I’ve some more info for the AWS RDS OS update I mentioned last week.
The announcement states that this update will take an outage. In my experience, it’ll be the usual failover time for a Multi-AZ instance (a minute or so), and 8-10 minutes for no-Multi-AZ instances. According to my event logs, the entire update process takes 20-25 minutes.
Since I had n > 1 instances to handle, I preferred to review & schedule updates via the cli, because I can then write a quick bash wrapper for each piece & handle them in bulk.
Here’s the command:
aws rds describe-pending-maintenance-actions
To review upcoming maintenance for only specific instances, pass it a comma-separated list of instance names to the filters switch, like so:
aws rds describe-pending-maintenance-actions \
--filters Name=db-instance-id,Values=mydb1,mydb2
Here’s an example of what you’ll get back:
PENDINGMAINTENANCEACTIONS arn:aws:rds:[az]:[acct_no]:db:[dbname]
PENDINGMAINTENANCEACTIONDETAILS system-update 2016-02-26T19:41:22Z 2016-02-26T19:41:22Z Performance improvements and security updates
(The timestamps are in UTC, so you may have to do some math.)
Neither of those timestamps were in my maintenance window, so I dug into the docs a bit further.
There are three possible dates available:
AutoAppliedAfterDate – AWS will apply the maintenance in the next maint window after this date
ForcedApplyDate – AWS will apply the maintenance at this time, regardless of maintenance window (eeeek!)
CurrentApplyDate – When AWS will apply it, if you’ve opted-in.
Without field headers, I can’t really figure out which two of the possible three dates are displayed. That “ForcedApplyDate” is a bit concerning, so I used the ‘output to JSON’ option to get some more info:
aws rds describe-pending-maintenance-actions \
--filters Name=db-instance-id,Values=mydb1 \
--output json
(excerpt):
"PendingMaintenanceActionDetails": [
{
"Action": "system-update",
"Description": "Performance improvements and security updates",
"CurrentApplyDate": "2016-02-26T19:41:22Z",
"AutoAppliedAfterDate": "2016-02-26T19:41:22Z",
"OptInStatus": ""
}
],
So that clears that up, a little. Now to get this stuff scheduled!
aws rds apply-pending-maintenance-action \
--resource-identifier arn:aws:rds:[region]:[account]:db:[db-name] \
--apply-action system-update \
--opt-in-type next-maintenance
Since I now know which fields I want, I can use ‘output as text’ to verify my scheduling action, filtered with the –query switch:
aws rds describe-pending-maintenance-actions \
--filters Name=db-instance-id,Values=mydb1 \
--output text \
--query 'PendingMaintenanceActions[*].{OptIn:PendingMaintenanceActionDetails[*].OptInStatus,Date:PendingMaintenanceActionDetails[*].CurrentApplyDate}'
Output:
DATE 2016-01-22T17:04:00Z
OPTIN next-maintenance
(If you are wondering “how in Sam Hill did you create that query filter from that JSON output?”, wonder no more: here’s a link to the docs. Getting the –query filter correct usually takes some back & forth with reviewing the JSON output, so don’t be discouraged if it takes a few tries.)