Have an option to disable metadata collection from 169.254.169.254 #975
Comments
|
Hi @nambrosch This address (169.254.169.254) is not a real external ip. It's technically a dynamically configured link-local address (See http://tools.ietf.org/html/rfc3927 for more information). It's used to read configuration from a device. More precisely AWS EC2 and Google Compute Engine (and probably other services) use this IP to expose host meta data internally (as it's technically an internal ip address). The agent connects to that internal endpoint to retrieve those metadata. There must be a way to configure your OS to prevent it from reaching your router but the easiest and cleanest fix would probably be to have an option to disable that metadata collection. I'm renaming that issue to reflect that. What do you think ? |
remh
changed the title
|
seems like that would do the trick - right now there's no way to do this in the client, right? |
|
Unfortunately not in the configuration for now :( You could add a firewall rule or edit your network configurations to make sure it won't hit your router. Or you could just replace that ip to any incorrect value (such as "foo"), it would fail silently and shouldn't break anything. |
|
I'll make sure to add an option to disable that in the next version of the agent though. |
|
that would be great, thank you. |
we run datadog on private hosts with no access to the internet however i noticed that util.py (and maybe others) have a hard-coded external ip. this is causing port exhaustion on one of our routers.
line 245: https://github.com/DataDog/dd-agent/blob/master/util.py
The text was updated successfully, but these errors were encountered: