15 Resource Control

Learn how to control the state of resources for each account during the course of a week or in the future.

Resource Control allows users to stop and start Instances and RDS Databases for each Account during a week. It also allows users to stop the resources at a designated time in the future.

RDS Aurora Clusters are not supported by Resource Control.

  • A Group is the controlling entity for the stopping and starting of selected resources. Resource Control allows for stopping on one day of a week and starting on another day of the same week. Once an Off/On schedule is configured for a Group, N2WS will automatically stop and start the selected resource targets.

  • Resources that are eligible and enabled for hibernation in AWS will be hibernated regardless of whether their current operation is On or Off if their controlling Resource Control Group is enabled for hibernation. Hibernated instances are restarted by an On operation.

  • See AWS hibernation prerequisites in the User Guide for Linux Instances.

  • For enabling hibernation in N2WS, see the Hibernate description in section 15.1.

  • The stopping and starting of targets identified for each Group are independent of the backup schedule for an Account’s policy.

  • It is possible to turn off operations for a long period of time even though the Group was never turned on.

  • Ad hoc Off and On operations are available in addition to the Resource Control schedule.

  • Off/On operations are not allowed for Groups with a Status of ‘disabled’.

N2WS recommends that you not execute a stop or start operation on critical servers.

Following are Resource Control tabs in the left panel of the N2WS user interface:

  • Resource Control Monitor – Lists the current operational status of Groups under Resource Control. The Log lists the details of the most recent operation for a Group.

  • Resource Control Groups – Use the Groups tab to add and configure a Group: the account, the days, and off/on times, which Resource Targets are subject to the Group control, and other features. You can also delete a group and activate Turn On Now / Turn Off Now controls.

After configuring a group, you can add resources in the Operation Targets tab. See section 15.2.

15.1 Adding a Resource Control Group

In the Resource Control Groups tab, select New and complete the Group Details screen fields:

  • Name –Only alphanumeric characters and the underscore allowed (no spaces).

  • Account – Owner of the Group. Users are configured for a maximum number of Resource Control entities. See section 19.2.

A Group may belong to only one Account.

  • Enabled – Whether the Group is enabled to run.

Off/On operations are not allowed for Groups that are Disabled.

  • Operation Mode – Two options for controlling operation:

    • Turn On/Off – Turn Group on and off according to schedule.

    • Turn Off Only – Turn off for an undefined long period of time without having to ever have the Group turned on.

  • Auto Target Removal – Whether a target resource is automatically removed from the Group if the resource no longer exists in AWS.

  • Timeout (in minutes) - How long will the operation wait in minutes until finished. Default is 30 minutes. Failure from exceeding the timeout does not necessarily mean that the operation of stopping or starting the resource has failed. The Log will show the run status for each resource.

  • Hibernate (if possible) – Whether eligible instances will be hibernated. If enabled, only instances within the Group’s target resources that are eligible for hibernation by AWS will be hibernated. See Info on limitations below.

If an enabled Group contains mixed types of instances, only some of which are eligible for hibernation, then the Off operation will ‘hibernate’ only the eligible instances, while the remaining instances will ‘stop’.

Select the "Check Hibernation Limitations" link to view current AWS limitations on hibernating instances. During instance creation in AWS, hibernation would have been enabled and encryption configured. If the resource is eligible and the Group is enabled, instances that are ‘stopped’ move to ‘hibernation’ state.

  • Description – Optional description of the Resource Control Group function.

After adding a Group, select Next at the bottom of the screen or select the Operation Targets tab and configure the Operation Targets (section 15.2) and the Off/On Times (section 15.3).

15.2 Adding Resource Targets to a Group

Instances and RDS Databases may be added to the Group.

A Resource Target (Instance or RDS Database) may belong to only one Group.

  • Eligible resources within a Group enabled for hibernation that has been stopped have a Status of ‘stopped-hibernation’.

  • The Status column shows whether a target is ‘running’ or ‘stopped’.

Select the Operation Targets tab. In the Add Backup Targets menu, select a resource type to add to the Group.

It is important to not configure a critical server as part of a Group.

If you selected Instances, the Add Instances screen opens.

The following instance types are omitted from Add Instances and not allowed to be part of a Group:

  • CPM

  • Instance-Store type

  • Worker - See section 22.

If you selected RDS Databases, the Add RDS Databases screen opens:

If an RDS database is stopped, a regularly scheduled backup will fail.

In the relevant screen:

  1. Check the Status column to determine whether a resource is eligible for adding to the Group.

  2. Select one or more resources, and then select Add Selected. Selected resources are removed from the table.

  3. Continue until you are finished and select Close to return to the Operations Targets screen.

  4. Select Save to save the Operation Targets selections.

15.3 Configuring Off/On Scheduler

Scheduling overlapping off and on time ranges is invalid. For example:

  • A resource is turned off at 20:00 on Wednesday and turned on at 23:00 the same day.

  • Then, an attempt to schedule the same resource to be turned off on Wednesday at 9:00 and turned off at 22:00 on Wednesday will result in an invalid input error.

  1. Select Next to advance to the Schedules tab for the group.

  2. Select New to open a default time range row ready for your changes.

  3. In the time range row, select the Turn Off Day and Time and the Turn On Day and Time values from the drop-down lists, choosing AM or PM as required. After each time selection, select Apply.

  4. To open another time range row, select New.

  5. When finished creating the time ranges, select the required time range rows, and then select Save.

There must be 60 minutes between each operation for them to work.

15.4 Overriding a Resource Control Schedule

After creating the Group, you can initiate a stop or start action outside of the scheduled times by selecting the Turn On Now or Turn OFF Now in the Resource Control Groups tab.

15.5 Using Scan Tags with Resource Control

Scan tags for Resource Control can be used to:

  • Create a new Group based on an existing Group’s configuration.

  • Add a resource to a Group.

  • Remove a tagged or untagged resource from a Group.

The tag format isKey: cpm_resource_controlwith one of the following values:

  • Value:<group-name> or <group-name>:<based-on-group>

    • If the value in <group-name> equals ‘g1’, the resource will be added to the g1 group.

    • The template <group-name>:<based-on-group> means, in the case of g1:g2:

      • If g1 exists, add the resource to g1.

      • Otherwise, create a new group g1 based on group g2, and add the resource to it.

  • Value: no-resource-control- Remove the resource instance or RDS database from the Group whether it is tagged or not.

  • Value: <no value> - Remove the tagged resource instance or RDS database from the Group.

15.6 Resource Control Reporting

Resource Control provides individual logs of off and on operations and a summary report of all operations.

The individual log contains timestamps for each step within the operation, from firing to completion, and is downloadable as a CSV file. To view individual logs, in the Resource Control Monitor tab, select a group and then select Log.

To download the individual log, select Download Log.

To generate the summary log:

  1. Select the Reports tab in the left panel.

  2. Select the Immediate Report Generation tab and then select Resource Control Operations in the Report Type list.

  3. Complete the filter and time range boxes.

  4. Select Generate Report. The report is automatically downloaded as a CSV file.

The Resource Control Operations Report contains information for all saved operations for all accounts. For each operation it contains:

  • Resource Control Operation ID – A sequential number for each operation.

  • User – User generating the report.

  • Account – The N2WS owner of the Resource Control Group.

  • AWS Account Number – The AWS account number of the owner of the resources.

  • Resource Control Group – The N2WS Resource Control Group name.

  • Status – Operation status.

  • Start Time – Start date and time.

  • End Time – End date and time.

  • Marked for Deletion – Whether the resource is marked for deletion.

Previous14 Tag-based Backup ManagementNext16 Security Concerns and Best Practices

Last updated

Was this helpful?