rpms / fence-agents

Clone
Source Code
GIT

Blame SOURCES/bz1905735-fence_aws-add-imdsv2-support.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   3b9c51f3feba3f68c3330e619de1a321bfbdcb28
  2.   SOURCES
  3.   bz1905735-fence_aws-add-imdsv2-support.patch
Blob History Raw
ea97b9 
From c9f8890264e0257197b31124dbb26c1046475314 Mon Sep 17 00:00:00 2001
ea97b9 
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
ea97b9 
Date: Fri, 13 Nov 2020 14:30:43 +0100
ea97b9 
Subject: [PATCH] fence_aws: add support for IMDSv2
ea97b9
ea97b9 
---
ea97b9 
 agents/aws/fence_aws.py | 8 +++++---
ea97b9 
 1 file changed, 5 insertions(+), 3 deletions(-)
ea97b9
ea97b9 
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
ea97b9 
index 483a2991..e2a2391f 100644
ea97b9 
--- a/agents/aws/fence_aws.py
ea97b9 
+++ b/agents/aws/fence_aws.py
ea97b9 
@@ -3,12 +3,13 @@
ea97b9 
 import sys, re
ea97b9 
 import logging
ea97b9 
 import atexit
ea97b9 
-import requests
ea97b9 
 sys.path.append("@FENCEAGENTSLIBDIR@")
ea97b9 
 from fencing import *
ea97b9 
 from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler
ea97b9
ea97b9 
+import requests
ea97b9 
 import boto3
ea97b9 
+from requests import HTTPError
ea97b9 
 from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError
ea97b9
ea97b9 
 logger = logging.getLogger("fence_aws")
ea97b9 
@@ -19,8 +20,9 @@
ea97b9
ea97b9 
 def get_instance_id():
ea97b9 
 	try:
ea97b9 
-		r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
ea97b9 
-		return r.content.decode("UTF-8")
ea97b9 
+		token = requests.put('http://169.254.169.254/latest/api/token', headers={"X-aws-ec2-metadata-token-ttl-seconds" : "21600"}).content.decode("UTF-8")
ea97b9 
+		r = requests.get('http://169.254.169.254/latest/meta-data/instance-id', headers={"X-aws-ec2-metadata-token" : token}).content.decode("UTF-8")
ea97b9 
+		return r
ea97b9 
 	except HTTPError as http_err:
ea97b9 
 		logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
ea97b9 
 	except Exception as err:

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation