Search code examples
amazon-web-servicesamazon-ec2amazon-ecs

Is there a way for an ECS Task to retrieve ec2 metadata of where it(the task) is deployed?

Is there a way for an ECS Task to be able to fetch the EC2 metadata of where it is deployed?

From AWS documentation of ec2 instance metadata, I can retrieve the EC2 instance metada when I am inside the ec2 instance itself. I'm more interested in fetching the instance-id and can be achieved with command

curl http://169.254.169.254/latest/meta-data/instance-id

This is achieved only when I will go directly to the ec2 instance and execute the query/command, but how will this be possible if I want to fetch the ec2 metadata when I'm from an ECS task running on the EC2 instance? Based on AWS documentation of task metadata, I only managed to fetch the details of the ECS task itself but can't manage to fetch the ec2 metadata where the task is running.

Is this possible?

The setup:

  • ec2 instance is in an ecs cluster
  • ecs task is deployed randomly on any ec2 instance inside the cluster
Solution

  • The metadata endpoint with IP 169.254.169.254 is meant for retrieving EC2 details only.

    Where as 169.254.170.2 is meant for retrieving ECS Task Metadata.

    You still should be able to call EC2 Metadata endpoint within task and get EC2 details.

    In below sample setup, I had one EC2 instance part of ECS cluster with one nginx task running on it.

    I ssh'ed (docker exec -it ab8 /bin/sh) into my nginx task and still able to reach EC2 metadata endpoint properly and got EC2 instanceId(i-0086xxxxxxxxxxx).

    Now, depending upon your task runtime(java, nodejs, python etc.,), you should be able to make EC2 Metadata call within task.

    [root@ip-172-31-91-251 ec2-user]# docker ps
CONTAINER ID        IMAGE                             COMMAND             CREATED             STATUS              PORTS                NAMES
ab825479c673        ewoutp/docker-nginx-curl:latest   "nginx"             11 minutes ago      Up 11 minutes       0.0.0.0:80->80/tcp   ecs-nginx-17-nginx-c6d8ba82f0afc3f96b00
c99dede7f091        amazon/amazon-ecs-agent:latest    "/agent"            11 days ago         Up 11 days                               ecs-agent

[root@ip-172-31-91-251 ec2-user]# docker exec -it ab8 /bin/sh

# curl http://169.254.169.254/latest/meta-data/instance-id -v
* Hostname was NOT found in DNS cache
*   Trying 169.254.169.254...
* Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
> GET /latest/meta-data/instance-id HTTP/1.1
> User-Agent: curl/7.37.1
> Host: 169.254.169.254
> Accept: */*
> 
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/plain
< Accept-Ranges: bytes
< ETag: "916097910"
< Last-Modified: Tue, 30 Apr 2019 01:59:51 GMT
< Content-Length: 19
< Connection: close
< Date: Tue, 30 Apr 2019 02:07:38 GMT
< Server: EC2ws
< 
* Closing connection 0
i-0086xxxxxxxxxxx