Is there a way for an ECS Task to be able to fetch the EC2 metadata of where it is deployed?
From AWS documentation of ec2 instance metadata, I can retrieve the EC2 instance metada when I am inside the ec2 instance itself. I'm more interested in fetching the instance-id and can be achieved with command
curl http://169.254.169.254/latest/meta-data/instance-id
This is achieved only when I will go directly to the ec2 instance and execute the query/command, but how will this be possible if I want to fetch the ec2 metadata when I'm from an ECS task running on the EC2 instance? Based on AWS documentation of task metadata, I only managed to fetch the details of the ECS task itself but can't manage to fetch the ec2 metadata where the task is running.
Is this possible?
The setup:
The metadata endpoint with IP 169.254.169.254
is meant for retrieving EC2 details only.
Where as 169.254.170.2
is meant for retrieving ECS Task Metadata.
You still should be able to call EC2 Metadata endpoint within task and get EC2 details.
In below sample setup, I had one EC2 instance part of ECS cluster with one nginx
task running on it.
I ssh'ed (docker exec -it ab8 /bin/sh
) into my nginx
task and still able to reach EC2 metadata endpoint properly and got EC2 instanceId(i-0086xxxxxxxxxxx
).
Now, depending upon your task runtime(java, nodejs, python etc.,), you should be able to make EC2 Metadata call within task.
[root@ip-172-31-91-251 ec2-user]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ab825479c673 ewoutp/docker-nginx-curl:latest "nginx" 11 minutes ago Up 11 minutes 0.0.0.0:80->80/tcp ecs-nginx-17-nginx-c6d8ba82f0afc3f96b00
c99dede7f091 amazon/amazon-ecs-agent:latest "/agent" 11 days ago Up 11 days ecs-agent
[root@ip-172-31-91-251 ec2-user]# docker exec -it ab8 /bin/sh
# curl http://169.254.169.254/latest/meta-data/instance-id -v
* Hostname was NOT found in DNS cache
* Trying 169.254.169.254...
* Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
> GET /latest/meta-data/instance-id HTTP/1.1
> User-Agent: curl/7.37.1
> Host: 169.254.169.254
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/plain
< Accept-Ranges: bytes
< ETag: "916097910"
< Last-Modified: Tue, 30 Apr 2019 01:59:51 GMT
< Content-Length: 19
< Connection: close
< Date: Tue, 30 Apr 2019 02:07:38 GMT
< Server: EC2ws
<
* Closing connection 0
i-0086xxxxxxxxxxx