Skip to content

Commit

Permalink
Merge #104
Browse files Browse the repository at this point in the history
104: Added check for sys_vendor file in localhost_is_ec2(), also added che… r=mattBrzezinski a=phyatt-corp

…ck for isfile and isreadable, in case we aren't root

Included comments for how to use Instance Metadata Service for checking a local_hostname

#24

This adds support for c5 and m5 instance types without root access, and will likely work with any future ec2 instances on Nitro Hypervisor.

Co-authored-by: Peter Hyatt <[email protected]>
  • Loading branch information
bors[bot] and phyatt-corp authored Jan 14, 2020
2 parents 333c623 + 8b6e8d7 commit 4d9952c
Showing 1 changed file with 17 additions and 2 deletions.
19 changes: 17 additions & 2 deletions src/AWSCredentials.jl
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,10 @@ function localhost_is_ec2()
# 5. Check `http://169.254.169.254`; This is a link-local address for metadata,
# apparently other cloud providers make this metadata URL available now as well so it's
# not guaranteed that you're on an EC2 instance
# Or check a specific endpoint of the instance metadata such as:
# ims_local_hostname = String(HTTP.get("http://169.254.169.254/latest/meta-data/local-hostname").body)
# but with a fast timeout and cache the result.
# See https://docs.aws.amazon.com/en_us/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
# 6. When checking the UUID, check for little-endian representation,
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify_ec2_instances.html

Expand All @@ -189,19 +193,30 @@ function localhost_is_ec2()
# Note: This will not work on new m5 and c5 instances because they use a new hypervisor
# stack and the kernel does not create files in sysfs
hypervisor_uuid = "/sys/hypervisor/uuid"
if isfile(hypervisor_uuid) && _begins_with_ec2(hypervisor_uuid)
if isfile(hypervisor_uuid) && isreadable(open(hypervisor_uuid, "r")) && _begins_with_ec2(hypervisor_uuid)
return true
end

# Note: Works if you are running as root
product_uuid = "/sys/devices/virtual/dmi/id/product_uuid"
if isreadable(open(product_uuid, "r")) && _begins_with_ec2(product_uuid)
if isfile(product_uuid) && isreadable(open(product_uuid, "r")) && _begins_with_ec2(product_uuid)
return true
end

# Check additional values under /sys/devices/virtual/dmi/id for the key "EC2"
# These work for the new m5 and c5 (nitro hypervisor) when root isn't available
# filenames = ["bios_vendor", "board_vendor", "chassis_asset_tag", "chassis_version", "sys_vendor", "uevent", "modalias"]
# all return "Amazon EC2" except the last two
sys_vendor = "/sys/devices/virtual/dmi/id/sys_vendor"
if isfile(sys_vendor) && isreadable(open(sys_vendor, "r")) && _ends_with_ec2(sys_vendor)
return true
end

return false
end

_begins_with_ec2(file_name::String) = return uppercase(String(read(file_name, 3))) == "EC2"
_ends_with_ec2(file_name::String) = return endswith(strip(uppercase(String(read(file_name, String)))), "EC2")


"""
Expand Down

0 comments on commit 4d9952c

Please sign in to comment.