diff options
| author | Graham Christensen <graham@grahamc.com> | 2020-11-22 08:23:14 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-22 08:23:14 -0500 |
| commit | 1ee1134cb1c48442efa42c58cc4513ad2435bc52 (patch) | |
| tree | c3756c1d2b9cf4caaa66158c68d8b2adc2f5f499 /nixos/modules | |
| parent | 3c8c57dc33cc45ae7695dd8e6846a78b5550abaf (diff) | |
| parent | 6fd871dec4dba27611e6eade68f1d160af837dda (diff) | |
Merge pull request #104456 from endgame/refresh-instance-metadata-on-boot
Refresh instance metadata on boot
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/virtualisation/ec2-metadata-fetcher.nix | 26 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/openstack-metadata-fetcher.nix | 28 |
2 files changed, 25 insertions, 29 deletions
diff --git a/nixos/modules/virtualisation/ec2-metadata-fetcher.nix b/nixos/modules/virtualisation/ec2-metadata-fetcher.nix index 812e93ec4aabb..dca5c2abd4e0c 100644 --- a/nixos/modules/virtualisation/ec2-metadata-fetcher.nix +++ b/nixos/modules/virtualisation/ec2-metadata-fetcher.nix @@ -8,9 +8,14 @@ # Make sure that every package you depend on here is already listed as # a channel blocker for both the full-sized and small channels. # Otherwise, we risk breaking user deploys in released channels. +# +# Also note: OpenStack's metadata service for its instances aims to be +# compatible with the EC2 IMDS. Where possible, try to keep the set of +# fetched metadata in sync with ./openstack-metadata-fetcher.nix . '' metaDir=${targetRoot}etc/ec2-metadata mkdir -m 0755 -p "$metaDir" + rm -f "$metaDir/*" get_imds_token() { # retry-delay of 1 selected to give the system a second to get going, @@ -61,19 +66,12 @@ echo "getting EC2 instance metadata..." - if ! [ -e "$metaDir/ami-manifest-path" ]; then - wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path - fi - - if ! [ -e "$metaDir/user-data" ]; then - wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data && chmod 600 "$metaDir/user-data" - fi - - if ! [ -e "$metaDir/hostname" ]; then - wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname - fi + wget_imds() { + wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" "$@"; + } - if ! [ -e "$metaDir/public-keys-0-openssh-key" ]; then - wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key - fi + wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path + wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data && chmod 600 "$metaDir/user-data" + wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname + wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key '' diff --git a/nixos/modules/virtualisation/openstack-metadata-fetcher.nix b/nixos/modules/virtualisation/openstack-metadata-fetcher.nix index b531787c31a29..8c191397cf9a5 100644 --- a/nixos/modules/virtualisation/openstack-metadata-fetcher.nix +++ b/nixos/modules/virtualisation/openstack-metadata-fetcher.nix @@ -1,23 +1,21 @@ { targetRoot, wgetExtraOptions }: + +# OpenStack's metadata service aims to be EC2-compatible. Where +# possible, try to keep the set of fetched metadata in sync with +# ./ec2-metadata-fetcher.nix . '' metaDir=${targetRoot}etc/ec2-metadata mkdir -m 0755 -p "$metaDir" + rm -f "$metaDir/*" - echo "getting EC2 instance metadata..." - - if ! [ -e "$metaDir/ami-manifest-path" ]; then - wget ${wgetExtraOptions} -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path - fi - - if ! [ -e "$metaDir/user-data" ]; then - wget ${wgetExtraOptions} -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data && chmod 600 "$metaDir/user-data" - fi + echo "getting instance metadata..." - if ! [ -e "$metaDir/hostname" ]; then - wget ${wgetExtraOptions} -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname - fi + wget_imds() { + wget ${wgetExtraOptions} "$@" + } - if ! [ -e "$metaDir/public-keys-0-openssh-key" ]; then - wget ${wgetExtraOptions} -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key - fi + wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path + wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data && chmod 600 "$metaDir/user-data" + wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname + wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key '' |