-
Notifications
You must be signed in to change notification settings - Fork 53
/
aws.go
101 lines (93 loc) · 2.83 KB
/
aws.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package metadata
import (
"context"
"encoding/json"
"errors"
"github.com/coroot/coroot-node-agent/proc"
"io"
"k8s.io/klog/v2"
"net"
"net/http"
)
const awsInstanceMetadataURL = "http://169.254.169.254/latest"
func getAwsToken() (string, error) {
// a token must be retrieved using the host net NS because the metadata service sets IP TTL to 1 on all response packets
hostNetNs, err := proc.GetHostNetNs()
if err != nil {
return "", err
}
defer hostNetNs.Close()
agentNetNs, err := proc.GetSelfNetNs()
if err != nil {
return "", err
}
defer agentNetNs.Close()
r, _ := http.NewRequest(http.MethodPut, awsInstanceMetadataURL+"/api/token", nil)
r.Header.Set("X-aws-ec2-metadata-token-ttl-seconds", "21600")
client := http.Client{
Transport: &http.Transport{
DisableKeepAlives: true,
DialContext: func(ctx context.Context, network, addr string) (conn net.Conn, err error) {
err = proc.ExecuteInNetNs(hostNetNs, agentNetNs, func() error {
conn, err = net.DialTimeout(network, addr, metadataServiceTimeout)
return err
})
return conn, err
},
},
}
resp, err := client.Do(r)
if err != nil {
return "", err
}
if resp.StatusCode != 200 {
return "", errors.New(resp.Status)
}
defer resp.Body.Close()
token, err := io.ReadAll(resp.Body)
return string(token), err
}
func getAwsMetadata() *CloudMetadata {
md := &CloudMetadata{Provider: CloudProviderAWS}
token, err := getAwsToken()
if err != nil {
klog.Errorln("failed to get token:", err)
return md
}
md = &CloudMetadata{
Provider: CloudProviderAWS,
InstanceId: getAwsMetadataVariable(token, "instance-id"),
LifeCycle: getAwsMetadataVariable(token, "instance-life-cycle"),
InstanceType: getAwsMetadataVariable(token, "instance-type"),
Region: getAwsMetadataVariable(token, "placement/region"),
AvailabilityZone: getAwsMetadataVariable(token, "placement/availability-zone"),
AvailabilityZoneId: getAwsMetadataVariable(token, "placement/availability-zone-id"),
LocalIPv4: getAwsMetadataVariable(token, "local-ipv4"),
PublicIPv4: getAwsMetadataVariable(token, "public-ipv4"),
}
if infoJson := getAwsMetadataVariable(token, "identity-credentials/ec2/info"); infoJson != "" {
m := map[string]string{}
if err := json.Unmarshal([]byte(infoJson), &m); err != nil {
klog.Errorln(err)
} else {
md.AccountId = m["AccountId"]
}
}
return md
}
func getAwsMetadataVariable(token string, path string) string {
r, _ := http.NewRequest(http.MethodGet, awsInstanceMetadataURL+"/meta-data/"+path, nil)
r.Header.Set("X-aws-ec2-metadata-token", string(token))
resp, err := httpCallWithTimeout(r)
if err != nil {
klog.Errorln(err)
return ""
}
defer resp.Body.Close()
payload, err := io.ReadAll(resp.Body)
if err != nil {
klog.Errorln(path, err)
return ""
}
return string(payload)
}