[Processor: add_cloud_metadata] Use AWS client to get instance metadata and EKS cluster name #35182
Conversation
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
botelastic
bot
added
the
needs_team
|
This pull request does not have a backport label.
To fixup this pull request, you need to add the backport labels for the needed
|
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
💚 Build Succeeded
Expand to view the summary
Build stats
❕ Flaky test reportNo test was executed to be analysed. 🤖 GitHub commentsExpand to view the GitHub comments
To re-run your PR in the CI, just comment with:
|
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
tetianakravchenko
requested review from
a team,
gizas and
ChrsMark
and removed request for
a team
| logger.Warnf("error when read token request for getting IMDSv2 token: %s. No token in the metadata request will be used.", err) | ||
| return "" | ||
| logger.Debugf("error loading AWS default configuration: %s.", err) | ||
| result.err = errors.Wrapf(err, "failed loading AWS default configuration") |
There was a problem hiding this comment.
| result.err = errors.Wrapf(err, "failed loading AWS default configuration") | |
| result.err = fmt.Errorf("%w failed loading AWS default configuration", error) |
| "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" | ||
| "github.com/aws/aws-sdk-go-v2/service/ec2" | ||
| "github.com/aws/aws-sdk-go-v2/service/ec2/types" | ||
| "github.com/pkg/errors" |
There was a problem hiding this comment.
done - 0241f22
| instanceIdentity, err := awsClient.GetInstanceIdentityDocument(context.TODO(), &imds.GetInstanceIdentityDocumentInput{}) | ||
| if err != nil { | ||
| logger.Debugf("error fetching EC2 Identity Document: %s.", err) | ||
| result.err = errors.Wrapf(err, "failed fetching EC2 Identity Document.") |
There was a problem hiding this comment.
Same as above with fmt.errorf
| if err != nil { | ||
| logger.Warnf("error when reading token request for getting IMDSv2 token: %s. No token in the metadata request will be used.", err) | ||
| return "" | ||
| logger.Debugf("error fetching cluster name metadata: %s.", err) |
There was a problem hiding this comment.
This can be Warnf level and not debug?
There was a problem hiding this comment.
@tetianakravchenko only minor if you think that we need to expose this to warnings or to errors , as it is quite important to print this by default, or repeat what you do in line
There was a problem hiding this comment.
@gizas thank you for pointing it out! From my understanding it should be fine to use it this way, http fetcher uses this definition as well -
There was a problem hiding this comment.
My comment has to do more with the level error vs debug vs warn. I would say not to use debug as it would hide any messages unless you raise the log level
There was a problem hiding this comment.
this code is outdated - was replaced to Warn in 0241f22
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
|
This pull request is now in conflicts. Could you fix it? 🙏 |
|
hey @kaiyan-sheng as I pushed some changes after your approve, could you please have a look/approve again? |
|
@pierrehilbert @fearful-symmetry could you please review this PR and help with merging it? I can't merge it, since I am missing the code owners review 
|
|
Hey @elastic/elastic-agent-data-plane, could you help with this PR? I can't merge it because |
|
@tetianakravchenko have you tested that on AWS Fargate ? |
@MichaelKatsoulis no, only on the standard EKS setup. Do you think it is a blocker for this PR? |
Not a blocker, I was just interested on what happens in that case. I would expect to not get the cluster name. |
botelastic
bot
removed
the
needs_team
| if err != nil { | ||
| logger.Warnf("error when read token request for getting IMDSv2 token: %s. No token in the metadata request will be used.", err) | ||
| return "" | ||
| logger.Debugf("error loading AWS default configuration: %s.", err) |
There was a problem hiding this comment.
This is an error message, is there a reason the log level is debug? Should be Errorf.
There was a problem hiding this comment.
add_cloud_metadata tries to fetch the metadata from all the available cloud providers, so if running on GCP - fetchMetadata for AWS will still run and in this case it might will be confusing to get errors on GCP regarding the AWS configuration. I've changed it to Warnf as it was done before - 19ab154
|
This pull request is now in conflicts. Could you fix it? 🙏 |
|
Not sure why github set me as the code owner here, since I don't have a lot of context for the cloud processors. Tried to give a bit of feedback. |
@fearful-symmetry I believe it is mainly due to adding new dependency |
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
|
This pull request is now in conflicts. Could you fix it? 🙏 |
|
/test |
…ta and EKS cluster name (#35182) * add generic metadata fetcher Signed-off-by: Tetiana Kravchenko <[email protected]> * merge main Signed-off-by: Tetiana Kravchenko <[email protected]> * clean up Signed-off-by: Tetiana Kravchenko <[email protected]> * move tagDescribe to different func Signed-off-by: Tetiana Kravchenko <[email protected]> * add tests for add_cloud_metadata Signed-off-by: Tetiana Kravchenko <[email protected]> * Tiltfile: fix docker_registry, use more generic value Signed-off-by: Tetiana Kravchenko <[email protected]> * add notice file Signed-off-by: Tetiana Kravchenko <[email protected]> * fix tests - add former test cases; fix linter issues Signed-off-by: Tetiana Kravchenko <[email protected]> * handle correctly result.err Signed-off-by: Tetiana Kravchenko <[email protected]> * add generic metadata fetcher Signed-off-by: Tetiana Kravchenko <[email protected]> * merge main Signed-off-by: Tetiana Kravchenko <[email protected]> * clean up Signed-off-by: Tetiana Kravchenko <[email protected]> * move tagDescribe to different func Signed-off-by: Tetiana Kravchenko <[email protected]> * add tests for add_cloud_metadata Signed-off-by: Tetiana Kravchenko <[email protected]> * Tiltfile: fix docker_registry, use more generic value Signed-off-by: Tetiana Kravchenko <[email protected]> * add notice file Signed-off-by: Tetiana Kravchenko <[email protected]> * fix tests - add former test cases; fix linter issues Signed-off-by: Tetiana Kravchenko <[email protected]> * handle correctly result.err Signed-off-by: Tetiana Kravchenko <[email protected]> * address reviews Signed-off-by: Tetiana Kravchenko <[email protected]> * Update dev-tools/kubernetes/Tiltfile Co-authored-by: kaiyan-sheng <[email protected]> * fix the types.TagDescription struct Signed-off-by: Tetiana Kravchenko <[email protected]> * remove not used variable; fix types.TagDescription struct Signed-off-by: Tetiana Kravchenko <[email protected]> * add a changelog record Signed-off-by: Tetiana Kravchenko <[email protected]> * change Debugf to Warnf Signed-off-by: Tetiana Kravchenko <[email protected]> --------- Signed-off-by: Tetiana Kravchenko <[email protected]> Co-authored-by: kaiyan-sheng <[email protected]>
|
This makes fetch IMDS Error on non EKS envs {"log.level":"warn","@timestamp":"2023-07-26T02:20:11.324Z","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/provider_aws_ec2.go","file.line":102},"message":"error fetching cluster name metadata: error fetching EC2 Tags: operation error EC2: DescribeTags, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, failed to get nodes EC2 IMDS role credentials, operation error ec2imds: GetMetadata, request canceled, context deadline exceeded.","service.name":"filebeat","ecs.version":"1.6.0"}
{"log.level":"warn","@timestamp":"2023-07-26T02:20:16.470Z","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/provider_aws_ec2.go","file.line":102},"message":"error fetching cluster name metadata: error fetching EC2 Tags: operation error EC2: DescribeTags, exceeded maximum number of attempts, 3, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, failed to get nodes EC2 IMDS role credentials, operation error ec2imds: GetMetadata, exceeded maximum number of attempts, 3, http response error StatusCode: 500, request to EC2 IMDS failed.","service.name":"filebeat","ecs.version":"1.6.0"} |
What does this PR do?
eks:cluster-nametagNOTE: existing issue:
providers: ["aws"]) aws environment is detected as an openstack - it is an existing issue, due to the current implementation how the cloud provider is defined nowrelated issues:
Why is it important?
Add cluster name metadata for EKS clusters, similar to the GKE
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Author's Checklist
How to test this PR locally
Related issues
Use cases
Screenshots
when used configuration:
Logs