Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/doitintl/zorya

Google Cloud Instance Scheduler helping to reduce costs by 60% on average for non-production environments.
https://github.com/doitintl/zorya

gcp google-appengine google-cloud google-cloud-platform

Last synced: about 2 hours ago
JSON representation

Google Cloud Instance Scheduler helping to reduce costs by 60% on average for non-production environments.

Awesome Lists containing this project

README

        

# zorya

Schedule GCE Instances, Cloud SQL and GKE node pools

[Blog Post](http://bit.ly/zorya_blog)

[![License](https://img.shields.io/github/license/doitintl/zorya.svg)](LICENSE) [![GitHub stars](https://img.shields.io/github/stars/doitintl/zorya.svg?style=social&label=Stars&style=for-the-badge)](https://github.com/doitintl/zorya)

In Slavic mythology, [Zoryas](https://www.wikiwand.com/en/Zorya) are two guardian goddesses. The Zoryas represent the morning star and the evening star, — if you have read or watched Neil Gaiman’s American Gods, you will probably remember these sisters).

## Installation

```shell
pip install -r requirements.txt -t lib
```

Next step: Download and install [Yarn](https://yarnpkg.com/).

### Known Issues for Installation

* Deployment from Google Cloud Shell fails with an error [#25](https://github.com/doitintl/zorya/issues/25).

* Building on macOS running on Apple Silicon (arm M1) may fail due to issues building grpcio. Use the following workaround:

>```shell
>GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=1 \
> GRPC_PYTHON_BUILD_SYSTEM_ZLIB=1 \
> pip install -r requirements.txt -t lib
>```

## Enable required GCP APIs:

* Cloud Tasks
* App Engine
* Cloud Storage
* Datastore
* IAP
* Cloud Build
* Cloud Scheduler
* Compute Engine
* Cloud SQL Admin API

## Deploy Backend and GUI:
```shell
./deploy.sh project-id
```

#### Access the app
```shell
gcloud app browse
```

**WARNING**: By default this application is public; ensure you turn on IAP, as follows:

To sign into the app, we are using [Cloud Identity-Aware Proxy (Cloud IAP)](https://cloud.google.com/iap/). Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application. The setup is as simple as heading over to [GCP console](https://console.cloud.google.com/iam-admin/iap), enabling IAP on your GAE app and adding the users who should have access to it.

#### Authorization

For Zorya to work, its service account requires the folling roles:

* Cloud Tasks Enqueuer
* Cloud Datastore User
* Logs Writer

For any project that Zorya is supposed to be managing resources for, Zorya's service account requires the following additional roles:

* Compute Instance Admin (v1)
* Kubernetes Engine Cluster Admin
* Cloud SQL Editor

![](iam.png)

The name of the service account you will need to assign permissions to is as following:`@appspot.gserviceaccount.com` and will have been automatically created by Google App Engine. *NOTE:* this is done under *IAM*, selecting the account, choosing *Permissions* and then adding the roles above to it; not under *Service Accounts*.

## Flow

* Every hour on the hour a cron job calls `/tasks/schedule` which loop over all the policies
* We are checking the desired state vs the previous hour desired state of Zorya states. If they are not the same we will apply the change.

[API Documentation](http://bit.ly/zorya_api_docs)

### Creating a Schedule

![](Zorya_schedule.png)

### Creating a Policy

![](Zorya_policies.png)

App Engine Flex is now supported - in order to add an App engine flex to the policy please look at [Adding GAE Flex to Zorya policy](./App%20Engine%20Flex%20Tagging.md).