Haunter is a pokémon ghost which will poison and kill your unidentified and orphan cloud resources
The main goal of this project is to save costs in the cloud by monitoring and terminating resources. Cloud Haunter (ch) is supports the three major cloud providers.
The project is under construction, use on your own risk!
Current version of the software has limited features, it can monitor:
- accesses and keys [AWS, GCP]
- databases [AWS, GCP]
- instances [AZURE, AWS, GCP]
- stacks [AZURE, AWS, GCP]
- disks [AWS, GCP]
- images [AWS, AZURE, GCP]
- read images JSON from SDIN
Can filter by:
- long running
- without owner
- actually running
- already stopped
- old cloud credentials
- resource unused
And can do action:
- send notification
- log result
- print result in json format
- stop instances [AWS, AZURE, GCP]
- terminate instances [AWS, AZURE, GCP]
- terminate stacks [AWS, AZURE, GCP]
- terminate disks [AWS, GCP]
- terminate images [AWS, AZURE, GCP]
For the proper work, you have to use some custom tags/labels on your cloud resources.
- Owner tag:
owner
orOwner
- Ignore tag:
cloud-cost-reducer-ignore
- Owner tag:
owner
orOwner
- Ignore tag:
cloud-cost-reducer-ignore
- Resource creation time, because Azure SDK doesn't response it:
cb-creation-timestamp
- Owner label:
owner
- Ignore label:
cloud-cost-reducer-ignore
- Resource grouping label:
cloudera-environment-resource-name
- Resource description (optional):
Generated by CDP.
There is an option to use custom tags/labels, but you have to recompile the project with a bunch of custom environment variables like OWNER_LABEL
. Please check Makefile.
This tool works well if you use it from early days of your cloud account and all of your users are following the basic rules of tagging instances. On the other hand introducing it on an existing environment should be pain in the back. There is an option to declare your ignore policies in a YAML file (please have look at utils/testdata/filterConfig.yml). CH will skip all the resources where the name, owner, or any of the tags are starting with the given configuration.
- automatic instance termination
- more notification types
- looking for orphan resources (images, volumes, IPs)
- multiple cloud accounts
# curl -Ls https://github.com/hortonworks/cloud-haunter/releases/download/v0.5.0/cloud-haunter_0.5.0_$(uname)_x86_64.tgz | tar x
NAME:
Cloud Haunter
USAGE:
ch -o=operation -a=action [-f=filter1,filter2] [-c=cloud1,cloud2]
VERSION:
v0.5.7-snapshot
AUTHOR(S):
Hortonworks
OPERATIONS:
-o getImages
-o getInstances
-o readImages
-o getStacks
-o getAccess
-o getDatabases
-o getDisks
FILTERS:
-f running
-f stopped
-f unused
-f longrunning
-f match
-f oldaccess
-f ownerless
ACTIONS:
-a json
-a log
-a notification
-a stop
-a termination
CLOUDS:
-c AWS
-c AZURE
-c GCP
FILTER_CONFIG:
-fc=/location/of/filter/config.yml
DRY RUN:
-d
VERBOSE:
-v
DISABLE_IGNORE_LABEL:
-i
HELP:
-h
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AZURE_SUBSCRIPTION_ID
- AZURE_TENANT_ID
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET
- GOOGLE_PROJECT_ID
- GOOGLE_APPLICATION_CREDENTIALS, location of service account JSON
- HIPCHAT_TOKEN
- HIPCHAT_SERVER
- HIPCHAT_ROOM
- SLACK_WEBHOOK_URL
- RUNNING_PERIOD, default: 24h
- ACCESS_AVAILABLE_PERIOD, default: 2880h