Resource Orchestration Service (ROS) provides the drift detection feature to help you check whether the actual configurations of a stack group are different from its template configurations. This topic describes how to detect drift on a stack group.
Scenario
If you want to check whether the actual configurations of resources in a stack that is associated with each stack instance in a stack group are different from the defined template configurations of the resources, you can detect drift on the stack group.
Prerequisites
A stack group is created. For more information, see Step 2: Create a stack group.
Limit
Only specific resource types support the drift detection feature. For more information, see Resource types that support drift detection and resource import.
Background information
The drift detection feature is designed to identify changes that are made outside of ROS to stacks. If you use ROS to change a stack rather than the associated stack group, the stack is not considered to have drifted. For example, your stack is associated with a stack instance in a stack group. If you use ROS to update the stack, the template of the stack becomes different from the template of other stacks associated with the stack group. However, the stack is not considered to have drifted. This is because the actual configurations of the stack are still the same as the expected template configurations in ROS.
Usage notes
When you initiate a drift detection operation on a stack group, ROS detects drift on the stack that is associated with each stack instance in the stack group. ROS compares the current and expected configurations of each resource in the stack based on the stack template and specified parameters. If the current configurations differ from the expected configurations, the resource is considered to have drifted.
A stack and its associated stack instance are considered to have drifted if one or more resources in the stack have drifted.
A stack group is considered to have drifted if one or more of its stack instances have drifted.
When you initiate a drift detection operation on a stack group, ROS detects drift on each stack that is associated with the stack group and considers all the overridden parameter values to determine whether the stack has drifted. If you detect drift directly on a stack that is associated with a stack instance in a stack group, you cannot view the drift results of the stack on the Stack Groups page.
Supported methods
ROS console: You can detect drift on a stack group in the ROS console.
For more information, see Detect drift on a stack group in the ROS console.
ROS API operation: You can detect drift on a stack group by calling a specific ROS API operation.
For more information, see DetectStackGroupDrift.
Alibaba Cloud CLI: You can detect drift on a stack group by using Alibaba Cloud CLI.
For more information, see Detect drift on a stack group by using Alibaba Cloud CLI.
Detect drift on a stack group in the ROS console
Log on to the ROS console.
In the left-side navigation pane, click Stack Groups.
On the Stack Groups page, click the name of the stack group that you want to manage.
On the Stack Group Information tab, choose
.NoteROS displays a dialog box. This indicates that a drift detection operation is initiated for the selected stack group.
In the Drift Detection dialog box, configure the Maximum Number of Concurrent Accounts, Fault Tolerance, and Region Concurrency parameters, and click OK.
(Optional) Click the Operations tab. On this tab, find the drift detection operation and click View Drift Details in the Actions column to check the operation progress in the Operation Details dialog box.
NoteYou can perform only a single drift detection operation on a stack group at a time. ROS continues the drift detection operation even if you close the Operation Details dialog box.
The drift detection operation on a stack group may take several minutes to complete. The actual amount of time varies based on the number of stack instances and resources in the stack group.
Click the Instances tab to view the drift detection results.
NoteYou can view the ID of the stack that is associated with each stack instance in the Stack ID column. You can view the drift status of the stack in the Drift Status column. A stack is considered to have drifted if one or more of its resources have drifted.
To view the drift detection results of the stack that is associated with a stack instance, you can record the Alibaba Cloud account and region of the stack instance and the stack name. Then, you can log on to the ROS console with the Alibaba Cloud account to view the drift detection results. For more information, see Detect drift on a stack.
Detect drift on a stack group by using Alibaba Cloud CLI
You can run aliyun ros
commands by using Alibaba Cloud CLI to perform operations related to drift detection on a stack group.
Command | Description |
| Detects drift on a stack group. For more information, see DetectStackGroupDrift. |
| Queries the status of a drift detection operation on a stack group. For more information, see GetStackGroupOperation. |
| Stops a drift detection operation on a stack group. For more information, see StopStackGroupOperation. |
After a drift detection operation is complete, you can run the following commands to query the desired drift information:
GetStackGroup
: queries the information about the stack group, including the details of the most recent drift detection on the stack group. The details of the ongoing drift detection are not included.ListStackInstances
: queries the stack instances in the stack group, including the drift status and the time of the most recent drift detection on each stack instance.GetStackInstance
: queries the information about a specific stack instance in the stack group, including the drift status and the time of the most recent drift detection on the stack instance.
What to do next
If drift is detected on a stack group, you can perform the following operations to remediate the drift: On the Instances tab of the stack group, find the stack instance that has drifted. Then, modify the stack that is associated with the stack instance to remediate the drift. For more information, see Update a stack.