the following
565 // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html
566 // says: "After your Spot Instance is running, if the Spot price rises
567 // above your maximum price, Amazon EC2 interrupts your Spot
568 // Instance." (This doesn't address what happens when the spot price
569 // rises *without* exceeding your maximum price.)
571 // https://docs.aws.amazon.com/whitepapers/latest/cost-optimization-leveraging-ec2-spot-instances/how-spot-instances-work.html
572 // says: "You pay the Spot price that's in effect, billed to the
573 // nearest second." (But it's not explicitly stated whether "the price
574 // in effect" changes over time for a given instance.)
576 // The same page also says, in a discussion about the effect of
577 // specifying a maximum price: "Note that you never pay more than the
578 // Spot price that is in effect when your Spot Instance is running."
579 // (The use of the phrase "is running", as opposed to "was launched",
580 // hints that pricing is dynamic.)
581 func (inst *ec2Instance) PriceHistory(instType arvados.InstanceType) []cloud.InstancePrice {
582 inst.provider.pricesLock.Lock()
583 defer inst.provider.pricesLock.Unlock()
584 // Note updateSpotPrices currently populates
585 // inst.provider.prices only for spot instances, so if
586 // spot==false here, we will return no data.
588 instanceType: *inst.instance.InstanceType,
589 spot: aws.StringValue(inst.instance.InstanceLifecycle) == "spot",
590 availabilityZone: inst.availabilityZone,
592 var prices []cloud.InstancePrice
593 for _, price := range inst.provider.prices[pk] {
594 // ceil(added scratch space in GiB)
595 gib := (instType.AddedScratch + 1<<30 - 1) >> 30
596 monthly := inst.provider.ec2config.EBSPrice * float64(gib)
597 hourly := monthly / 30 / 24
598 price.Price += hourly
599 prices = append(prices, price)
604 type rateLimitError struct {
606 earliestRetry time.Time
609 func (err rateLimitError) EarliestRetry() time.Time {
610 return err.earliestRetry
613 var isCodeCapacity = map[string]bool{
614 "InstanceLimitExceeded": true,
615 "InsufficientAddressCapacity": true,
616 "InsufficientFreeAddressesInSubnet": true,
617 "InsufficientInstanceCapacity": true,
618 "InsufficientVolumeCapacity": true,
619 "MaxSpotInstanceCountExceeded": true,
620 "VcpuLimitExceeded": true,
623 // isErrorCapacity returns whether the error is to be throttled based on its code.
624 // Returns false if error is nil.
625 func isErrorCapacity(err error) bool {
626 if aerr, ok := err.(awserr.Error); ok && aerr != nil {
627 if _, ok := isCodeCapacity[aerr.Code()]; ok {
634 // isErrorSubnetSpecific returns true if the problem encountered by
635 // RunInstances might be avoided by trying a different subnet.
636 func isErrorSubnetSpecific(err error) bool {
637 aerr, ok := err.(awserr.Error)
642 return strings.Contains(code, "Subnet") ||
643 code == "InsufficientInstanceCapacity" ||
644 code == "InsufficientVolumeCapacity"
647 type ec2QuotaError struct {
651 func (er *ec2QuotaError) IsQuotaError() bool {
655 func wrapError(err error, throttleValue *atomic.Value) error {
656 if request.IsErrorThrottle(err) {
657 // Back off exponentially until an upstream call
658 // either succeeds or returns a non-throttle error.
659 d, _ := throttleValue.Load().(time.Duration)
660 d = d*3/2 + time.Second
661 if d < throttleDelayMin {
663 } else if d > throttleDelayMax {
666 throttleValue.Store(d)
667 return rateLimitError{error: err, earliestRetry: time.Now().Add(d)}
668 } else if isErrorCapacity(err) {
669 return &ec2QuotaError{err}
670 } else if err != nil {
671 throttleValue.Store(time.Duration(0))
674 throttleValue.Store(time.Duration(0))