Public bug reported: On AWS regions that do not have IMDSv2 available, cloud-init fails to read user-data via the Ec2Datasource.
This bug was introduced in the following change: https://bugs.launchpad.net/cloud-init/+bug/1866290 The change in that bug incorrectly assumes that a status code of 403 means the IMDS is disabled entirely. > The Ec2 IMDSv2 latest/api/token route can be set as disabled and return a 403 indefinitely for an instance. In reality, there are some regions where IMDSv2 is currently unsupported. In those regions, a 403 is still returned, but IMDSv1 is enabled and working. The end result is that cloud-init versions later than 20.1-9-g1f860e5a-0ubuntu1 are unable to retrieve user-data from the IMDS in affected regions. I am unable to attach the requested log because the region where I observed this behavior is physically disconnected from the internet. ** Affects: cloud-init Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to cloud-init. https://bugs.launchpad.net/bugs/1896532 Title: Ec2Datasource fails in environments without IMDSv2 Status in cloud-init: New Bug description: On AWS regions that do not have IMDSv2 available, cloud-init fails to read user-data via the Ec2Datasource. This bug was introduced in the following change: https://bugs.launchpad.net/cloud-init/+bug/1866290 The change in that bug incorrectly assumes that a status code of 403 means the IMDS is disabled entirely. > The Ec2 IMDSv2 latest/api/token route can be set as disabled and return a 403 indefinitely for an instance. In reality, there are some regions where IMDSv2 is currently unsupported. In those regions, a 403 is still returned, but IMDSv1 is enabled and working. The end result is that cloud-init versions later than 20.1-9-g1f860e5a-0ubuntu1 are unable to retrieve user-data from the IMDS in affected regions. I am unable to attach the requested log because the region where I observed this behavior is physically disconnected from the internet. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/1896532/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
