Prevent the deletion of stacks that receive actual traffic
f-sander opened this issue · comments
The command senza delete
by default prevents the deletion of stacks that potentially receive traffic. The check is based on DNS weights and does not check if the stack actually receives traffic. We repeatedly face the situation that stakeholders calling us use HTTP clients with long running connections and thus remain calling the old stack even though the DNS weight is set to 0
for a long time.
The actual traffic a.k.a request-count metric can be retrieved as CloudWatch metric for the stack's load-balancer. This solution is therefore limited to stacks having a load-balancer.
I added an endpoint to receive the request-count to lizzy here, but it was argued there that the functionality should be integrated into senza.
Before I start doing that, I want to align here and make sure we agree on a solution.
I start with the proposal to change the current default logic of senza delete
by adding the requirement of the ELB's request-count being 0 for the last 5min. As before, this logic can be overridden by using --force
. If the stack doesn't have a load-balancer the check doesn't apply.
Another solution could be to add a flag like --ensure-no-requests
such that the check is only performed if the flag is present.
I would also like to get some feedback what you think on the time-interval to be checked. I think 5min is a responsable default. Having that configurable by the user might clutter the API.
What do you think?